Spacehills Casino Privacy Policy

Spacehills Casino values the privacy of visitors and players. This policy describes what data we collect, how we use it and what rights you have over your personal information. By using our site you agree to the processing described here.

This policy applies to the website spacehills.live and related services. For questions, contact us via our help page.

We respect the core principles of modern privacy law: transparency, data minimisation, purpose limitation and appropriate security. This document is written in plain language because privacy should not be readable by lawyers only. Our platform is strictly limited to people aged 24 and over.

Changes to this policy are announced at the top of the page. For material changes we notify active users by email.

At registration we ask for name, date of birth, email, phone and address. Verification adds identity documents, address proof and payment confirmation. While you use the platform we log transactions, gameplay activity and technical session information.

We also place cookies and similar technologies. See our cookie policy for details.

Technical session info means IP, browser and OS, screen resolution, language, referring page and the times you log in or act. We need this for fraud detection, anti-money-laundering checks and proper functioning across devices. It is not used to track you elsewhere.

Support communications (chat, email, call notes) are kept so we can provide continuous service.

Collected data is used to deliver our service, process payments, meet legal duties (AML, age verification), protect players from problematic gambling and improve the platform via anonymised analysis.

For responsible gambling we look at patterns that may signal loss of control. Sharp deposit spikes, long sessions or repeated attempts to bypass limits can trigger a friendly check-in. See our responsible gambling page.

Marketing is only sent with explicit consent and is revocable any time via the unsubscribe link or account preferences.

Contract performance underpins account creation and management, deposits and withdrawals and game provision. Legal obligation underpins identity verification, AML reporting and retention of certain transaction data.

Legitimate interest covers fraud detection, security and product analysis, provided they do not override your privacy. Consent is the basis for marketing and non-essential cookies, revocable without affecting earlier lawful processing.

Data is never sold or rented. We share only with payment providers, identity verification services, hosting and analytics partners that are contractually bound to confidentiality. Exceptionally we share if legally required, for example a regulator investigation.

Each partner signs a data processing agreement matching current standards, with strict security, minimum-needed access and prompt incident notification.

Some partners sit outside the European Economic Area. We apply Standard Contractual Clauses or an equivalent recognised mechanism so the level of protection stays comparable. A list of countries where our main partners are located is available on request.

All communication is SSL encrypted. Personal data is encrypted at rest. Access is limited to authorised staff and logged. Our infrastructure undergoes regular security audits.

Organisational measures include a confidentiality agreement, annual training and role-based access. All accounts are blocked the moment an employment ends.

Should a data breach occur we notify the competent supervisory authority within the legal window and, where it matters to you, you directly. Transparency comes first.

Under privacy law you have rights of access, correction, deletion, restriction, objection and portability. Requests go through support. We respond within 30 days.

Access lets you obtain a copy of the data we process about you. Correction fixes inaccuracies. Deletion applies unless we are legally required to keep data (tax, AML). Portability provides your data in a structured format.

If you remain unhappy you can lodge a complaint with the competent national data protection authority.

Data we must keep by law, such as transaction history and verification, is held for five to seven years. Marketing data is removed immediately after unsubscribe or account closure. Logs are automatically removed after 90 days.

Per category we apply the minimum legal duration where possible. Support communications are kept two years for quality review, then anonymised. Cookies follow their own life cycle, detailed in the cookie policy.

We segment lightly to offer relevant promotions. A player mostly into live blackjack gets a live blackjack offer rather than a slots tournament. No automated decision with legal effect is applied; edge cases are reviewed by a human.

For any privacy question, request or complaint, contact us via our help page. Make clear it is a privacy matter. Formal data requests need additional identity verification to prevent abuse.

We may update this policy. Changes are published here. Last revision: April 2026.