Privacy at Online Casinos

Are you concerned about your privacy and safety at online casinos? Perhaps you wonder whether your payment details are really safe and if your personal information is kept confidential?

On this page, we answer all these questions. We explain how online casinos ensure that information transmitted between their websites and players is kept safe. We also discuss what kind of information the casino collects about you and how this information is used.

How Casinos Protect Your Data

Casinos use sophisticated SSL encryption software to ensure no third parties access your payment information or personal details. 

You can easily recognise SSL-encrypted websites, as their URLs start with HTTPS://, rather than HTTP://. You can also recognise SSL-encrypted websites by the padlock symbol displayed next to the URL in the address field.

What is SSL encryption?

SSL is short for Secure Sockets Layer and is essentially a protocol that encrypts online communication. 

SSL was recently replaced by an updated protocol called TLS (Transport Layer Security); however, SSL is still commonly used when referring to this kind of technology.

SSL protocols are primarily used to secure communications between a client and a server but can also be used to secure email and other communication taking place over unsecured networks. All websites dealing with e-commerce must use SSL encryption to ensure all payment information is kept confidential and safe. 

SSL is a rather complex technology that requires a fair deal of knowledge to be thoroughly understood on a technical level.

Nonetheless, here is a brief and somewhat simplified explanation of how SSL encryption works:

  • When a web browser visits a website, it checks if the website has an SSL certificate. If it does, the two parties begin what is called an SSL handshake.
  • During the SSL handshake, the browser verifies the validity of the SSL Certificate and makes sure that the website is authenticated properly.
  • SSL certificates always have a public key and a private key. These keys separately handle encryption and decryption and are used to communicate securely during the SSL handshake. These two session keys allow the two parties to decrypt the scrambled information on each side of the communication.
  • After the client confirms the certificate is valid, the client and the website’s server create a session key. This is a third key that is used for the remainder of the secure connection.
  • A secure connection is established at the end of the handshake, and the client and server can then communicate safely. This means that information sent between the two parties is encrypted and cannot easily be intercepted and read by unwanted third parties.

How do Online Casinos Get SSL Certificates?

Like all other e-commerce websites, online casinos obtain an SSL certificate from a certificate authority and install the certificate on their web server. 

Certificate authorities are external parties that can confirm website owners’ identities, and they keep copies of all certificates they issue.

Processing of Personal Data

Apart from ensuring a safe and encrypted connection, casinos must follow strict protocols when it comes to handling customer data. 

Casinos always have privacy policy pages on which you can find out exactly what type of data the casino stores about you and how this data is used. 

This is the kind of data the casino records about you:

  • Your personal details, such as name, address and phone number.
  • Your IP address.
  • Transactional information such as bank account numbers, credit card details and general transaction history.
  • Game data, such as which games you play, bets you place and so forth.

The casino will never share your data with third parties unless:

  • It is requested by third parties that assist the casino in providing its services. Such third parties include, but are not restricted to, regulators, game providers and payment processors.
  • It is requested by third parties assisting the casino in verifying the accuracy of your personal information, such as financial institutions and credit card agencies.
  • It is requested by any law enforcement body.
  • It is requested by potential investors and purchasers.

How Long Does a Casino Store Data?

Casinos store data for as long as necessary to fulfil the purposes for which they initially collected the data. 

This means that the casino may keep your data for up to seven years after you have closed your account. 

There are instances in which the casino must keep your data indefinitely, such as when you request a self-exclusion or for legal reasons.

Trusted gambling authorities such as the Malta Gaming Authority require casinos to store customer data for a minimum of five years to prevent money laundering and funding on terrorism. 

As such, you can expect any online casino to retain your data for at least five years.