burger icon
Cbet Сasino
Log In

Privacy Policy

This Privacy Policy explains how c-bet collects, uses, discloses, and protects personal information of players and visitors who access or use the cbet777-ca-play.com website and related services. It applies to users located in Canada and, where applicable, to individuals in other jurisdictions with additional local rights. Effective date: 01 October 2025.

Who We Are

Observe

Operator identity and contacts must be clear for Canadian privacy compliance (PIPEDA). Provided corporate data indicates operations from Curaçao with unresolved licensing details. Canadian users require a reachable privacy contact and mailing address.

Expand

  • Controller: AK Global N.V. (acting as "c-bet" for the cbet777-ca-play.com service), registered office: 9 Abraham de Veerstraat, Willemstad, Curaçao. Corporate registration number: not publicly specified (under verification).
  • Service domain: cbet777-ca-play.com (Canada-facing site). Legacy global site: cbet.gg.
  • Data Protection Office (DPO)/Privacy Office (Canada users): Email: [email protected]; Postal: Privacy Office, AK Global N.V., 9 Abraham de Veerstraat, Willemstad, Curaçao. Phone: not available at this time.

Reflect

AK Global N.V. is the primary data controller for personal information collected via cbet777-ca-play.com. We will update corporate identifiers and licensing references in this section upon verification.

What Personal Data We Collect

Observe

To provide gambling services and comply with AML/KYC obligations in Canada, we collect identity, technical, financial, and behavioral data, plus cookies and logs.

Expand

  • Identity and contact: full name, date of birth, residential address, email, phone, government-issued ID details (e.g., number, expiry, issuing country), selfies/face scans for liveness (where required), proof-of-address documents.
  • Account and usage: username, internal IDs, preferences, communication history, support tickets.
  • Technical data: IP address, device identifiers, OS/browser, language, time zone, session IDs, connection logs, crash/diagnostics.
  • Payments and financial: card BIN/last 4, tokenized payment IDs, bank/IBAN details, e-wallet data, deposits/withdrawals, chargebacks, tax/withholding records. We do not store full raw card PANs; processors may do so in compliance with PCI DSS.
  • Behavioral and gaming: betting history, game rounds, stakes, wins/losses, session duration, RTP exposure, risk flags, self-exclusion and limits, clickstream and interaction telemetry.
  • Marketing data: consent status, email/SMS preferences, campaign interactions, attribution identifiers.
  • Cookies and similar tech: session and persistent cookies, web beacons, SDKs, analytics identifiers, and device fingerprinting used for security and fraud prevention.
  • Sensitive data: We do not intentionally collect sensitive categories (e.g., health) except where anti-fraud or identity verification tools require biometric templates for liveness; such templates are used only for verification and then deleted or tokenized according to vendor policies.

Reflect

Collection is limited to what is necessary for account operation, legal compliance (including AML), security, and service improvement.

Legal Basis for Processing

Observe

Canadian users are governed primarily by PIPEDA; some users may also benefit from GDPR or Mexican LFPDPPP rights depending on residence.

Expand

  • Canada (PIPEDA): We rely on knowledge and consent for reasonable purposes (s.5(3)), with exceptions for legal, security, and fraud-prevention needs. Users may withdraw consent to non-essential processing (e.g., marketing).
  • GDPR (where applicable): consent (Art.6(1)(a)); contract necessity for account operation, deposits/withdrawals, support (Art.6(1)(b)); legal obligations including KYC/AML, recordkeeping, tax (Art.6(1)(c)); legitimate interests such as fraud prevention, service security, and analytics (Art.6(1)(f)), balanced against your rights.
  • Mexico (LFPDPPP, where applicable): consent (express or implied as allowed), fulfillment of obligations arising from a legal relationship, and statutory duties; transfers governed by privacy notices and contractual clauses.

Reflect

We map each processing activity to the appropriate legal framework based on your location and the service provided, prioritizing the most protective regime where laws overlap.

Purpose of Processing

Observe

Processing purposes must be specific and limited to lawful gaming operations, security, compliance, and service enhancement.

Expand

  • Provide and operate services: account creation, identity verification, deposits/withdrawals, gameplay, customer support.
  • Compliance: KYC/AML screening, sanctions/PEP checks, transaction monitoring, recordkeeping, tax reporting.
  • Security and fraud prevention: device fingerprinting, IP reputation, bot/liveness checks, abuse detection, chargeback defense.
  • Service improvement and analytics: performance metrics, feature usage, A/B testing, troubleshooting.
  • Responsible gambling: limits, self-exclusion, affordability and harm indicators, engagement for safer play.
  • Marketing (with consent where required by law, including CASL): newsletters, offers, segmentation, affiliate attribution; you can opt-out anytime.
  • Legal defense and governance: dispute handling, audits, enforcement of terms, risk management.

Reflect

We avoid incompatible secondary uses; new purposes will be disclosed with an updated notice and, where required, new consent.

Disclosure & Sharing

Observe

We use third parties to deliver payments, verification, security, and analytics; disclosures must be limited and safeguarded.

Expand

  • Payment partners: card acquirers, banks, e-wallets, payment gateways for processing deposits/withdrawals and chargeback handling.
  • Verification and compliance vendors: KYC/AML providers, sanctions/PEP screening, liveness/biometric verification (where applicable), age and geolocation services.
  • Service providers (processors): hosting/CDN, security and anti-fraud platforms, analytics, customer support tools, email/SMS delivery.
  • Affiliates and advertising networks: limited identifiers for attribution; marketing sharing occurs only with your consent where required (e.g., under CASL).
  • Corporate transactions: data may transfer in mergers, acquisitions, or reorganization, subject to continuity of protections.
  • Regulators and authorities: disclosures to financial intelligence units, tax authorities, courts, and law enforcement when legally required or to protect rights and users (e.g., FINTRAC obligations under PCMLTFA).

Reflect

All processors are bound by written agreements requiring confidentiality, purpose limitation, and security commensurate with risk.

International Transfers

Observe

Data may be processed in Curaçao, Canada, the EU/EEA, the United Kingdom, the United States, and other locations of our vetted vendors.

Expand

  • Canada: Cross-border transfers are permitted under PIPEDA with notice and safeguards; vendors must provide comparable protection.
  • From the EEA/UK (where GDPR/UK GDPR applies): Standard Contractual Clauses (SCCs) and, for the UK, the IDTA/Addendum; transfer impact assessments and supplementary measures are applied as needed.
  • Mexico: Transfers follow LFPDPPP requirements with contractual clauses reflecting the original purposes and security obligations.
  • U.S. recipients: We rely on SCCs and technical/organizational measures; we do not claim participation in the EU-U.S. Data Privacy Framework unless expressly stated in an updated version of this policy.

Reflect

We assess vendor jurisdictions, implement encryption and access controls, and review safeguards periodically.

Data Retention

Observe

Retention must meet legal minimums (e.g., AML) and avoid unnecessary storage.

Expand

  • Account and identity (KYC) records: up to 5 years after account closure or last transaction to meet AML/recordkeeping duties.
  • Transaction and gaming history: 5 years from the date of the record; longer if needed for disputes, audits, or statutory obligations.
  • Fraud/security logs: 2-7 years depending on risk and limitation periods; high-risk flags may be retained longer to prevent abuse.
  • Marketing data: until you withdraw consent or after 24 months of inactivity, whichever occurs first, unless a longer period is legally permitted.
  • Cookies/analytics: per cookie type and browser settings (see Cookies section).
  • Backups: encrypted backups roll off per fixed schedules; data is deleted or irreversibly anonymized when retention expires.

Reflect

We delete or anonymize data when purposes end, subject to legal holds for investigations or disputes.

Your Rights

Observe

Rights differ by jurisdiction; Canadian users have access/correction and complaint rights; EU/Mexico users may have additional rights.

Expand

  • Canada (PIPEDA): access your personal information; request corrections; withdraw consent to non-essential uses (e.g., marketing); challenge our compliance; obtain information about cross-border practices. Response within 30 days (extensions permitted by law) at no charge, barring reasonable reproduction fees.
  • GDPR (where applicable): rights to access, rectification, erasure, restriction, objection (including to profiling/legitimate interests), data portability, and to withdraw consent without affecting prior processing; right to lodge a complaint with an EU supervisory authority.
  • Mexico (LFPDPPP, where applicable): ARCO rights (Access, Rectification, Cancellation, Opposition) and withdrawal of consent, per your privacy notice and legal limits.
  • Marketing opt-out (including CASL): unsubscribe links/messages or contact us to change preferences.
  • Automated decisions: you may request human review of decisions that produce legal or similarly significant effects where required by law.

Procedures and timelines

  1. Submit a request using the privacy email [email protected] or by postal mail (see Who We Are).
  2. We may ask for additional information to verify your identity.
  3. We respond within 30 days of receipt and verification. If an extension is needed, we will explain why and the expected new timeline.
  4. Requests are generally free of charge; reasonable fees may apply for repeated or manifestly excessive requests where allowed by law.

Reflect

We apply the most protective regime applicable to you and document our decisions. Some rights may be limited by AML, security, or legal retention duties.

Cookies & Tracking Technologies

Observe

Cookies support core functionality, security, analytics, and marketing, with user controls.

Expand

  • Session cookies: essential login and gameplay continuity; expire when you close the browser.
  • Persistent cookies: preferences, remember-me, responsible gambling settings; controlled by set lifetimes.
  • Third-party cookies/SDKs: fraud prevention, analytics, attribution/advertising (used with consent where required).
  • Purposes: functional (site operation), security (bot/fraud detection), analytics (service improvement), advertising (personalized offers, with consent).
  • Controls: manage via your browser settings; reject non-essential cookies via any in-site cookie banner/controls; opt out of analytics/ads where offered. Disabling essential cookies may impair the service.

Reflect

We periodically review third-party tags and minimize identifiers to reduce tracking footprint.

Data Security

Observe

Gambling platforms require strong, layered controls covering transmission, storage, access, and incident response.

Expand

  • Encryption: TLS 1.2+ for data in transit; industry-standard encryption for data at rest, with hardened key management.
  • Access controls: least-privilege IAM, MFA for privileged access, network segmentation, IP allowlists for administrative interfaces.
  • Operational security: secure SDLC, code reviews, dependency scanning, vulnerability management, penetration testing, and regular security audits.
  • Payments: card data processed via PCI DSS-compliant partners; we avoid storing full PANs.
  • Monitoring and response: 24/7 logging, anomaly detection, incident response runbooks, breach notification workflows aligned with applicable law.
  • Training and governance: staff confidentiality and security training, role-based access reviews, vendor risk assessments, and data protection impact assessments where required.
  • Standards: our control framework aligns with ISO/IEC 27001 and SOC 2 principles (this is an alignment statement, not a certification claim).

Reflect

No method is 100% secure; we continuously improve controls and require similar standards from processors.

Complaints & Contacts

Observe

Users need clear channels to contact us and escalate to regulators.

Expand

  • Contact our Privacy Office (primary): Email: [email protected]; Postal: Privacy Office, AK Global N.V., 9 Abraham de Veerstraat, Willemstad, Curaçao. Phone: not available.
  • In-account messages: where available, use Support > Privacy Request for secure communications.
  • Response timelines: we acknowledge within 5 business days and aim to resolve within 30 days, or explain any lawful extension.

Escalation to supervisory authorities

  • Canada: Office of the Privacy Commissioner of Canada (OPC), 30 Victoria Street, Gatineau, QC K1A 1H3; Toll-free: 1-800-282-1376; https://www.priv.gc.ca/
  • Mexico (where applicable): INAI - Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales; Tel: 800 835 4324; https://www.inai.org.mx/
  • European Union/EEA (where applicable): you may complain to your local supervisory authority; list available via the European Data Protection Board: https://edpb.europa.eu/about-edpb/board/members_en

Reflect

We encourage resolving issues with us first; this does not limit your right to complain directly to a regulator.

Updates

Observe

Transparency requires notifying users of material changes and keeping version history.

Expand

  • Notifications: we will notify material changes via email (where permitted), site banner, and/or account alerts.
  • Advance notice: for significant changes (e.g., new categories of personal data or new disclosures), we provide at least 30 days' advance notice and, where required, seek renewed consent.
  • User choices: if you object to changes, you may adjust settings, opt out of marketing, or close your account (subject to AML/legal retention obligations).
  • Version control: Last updated: October 2025. We maintain a changelog of material updates.

Reflect

We will align future updates with evolving Canadian regulations, industry standards, and cross-border transfer requirements.