burger icon
Slot Site United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Slot Site, provided via https://site-slots.com (the "Website"), collects, uses, stores, shares, and protects personal data. A privacy policy is required to ensure transparency, meet the standards of the UK GDPR and the Data Protection Act 2018, and help you understand your rights and choices.

This Policy applies to players who create or use an account and to website visitors who browse or interact with the Website (including via cookies and similar technologies).

Effective date: 6 November 2025.

Who We Are

OBSERVE: Slot Site is the casino product/brand presented on https://site-slots.com ("Slot Site", "we", "us"). The available profile information indicates that the operator is a limited liability company registered in Malta or Guernsey, but the full legal company name, registered/legal address, and company registration number were not specified in the provided data.

EXPAND: Under UK GDPR, we must provide controller identity and contact details, and (where applicable) the Data Protection Officer (DPO) or responsible privacy contact. Because certain operator identifiers are missing, this section provides the best-available details and explains how you can obtain the missing corporate particulars before exercising rights or escalating a complaint.

REFLECT: For compliance and transparency, we publish/maintain the operator identification and controller details within the Website footer and/or "About/Legal" area, and you may request confirmation at any time.

  • Data controller (operator): Not specified in provided data (limited liability company; registration jurisdiction stated as Malta or Guernsey).
  • Registered/legal address: Not specified in provided data.
  • Company registration number / tax identification: Not specified in provided data.
  • UK regulatory context (gambling): The service is described as targeting the UK market and operating under a UK Gambling Commission remote licence No. 39326 (status described as active as of Jan 2025). This does not replace data protection obligations under UK GDPR.

Privacy contact (DPO / Data Protection Department)

OBSERVE: Telephone support is stated as not provided; customer service is via live chat and email, but no specific support email address is disclosed in the provided data.

EXPAND: UK GDPR requires a workable route to contact the controller about privacy matters. Where a specific email is not displayed in the dataset, we direct users to available channels and commit to publishing a dedicated privacy contact.

REFLECT: Until the dedicated contact details are displayed, you may submit privacy requests via the channels below and we will route them to the responsible privacy function.

  • Website: https://site-slots.com
  • Live chat contact form: URL not specified; availability 08:00-00:00 GMT (outside these hours, a bot takes messages).
  • Email (support / privacy): Not specified in provided data (request via live chat to obtain the current address).
  • Phone: Not specified (no telephone support stated as of Jan 2025).
  • Postal address: Not specified in provided data (request via live chat/email for the current registered address).

What Personal Data We Collect

OBSERVE: Slot Site on site-slots.com collects personal data needed to operate an online casino account, process payments, meet UKGC and AML/KYC obligations, secure the service, and run the Website (including cookie-based features).

EXPAND: Data can be collected directly from you, automatically from your device/browser, or from third parties (e.g., identity verification, payment providers, fraud prevention partners). Some data is required by law/contract; if not provided, we may be unable to open or maintain your account or process withdrawals.

REFLECT: We limit collection to what is necessary for the purposes described in this Policy and apply safeguards proportional to the sensitivity of gambling and financial data.

Categories of data

  • Identity & contact data: full name, date of birth, username, email address, phone number, residential address, nationality and similar identifiers you provide during registration, verification, and support interactions.
  • Verification (KYC) data: copies/images of identity documents, proof of address, age verification results, facial similarity/liveness checks (where used), source of funds/wealth information (where legally required), and related verification metadata.
  • Payment & transaction data: deposit/withdrawal amounts, timestamps, payment method type, partial payment instrument data (e.g., masked card details), banking identifiers required for payouts, chargeback and refund records, and payment processor reference numbers. We do not intentionally store full card CVV data.
  • Gameplay & behavioural data: betting and gameplay history, game interactions, session duration, clicks, preferences, bonus usage, limits settings (e.g., deposit limits), and responsible gambling interactions (including GAMSTOP integration status where applicable to operate the service).
  • Technical & usage data: IP address, device identifiers, browser type/version, operating system, language, time zone, referring URLs, log files, crash reports, performance metrics, and security events.
  • Communications data: messages via live chat (08:00-00:00 GMT), emails (address not specified), complaint submissions, call-back requests (if introduced later), and records of consent/marketing preferences.
  • Cookies and similar technologies: cookie identifiers, pixel tags, SDK signals, and analytics/advertising identifiers, depending on your choices.

Legal Basis for Processing

OBSERVE: Slot Site processes personal data on the lawful bases set out in the UK GDPR. In the gambling context, a significant portion of processing is necessary to perform the contract with you (operating your account) and to comply with legal obligations (e.g., KYC/AML and UKGC requirements).

EXPAND: Different activities rely on different lawful bases; some processing is optional (e.g., marketing, certain analytics/advertising cookies) and you can refuse or withdraw consent without affecting core account operation, except where the processing is required for security, fraud prevention, or legal compliance.

REFLECT: We map each key processing purpose to a lawful basis and apply data minimisation, purpose limitation, and retention controls consistent with UK GDPR and the Data Protection Act 2018.

  • Contract (performance of a contract): to register and manage your account, provide casino services, authenticate you, process deposits/withdrawals, apply bonuses you choose to use, provide customer support via live chat/email, and administer responsible gambling tools you activate.
  • Legal obligation: to meet identity, age, AML/CTF, safer gambling, and regulatory reporting requirements applicable to UK-facing remote gambling operations; to respond to lawful requests from competent authorities; to maintain audit trails where required.
  • Legitimate interests: to secure the Website, prevent fraud and account takeover, perform internal analytics to improve games/UX, maintain service reliability, and defend legal claims-balanced against your rights and expectations.
  • Consent: for optional marketing communications (where required) and for non-essential cookies/trackers (e.g., advertising cookies), which you can manage via cookie settings and marketing preferences.
  • Vital interests: rarely, to protect an individual from serious harm (e.g., responding to credible threats or emergencies).

Purpose of Processing

OBSERVE: We use personal data to provide, secure, and improve Slot Site on site-slots.com, and to meet legal and regulatory expectations for a UK-facing online casino.

EXPAND: Purposes extend beyond "service delivery" to include safeguarding players, preventing financial crime, maintaining evidence for disputes, and ensuring the integrity of games and promotions.

REFLECT: Each purpose below is linked to one or more lawful bases described above, and we avoid using your data for incompatible purposes without additional notice or a valid legal basis.

  • Provide casino services: account creation, login, gameplay, wallet management, deposits/withdrawals, bonus administration, and transaction notifications.
  • Verification & compliance: age and identity checks, AML/KYC and source-of-funds/wealth assessments where required, sanctions screening, and regulatory reporting/recordkeeping.
  • Customer support: responding to queries via live chat (08:00-00:00 GMT; bot outside hours) and email (address not specified in provided data), handling disputes, and quality assurance.
  • Security & fraud prevention: monitoring logins, detecting suspicious patterns, protecting against cyberattacks, and enforcing terms and policies.
  • Service improvement & analytics: understanding how users interact with the Website, diagnosing issues, improving navigation and performance (subject to cookie choices where applicable).
  • Marketing (where permitted): sending newsletters, personalised offers, and product updates by email or on-site messaging, subject to consent/opt-out rules and applicable UK marketing laws (including PECR).

Disclosure & Sharing

OBSERVE: Slot Site shares personal data only where necessary to operate site-slots.com, meet legal obligations, or where you have provided appropriate consent (e.g., certain advertising technologies).

EXPAND: Sharing may involve processors acting on our instructions (e.g., hosting, KYC vendors) and independent controllers (e.g., banks/payment institutions, regulators). We require contractual protections, confidentiality, and security commitments where UK GDPR requires them.

REFLECT: We aim for transparency by categorising recipients and explaining typical sharing triggers, while limiting disclosure to the minimum required.

  • Payment partners and financial institutions: to process deposits/withdrawals, manage refunds/chargebacks, and conduct fraud checks.
  • Identity verification and AML/KYC providers: to verify age/identity and meet legal and UKGC expectations.
  • IT and infrastructure providers: hosting, cloud services, email delivery tools, customer support systems (including live chat), monitoring/logging, and security tooling.
  • Analytics providers: to understand Website performance and user journeys (use may depend on cookie consent, where applicable).
  • Marketing and advertising partners: affiliates and advertising networks where you have given consent or where permitted under applicable law; you can manage marketing and cookie preferences.
  • Regulators and competent authorities: including the UK Gambling Commission and other law enforcement/oversight bodies when required by law or to protect the integrity of the service.
  • Professional advisers: legal, audit, compliance, and risk advisers bound by confidentiality.
  • Corporate transactions: if we sell, merge, or restructure the business, data may be shared under confidentiality and only as permitted by law, with appropriate notices where required.

Regional compliance note (UK): Where disclosure is required for UKGC compliance (e.g., safer gambling, AML), we may not be able to provide the service without the relevant processing and sharing.

International Transfers

OBSERVE: The profile indicates the operator may be registered in Malta or Guernsey (exact jurisdiction not specified). Service providers may also be located outside the UK. Therefore, personal data may be transferred internationally.

EXPAND: Under UK GDPR, transfers outside the UK require appropriate safeguards unless an adequacy regulation applies. We assess destination risks and implement legal mechanisms and security controls for cross-border transfers.

REFLECT: Where we transfer data internationally, we apply one or more of the safeguards below and maintain documentation to evidence compliance.

  • Adequacy regulations (where applicable): we may transfer data to countries/territories recognised by the UK as providing an adequate level of protection.
  • UK International Data Transfer Agreement (IDTA) / UK Addendum to EU SCCs: where adequacy does not apply, we use approved standard contractual safeguards with relevant vendors and partners.
  • Supplementary measures: encryption in transit (TLS 1.2+), encryption at rest where appropriate, strict access controls, minimisation, and vendor security due diligence.

Note: References to the "Privacy Shield" are not relied upon as a primary transfer mechanism for UK GDPR compliance. Where US transfers occur, we use UK-recognised transfer tools and assess supplementary measures.

Data Retention

OBSERVE: Slot Site retains personal data only for as long as necessary for the purposes described in this Policy, including compliance, dispute handling, and security requirements typical for regulated gambling services.

EXPAND: Retention periods differ by data type. Where multiple obligations apply (e.g., AML recordkeeping and dispute limitation periods), we retain for the longer required period, then securely delete or anonymise.

REFLECT: We implement deletion, anonymisation, or aggregation where feasible, and we restrict access to retained data on a need-to-know basis.

  • Account and core profile data: generally up to 5 years after account closure, unless a longer period is required by law, regulatory guidance, or for ongoing disputes/investigations.
  • KYC/AML and compliance records: typically up to 5 years after the end of the customer relationship or longer if required by applicable law/regulator expectations or to establish/defend legal claims.
  • Payment and transaction records: typically up to 6 years for financial/audit purposes (or longer where required), then securely deleted or anonymised where possible.
  • Gameplay history and responsible gambling records: retained for periods necessary to meet regulatory expectations, handle disputes, ensure integrity, and enable safer gambling monitoring; typically aligned with the above account/compliance retention windows.
  • Technical logs and security events: typically 6-24 months depending on log type and security needs, unless needed longer to investigate incidents or fraud.
  • Marketing data: retained until you unsubscribe/withdraw consent or the data is no longer needed; suppression lists (to ensure you are not re-contacted) may be kept for longer on a minimal-data basis.
  • Cookie data: retained according to cookie type (session vs persistent) and your cookie settings; details are provided in the Cookies section.

Deletion criteria: We delete or anonymise data when (i) retention periods expire, (ii) processing purposes have been fulfilled and no lawful basis remains, (iii) a valid deletion request is granted, or (iv) the account is closed and no further retention is required.

Your Rights

OBSERVE: As a user of Slot Site on site-slots.com, you have rights under the UK GDPR and the Data Protection Act 2018. The section request also asks for alignment with Mexican privacy law; while the service is UK-targeted, we provide additional transparency consistent with Mexico's Ley Federal de Protección de Datos Personales en Posesión de los Particulares (LFPDPPP) and related regulations for users who may access the Website from Mexico or whose data may otherwise be handled in a manner engaging those principles.

EXPAND: Some rights are not absolute and may be limited where processing is required by law (e.g., AML/KYC) or necessary for legal claims, fraud prevention, or regulatory compliance. We will explain any refusal and provide appeal/escalation routes. We must also verify identity before fulfilling rights to prevent unauthorised disclosure.

REFLECT: We provide clear procedures, aim to respond within statutory timeframes, and do not charge a fee unless requests are manifestly unfounded or excessive (in which case we may charge a reasonable fee or refuse, as permitted by law).

Your UK GDPR rights

  • Right of access: obtain confirmation whether we process your data and receive a copy, with supporting information.
  • Right to rectification: correct inaccurate data and complete incomplete data.
  • Right to erasure ("right to be forgotten"): request deletion where no lawful basis remains; note that AML/KYC and regulatory recordkeeping may prevent immediate deletion.
  • Right to restrict processing: limit how we use data in certain circumstances (e.g., while accuracy is contested).
  • Right to object: object to processing based on legitimate interests; object to direct marketing at any time.
  • Right to data portability: receive certain data you provided in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible.
  • Right to withdraw consent: withdraw consent for processing that relies on consent (e.g., certain marketing and cookies). Withdrawal does not affect the lawfulness of processing before withdrawal.

Mexican privacy law alignment (ARCO rights and consent principles)

  • ARCO rights: rights of Access, Rectification, Cancellation, and Opposition are conceptually aligned with UK GDPR access/rectification/erasure/objection.
  • Consent and information principles: where processing is not necessary for a legal/contractual purpose, we aim to obtain and record consent (e.g., marketing and non-essential cookies) and provide clear notices about purposes and transfers.

How to exercise your rights (procedure and timeframes)

  1. Submit a request: use live chat (08:00-00:00 GMT; URL not specified) or request the current privacy email address via support (email not specified in provided data). Clearly state you are making a "privacy request" and specify the right you wish to exercise.
  2. Identity verification: we may request additional information to confirm identity (especially for access/portability) to protect your data.
  3. Response timeframe: we aim to respond within 30 days of receiving a valid request and verifying identity. Where permitted, we may extend for complex requests and will inform you of any extension and reasons.
  4. Fees: requests are generally handled free of charge. If a request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse, as permitted by law.
  5. Marketing opt-out: you can object to direct marketing at any time using unsubscribe links (where present) or by updating account preferences (if available) or contacting support.

Cookies & Tracking Technologies

OBSERVE: Slot Site on site-slots.com uses cookies and similar technologies to provide core Website functions, secure sessions, analyse performance, and (where permitted) personalise content and marketing.

EXPAND: Under UK rules (including PECR), non-essential cookies typically require consent. We therefore distinguish between strictly necessary cookies and optional categories, and provide tools to manage preferences.

REFLECT: We aim to make cookie controls accessible and granular, and we honour your choices, subject to technical limitations and required security functions.

Types of cookies

  • Session cookies: temporary cookies that expire when you close your browser; used for login/session continuity and security.
  • Persistent cookies: remain on your device for a set period; used for preferences (e.g., language) and to remember choices.
  • Third-party cookies/trackers: set by third parties (e.g., analytics or advertising partners) when enabled; used for measurement and, where permitted, ad personalisation.

Cookie purposes (typical categories)

  • Strictly necessary (functional/security): enable core functionality such as authentication, fraud prevention, load balancing, and safe navigation. These are generally required for the Website to work.
  • Preferences: remember settings (where available) to improve user experience.
  • Analytics/performance: help us understand usage and improve stability and content; generally used only if you consent where required.
  • Advertising/marketing: measure campaigns, manage affiliate tracking, and show relevant offers; used only where you consent and where permitted by law.

How to manage cookies

  • Cookie banner/settings: use the on-site cookie controls (if presented) to accept, reject, or customise non-essential cookies.
  • Browser controls: you can delete or block cookies via your browser settings. Blocking strictly necessary cookies may affect Website functionality.
  • Account/marketing settings: where available, use account preferences to manage marketing choices; otherwise contact support via live chat/email (email not specified in provided data).

Data Security

OBSERVE: Slot Site processes sensitive data (identity, financial and gambling activity). The Website therefore requires robust technical and organisational measures to protect confidentiality, integrity, and availability.

EXPAND: No security is perfect; however, we implement layered controls aligned with industry practice. Where standards such as ISO/IEC 27001 or SOC 2 are referenced, they indicate the type of control framework we may align with, subject to provider and organisational scope.

REFLECT: We continually review risks, test controls, and update security measures to match threat evolution and regulatory expectations for a UK-facing gambling operator.

Key security measures

  • Encryption in transit: TLS 1.2+ for data transmitted between your device and our services.
  • Encryption at rest: encryption for sensitive datasets where appropriate, with protected key management and access restrictions.
  • Access controls: role-based access, least-privilege principles, logging of privileged access, and periodic access reviews.
  • Multi-factor authentication (MFA): used for administrative access and security-critical systems; may be offered to users where available.
  • Monitoring and audits: security monitoring, vulnerability management, penetration testing, and periodic audits of controls. Where applicable, controls may be benchmarked against ISO 27001 or SOC 2-style requirements.
  • Staff training: privacy and security awareness training, phishing resilience practices, and confidentiality obligations.

Incident response

  1. Detect and contain: identify incidents via monitoring, isolate affected systems, and prevent further unauthorised access.
  2. Assess impact: determine affected data types, number of users, and risk severity.
  3. Notify where required: if a personal data breach is likely to result in a risk to individuals' rights and freedoms, we will notify the relevant authority and affected individuals as required by UK GDPR within applicable timeframes.
  4. Remediate and improve: patch vulnerabilities, update controls, and document lessons learned.

Complaints & Contacts

OBSERVE: The available dataset provides limited direct contact identifiers (no published phone number, no specified support email, no specified postal address; live chat runs 08:00-00:00 GMT). Nonetheless, users must be able to lodge privacy complaints and escalate to supervisory authorities.

EXPAND: A compliant complaint process must include (i) how to contact the privacy function, (ii) clear steps and response times, and (iii) escalation options to relevant authorities. Because some operator identity details are missing, we provide an operational route now and state how to obtain missing contact particulars.

REFLECT: We commit to handling complaints fairly and promptly, documenting outcomes, and informing you of your external escalation rights.

How to contact us about privacy

  • Primary channel: Live chat contact form (URL not specified), available 08:00-00:00 GMT.
  • Email: Not specified in provided data. Request the current privacy/support email via live chat; we will provide it for written correspondence.
  • Phone: Not specified (no telephone support stated as of Jan 2025).
  • Post: Not specified in provided data. Request the registered address via live chat/email for formal notices.

Complaint procedure (step-by-step)

  1. Step 1 - Submit your complaint: describe the issue, relevant dates, your account identifier (do not share full payment card details), and the outcome you seek.
  2. Step 2 - Acknowledgement: we aim to acknowledge within 7 days and may request clarification or identity verification.
  3. Step 3 - Investigation: we review logs, account records, vendor interactions (if involved), and the applicable lawful basis.
  4. Step 4 - Resolution: we aim to provide a substantive response within 30 days, or explain any lawful extension for complex cases.
  5. Step 5 - Escalation: if you disagree with our response, you may escalate to the relevant supervisory authority listed below.

Escalation to supervisory authorities

  • United Kingdom (ICO): Information Commissioner's Office (ICO) - Website: https://ico.org.uk/make-a-complaint/; Phone: 0303 123 1113; Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, United Kingdom.
  • Mexico (INAI): Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI) - Website: https://www.inai.org.mx/; Contact page: https://www.inai.org.mx/contacto/.
  • EU/EEA authorities (where applicable): if EU GDPR applies to a specific processing scenario, you may also contact your local supervisory authority; directory: https://edpb.europa.eu/about-edpb/about-edpb/members_en.

ADR note (gambling disputes): The profile indicates an appointed Alternative Dispute Resolution provider such as eCOGRA or IBAS (exact provider needs clarification). ADR is primarily for gambling/service disputes; privacy complaints are typically handled by data protection authorities such as the ICO.

Updates

OBSERVE: This Privacy Policy may change due to legal/regulatory updates (including UK GDPR guidance), security improvements, operational changes, or changes in how Slot Site features work on site-slots.com.

EXPAND: Users must be informed of material changes in advance where feasible, and be able to understand what changed and what options they have (e.g., adjusting consents, closing the account).

REFLECT: We implement version control and layered notices to ensure you receive meaningful notice without having to re-read the entire document each time.

  • Last updated: November 2025 (6 November 2025).
  • How we notify you:
    • Email notice: where we have your email and the change is material.
    • Website banner/pop-up: for prominent notice on site-slots.com.
    • Account dashboard alert: where an account notification feature is available.
  • Advance notice for significant changes: at least 30 days before material changes take effect, unless a faster change is required for security or legal compliance.
  • Your options: you may (i) adjust cookie/marketing consents, (ii) request clarification via live chat/email, or (iii) close your account if you do not agree with a material change (subject to any legal/regulatory retention requirements described in this Policy).

Changelog (material changes)

  • Nov 2025: Initial publication for Slot Site on site-slots.com; added UK GDPR lawful bases mapping; added detailed complaint escalation contacts (ICO, INAI, EDPB directory); clarified limited availability of phone/email details based on provided data; aligned retention ranges to typical regulated gambling recordkeeping expectations for 2025 operations.