burger icon
Chance Casino United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Chance Casino, operated via the website chancecas.com, collects, uses, discloses and protects personal data of players and website visitors in Great Britain. It is intended for all users of our gambling services and visitors to our online interfaces.

Observe: UK data protection law (UK GDPR and Data Protection Act 2018) requires us to provide clear information about our processing activities. Expand: Because we operate in a regulated gambling sector under the UK Gambling Commission (UKGC), additional obligations apply, including strict KYC/AML rules and responsible gambling duties. Reflect: This Privacy Policy applies to your use of Chance Casino on chancecas.com and should be read together with our Terms and Conditions and Cookies & Tracking Technologies section below.

Effective from: 1 January 2025
Last updated: 6 November 2025

Who We Are

Observe: The gambling services offered through Chance Casino on chancecas.com are provided under a UK Gambling Commission licence. The operational entity is identified in the UKGC public register.

Operator: The services are operated by Apex Gaming UK Ltd, which holds UK Gambling Commission operating licence number 58245 for remote gambling in Great Britain. Apex Gaming UK Ltd is a UK-registered company and a subsidiary of Apex Gaming Group N.V., headquartered and licensed in Malta.

Legal address and registration details: The full registered office address and company registration number of Apex Gaming UK Ltd are published on the UK Gambling Commission public register and on our website chancecas.com. We deliberately reference those official sources to ensure you always have the most current and accurate corporate information.

Data protection responsibility: Apex Gaming UK Ltd is the "data controller" for personal data processed in connection with Chance Casino for players in Great Britain.

Data protection contact (DPO / data protection team)
Expand: You should have a clear contact path for any privacy-related queries. Reflect: You can reach our data protection team using the contact details and channels provided in the "Contact us" / "Support" sections of chancecas.com and within your player account area. These details will include at least one email contact and a postal contact point for privacy matters and may be updated over time; please always refer to the most recent contact information shown on the site.

What Personal Data We Collect

Observe: We collect personal and technical information necessary to operate an online gambling platform safely and in compliance with law. Expand: This includes identity verification, transactional data, device data, behavioural information and tracking technologies. Reflect: The categories below explain what we may process when you use Chance Casino on chancecas.com.

Identification and contact data

  • Personal identification: Full name, date of birth, nationality, gender (where required for regulatory or verification purposes), username and account identifiers.
  • Contact details: Email address, telephone number, residential address, and preferred language of communication.
  • KYC/AML documentation: Copies or data from identity documents (e.g. passport, national ID, driving licence), proof of address, and where required, proof of source of funds or wealth.

Technical and usage data

  • Device and connection data: IP address, approximate location derived from IP, device identifiers, browser type and version, operating system, time zone and language settings.
  • Log data: Login dates and times, session duration, pages viewed, clicks, navigation paths, error logs and other standard web server logs.

Payment and transactional data

  • Payment details: Limited card or payment instrument data (usually tokenised by our payment providers), bank account identifiers where necessary for withdrawals, transaction references and billing details.
  • Gaming and betting history: Deposits, withdrawals, wagers, wins and losses, bonuses used, jackpot contributions, game rounds, limits set, self-exclusion records and account status changes.

Behavioural and profile data

  • Gameplay behaviour: Frequency and duration of play, preferred games, bet sizes, volatility of play and other metrics used for responsible gambling monitoring and anti-fraud checks.
  • Marketing and communication preferences: Records of your consent for email/SMS/push marketing, unsubscribe actions, and engagement with marketing communications.

Cookies and similar technologies

  • Cookies: Small files stored on your device, including session cookies (expire when you close your browser), persistent cookies (remain for a defined period) and third-party cookies (set by analytics, advertising or payment partners).
  • Similar technologies: Web beacons, pixels, SDKs and local storage objects used for fraud detection, analytics, personalisation and marketing (where lawful and consented).

Where we need to collect personal data by law, by UKGC licence conditions, or under a contract with you, and you fail to provide that data when requested, we may not be able to open or maintain your account, or we may have to suspend services.

Legal Basis for Processing

Observe: UK GDPR requires a lawful basis for each processing activity. Expand: Because Chance Casino operates in a highly regulated gambling environment under licence 58245 issued to Apex Gaming UK Ltd, we rely on multiple overlapping legal bases. Reflect: Below we explain the main grounds we use.

Performance of a contract

  • Account creation and management: Processing your registration data, verifying eligibility (e.g. age and location), managing your player account and providing customer support.
  • Provision of gambling services: Enabling deposits, wagers, game participation, withdrawals, bonuses and loyalty schemes, as described in the Terms and Conditions on chancecas.com.

Compliance with legal obligations

  • Gambling regulation (UKGC): Meeting obligations under the Gambling Act, the UKGC Licence Conditions and Codes of Practice, including identity verification, anti-money laundering (AML), counter-terrorist financing and responsible gambling duties.
  • Financial and tax rules: Keeping appropriate transactional and accounting records for the periods required by law.
  • Law enforcement and regulatory requests: Responding to lawful requests from the UK Gambling Commission, law enforcement agencies, courts, tax authorities and other competent bodies.

Legitimate interests

  • Security and fraud prevention: Protecting our platform, players and corporate group (including Apex Gaming Group N.V.) against fraud, abuse, unauthorised access and other harmful activity.
  • Service improvement and analytics: Analysing aggregated or pseudonymised data to understand performance, detect technical issues and improve games and site features.
  • Business operations: Operating Chance Casino efficiently, including group-level reporting, internal governance and risk management.

Consent

  • Marketing communications: Sending email, SMS or push notifications for promotions, bonuses or new features (where we are required to obtain your prior consent under UK GDPR and/or PECR).
  • Optional cookies and tracking: Using non-essential cookies (e.g. advertising cookies) after you have provided consent through our cookie banner or settings.

You can withdraw consent at any time through your account settings, cookie preferences or by following the unsubscribe instructions in our messages. Withdrawal does not affect the lawfulness of processing based on consent before withdrawal and does not affect processing based on other legal grounds.

Purpose of Processing

Observe: We use personal data for clearly defined purposes. Expand: These purposes reflect regulatory requirements, operational needs and user expectations. Reflect: The main purposes are listed below.

  • Providing and operating gambling services: To register and verify you as a player, open and maintain your account, offer games, process deposits and withdrawals, apply bonuses and manage loyalty or VIP schemes.
  • Compliance and risk management: To perform age and identity checks, conduct AML/CTF screening, monitor for suspicious transactions, prevent fraud and meet obligations set by the UKGC and other competent authorities.
  • Responsible gambling: To monitor patterns of play, offer tools such as deposit limits and self-exclusion, and, where appropriate, interact with you about safer gambling.
  • Customer support and communication: To respond to your queries, handle complaints and provide important service updates (including changes to Terms or this Privacy Policy).
  • Analytics and service improvement: To analyse usage trends, test new features, improve site performance and games, and enhance user experience on chancecas.com.
  • Marketing and promotions: To inform you (where lawful and consented) about offers, tournaments and new products related to Chance Casino.
  • Corporate management: To support business planning, reporting and management within Apex Gaming UK Ltd and its parent company, Apex Gaming Group N.V., while applying appropriate safeguards.

Disclosure & Sharing

Observe: Operating an online casino such as Chance Casino requires carefully controlled data sharing with third parties and regulators. Expand: We share only what is necessary, under contract and with safeguards. Reflect: The categories of recipients are described below.

  • Payment service providers and banks: To process deposits, withdrawals and refunds, verify payment instruments, and carry out anti-fraud checks. These providers act as independent controllers or processors depending on the context.
  • Technology and service providers: Hosting providers, game studios, KYC/AML verification services, analytics providers, anti-fraud tools, customer support platforms and IT security vendors who process data on our behalf under written data processing agreements.
  • Regulators and authorities: The UK Gambling Commission (UKGC), financial intelligence units, tax authorities, courts and law enforcement bodies, where we are legally required or permitted to disclose information.
  • Alternative dispute resolution (ADR): The Independent Betting Adjudication Service (IBAS) or other ADR entities approved by the UKGC, when you escalate a gambling-related dispute and we must share relevant data to resolve it.
  • Group companies: Apex Gaming Group N.V. and other group entities (including those operating in Scandinavian and Canadian markets) for consolidated reporting, risk management and, where applicable, shared infrastructure, always subject to appropriate safeguards and, where required, international transfer mechanisms.
  • Affiliates and advertising networks: Where you have given consent, we may share limited pseudonymised information (e.g. identifiers or conversion data) with marketing partners and affiliate networks to measure campaign performance and prevent fraud.
  • Professional advisers: Lawyers, auditors, consultants and similar professionals who are bound by confidentiality obligations and only receive data necessary for their services.
  • Corporate transactions: In connection with mergers, acquisitions, restructurings or asset transfers involving Apex Gaming UK Ltd or Apex Gaming Group N.V., subject to appropriate confidentiality and data protection safeguards.

We do not sell your personal data in the sense commonly understood as a commercial sale of personal information for monetary consideration.

International Transfers

Observe: As part of a group with presence in the United Kingdom and Malta and markets in Scandinavia and Canada, some processing may involve cross-border transfers. Expand: UK GDPR imposes specific rules for transfers outside the UK. Reflect: We apply recognised safeguards for any such transfers.

  • Transfers within the UK and EEA: Data processed within the United Kingdom and the European Economic Area (including Malta where Apex Gaming Group N.V. is based) benefits from equivalent or "adequate" protection under UK and EU law.
  • Transfers to Canada and other countries: Where data is accessed from or transferred to countries outside the UK/EEA (for example, in connection with group operations relating to Canadian or Scandinavian markets), we rely on UK-approved Standard Contractual Clauses or equivalent contractual safeguards, and we assess local laws to ensure an appropriate level of protection.
  • Transfers to service providers: When using non-UK/EEA service providers, we implement standard contractual clauses, technical measures (such as encryption and pseudonymisation) and internal policies to protect your data.
  • No reliance on Privacy Shield: We do not rely on the former EU-U.S. Privacy Shield framework as a transfer mechanism. Where relevant, we use up-to-date transfer tools recognised by the UK Information Commissioner's Office (ICO) and, where applicable, EU authorities.

Copies of the relevant transfer safeguards (or a description of them) can be requested through the contact channels described in the "Complaints & Contacts" section, subject to redactions for commercial confidentiality and security.

Data Retention

Observe: We must keep personal data only for as long as necessary. Expand: Gambling, financial and AML regulations often require us to retain data for minimum periods. Reflect: We apply defined retention periods and then delete or anonymise data where feasible.

  • Player account and identification data: Typically retained for up to 5 years after your account is closed or after our business relationship ends, to meet AML, gambling and legal record-keeping obligations, and to handle potential disputes.
  • Transactional and betting data: Deposits, withdrawals, wagers and game history are normally kept for 5 years from the relevant transaction or from account closure, whichever is later, unless longer retention is required by law or to resolve ongoing disputes.
  • KYC/AML documentation: Copies of identity documents and source-of-funds information are maintained for at least 5 years after the end of the relationship, in line with applicable AML regulations.
  • Marketing data: Data used for marketing is kept until you withdraw consent or object to marketing, after which it is promptly suppressed from active marketing lists but may be retained in a minimal form to respect your opt-out choice.
  • Technical logs and security data: Server logs and security-related data are retained for periods typically between a few months and 2 years, depending on the nature of the data and security needs.

In all cases, we may retain data for longer where necessary to establish, exercise or defend legal claims, to respond to regulatory investigations, or to comply with legal obligations. Once retention periods expire, we either securely delete the data or irreversibly anonymise it so it can no longer be associated with you.

Your Rights

Observe: Individuals have rights under UK GDPR and, where applicable, other privacy frameworks. Expand: While Chance Casino is focused on Great Britain, our practices are designed to be broadly aligned with EU GDPR and, to the extent relevant, Mexican data protection standards. Reflect: Below we describe your key rights and how to exercise them.

Core data protection rights

  • Right of access: You can request confirmation of whether we process your personal data and obtain a copy of that data, together with information about how we use it.
  • Right to rectification: You can ask us to correct inaccurate or incomplete personal data (for example, updating your contact details).
  • Right to erasure ("right to be forgotten"): You can request deletion of your data where it is no longer needed for the purposes for which it was collected, where you withdraw consent (and there is no other legal basis), or where processing is unlawful. This right is subject to legal and regulatory retention requirements, particularly under gambling and AML rules.
  • Right to restriction of processing: You can ask us to limit processing in certain situations, for example while we verify accuracy or assess an objection.
  • Right to object: You can object at any time to processing based on legitimate interests, including profiling for such purposes. You also have an absolute right to object to direct marketing, which we will respect immediately.
  • Right to data portability: For processing based on consent or contract and carried out by automated means, you can request that we provide your data in a structured, commonly used and machine-readable format, or that we transmit it to another controller where technically feasible.
  • Right to withdraw consent: Where we rely on consent (e.g. for optional marketing or cookies), you may withdraw it at any time through your account settings, cookie banner/options or via the unsubscribe link in communications.

Alignment with Mexican privacy standards

For users located in Mexico, we aim for broad alignment with the principles of Mexico's Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP) and its Regulations, including transparency, consent (where required), purpose limitation, proportionality and accountability. While our primary legal framework is UK law, many of the rights described above correspond to rights of access, rectification, cancellation and opposition (ARCO rights) recognised under Mexican law.

How to exercise your rights

  • Request channels: You can submit rights requests through the contact channels provided on chancecas.com (for example, via designated privacy or support contact points described in your account or on the "Contact us" page).
  • Verification: We may need to verify your identity before acting on a request, to protect your account and prevent unauthorised access.
  • Response timeframes: We aim to respond to rights requests within one month (30 days) of receipt. In complex cases or where multiple requests are made, this may be extended by up to a further two months, but we will inform you of any extension and reasons.
  • Fees: We handle rights requests free of charge, unless requests are manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act, as permitted by law.

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority as set out in the "Complaints & Contacts" section.

Cookies & Tracking Technologies

Observe: Cookies and similar tools are essential to operate and improve Chance Casino on chancecas.com. Expand: Some are strictly necessary, while others require your consent under UK law. Reflect: Our cookie controls allow you to manage non-essential cookies.

Types of cookies we use

  • Strictly necessary (session) cookies: Required to log you in, maintain your sessions, secure your account, process payments and provide core site functionality. These are usually session cookies that expire when you close your browser.
  • Functional cookies: Remember your preferences, such as language, region or display settings, and help enhance user experience.
  • Analytics/performance cookies: Help us understand how visitors use the site, which pages are popular, and where errors occur, so we can improve performance and usability.
  • Advertising/targeting cookies: Set by us or third parties (such as affiliate partners or advertising networks) to deliver and measure personalised offers and campaigns, where you have given consent.
  • Similar technologies: Pixels, tags, SDKs and local storage used for fraud prevention, analytics and marketing, treated in a similar way to cookies.

Cookie management

  • On-site controls: When you first visit chancecas.com, and from time to time thereafter, you will see a cookie banner or preference tool allowing you to accept, reject or customise non-essential cookies.
  • Browser settings: You can configure your browser to block or delete cookies. However, blocking strictly necessary cookies may affect the functionality of Chance Casino and could prevent you from using certain features.
  • Consent withdrawal: You may change your cookie preferences at any time via the tools available on the site or by adjusting browser settings. Changes will not affect cookies that are strictly necessary for service operation.

Data Security

Observe: Protecting your data and transactions on Chance Casino is critical. Expand: We use technical and organisational measures consistent with industry good practice. Reflect: While no system is perfectly secure, we work to reduce risks to an acceptable level.

  • Encryption in transit: Data transmitted between your device and chancecas.com is protected using TLS (Transport Layer Security) version 1.2 or higher, helping to safeguard information from interception or tampering.
  • Encryption at rest and access control: Sensitive data is stored in secure environments with logical and physical access controls, and is encrypted or pseudonymised where appropriate. Access is limited to personnel who need it for their role and is governed by role-based permissions.
  • Authentication and account protection: We encourage the use of strong, unique passwords and employ mechanisms to detect suspicious login behaviour. Where available, additional authentication measures may be used to strengthen account security.
  • Security monitoring and audits: We conduct regular vulnerability assessments and security monitoring, and we work with specialised providers to assess and improve our security posture. We aim to align our practices with recognised standards such as ISO 27001 and SOC 2; unless explicitly stated otherwise, references to such standards indicate alignment with good practice rather than formal certification.
  • Staff training and policies: Employees and contractors with access to personal data receive data protection and security training, and are bound by confidentiality obligations and internal policies.
  • Incident response: We maintain procedures to detect, respond to and remediate security incidents. Where a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required, affected individuals, in accordance with legal requirements.

Complaints & Contacts

Observe: You should be able to contact us easily and escalate concerns if needed. Expand: Different authorities oversee data protection and gambling. Reflect: The steps below explain how to raise issues about privacy or data use in relation to Chance Casino on chancecas.com.

Contacting us first

  • Initial contact: If you have any questions, requests or complaints about this Privacy Policy or our handling of your personal data, please contact our data protection team using the contact details and channels indicated on chancecas.com (for example, via designated privacy or support contact points shown in your account or on our "Contact us" page).
  • Information to include: Provide your name, contact details, a description of your concern or request, and any relevant account information so we can identify you and respond efficiently.
  • Response times: We aim to acknowledge your complaint or request promptly and to provide a substantive response within 30 days, subject to any lawful extensions for complex matters.

Escalating to supervisory authorities

  • United Kingdom (primary supervisory authority): If you are located in the UK or your issue relates to our UK operations, you have the right to contact the Information Commissioner's Office (ICO). Up-to-date contact details are available at https://ico.org.uk. Lodging a complaint with the ICO does not affect any other rights you may have.
  • European Union: If you are in the EU and believe your rights under EU GDPR have been affected, you may contact your local data protection authority in your Member State of residence, place of work, or place of the alleged infringement. Contact details are publicly available from the European Data Protection Board (EDPB).
  • Mexico: For users in Mexico, you may raise concerns with the National Institute for Transparency, Access to Information and Personal Data Protection (INAI), in line with the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP) and its Regulations.

Nothing in this section limits your right to seek judicial remedies or to use approved alternative dispute resolution mechanisms for gambling-related disputes such as IBAS, as described in our general terms.

Updates

Observe: Laws, technologies and our services evolve over time. Expand: We may need to update this Privacy Policy to remain compliant and transparent. Reflect: We will communicate material changes in a clear and timely manner.

  • How we notify you: We may update this Privacy Policy from time to time. When we make material changes, we will inform you by appropriate means such as email notifications, in-account messages, banners on chancecas.com or alerts within the Chance Casino interface.
  • Advance notice for significant changes: Where feasible and if changes are significant (for example, introducing new processing purposes or materially altering how we share data), we will provide at least 30 days' advance notice before the new version takes effect, unless an earlier change is required by law or regulatory guidance.
  • Your options: If you do not agree with an updated Privacy Policy, you may stop using Chance Casino, adjust your privacy settings, or request account closure. Continued use of the services after the effective date of changes will generally signify your acknowledgement of the updated terms, to the extent permitted by law.
  • Version control: We will indicate the "Last updated" date at the top of this Privacy Policy and may maintain a brief record or summary of material changes so that you can understand how our practices have evolved up to and throughout 2025.