Privacy Policy

Introduction and Scope

This Privacy Policy explains how buffalospins-casino.co.uk collects, uses, stores, and protects personal data in connection with your use of the site. It applies to all visitors, registered users, and individuals who contact us through any channel associated with the site.

We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. The entity responsible for data processing in relation to this site is identified in the site footer.

Data We May Collect

Depending on how you interact with the site, we may process the following categories of personal data:

  • Identification data — name and email address provided when you contact us or register an account
  • Technical and usage data — IP address, browser type, device information, pages visited, and session duration, collected automatically
  • Communications data — content of messages submitted through contact forms or other written channels
  • Preference data — language or display settings where applicable

We do not collect payment card details or financial account information directly. Where a third-party payment or operator link is involved, data handling is governed by that third party's own privacy policy.

Purposes of Processing

We process personal data for the following purposes:

  • To operate and maintain the site and respond to user enquiries
  • To monitor and improve site security and performance
  • To fulfil legal and regulatory obligations
  • To conduct aggregated, anonymised analytics to understand how the site is used
  • To send administrative communications where you have an account or have made an enquiry

We do not use personal data collected through this site for unsolicited direct marketing without appropriate consent.

Legal Bases for Processing

Processing is carried out on one or more of the following legal bases under UK GDPR:

  • Legitimate interests — operating the site, preventing fraud, and improving service quality
  • Legal obligation — compliance with applicable law
  • Consent — where you have actively provided it (for example, for non-essential cookies)
  • Contract performance — where processing is necessary to provide a service you have requested

Cookies and Similar Technologies

This site uses cookies and similar tracking technologies. Cookies are small data files placed on your device that help us understand site usage and improve functionality. We use:

  • Essential cookies — necessary for the site to function correctly; these cannot be disabled without affecting site operation
  • Analytics cookies — used to collect aggregated information about how visitors use the site; these are only placed with your consent
  • Preference cookies — store settings such as language preferences

You can manage your cookie preferences through the consent mechanism presented when you first visit the site, and subsequently through your browser settings. Note that disabling certain cookies may limit functionality.

Sharing with Third Parties

We do not sell personal data to third parties. We may share data with:

  • Service providers and data processors acting on our behalf (for example, hosting providers or analytics platforms), bound by data processing agreements that restrict their use of your data
  • Regulatory or law enforcement bodies where required by law

Affiliate links on the site may transfer you to third-party operators; once you leave this site, the receiving party's privacy policy governs data handling.

Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by applicable law. Enquiry records are typically retained for a period consistent with standard business and legal requirements. Technical log data is retained for shorter periods aligned with security and operational needs.

Your Rights

Under UK GDPR, you have the right to:

  • Access — request a copy of personal data we hold about you
  • Rectification — request correction of inaccurate or incomplete data
  • Erasure — request deletion of your data in certain circumstances
  • Restriction — request that we limit processing in defined situations
  • Objection — object to processing based on legitimate interests
  • Portability — receive your data in a structured, machine-readable format where applicable

To exercise any of these rights, please contact us through the channels listed on the site. We will respond within the timeframe required by law (generally one calendar month). If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

International Data Transfers

Where personal data is transferred outside the United Kingdom, we ensure that appropriate safeguards are in place in accordance with UK GDPR requirements — for example, through standard contractual clauses or adequacy decisions. We do not transfer data to countries without adequate protections unless a lawful mechanism applies.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our practices. The current version is always available at this URL. We recommend reviewing this page periodically. Where changes are material, we will endeavour to provide notice through the site.

Contact on Privacy Matters

For any questions or requests relating to this Privacy Policy or your personal data, please use the contact channels available on our Contact page. Please describe your request clearly so we can direct it to the appropriate team.