Privacy Policy

Last updated: 10.01.2026

Definitions

Personal Data means any information relating to an identified or identifiable person (data subject). An identifiable person is one who can be recognised directly or indirectly, for example through a name, identification number, location data, online identifier or factors specific to identity.
Processing means any operation performed on personal data, whether automated or not, such as collection, storage, organisation, alteration, retrieval, consultation, use, transmission, dissemination, restriction, erasure or destruction.
Profiling means any automated processing of personal data to evaluate aspects of a natural person, such as analysing or predicting performance at work, financial situation, health, preferences, reliability, behaviour, location or movements.
Controller means the person or body that determines the purposes and means of processing personal data.
Processor means a person or body that processes personal data on behalf of the controller.
Recipient means a person or body to which personal data are disclosed. Public authorities that may receive data in the course of an inquiry are not considered recipients.
Third party means anyone other than the data subject, controller, processor and authorised persons under their authority.
Consent of the data subject means a clear indication by which a person signifies agreement to the processing of their personal data.
Personal data breach means a security breach leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to personal data.
Group of undertakings means a controlling undertaking and its controlled undertakings.
Supervisory authority means an independent public authority established by a Member State under Article 51 GDPR.

General

This notice and the Terms and Conditions explain how we collect, process and use your personal data. By registering a Player Account with Crash Pirate Casino online (UK) you agree to this Privacy Policy. If you do not agree or do not want to provide required data, do not use this website.
This Privacy Policy is a binding agreement between you and the Company. It may be updated from time to time. We will try to notify you of changes, but recommend checking this page regularly. Continuing to use the website means you accept the updated Policy.
CrashPirate processes personal data fairly, transparently and in compliance with Regulation (EU) 2016/679 (GDPR).
This website is for users aged 18 and over. We do not knowingly collect data from minors. If such data is collected, it will be handled according to law.

About us
CrashPirate Casino (Casino, Website, Company, we, us, our) is owned and operated by a company incorporated under the laws of Curaçao operates under E-gaming licence issued by the Curaçao Gaming Control Board. All Paysafe payments are processed via Dama N.V. Players are responsible for checking gambling laws in their jurisdiction.
As data controller, we must process personal data to provide games and related services.
We have a Data Protection Officer (DPO) responsible for overseeing compliance. You may contact the DPO about any privacy issues at [email protected].

Contact us
You can contact us at any time to confirm your data, ask how it is used, prohibit marketing, receive a copy of stored data, or update your details. Marketing can be stopped through your account settings or by contacting [email protected] or support chat.

If your request is not answered within 10 days, please follow up using another method. Contact the DPO if you believe your privacy has been violated, deadlines for response were missed, you need clarification, or want a copy of your data across Dama N.V. licences.
We try to respond within one month. Complex or multiple requests may take longer. You will be notified if this is the case.

Information we collect

Information you provide: data you submit when registering, depositing, withdrawing, joining chat, accepting bonuses, completing due diligence or making complaints. This may include name, username, address, date of birth, nationality, ID number, email, phone, payment details, proof of identity, proof of address, proof of funds and photographs.
Technical data: IP address, login details, browser, time zone, plug-ins, operating system, platform, URL visits and cookie information. See our Cookie Policy.
Gameplay data: games played, time spent, interactions.
Analytics data: logs, user activity, clicks, time stamps. Used for troubleshooting, research and analysis.
Other sources: data from other Group sites and third parties such as payment processors, game providers, marketing partners, analytics providers, and credit reference agencies. These process data under our instructions only.

Categories of data

We process identity data, contact data, financial data, transaction data, technical data, usage data, marketing and communications data, and special categories (such as responsible gaming information and racial/ethnic data if provided in documents).

How we use your information

We use your data to:
• Operate your account, accept deposits, process withdrawals, manage fraud, and respond to queries.
• Send marketing (with consent).
• Provide personalised advertising.
• Notify you of service changes.
• Comply with AML and other laws.
• Administer the site, analyse and test data, and improve services.
• Manage fraud and risk, including bonus abuse detection.
• Monitor responsible gambling and assign scores for risk assessment.
• Comply with AML duties and maintain risk registers.
• Improve website and keep it secure.
• Measure advertising effectiveness and recommend products.

Aggregated data may be created for analysis. This is not considered personal data unless combined with identifiers.

Lawful basis

We process data based on contract performance, legal obligations, consent, or legitimate interests, depending on the purpose. A detailed table of categories, collection methods, purposes and legal bases is included.

Sharing of data

We may share data with:
• Group members for services, AML, fraud and responsible gaming.
• Employees who require access for their duties, under confidentiality agreements.
• Game providers where required to deliver games.
• Payment providers for deposits and withdrawals.
• Marketing partners where you consent.
• Regulatory authorities or courts if required by law.
• Client communication providers, AML and KYC tools.
• Advisors, consultants and legal representatives.
• In case of company restructuring, data may transfer to new entities.

Data retention

We retain data as long as necessary to meet service, legal and regulatory needs. Closed accounts are retained as required by law, typically five years from last activity. Data may also be anonymised and used for research.

Your rights

You may request access, correction, erasure, restriction, transfer, object to processing, or withdraw consent. You may also lodge complaints with a supervisory authority. We may require proof of identity to process requests. Responses are usually provided within one month.

Automated decision making

We do not usually make decisions solely based on automation. If we do in individual cases, you will be informed where legally required.

Security of your data

We take measures to protect personal data from loss, misuse, unauthorised access, alteration or disclosure. Access is limited to staff with a business need.
Player accounts are protected by unique ID and password. Two-factor authentication (2FA) is available. You are responsible for keeping login details confidential.

Providers
Cookie Policy

We use cookies. For more information, please see our cookie notice. For more details, you can adjust your preferences in the cookie settings.