Legal
1Red Casino Privacy Policy
How 1Red Casino collects, uses, stores and protects your personal data, including your rights under UK GDPR and how to exercise them.
1Red Casino takes data protection seriously. This page explains in plain English what personal information we collect when you open and use an account, why we collect it, how long we hold it for, who we share it with and what rights you have as a data subject under UK GDPR and the Data Protection Act 2018. Where this policy uses legal terms, we explain them in everyday language.
What personal data does 1Red Casino collect about me?
When you register we collect identifying information including your full name, date of birth, email address, mobile number, country of residence and a password. To verify your account we collect government-issued ID, a proof of address such as a recent utility bill, a selfie and your source-of- funds documentation where required by our licence. When you deposit or withdraw we collect payment method metadata, transaction amounts and timestamps. When you use the site we collect device information, IP address, browser type, log files, gameplay records and communication transcripts with our support team.
We do not collect special-category data such as political opinions, religious beliefs or biometric data beyond what's strictly required to verify your identity through the selfie matching step. We do not sell your data to third parties for marketing purposes.
Why does 1Red Casino need this data and how is it used?
We use your personal data to provide the gambling services you've signed up for, including running your account, processing deposits and withdrawals, serving the games you choose to play, paying out winnings and providing customer support. We use identity and verification data to comply with anti-money laundering law and to meet our licensing obligations. We use device and log data to detect fraud, prevent account takeover and protect the integrity of our games.
With your active consent we use your contact details to send marketing communications about promotions, new games and product changes. You can withdraw consent at any time from inside your account or by clicking unsubscribe in any email. Withdrawing marketing consent does not affect your ability to use the casino, you'll still receive essential service messages such as transaction confirmations and security alerts.
Who does 1Red Casino share my data with?
We share data with payment processors so they can complete your transactions, with identity verification providers such as Veriff and SumSub to confirm your KYC documents, with game studios so the games you play function correctly, with cloud hosting providers who run our infrastructure, and with our auditors and regulators where law requires it. We do not sell or rent your data to unrelated marketing companies.
Where data is transferred outside the UK or European Economic Area, we use standard contractual clauses approved by the Information Commissioner's Office to ensure equivalent protection. A full list of categories of recipients is available on request via support@1redcasino.live.
What are my rights under UK GDPR and how do I exercise them?
You have the right to access the personal data we hold about you, to request correction of inaccurate data, to request erasure of data we no longer need, to object to certain processing, to restrict processing in some circumstances, and to receive your data in a portable format. You also have the right to lodge a complaint with the Information Commissioner's Office if you believe we've handled your data incorrectly.
To exercise any of these rights, email our Data Protection Officer at privacy@1redcasino.live with your account email and the right you wish to exercise. We respond within 30 days as required by law. Note that anti-money laundering law requires us to retain certain account records for at least five years after account closure, even if you request erasure, so some records cannot be deleted on demand. We'll explain which records this applies to when we respond.
Last updated: 29 May 2026. Contact: privacy@1redcasino.live.
How long does 1Red Casino retain my data and where is it stored?
Retention periods at 1Red Casino are set by a combination of legal obligations under UK and international anti-money laundering law, our gaming licence requirements, and our internal data minimisation policy. Active account data is retained for as long as your account is open plus a five-year tail after closure to satisfy AML record-keeping rules. Transaction records and KYC documentation follow the same five-year tail. Marketing data such as email engagement metrics is purged within 30 days of you withdrawing marketing consent.
Where does 1Red Casino physically store my personal data?
Primary data storage sits inside the European Economic Area on infrastructure operated by major cloud providers including Amazon Web Services and Microsoft Azure. Backup copies are held in geographically separate facilities within the EEA to protect against single-region outages. Where data needs to cross borders, for example when a payment provider settles a transaction from a non-EEA hub, the transfer uses standard contractual clauses approved by the UK Information Commissioner's Office to ensure equivalent protection.
Access to your data inside the company is logged and restricted on a least-privilege basis. Customer service agents can see the minimum information needed to answer your question. Engineers see anonymised metadata for product debugging. Only the data protection team and senior compliance staff can access the full personal record, and every access is logged for audit. We run regular penetration tests and external security audits to verify these controls hold up in practice.
What happens to my data if 1Red Casino is sold or restructured?
In the event of a sale, merger or restructuring, your personal data is treated as a regulated business asset and transfers to the new entity under the same protections as today. UK GDPR requires that any new controller continues to honour the consents and retention periods you originally agreed to. You'll receive written notice of any change of controller at least 30 days in advance and you have the right to close your account and request data erasure if you prefer not to continue with the new entity. Standard erasure rules around AML retention still apply, but anything outside that envelope can be deleted on request.
For day-to-day account questions, including data subject access requests and corrections, the fastest route is the Get Help page or a direct email to privacy@1redcasino.live. Account closure and self-exclusion are handled on the Close Account page and both interact with your data retention as set out above. Our Cookie Policy covers browser-side tracking technologies separately.