Privacy Policy

21Red Casino Privacy Policy & Data Protection

Our Commitment to Your Privacy

At 21Red Casino, we take your privacy seriously. Every piece of personal and financial information you share with us is handled with the utmost care, discretion, and respect. This policy sets out clearly and honestly how we collect your data, why we use it, and the measures we put in place to keep it safe. We encourage you to read it thoroughly so you feel fully informed and confident when using our platform.

The Information We Collect

When you register an account with us, we ask for certain personal details that allow us to set up and manage your account correctly. This includes your full name, date of birth, residential address, email address, and contact number. These details are collected at the point of registration and may be supplemented as you complete your profile.

As part of our Know Your Customer (KYC) obligations — which are a legal requirement under our operating licence — we will ask you to provide identity and address verification documents before we can process withdrawals or, in some cases, before your account can be fully activated. The documents we typically require are:

  • Proof of identity — a valid passport, national identity card, or driver's licence
  • Proof of address — a recent utility bill or bank statement issued within the last three months
  • Payment method verification — where applicable, confirmation of the payment method used to fund your account

We also collect financial data in connection with deposits and withdrawals. When you transact using Visa, Mastercard, or Skrill, the relevant payment details are processed securely in order to complete those transactions. We do not store full card numbers on our servers; payment processing is handled through certified, PCI-DSS-compliant third-party processors.

Additionally, we may collect technical data such as your IP address, device type, browser information, and session activity. This helps us maintain platform security, detect suspicious behaviour, and improve our service.

How We Use Your Data

The data we collect serves several specific, legitimate purposes. We do not collect information simply for the sake of it — each category of data has a defined function within the operation of your 21Red Casino account.

The primary uses of your personal data include:

  • Account management — creating, maintaining, and updating your player account so that you can access the platform and its features
  • Transaction processing — facilitating deposits and withdrawals efficiently and accurately
  • Fraud prevention and responsible gambling — monitoring account activity to identify irregular patterns, protect against fraudulent use, and flag potential problem gambling behaviours
  • Legal and regulatory compliance — fulfilling our obligations under Anti-Money Laundering (AML) regulations and the conditions of our Malta Gaming Authority licence
  • Customer support — using your account details to verify your identity when you contact us and to resolve any issues effectively

We may also use your contact information to send you service-related communications or, where you have consented, promotional messages about offers and updates. You can opt out of marketing communications at any time through your account settings or by contacting our support team directly. Opting out will never affect your ability to use the casino or access your account.

We process your data on the legal bases of contractual necessity, legitimate interest, legal obligation, and — where applicable — your explicit consent.

Data Sharing & Third Parties

We want to be completely transparent on this point: we do not sell your personal data to any third party, under any circumstances. Your information is not a commodity, and it will never be treated as one.

That said, operating a licensed online casino does require us to share certain data with a limited number of trusted partners who are essential to the delivery of our services. These include:

  • Game providers — software studios whose games appear on our platform may receive anonymised or session-level data necessary for game delivery and technical functionality
  • Payment processors — companies facilitating transactions via Visa, Mastercard, and Skrill receive only the financial data necessary to process your payment
  • Regulatory and licensing authorities — the Malta Gaming Authority may request access to player data as part of their regulatory oversight, and we are legally obliged to comply with such requests
  • Identity verification and fraud prevention services — third-party KYC and AML providers who assist in verifying your identity and protecting against financial crime

All third parties we work with are contractually required to handle your data in accordance with applicable data protection law and are not permitted to use it for any purpose beyond what is strictly necessary. We review these partnerships regularly to ensure ongoing compliance.

Data Security & Retention

Protecting your data from unauthorised access, loss, or misuse is something we invest in continuously. Our platform uses industry-standard SSL (Secure Socket Layer) encryption across all data transmissions, ensuring that information exchanged between your device and our servers cannot be intercepted.

Access to personal data within our organisation is strictly role-based. Only those members of staff who need to access your information in order to perform their duties are authorised to do so. All staff handling personal data are trained in data protection responsibilities and are bound by confidentiality obligations.

Our servers are hosted in secure, access-controlled environments with regular security audits, vulnerability assessments, and monitoring in place. We also maintain incident response procedures so that, in the unlikely event of a data breach, we can act swiftly and notify affected individuals and the relevant authorities in accordance with our legal obligations.

Regarding retention, we keep your personal data for as long as your account is active and for a defined period thereafter. Our retention periods are determined by the legal requirements set out under AML regulations and the conditions of our Malta Gaming Authority licence. In practice, this typically means we retain account and transaction records for a minimum of five years following account closure. Once the relevant retention period expires, data is securely deleted or anonymised.

Your Privacy Rights & How to Reach Us

As a player at 21Red Casino, you have a number of rights in relation to your personal data. These include the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — ask us to correct any inaccurate or incomplete information
  • Erasure — request the deletion of your data, subject to our legal retention obligations
  • Restriction — ask us to limit the way we process your data in certain circumstances
  • Objection — object to our use of your data for direct marketing purposes at any time
  • Portability — request a structured, machine-readable copy of data you have provided to us

Please be aware that some of these rights are subject to legal limitations — for example, we cannot delete data that we are required to retain under AML or regulatory law, even upon request.

If you have any questions about this policy, wish to exercise any of your rights, or need to raise a privacy concern, you are welcome to get in touch with our team. You can reach us via live chat, available daily between 09:00 and 01:00 CET, or by emailing us directly at [email protected]. We aim to acknowledge all data-related enquiries promptly and to resolve them within the timeframes required by applicable law.

To manage your communication preferences or update your account details, you can also visit your account settings directly within the platform.

Updated July 14, 2026