burger icon
Super Bet United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Superbet Limited collects, uses, discloses and protects personal data when you use the supers.casino website and related services offered under the Super Bet product. It applies to players, prospective players and other visitors to supers.casino who interact with our services in 2025.

Please read this policy carefully, as it explains your rights and our obligations under applicable data protection laws, including the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, and other applicable regulations. By using supers.casino you acknowledge that you have read and understood this Privacy Policy.

Effective date: 06 November 2025

Who We Are

The supers.casino website, including the Super Bet product, is operated in Great Britain by Superbet Limited, a limited company registered in England and Wales and licensed and regulated by the Gambling Commission of Great Britain under account number 55644 for Remote Casino and Real Event Betting services.

Registered address (legal address):
Superbet Limited
7th Floor, 90 High Holborn
London, WC1V 6LJ
United Kingdom

You can verify our licence and regulatory status on the UK Gambling Commission public register: https://gamblingcommission.gov.uk/public-register/business/detail/55644.

Data protection responsibility: Superbet Limited is the "data controller" for personal data processed in connection with supers.casino and the Super Bet product. We have designated a data protection function (Data Protection Officer / privacy team) responsible for overseeing questions in relation to this Privacy Policy.

How to contact us about privacy:

  • Postal address: Data Protection Officer, Superbet Limited, 7th Floor, 90 High Holborn, London, WC1V 6LJ, United Kingdom.
  • Online: via the help centre or contact/feedback forms made available within your supers.casino account (where available in 2025).
  • In-product messages: you may send us a secure message through your account messaging tools, where provided.

What Personal Data We Collect

We collect and process different categories of personal data when you visit supers.casino, open or use a Super Bet account, place bets, use our casino games, or interact with us. The main categories are:

Identity and contact data

  • Full name, date of birth, gender and proof of identity documents (e.g. passport, ID card, driving licence) for age and identity verification.
  • Residential address and proof of address documents (e.g. utility bill, bank statement) to comply with KYC and anti-money laundering ("AML") obligations.
  • Contact details such as email address, username, security questions and (where provided) telephone number or mobile number.

Account and transactional data

  • Account credentials and settings, account history, language and market preferences.
  • Betting and gaming history, including stakes, wins/losses, game rounds, session times, self-exclusion status, deposit and loss limits, "Take a Break" and other responsible gambling tools.
  • Payment and financial data, including partial card details (masked), payment method type, wallet identifiers, deposit and withdrawal amounts, and related transaction logs (we do not store full card numbers in plain text).

Technical and usage data

  • IP address, country and approximate location derived from IP, device identifiers, browser type and version, operating system, referral URLs and crash logs.
  • Log data about how you use supers.casino, including login timestamps, pages viewed, clicks, scrolls, time spent on pages, and interaction with specific games or features.
  • Security-related data such as failed login attempts, device fingerprints and risk scores used for fraud and account protection.

Behavioural and profiling data

  • Aggregated betting patterns, favourite sports and games, typical stake sizes and frequency of play.
  • Responsible gambling indicators (e.g. rapid deposit increases, extended session lengths, use of limits) used to detect potential harm and contact you about safer gambling.
  • Marketing and communication preferences, including whether you open or interact with our emails, SMS or push notifications (where applicable in 2025).

Cookies and similar technologies

  • Cookies, SDKs and similar technologies record information about your device and browsing behaviour, including session identifiers, authentication tokens, language settings and analytics data. Further details are provided in the "Cookies & Tracking Technologies" section of this policy.

Legal Basis for Processing

We process personal data only where we have a valid legal basis under the UK GDPR and related laws. Depending on the context, we rely on one or more of the following grounds:

Performance of a contract

  • To create and manage your supers.casino account for the Super Bet product, verify your identity and age, accept bets and wagers, settle markets, pay out winnings and provide customer support.
  • To administer promotions or loyalty programmes that form part of your agreed terms and conditions with us.

Compliance with legal and regulatory obligations

  • To comply with gambling, KYC and AML legislation and regulatory requirements, including those imposed by the UK Gambling Commission, HM Revenue & Customs and other competent authorities.
  • To fulfil record-keeping, reporting, self-exclusion, safer gambling and transaction monitoring obligations under applicable law in 2025.

Legitimate interests

  • To secure our systems and services, prevent fraud and misuse, investigate suspicious activity and protect the integrity of betting markets.
  • To improve and develop our products, including supers.casino features and the Super Bet user experience, through aggregated analytics and statistics.
  • To manage our business, including risk management, internal audits, group reporting and service optimisation, while respecting your privacy.

Consent

  • For certain types of marketing communications, such as email or SMS marketing, where required under UK law and the Privacy and Electronic Communications Regulations (PECR).
  • For cookies and similar technologies that are not strictly necessary for providing the service (e.g. advertising cookies), where we seek your consent through a cookie banner or preference centre.

Where we rely on consent, you may withdraw it at any time through the tools provided (for example, marketing preference settings or cookie controls), without affecting the lawfulness of processing before withdrawal.

Purpose of Processing

We use personal data for clearly defined purposes that are compatible with the reasons for which the data was collected. These purposes include:

  • Providing and operating our gambling services: creating and managing your account, verifying your age and identity, processing deposits and withdrawals, settling bets, providing casino games, and offering customer support through supers.casino for the Super Bet product.
  • Compliance and risk management: fulfilling legal and regulatory obligations (including KYC, AML, sanctions screening, fraud detection, responsible gambling, and mandatory participation in schemes such as GamStop), and responding to lawful requests from regulators and law enforcement.
  • Responsible gambling and player protection: monitoring patterns of play, using tools such as deposit limits, reality checks, cool-off periods and self-exclusion, and contacting you where we identify indicators of potential harm.
  • Improving and developing our services: analysing aggregated usage and behavioural data to understand how users interact with supers.casino, fix bugs, improve performance, optimise game offerings and develop new features.
  • Marketing and personalisation: providing you with news, offers and promotions about Super Bet products on supers.casino, where permitted, and tailoring content, recommendations and promotions to your preferences and behaviour, subject to your consent and preferences.
  • Security and incident management: protecting our systems and users against fraud, abuse, cheating, account takeover and other security incidents, and investigating and resolving disputes or complaints.
  • Corporate purposes: managing our relationship with group companies within Superbet Group, performing internal reporting, audits and analytics, and supporting potential corporate transactions in a privacy-compliant manner.

Disclosure & Sharing

We do not sell your personal data. We only share it with third parties where necessary, proportionate and lawful. The main categories of recipients are:

  • Group companies: other entities within the Superbet Group (including those in Romania and Belgium) that support technology, risk, compliance, customer service, analytics and product development for supers.casino and the Super Bet product, under appropriate intra-group data protection agreements.
  • Payment partners and financial institutions: banks, card schemes, payment processors and wallet providers that process deposits, withdrawals and chargebacks, and assist with fraud and AML monitoring.
  • Service providers: trusted third-party vendors providing hosting, IT infrastructure, security solutions, KYC/AML verification, geolocation, analytics, marketing tools (where permitted), customer support platforms and other business services. These providers act under our instructions as data processors.
  • Regulators and authorities: the UK Gambling Commission, tax authorities such as HMRC, law enforcement agencies and other competent authorities in the UK or other jurisdictions, where required to meet our legal and regulatory obligations or to respond to lawful requests.
  • Alternative Dispute Resolution (ADR) and professional advisers: the Independent Betting Adjudication Service (IBAS) for gambling disputes (https://ibas-uk.com), legal advisers, auditors, consultants and other professional advisers who support our operations under appropriate confidentiality obligations.
  • Advertising and analytics partners: where you have consented to marketing cookies or similar technologies, we may share pseudonymised data with advertising networks and analytics providers to measure campaign performance and tailor advertising, in compliance with UK law and your preferences.
  • Corporate transactions: in connection with any merger, acquisition, sale of assets, restructuring or financing, your data may be shared with prospective counterparties under strict confidentiality, and transferred to a successor entity if the transaction completes.

Whenever we share personal data with third parties, we require them to protect your data appropriately and only use it for the purposes described in this Privacy Policy or as otherwise disclosed to you.

International Transfers

Because Superbet Limited is part of an international group and uses global service providers, your personal data may be transferred to, and processed in, countries outside the United Kingdom. This may include transfers to:

  • Other Superbet Group entities in the European Union/EEA (for example, in Romania or Belgium) supporting supers.casino services and the Super Bet product.
  • Service providers located in the European Economic Area and other jurisdictions, such as data hosting, security, analytics and support providers.
  • Trusted partners in countries that may not have the same level of data protection as the UK.

Where we transfer personal data outside the UK, we ensure an adequate level of protection by:

  • Relying on adequacy regulations adopted by the UK Government (for example, for EEA countries that are recognised as adequate in 2025).
  • Using appropriate safeguards, such as the UK International Data Transfer Agreement (IDTA) or the UK addendum to the EU Standard Contractual Clauses, together with robust technical and organisational measures.
  • In limited cases, relying on your explicit consent or other specific legal derogations, where appropriate and lawful.

We regularly review our transfer mechanisms to ensure that they remain compliant with UK data protection law and relevant guidance as in force in 2025.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, regulatory, accounting and reporting requirements. Retention periods may vary depending on the type of data and our obligations under UK law and gambling regulations.

  • Player account and identity data: generally kept for the duration of your relationship with us and, after account closure, for up to five (5) years (or longer where required) to comply with KYC, AML and regulatory record-keeping obligations.
  • Transaction and betting data: including deposits, withdrawals, bets and game history, retained for at least five (5) years from the date of the relevant transaction, and up to seven (7) years where required for tax or regulatory purposes.
  • Responsible gambling and self-exclusion data: retained for the period of your self-exclusion or limits and for a defined period afterwards (usually up to five (5) years) to protect you and to comply with regulatory expectations.
  • Marketing data: retained while you remain opted-in to marketing and for a short period after you unsubscribe, to record your preference and ensure we honour your request.
  • Technical and security logs: retained for a shorter period (normally up to two (2) years), unless longer retention is needed for security investigations or legal proceedings.

When data is no longer required, we will securely delete, anonymise or aggregate it. Where you exercise your rights to erasure or restriction, we will apply those rights in line with our legal obligations and retention requirements.

Your Rights

Under the UK GDPR and other applicable data protection laws, you have a number of rights in relation to your personal data. We respect these rights and provide procedures to allow you to exercise them free of charge, subject to certain conditions.

Rights under UK and EU data protection law

  • Right of access: you can request confirmation of whether we process your personal data and receive a copy of the data, along with information on how we use it.
  • Right to rectification: you can ask us to correct inaccurate or incomplete personal data (for example, where your address or identity details change).
  • Right to erasure ("right to be forgotten"): you can request deletion of your personal data where it is no longer needed for the purposes for which it was collected, where you withdraw consent (and no other legal basis applies), or where processing is unlawful. This right is subject to our obligations to retain data for regulatory and AML purposes.
  • Right to restriction of processing: you can request temporary restriction of processing, for example while we verify accuracy or investigate an objection.
  • Right to object: you can object to processing based on our legitimate interests, including profiling for responsible gambling or marketing, and we will stop unless we demonstrate compelling legitimate grounds or the processing is required by law. You always have the right to object to direct marketing and profiling related to such marketing.
  • Right to data portability: you can request that certain personal data is provided to you, or to another controller, in a structured, commonly used, machine-readable format, where processing is based on consent or contract and carried out by automated means.
  • Rights related to automated decision-making: where we make automated decisions that produce legal or similarly significant effects (for example, certain risk or affordability checks), you can request human review, express your point of view and contest the decision, within the limits of applicable law.

Alignment with Mexican privacy law (ARCO rights)

If Mexican data protection law applies to you (for example, if you interact with our services from Mexico or otherwise fall within the scope of such laws), you may have additional or overlapping rights under the Federal Law on Protection of Personal Data Held by Private Parties and related regulations, often referred to as ARCO rights:

  • Access: to know which personal data we hold about you, how we obtained it and how we use it.
  • Rectification: to request correction of inaccurate or incomplete data.
  • Cancellation: to request that we cancel or delete personal data when it is no longer necessary, subject to legal retention duties similar to those described above.
  • Opposition: to oppose certain processing of your personal data for specific purposes, such as some marketing activities, where allowed by Mexican law.

We handle such requests in a manner consistent with both UK data protection principles and applicable Mexican data protection regulations, ensuring at least an equivalent level of protection in 2025.

How to exercise your rights

  • Submitting a request: you may exercise your rights by contacting us through the privacy channels described in the "Who We Are" or "Complaints & Contacts" sections, including secure messaging in your supers.casino account or postal mail to our Data Protection Officer.
  • Information we may need: to protect your account and prevent fraud, we may ask you to verify your identity and provide additional information before responding to a request.
  • Response timeframe: we aim to respond to all valid requests within one month (30 days) of receipt, and in any event within the time limits required by applicable law in 2025. For complex or multiple requests, this period may be extended by a further two months, but we will inform you of any extension and the reasons for it.
  • Cost: requests are generally handled free of charge. We may charge a reasonable fee or refuse to act on requests that are manifestly unfounded, repetitive or excessive, in line with applicable law.
  • Local variations: if you are located in the EEA, Mexico or another jurisdiction with specific privacy rules, we will take account of any additional or stricter requirements that apply to you in 2025.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies on supers.casino to provide, protect and enhance our services and to support the Super Bet product. Cookies are small text files placed on your device that store certain information.

Types of cookies we use

  • Strictly necessary (session) cookies: required for the operation of the website and core functionality, such as logging in, maintaining your session, processing bets and ensuring security. These are typically session cookies that expire when you close your browser.
  • Functional (persistent) cookies: used to remember your preferences (for example, language, region, odds format) and to improve your experience. These may remain on your device for a defined period in 2025 unless you delete them.
  • Analytics cookies: first-party or third-party cookies (such as those used by analytics providers) to collect aggregated statistics about how visitors use supers.casino, helping us understand which pages and games are popular and how we can improve performance.
  • Advertising and marketing cookies: used, where permitted, to deliver relevant advertising and measure campaign effectiveness, including on third-party sites. These are typically third-party cookies and similar technologies, and we only use them with your consent where required by law.

Managing cookies

  • You can manage or disable cookies using your browser settings. Most browsers allow you to refuse all or some cookies, or to alert you when a cookie is being set.
  • Where provided, you can also use our internal cookie preference tools or privacy centre on supers.casino to adjust your cookie choices, especially for analytics and advertising cookies.
  • Please note that blocking or deleting strictly necessary cookies may affect the functionality of supers.casino and your ability to use some features of the Super Bet product.

For more detailed information on the cookies we use and their purposes, we may provide a separate Cookie Policy or cookie list linked from our cookie banner or footer in 2025.

Data Security

We take the security of your data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure or destruction. While no online service can be completely secure, we continuously improve our controls to meet high industry standards in 2025.

  • Encryption: data transmitted between your browser or app and supers.casino is protected using TLS (Transport Layer Security) 1.2 or higher. Sensitive data is protected using strong encryption or pseudonymisation at rest, in line with industry best practice.
  • Access controls: access to personal data is restricted to authorised personnel who need it for their role, following the principle of least privilege. Role-based access control, strong authentication measures and, where appropriate, multi-factor authentication are used to protect sensitive systems.
  • Infrastructure and monitoring: we use secure data centres and cloud infrastructure with firewalls, intrusion detection and other security technologies. We monitor our systems for suspicious activity and maintain logs for security investigations.
  • Security testing and audits: we conduct regular security assessments, vulnerability scans and, where appropriate, penetration tests. Our control environment is designed with reference to recognised standards such as ISO 27001 and SOC 2, and we work towards maintaining alignment with those standards across the group.
  • Staff training and policies: employees and contractors with access to personal data receive regular training on data protection, information security, safer gambling responsibilities and confidentiality obligations.
  • Incident response: we maintain incident response procedures to detect, respond to and mitigate security incidents. Where a data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities in accordance with applicable law.

Complaints & Contacts

If you have questions, concerns or complaints about how we handle your personal data in connection with supers.casino or the Super Bet product, we encourage you to contact us first so we can seek to resolve the issue.

How to contact us

  • Postal mail: Data Protection Officer, Superbet Limited, 7th Floor, 90 High Holborn, London, WC1V 6LJ, United Kingdom.
  • Online support: use the help centre, contact forms or secure messaging tools available in your supers.casino account (where enabled in 2025) to submit a privacy-related enquiry or complaint.

Our internal complaint process

  1. Submission: send us your complaint or enquiry, providing as much detail as possible about your concern and the data involved.
  2. Acknowledgement: we will acknowledge receipt of your complaint, usually within a few working days.
  3. Investigation: our privacy team will investigate your complaint, which may involve contacting you for additional information and reviewing relevant logs and records.
  4. Response: we aim to provide a substantive response within one month (30 days) of receiving your complaint, and in any event within the time limits required by applicable law in 2025. If we need more time due to the complexity of the case, we will inform you and explain why.
  5. Escalation: if you remain dissatisfied with our response, you may escalate the matter to the appropriate supervisory authority, as described below.

Supervisory authorities and ADR bodies

  • United Kingdom - Information Commissioner's Office (ICO): you have the right to lodge a complaint with the ICO if you believe we have not handled your personal data lawfully.
    Website: https://ico.org.uk
  • European Union / EEA: if you are located in the European Union or EEA and EU data protection law applies to you, you may also lodge a complaint with your local data protection authority.
  • Mexico - data protection authority: where Mexican data protection law applies to you, you may contact the competent Mexican data protection authority (such as the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales) in relation to your ARCO rights and privacy concerns.
  • Gambling-related disputes in the UK: for disputes regarding the outcome of bets or gambling transactions (not primarily about data protection), you may refer your complaint to the Independent Betting Adjudication Service (IBAS), our appointed Alternative Dispute Resolution body for UK customers, after exhausting our internal complaints process.
    Website: https://ibas-uk.com

Updates

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements or data processing practices. When we make material changes, we will take appropriate steps to inform you in advance, consistent with our obligations and industry standards in 2025.

How we will notify you

  • Email notifications: where appropriate, we may send an email to the address registered on your supers.casino account describing the key changes and their effective date.
  • On-site notices: we may display notifications or banners on supers.casino or in your account dashboard, highlighting important updates to this Privacy Policy.
  • Account messages: we may use secure in-account messaging to notify you of updates and any actions you may need to take.

Effective date, versioning and your options

  • Last updated: November 2025 (version effective from 06 November 2025).
  • Changelog (summary of recent material changes): clarifications on international data transfers, enhanced explanation of responsible gambling processing, inclusion of references to Mexican data protection alignment where applicable, and updated information on supervisory authorities and regulatory context.
  • Advance notice: where we make significant changes that materially affect your rights or how we use your data, we will, where feasible, provide at least 30 days' notice before the changes take effect, so you can review them.
  • Your choices: if you do not agree with the updated Privacy Policy, you may choose to stop using supers.casino and request account closure. Continued use of the Super Bet product on supers.casino after the effective date will be treated as acceptance of the updated policy, to the extent permitted by law.