burger icon
Cazeus United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Apex Gaming Solutions Ltd. collects, uses, discloses and protects personal data when you access and use the Cazeus version of the Cazeus online casino available at cazeys.com, including any related mobile or web interfaces. It applies to players, registered account holders, prospective customers, and other visitors to our website and services. Please read it together with our Terms and Conditions and other policies published on cazeys.com. This Privacy Policy is effective from 6 November 2025 and replaces any earlier versions applying to Cazeus.

Who We Are

The data controller responsible for your personal data in connection with Cazeus is:

Apex Gaming Solutions Ltd.
123, High Street, Sliema, SLM 1540, Malta
(a private limited company incorporated in Malta)

Apex Gaming Solutions Ltd. operates the Cazeus brand for players in Great Britain under a remote gambling licence issued by the United Kingdom Gambling Commission (licence number 555123-R-456789-01). Apex Gaming Solutions Ltd. is a wholly-owned subsidiary of Cazeus Global Holdings Ltd., which also operates the international version of the Cazeus brand under a licence issued by the Malta Gaming Authority.

This Privacy Policy applies to your use of cazeys.com in the context of Cazeus and any related customer support contacts, whether by web, mobile or other digital channels.

How to contact us about privacy:

  • Email: support@cazeys.com (please include "Data protection" or "Privacy" in the subject line so your message can be directed to our data protection team)
  • Postal: Data Protection Team, Apex Gaming Solutions Ltd., 123, High Street, Sliema, SLM 1540, Malta

Our data protection team, supported by a designated Data Protection Officer, is responsible for monitoring compliance with applicable data protection laws, including the UK General Data Protection Regulation and the UK Data Protection Act 2018.

What Personal Data We Collect

Identity and contact information

  • Identification data: full name, date of birth, gender, nationality, place of residence, copies or details of identity documents (such as passport, national ID card, driving licence) for age and identity verification.
  • Contact details: email address, postal address, telephone number(s), communication language, and any contact details you provide to our support team.

Account, behavioural and gambling data

  • Account data: username, account ID, registration date, authentication credentials (stored in encrypted form), preferred settings, responsible gambling tools activated (e.g. deposit limits, time-outs, self-exclusion status).
  • Gaming and betting history: records of games played, stakes, wins and losses, bonuses used, session durations, transaction logs, and other in-game behaviour required for responsible gambling, anti-fraud and regulatory reporting.
  • Interaction data: click-stream data, pages viewed, navigation paths, time spent on particular features, and responses to in-site messages or promotions.

Financial and payment information

  • Payment data: partial payment card details (such as masked card numbers), card expiry date, billing address, digital wallet identifiers, bank account details for withdrawals, and transaction identifiers.
  • Financial history: deposits, withdrawals, chargeback records, verification of source of funds or source of wealth where required by anti-money-laundering (AML) regulations.

Technical and log data

  • Technical identifiers: IP address, device identifiers, browser type and version, operating system, time zone settings, and network information.
  • Log information: login and logout times, failed login attempts, security events, system-generated logs relating to your interactions with our platform and fraud-prevention tools.

Cookies and similar technologies

  • Cookies: small text files stored on your device that may be session-based (expire when you close your browser) or persistent (remain until expiry or deletion).
  • Similar technologies: web beacons, pixels, SDKs, local storage, and device identifiers used for analytics, security, and personalised content or advertising.

Support and communication data

  • Customer support records: copies of emails, chat transcripts, call logs (where calls are recorded), complaint details, and any attachments you provide.
  • Marketing and preference data: your subscription preferences, consent status for email/SMS/push notifications, responses to campaigns, and opt-out records.

We do not knowingly collect or process personal data from individuals under 18 years of age. If we discover that a minor has opened an account, we will close the account and securely delete or anonymise the data, subject to any legal obligations to retain certain information.

Legal Basis for Processing

We process your personal data only when there is a valid legal basis under UK data protection law (UK GDPR and the Data Protection Act 2018). Depending on the context, one or more of the following legal grounds apply:

  • Performance of a contract: We process data that is necessary to enter into, perform and manage our contractual relationship with you, including:
    • creating and managing your player account for Cazeus at cazeys.com;
    • providing access to casino games and related services;
    • processing deposits, bets, wins, losses and withdrawals;
    • providing customer support and handling routine queries and complaints.
  • Compliance with legal obligations: We process data where required by law, regulations or regulatory guidance, including those of the United Kingdom Gambling Commission and relevant AML/CTF legislation. This covers:
    • age, identity and residence verification (KYC checks);
    • monitoring and reporting suspicious transactions for AML/CTF purposes;
    • maintaining accounting, tax and corporate records;
    • complying with responsible gambling and player protection requirements.
  • Legitimate interests: We process data where this is necessary for our legitimate business interests or those of a third party, provided your interests and fundamental rights do not override those interests. These legitimate interests include:
    • preventing fraud, abuse, cheating and other unlawful or unethical behaviour;
    • ensuring network and information security, including detection of attacks;
    • improving the design, performance and usability of cazeys.com;
    • analysing how players use our services to improve features and offerings;
    • establishing, exercising or defending legal claims;
    • communicating with you about similar products or services that you have already purchased, in line with applicable marketing rules.
  • Consent: In certain situations we rely on your freely given, specific, informed and unambiguous consent, for example:
    • sending you marketing emails, SMS or push notifications that go beyond the "soft opt-in" permitted under UK law;
    • placing and reading non-essential cookies (such as analytics or advertising cookies) on your device;
    • processing certain special categories of data (e.g. health-related information you voluntarily provide in the context of responsible gambling tools), where strictly necessary and permitted by law.

Where we rely on consent, you may withdraw it at any time using the mechanisms described in this Privacy Policy. Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal.

Purpose of Processing

We use your personal data for clearly defined purposes. The main purposes include:

  • Provision of casino services: to create and manage your account, verify your age and identity, provide access to games, handle bets and payouts, operate competitions or promotions, and provide customer support.
  • Payments and financial management: to process deposits and withdrawals, verify payment instruments, detect and prevent payment fraud, manage chargebacks, and keep accurate financial records.
  • Regulatory compliance and risk management: to comply with UKGC licence conditions, AML/CTF obligations, responsible gambling requirements, and other applicable legal duties; to manage risks related to fraud, misuse and security incidents.
  • Service improvement and optimisation: to monitor performance, fix bugs, develop new features, and improve our user interface and game offering, based on aggregated or pseudonymised usage data wherever possible.
  • Personalisation and responsible gambling: to tailor certain content or offers based on your profile and behaviour, and to identify potential problematic gambling patterns so that we can apply or suggest appropriate tools (limits, reality checks, time-outs, self-exclusion) in line with our responsible gambling policy.
  • Marketing and promotions: to send you information about products, services, promotions and bonuses related to Cazeus that may be of interest to you, subject to your preferences and applicable consent or opt-out rules.
  • Analytics and business reporting: to compile anonymised or aggregated statistics about usage, performance, marketing campaigns and financial results, for internal reporting and strategic planning.
  • Legal and enforcement purposes: to investigate and resolve disputes, enforce our Terms and Conditions and other policies, respond to lawful requests from authorities, and defend our legal rights.

Disclosure & Sharing

We do not sell your personal data. We may, however, share your data with trusted third parties and authorities where necessary for the purposes set out in this Privacy Policy or where we are legally required to do so. Such recipients include:

  • Group companies: Cazeus Global Holdings Ltd. and other affiliated entities that support the operation, management and development of the Cazeus brand and platform, in particular for shared infrastructure, risk management and reporting functions. Access is limited to what is necessary for each function.
  • Payment and financial service providers: banks, card schemes, payment processors, electronic wallet providers and other financial institutions that process your deposits, wagers and withdrawals, perform fraud checks, and help us comply with AML/CTF obligations.
  • Games, software and platform providers: third-party casino game providers and technology suppliers that provide the games and systems you use on cazeys.com. These providers may require access to certain pseudonymised or limited personal data (such as player IDs, IP addresses, session details) to run the games and detect fraud.
  • Verification and due diligence providers: identity verification services, credit reference agencies (where permitted), sanctions screening tools, address verification services and other third parties who help confirm your identity, age, location, payment details, or source of funds.
  • IT, hosting and security service providers: cloud hosting companies, email and messaging providers, content delivery networks, security monitoring services and other technical providers who support the operation, security and availability of cazeys.com.
  • Analytics and marketing partners: providers of analytics, advertising and campaign tools that help us understand and improve how users interact with our services and, where permitted, deliver personalised marketing. Non-essential advertising and analytics technologies are used only where you have consented through our cookie and preference tools.
  • Professional advisers and auditors: lawyers, auditors, accountants, tax advisers and other professionals who need access to certain data to provide their services, subject to strict confidentiality obligations.
  • Regulators and public authorities: the United Kingdom Gambling Commission, financial intelligence units, tax authorities, law enforcement agencies, courts and other public bodies, where we are legally required or permitted to disclose data (for example, to report suspicious activity, respond to requests, or comply with licence conditions under UKGC licence 555123-R-456789-01).
  • Business transfers: if we undergo a restructuring, merger, sale, joint venture, assignment, transfer or other disposal of all or part of our business, your data may be shared with potential or actual purchasers or partners, subject to appropriate confidentiality and data protection safeguards.

Whenever we share your personal data with service providers, we require them by contract to process the data only on our instructions, to keep it secure, and to comply with applicable data protection requirements.

International Transfers

Your personal data is primarily processed in the United Kingdom and the European Economic Area (EEA), including Malta, where Apex Gaming Solutions Ltd. and Cazeus Global Holdings Ltd. are established. However, some of our service providers and partners may be located, or may store data, outside the UK and EEA.

Where we transfer personal data to countries that have not been recognised by the UK government as providing an adequate level of data protection, we put in place appropriate safeguards to protect your information, such as:

  • standard contractual clauses approved under UK data protection law (including the UK International Data Transfer Addendum where appropriate);
  • the UK International Data Transfer Agreement or equivalent legally recognised transfer mechanisms;
  • binding corporate rules or other internal codes of conduct adopted by group companies and approved by competent supervisory authorities, where applicable.

We also assess the legal framework of the destination country and implement additional technical and organisational measures where necessary to ensure a level of protection essentially equivalent to that in the UK.

You can obtain more information about international transfers and a copy of the relevant safeguards (subject to redactions for security or commercial confidentiality) by contacting us at support@cazeys.com.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, to comply with legal and regulatory requirements, and to resolve disputes or enforce our rights. Retention periods may vary depending on the type of data and the context of processing. In general:

  • Account and identification data (including KYC documents): kept for the duration of your relationship with us and typically for up to five (5) years after account closure or your last transaction, as required by AML/CTF and gambling regulations.
  • Transaction and financial data: records of deposits, bets, wins, losses, and withdrawals are typically retained for up to seven (7) years after the relevant transaction for tax, accounting, and regulatory purposes.
  • Gaming and behavioural data: retained for as long as your account is active and for a subsequent period (usually up to five (5) years after closure) to comply with regulatory requirements, manage responsible gambling obligations, and resolve disputes.
  • Customer support and complaint records: kept for up to six (6) years after resolution of the case, or longer where necessary in relation to ongoing disputes or regulatory investigations.
  • Marketing and consent records: retained for as long as you remain subscribed to marketing communications and for a reasonable period after you unsubscribe (typically up to three (3) years) to maintain evidence of your preferences and respect your opt-out choices.
  • Technical logs and security data: typically retained for between six (6) months and two (2) years, depending on the type of log, to support security, troubleshooting and fraud prevention.

We may retain data for longer than the periods above where necessary in connection with legal claims, regulatory investigations, or where required by law. When data is no longer needed, we will securely delete or anonymise it so that it can no longer be associated with you.

Your Rights

Under UK data protection law, you have a number of rights in relation to your personal data processed in connection with Cazeus at cazeys.com. These rights are subject to certain conditions and legal exceptions:

  • Right of access: you can request confirmation as to whether we process your personal data and obtain a copy of the data, together with information about how and why we process it.
  • Right to rectification: you can ask us to correct inaccurate or incomplete personal data. In many cases, you can update your details directly through your account settings.
  • Right to erasure: you can request that we delete your personal data in certain circumstances, for example where the data is no longer necessary for the purposes for which it was collected, or where you have withdrawn consent and there is no other legal ground for processing. This right may be limited where we are legally required to retain data (e.g. under AML/CTF rules or UKGC licence conditions).
  • Right to restriction of processing: you can request that we restrict processing of your data (for example, where you contest the accuracy of the data or the lawfulness of the processing) while we consider your request.
  • Right to object: you can object, on grounds relating to your particular situation, to processing based on our legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or we need the data for legal claims. You can also object at any time to the use of your personal data for direct marketing, in which case we will stop sending you marketing communications.
  • Right to data portability: you can request to receive certain personal data that you have provided to us in a structured, commonly used and machine-readable format, and to have that data transmitted to another controller where technically feasible and legally permitted.
  • Right to withdraw consent: where we rely on your consent, you can withdraw it at any time, without affecting the lawfulness of processing based on consent before its withdrawal. You can typically do this through your account settings or the unsubscribe link included in marketing messages.

To exercise any of your rights, please contact us at support@cazeys.com, clearly indicating which right you wish to exercise and providing sufficient information to verify your identity (for example, your username and registered email address). We may request additional information if necessary to confirm your identity and protect your account.

We aim to respond to all valid requests within one (1) month of receipt. If your request is complex or we have received a large number of requests, we may extend this period by up to two further months; if we do so, we will inform you of the extension and explain the reasons. We will not charge you a fee for exercising your rights, unless a request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act on the request.

This Privacy Policy is designed primarily to reflect the requirements of UK GDPR and the UK Data Protection Act 2018. Where our international operations involve players or users located in Mexico using other versions of the Cazeus brand, we also seek to align our practices with applicable Mexican data protection law, including the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP), which recognises rights comparable to access, rectification, cancellation and opposition (often referred to as "ARCO" rights). Those rights may be exercised through the same contact channels described above, and will be assessed in light of the specific service and jurisdiction involved.

Cookies & Tracking Technologies

We use cookies and similar technologies on cazeys.com to ensure the proper functioning of our services, enhance your experience, analyse usage and, where permitted, deliver personalised marketing. Cookies may be placed by us (first-party cookies) or by third parties (third-party cookies) acting on our behalf.

Types of cookies we use

  • Strictly necessary cookies: essential for the operation of the site and the provision of services you request, such as enabling core navigation, secure login, session management, and access to restricted areas. These cookies are set in response to your actions and do not require your consent.
  • Functional cookies: enable enhanced functionality and personalisation, such as remembering your login preferences, language settings, and other customisations. If you disable these cookies, some features may not function properly.
  • Performance and analytics cookies: collect information about how visitors use our site (e.g. pages visited, time spent, error messages) to help us understand and improve performance. We typically use aggregated and pseudonymised data for analytics.
  • Advertising and targeting cookies: used, where permitted, to deliver relevant advertisements, measure the effectiveness of campaigns, and limit how often you see a particular advertisement. These cookies may be set by advertising networks and social media providers.

Similar technologies

We may also use web beacons, pixels, SDKs, local storage and device identifiers for similar purposes, including security, fraud prevention, analytics, and marketing campaign measurement.

Managing your cookie preferences

  • You can manage your preferences for non-essential cookies through our cookie consent banner or preference panel, where available. You can change or withdraw your consent at any time.
  • You can configure your browser settings to block or delete cookies, or to alert you when cookies are being placed. However, blocking certain cookies may affect the functionality and performance of cazeys.com.
  • For more detailed information about the specific cookies we use, their purposes and lifetimes, please refer to the cookie information made available through our cookie banner or settings tool.

Our use of cookies and electronic communications is also governed by applicable UK rules, including the Privacy and Electronic Communications Regulations (PECR), and we seek to ensure that consent and transparency requirements are met.

Data Security

We apply appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. While no system is completely secure, we continuously work to maintain a level of security appropriate to the risks associated with online gambling services.

Technical measures

  • Encryption in transit and at rest: data transmitted between your browser and our servers is protected using transport-layer encryption (TLS 1.2 or higher). Sensitive data is encrypted or pseudonymised at rest where appropriate.
  • Secure infrastructure: we use firewalls, intrusion detection and prevention systems, network segmentation, and hardened server configurations to protect our infrastructure.
  • Access control and authentication: administrative and privileged access to systems is restricted on a need-to-know basis, protected by strong authentication mechanisms, including multi-factor authentication for critical systems.
  • Logging and monitoring: we maintain security logs, monitor systems for suspicious activities, and respond promptly to alerts and anomalies.
  • Secure development and testing: we follow secure coding practices, conduct internal reviews, and may perform vulnerability assessments or penetration testing to identify and address potential weaknesses.

Organisational measures

  • Policies and governance: we maintain internal policies and procedures covering data protection, information security, access management, incident response and business continuity.
  • Staff training and confidentiality: employees and contractors who handle personal data receive training on data protection and security obligations and are bound by confidentiality commitments.
  • Vendor management: we assess the security posture of key third-party providers and require them, via contracts, to maintain appropriate security and data protection measures.

Incident response and breach notification

We have procedures in place to detect, investigate and respond to potential personal data breaches. If a breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required by law, inform affected individuals without undue delay. Our information security framework is designed with reference to recognised international standards such as ISO/IEC 27001 and SOC 2, to the extent applicable to our operations and those of our key service providers.

Complaints & Contacts

If you have any questions, concerns or complaints about how we handle your personal data in connection with Cazeus and cazeys.com, you should first contact us so that we can attempt to resolve the issue directly.

How to contact us

  • Email (primary channel): support@cazeys.com - please include "Privacy" or "Data protection" in the subject line and provide details of your concern.
  • Postal address: Data Protection Team, Apex Gaming Solutions Ltd., 123, High Street, Sliema, SLM 1540, Malta.

We aim to acknowledge privacy-related complaints promptly and to provide a substantive response within 30 days of receipt. If your complaint is complex or requires further investigation, we will keep you informed of progress and any extension needed.

Our support team will handle your request in the first instance and, where necessary, escalate it to our data protection team or Data Protection Officer.

Your right to contact supervisory authorities

If you are not satisfied with our response or believe that your data protection rights have been infringed, you have the right to lodge a complaint with the competent supervisory authority. For players located in Great Britain, this is generally the:

Information Commissioner's Office (ICO)
Website: https://ico.org.uk

If your interaction with our services involves other jurisdictions (for example, the international version of the Cazeus brand operated under a Malta Gaming Authority licence), you may also have the right to complain to your local data protection authority. For users located in Mexico using such international services, the competent authority is generally the National Institute for Transparency, Access to Information and Personal Data Protection (INAI), in accordance with the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP.

Please note that this Privacy Policy addresses the processing of personal data. It does not govern how gambling disputes about bets or payouts are resolved. Such disputes may be subject to our Terms and Conditions and, where applicable, escalation to our appointed Alternative Dispute Resolution provider (for example, IBAS) as described in those Terms.

Updates

We may update this Privacy Policy from time to time, for example to reflect changes in our services, legal requirements, regulatory guidance, or technical developments. When we make changes, we will update the "Last updated" date at the end of this document and, where appropriate, provide additional notice.

How we will inform you of changes

  • Minor changes: for non-material updates (such as clarifications or technical adjustments) we will usually publish the revised Privacy Policy on cazeys.com without separate individual notification.
  • Material changes: for significant changes that affect how we process your personal data or your rights, we will provide additional notice by one or more of the following methods:
    • email notification to the address registered on your account;
    • prominent notices or banners on cazeys.com;
    • in-account notifications or messages when you next log in.
  • Advance notice: where feasible and required by law, we will give you at least 30 days' advance notice before material changes take effect.

If you do not agree with the updated Privacy Policy, you may close your account and stop using our services before the changes become effective. Continued use of cazeys.com after the effective date of an updated Privacy Policy will be deemed acceptance of the changes.

We may maintain a high-level summary of material changes (for example, updates to legal references, new types of processing or new categories of recipients) so that you can understand how our practices evolve over time.

Last updated: November 2025