Seven Casino logo

Seven Casino Privacy Policy

This is how we handle your personal data at Seven Casino. We're a Malta-based operator subject to GDPR — your data is protected under European law.

What We Collect

We collect: name, date of birth, email address, residential address, phone number (if provided for SMS 2FA), payment method details (encrypted via our PCI-DSS compliant processor — we never see your card numbers), KYC documents (passport/ID and proof of address — stored encrypted, accessed only for verification), gameplay history (every spin, bet, win), session data (IP address, browser, device), and support chat transcripts.

Why We Collect It

Identity data is required by Malta Gaming Authority regulation and EU AML rules — we cannot operate legally without it. Payment data is required to process deposits and withdrawals. Gameplay data is required to detect fraud, calculate VIP tier progression, and provide a personalised experience. Session data is required for security (login alerts, fraud detection). Marketing data is opt-in only and used solely for emails you consented to.

How We Protect It

All data is transmitted over 256-bit SSL. Data at rest is encrypted with AES-256. Payment data is tokenised via our PCI-DSS Level 1 processor — we never store raw card numbers. KYC documents are encrypted, accessed only by authorised compliance staff, and deleted after the legally-required retention period (5 years post-account-closure under EU AML rules). Access logs are audited monthly.

SharingWho We Share With

We share data only with: payment processors (Trustly, Revolut, Stripe, PayPal — strictly to process your transactions), KYC verification providers (SumSub, Onfido — strictly for identity verification), the Malta Gaming Authority (regulatory reporting), law enforcement when legally compelled, and game providers (anonymised gameplay metrics for game performance only — never your identity). We do not sell data to advertisers, ever.

Your GDPR Rights

You have the right to: access your data (export everything we hold via the dashboard), rectify inaccurate data, erase your data (subject to legal retention obligations for AML-regulated records), restrict processing, object to processing, and data portability. Exercise any of these rights by emailing privacy at our domain. We respond within 30 days. You also have the right to lodge a complaint with the Maltese Data Protection Commissioner.

Cookies & Tracking

We use essential cookies for session management (you can't log in without them), functional cookies for preferences (language, currency display), and analytics cookies (anonymised — we don't use Google Analytics). We do not use third-party marketing tracking pixels. The cookie consent banner on first visit lets you opt out of analytics. Essential and functional cookies cannot be opted out of for technical reasons.

Data Retention

We retain your data for as long as your account is active plus the legally-required minimum after closure: 5 years for AML-regulated transaction records (this is a hard EU requirement), 7 years for tax records, 1 year for support chat transcripts, immediately deleted for marketing data on opt-out. Anonymised gameplay metrics may be retained indefinitely for game performance research with no identifying information attached.

Last updated: 2026. Seven Casino reviews this policy quarterly. Material changes are communicated by email at least 30 days before taking effect.