Privacy Policy

Effective Date: January 1, 2024

Koru Casino ("we," "us," "our," or "Company") is committed to protecting your privacy and ensuring you have a positive experience on our website and platforms. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and utilize our services. Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our services.

1. INTRODUCTION AND CONTROLLER INFORMATION

Koru Casino is the data controller responsible for your personal information. Our principal place of business is registered for operations serving Canadian customers and other jurisdictions as permitted by applicable law. We are committed to complying with Canadian privacy legislation, including the Personal Information Protection and Electronic Documents Act (PIPEDA) at the federal level, as well as provincial privacy laws where applicable, such as Quebec's Law 25 (Bill 64). Additionally, where applicable, we comply with the General Data Protection Regulation (GDPR) concerning users from the European Union or European Economic Area.

For questions about this Privacy Policy or to exercise your privacy rights, please contact us at:

Email: [email protected].

We maintain strict data protection standards and implement appropriate technical and organizational measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction.

2. INFORMATION WE COLLECT

2.1 Information Provided Directly by You

When you register an account, make a deposit, withdraw funds, or contact our customer support team, we collect the following categories of personal information:

Account Registration Information: When you create an account with Koru Casino, we collect your name, email address, date of birth, residential address, telephone number, and username. We require this information to establish your account, verify your identity, and comply with anti-money laundering (AML) and know-your-customer (KYC) regulations.

Payment Information: When you make deposits or withdrawals, we collect financial information including your payment method details. Depending on your chosen payment method, this may include bank account information, credit or debit card numbers (processed securely through encrypted payment gateways), e-wallet details, or cryptocurrency wallet addresses. We do not store complete credit card information on our servers; instead, we utilize PCI DSS compliant payment processors.

Identity Verification Documents: To comply with regulatory requirements and prevent fraud, we may request copies of government-issued identification (passport, driver's license, or national ID), proof of address (utility bills, bank statements), and additional documentation as required by gaming regulations and financial institutions. These documents are processed securely and retained only as long as necessary for compliance purposes.

Communication Information: When you contact our customer support team via email, live chat, or telephone, we maintain records of your communications, including the content of messages, dates, and times of contact. This information helps us provide customer service and maintain accurate records of your interactions with us.

Transaction History: We maintain detailed records of all gaming activity, deposits, withdrawals, and account transactions. This information is essential for account management, regulatory compliance, and dispute resolution.

2.2 Information Collected Automatically

Cookies and Similar Technologies: When you visit our website, we use cookies, web beacons, and similar tracking technologies to collect information about your browsing behavior, device type, operating system, and IP address. These technologies help us personalize your experience, remember your preferences, analyze website performance, and detect fraudulent activity.

Log Files: Our servers automatically record information whenever you access our platform, including your IP address, the type and version of your browser, the pages you visit, the duration of your visits, referring URLs, and information about your device.

Device Information: We collect information about the devices you use to access our services, including unique device identifiers, hardware type, operating system, browser type, and mobile network information.

Geolocation Data: We collect approximate location information based on your IP address to ensure compliance with regional gaming regulations and to prevent access from prohibited jurisdictions. We do not collect precise GPS-based location data unless you explicitly authorize such collection.

Behavioral Data: We track your interaction with our website and gaming platforms, including features you use, games you play, wagers you place, and your gaming preferences. This information helps us improve our services and provide personalized recommendations.

2.3 Information from Third Parties

Verification Services: We may receive information from third-party identity verification providers, credit reporting agencies, and anti-fraud services to verify your identity and assess risk.

Payment Processors: Our payment partners provide us with transaction confirmation data and fraud prevention information.

Regulatory Bodies: In certain circumstances, we may receive information from gaming regulators, law enforcement agencies, and government bodies as required by law.

Marketing Partners: If you engage with our promotional campaigns through affiliate partners or social media platforms, we may receive information about the source of your referral.

3. PURPOSES FOR COLLECTING AND USING YOUR INFORMATION

We collect and process your personal information for the following purposes:

3.1 Service Provision and Account Management

Your information is essential for creating and maintaining your gaming account, processing deposits and withdrawals, managing your account balance, and providing customer support services. We use transaction history to reconcile accounts and ensure accurate record-keeping.

3.2 Legal and Regulatory Compliance

Koru Casino operates in a heavily regulated industry. We process your personal information to comply with gaming regulations, anti-money laundering laws, counter-terrorism financing requirements, and know-your-customer (KYC) obligations. We are required by law to verify customer identity, monitor transactions for suspicious activity, and report to regulatory authorities as mandated. This includes age verification (you must be at least 18 years old or the age of majority in your jurisdiction to use our services) and compliance with responsible gaming requirements.

3.3 Fraud Prevention and Security

We use your information to detect, investigate, and prevent fraudulent activities, unauthorized access, money laundering, and other illegal activities. This includes analyzing transaction patterns, cross-referencing data with fraud databases, and implementing security measures to protect your account and our platform.

3.4 Marketing and Promotional Communications

With your consent (where required by applicable law), we use your contact information to send promotional offers, bonuses, newsletters, and information about new games and features. You can opt out of marketing communications at any time through your account settings or by contacting support.

3.5 Website Improvement and Analytics

We analyze usage patterns, technical performance, and user feedback to improve our website functionality, user experience, game offerings, and service quality. This helps us understand how customers interact with our platform and identify areas for enhancement.

3.6 Responsible Gaming Initiatives

We use behavioral data to identify potential signs of problem gambling and to implement responsible gaming tools such as deposit limits, self-exclusion options, and cooling-off periods. We may contact customers showing signs of problem gambling to offer support resources.

3.7 Dispute Resolution and Customer Service

Your information is retained and used to handle customer complaints, disputes, chargebacks, and inquiries. Having detailed records of your account activity and communications enables us to investigate and resolve issues fairly.

3.8 Legal Obligations and Rights Protection

We may disclose your information when required by law, subpoena, court order, or government request. We also use information to protect our legal rights, enforce our terms of service, and prevent harm to ourselves or other users.

4. LEGAL BASES FOR PROCESSING (GDPR COMPLIANCE)

For users subject to GDPR or similar regulations, we process personal information on the following legal bases:

Performance of Contract: Processing necessary to enter into and perform the gaming services agreement with you.

Compliance with Legal Obligations: Processing required to comply with gaming regulations, AML/KYC laws, and other statutory requirements.

Legitimate Interests: Processing for fraud prevention, security, analytics, and service improvement where our interests are balanced against your rights.

Consent: Where consent is the appropriate legal basis, we obtain explicit consent before processing, such as for marketing communications in certain jurisdictions.

Vital Interests: In rare circumstances where processing is necessary to protect vital interests, such as reporting suspected money laundering to authorities.

5. DATA RETENTION

We retain your personal information for as long as necessary to provide services, comply with regulatory obligations, and resolve disputes:

Active Accounts: While your account is active, we retain all account information, transaction history, and behavioral data.

Closed or Inactive Accounts: After account closure or prolonged inactivity (typically six months to two years depending on regulatory requirements), we retain identifying information, transaction records, and compliance documentation for a minimum of five to seven years to comply with tax regulations, gaming laws, and anti-money laundering requirements.

Communication Records: We retain customer service communications for a minimum of three years or longer if required for dispute resolution.

Identity Verification Documents: Original identity verification documents and proof of address are typically retained for five to seven years in accordance with AML regulations.

Cookies and Tracking Data: Cookie data is typically retained for the duration of your browser session or up to two years, depending on cookie type.

Deleted Information: Upon request, we delete personal information where legally permitted, except where retention is required by law. Deleted information may persist in backup systems for an additional period before being purged.

6. INFORMATION SHARING AND DISCLOSURE

6.1 Service Providers and Processors

We share personal information with third-party service providers who perform functions on our behalf, including:

  • Payment processors and financial.
  • Identity verification and fraud prevention.
  • Website hosting and infrastructure.
  • Customer support.
  • Analytics and marketing service.
  • Legal and compliance.
  • Accountants and.

These service providers are bound by confidentiality agreements and are only permitted to use your information to the extent necessary to provide their services.

6.2 Gaming Regulators and Government Agencies

We disclose information to gaming regulatory authorities, law enforcement agencies, and government bodies as required by law or in response to legal process. This includes reporting suspicious transactions to financial intelligence units and providing information in response to subpoenas or regulatory investigations.

6.3 Parent Company and Affiliates

If Koru Casino is acquired or merged with another entity, your information may be transferred as part of that transaction. We notify you of any such changes and any choices you may have regarding your information.

6.4 Legal Requirements

We may disclose information when required by law, court order, subpoena, or government request, or when we believe in good faith that such disclosure is necessary to comply with legal obligations, protect our rights, or prevent harm.

6.5 Your Consent

We may disclose information to third parties with your explicit consent for purposes other than those described in this Privacy Policy.

6.6 Aggregated and De-identified Information

We may share aggregated, anonymized, or de-identified information that cannot identify you with third parties for research, marketing, analytics, and other purposes without restriction.

7. SECURITY OF YOUR INFORMATION

Koru Casino implements comprehensive technical and organizational security measures to protect your personal information:

Encryption: All sensitive data, including payment information and personal identifying details, are encrypted using industry-standard SSL/TLS encryption protocols during transmission.

Access Controls: Access to personal information is restricted to authorized employees, contractors, and service providers who have a legitimate need to access the information. We employ role-based access controls and principle of least privilege.

Secure Servers: Our servers are housed in secure, climate-controlled data centers with restricted physical access, surveillance systems, and redundant security protocols.

Password Protection: User accounts are protected by strong password requirements, and we encourage the use of two-factor authentication for enhanced security.

Regular Security Audits: We conduct regular security assessments, penetration testing, and vulnerability scanning to identify and address potential security risks.

Employee Training: Our staff receives regular privacy and security training to ensure they understand their obligations regarding data protection.

Incident Response: We maintain an incident response plan and monitor our systems for security breaches. In the event of a data breach, we notify affected individuals and regulatory authorities as required by law.

While we implement robust security measures, no security system is entirely impenetrable. We encourage you to protect your account credentials and report any suspicious activity to support.

8. YOUR PRIVACY RIGHTS

8.1 Canadian Privacy Rights (PIPEDA)

Under the Personal Information Protection and Electronic Documents Act (PIPEDA), you have the right to:

  • Access: Request access to the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete.
  • Deletion: Request deletion of your information where permitted by law.
  • Opt-out: Opt out of promotional communications and certain uses of your.
  • Complaint: File a complaint with the applicable privacy.

8.2 Quebec Privacy Rights (Law 25)

Residents of Quebec have additional rights under Quebec's updated privacy legislation:

  • Right to Information: Request detailed information about how your data is used.
  • Right to Consent Management: Withdraw consent for processing at any time.
  • Right to Deletion: Request deletion within specific.
  • Right to Portability: Request your information in a portable.
  • Remedies: Access to remedies and compensation for privacy.

8.3 GDPR Rights (European Users)

If you are an EU or EEA resident, you have the following rights under GDPR:

  • Right of Access: Request access to your personal data.
  • Right to Rectification: Request correction of inaccurate data.
  • Right to Erasure: Request deletion of your data (subject to legal retention requirements).
  • Right to Restrict Processing: Request that we limit our processing of your.
  • Right to Data Portability: Request your data in a structured, portable.
  • Right to Object: Object to certain processing, including.
  • Right to Lodge a Complaint: File a complaint with your local data protection.
  • Rights Related to Automated Decision Making: Request human review of decisions made through automated.

8.4 Exercising Your Rights

To exercise any of the above rights, contact us at [email protected] with your request. We will respond within legally mandated timeframes (typically 30 days under PIPEDA, 45 days under GDPR, and as specified under Quebec law). We may require verification of your identity before fulfilling requests.

9. COOKIES AND TRACKING TECHNOLOGIES

9.1 Types of Cookies

We use the following categories of cookies:

Essential Cookies: Required for basic website functionality, account security, and service provision. These cookies cannot be disabled without affecting site functionality.

Performance Cookies: Collect information about how you use our website to help us improve performance, identify errors, and understand user preferences.

Marketing Cookies: Track your activity to deliver targeted advertisements and measure marketing campaign effectiveness. These cookies may be placed by third-party advertising partners.

Analytics Cookies: Enable us to understand visitor behavior, traffic patterns, and engagement metrics through analytics platforms.

9.2 Cookie Management

Most web browsers allow you to control cookie settings through preferences. You can typically choose to reject cookies or be notified before a cookie is set. However, disabling cookies may affect your ability to use certain features of our website. We provide a cookie consent banner on our website allowing you to manage cookie preferences.

9.3 Do Not Track Signals

Some browsers include a "Do Not Track" feature. Currently, there is no industry standard for recognizing DNT signals, and Koru Casino does not respond to DNT browser signals. However, you can use other tools to control data collection and use as described in this section.

10. THIRD-PARTY LINKS AND SERVICES

Our website may contain links to third-party websites and services that are not operated by Koru Casino. This Privacy Policy does not apply to third-party websites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party sites before providing your information.

11. CHILDREN'S PRIVACY

Koru Casino's services are not intended for individuals under the age of 18 or the age of majority in their jurisdiction, whichever is higher. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will promptly delete such information and terminate the child's account. If you believe we have inadvertently collected information from a child, please contact us immediately at [email protected].

12. RESPONSIBLE GAMING AND DATA PROTECTION

We are committed to promoting responsible gaming and protecting vulnerable individuals. We use your personal information to:

  • Monitor your gaming activity for signs of problem.
  • Implement responsible gaming tools including deposit limits, loss limits, and time-out.
  • Provide access to self-exclusion.
  • Offer resources and support information for problem.

If you wish to discuss your gaming habits or access responsible gaming features, please contact our support team.

13. INTERNATIONAL DATA TRANSFERS

Koru Casino may transfer your personal information to countries outside Canada or the EU/EEA for processing by our service providers, affiliates, or as required by law. By using our services, you consent to such transfers. Where applicable, we implement appropriate safeguards such as Standard Contractual Clauses or adequacy decisions to ensure your information receives adequate protection.

14. AMENDMENTS TO THIS PRIVACY POLICY

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website and updating the "Effective Date" at the top of this document. Your continued use of our services following notification of changes constitutes your acceptance of the updated Privacy Policy.

15. CONTACT INFORMATION AND COMPLAINTS

15.1 Privacy Inquiries

For questions about this Privacy Policy, requests to exercise your privacy rights, or to report privacy concerns, please contact:

Email: [email protected].

We will respond to inquiries within 30 days or such shorter period as required by applicable law.

15.2 Regulatory Complaints

If you are not satisfied with our response to a privacy concern, you have the right to lodge a complaint with the appropriate regulatory authority:

For Canadian residents (Federal Level): Privacy Commissioner of.

For Quebec residents: Commission d'accès à l'information du Québec (CAI).

For EU/EEA residents: Your local data protection authority (Data Protection Authority in your country).

16. CALIFORNIA CONSUMER PRIVACY ACT (CCPA) NOTICE

While Koru Casino is primarily designed for Canadian users, if you are a California resident, you may have certain rights under the California Consumer Privacy Act. To the extent CCPA applies, you have the right to know, delete, and opt-out regarding your personal information. Please contact us for more information about your CCPA rights.

17. FINAL PROVISIONS

This Privacy Policy, along with our Terms of Service, constitutes the entire agreement between you and Koru Casino regarding the collection and use of personal information. If any provision of this Privacy Policy is found to be unenforceable, the remaining provisions will continue in effect. Our failure to enforce any right does not constitute a waiver of that right.

Last Updated: January 1, 2024.

Koru Casino is committed to your privacy and data protection. Thank you for trusting us with your personal information.

🎲

Koru Casino Casino

Welcome Bonus

Claim Bonus at Koru Casino →
Koru Casino responsible gaming