This Privacy Policy explains how Gold Blitz collects, uses, stores, and protects personal data in connection with player accounts and platform operations. It is established to ensure transparency regarding data handling practices and to comply with data protection legislation applicable in the United Kingdom, including the UK General Data Protection Regulation and the Data Protection Act 2018. The policy describes lawful processing, the types of information obtained during account management, and the security obligations maintained by the brand. Players are advised to review this document to understand their rights and the administrative procedures governing their personal information. Compliance with regulatory requirements forms the foundation of all data-related activities.
Categories of Personal Data Collected and Sources
Gold Blitz processes personal data provided directly by players during registration, account management, and transaction activities. The following categories of information are collected:
- Registration details: full name, date of birth, residential address, email address, and telephone number.
- Identification data: copies of government-issued identification documents, proof of address, and in some cases financial statements or utility bills, for the purpose of age verification and anti-money laundering checks.
- Transactional information: deposit and withdrawal records, payment method details, transaction amounts, and dates of financial activity.
- Technical data: internet protocol addresses, device identifiers, browser type, operating system, and session logs collected through cookies and similar tracking technologies.
- Compliance-related records: information related to self-exclusion requests, interaction with customer support, and any correspondence regarding account restrictions or investigations.
- Behavioural data: gaming session duration, feature interaction patterns such as use of the gold blitz extreme jackpot feature, and engagement with promotional material, where applicable.
Data may also be received from third-party verification services, payment processors, and publicly available registers solely for the purpose of fulfilling legal obligations under UK gambling regulations.
Legal Basis for Processing and Use of Collected Data
All processing of personal data by Gold Blitz is conducted in accordance with one or more lawful bases as defined under UK data protection law. The primary grounds for processing are contractual necessity, legal obligation, legitimate interest, and consent where required.
Contractual necessity applies to the processing of registration details, transactional information, and account management data to facilitate access to platform services, including the operation of games such as the parimatch gold blitz slots. Without this data, the contract for account services cannot be performed.
Legal obligation underpins the processing of identification data and compliance-related records to satisfy duties under the Gambling Act 2005, the Money Laundering Regulations, and licensing conditions imposed by the UK Gambling Commission. This includes verifying player age, preventing financial crime, and maintaining records for regulatory audits.
Legitimate interest supports the processing of technical data and certain behavioural data to ensure system security, prevent fraud, optimise platform performance, and manage player accounts responsibly. Interests are balanced against player rights and privacy expectations.
Consent is obtained for the use of non-essential cookies and for receiving direct marketing communications. Withdrawal of consent does not affect the lawfulness of processing carried out prior to such withdrawal. Features such as the gold blitz free spins demo may rely on technical data processed under legitimate interest without requiring separate consent.
Storage Infrastructure, Security Controls, and Retention Schedules
Personal data is stored on servers located within the European Economic Area and the United Kingdom. Data may be transferred to third-party service providers operating in jurisdictions with adequacy decisions or under standard contractual clauses approved by the UK Information Commissioner’s Office.
Security measures implemented include encryption of data in transit and at rest using industry-standard protocols, pseudonymisation where feasible, firewalls, intrusion detection systems, and role-based access controls restricting data visibility to authorised personnel only. Regular vulnerability assessments and penetration tests are conducted to maintain system integrity.
Retention periods are determined by the purpose of processing and applicable legal requirements. General account data is retained for the duration of the account’s active status and for a period of six years following account closure to satisfy financial and regulatory obligations. Identification documents and compliance records related to anti-money laundering checks are retained for five years after the end of the business relationship. Technical logs are stored for a maximum of twelve months unless required for an ongoing investigation. When retention periods expire, data is securely deleted or anonymised in accordance with internal archiving procedures.
In cases where data is processed in connection with the blazing bison gold blitz slot machine or similar gaming features, only aggregated, non-identifiable statistical information is retained for longer periods for operational analysis.
| Data Category | Retention Period | Basis for Retention |
|---|---|---|
| Account registration data | Duration of account plus 6 years | Contractual and legal obligations |
| Identification and verification documents | 5 years after relationship ends | Anti-money laundering regulations |
| Technical logs and session data | 12 months | Legitimate interest for security |
| Marketing consent records | Until consent withdrawn or 2 years of inactivity | Consent management |
Player Rights and Procedures for Data Access
Players have specific rights under UK data protection law regarding their personal data held by Gold Blitz. These include the right to access a copy of processed data, to rectify inaccurate or incomplete information, to request erasure under certain conditions, to restrict processing where accuracy or lawfulness is contested, to object to processing based on legitimate interest, and to request data portability in a structured, machine-readable format.
To exercise any of these rights, a player must submit a written request via the designated data protection contact channel. Gold Blitz will verify the identity of the requester before processing the request. Identity verification may require submission of a copy of a passport or driving licence and a recent utility bill. Additional information may be requested to confirm the scope of the request.
Requests will be responded to within one calendar month, subject to extension by a further two months for complex or multiple requests. Gold Blitz may charge a reasonable administrative fee where requests are manifestly unfounded, excessive, or repetitive. Refusals to comply with a request will be accompanied by a written explanation and information on how to lodge a complaint with the Information Commissioner’s Office.
Players may also request the deletion of specific types of data, such as records associated with the gold blitz extreme jackpot feature or account notes, provided that legal retention requirements do not prevent such erasure. The right to object to processing applies particularly to direct marketing and any profiling conducted for promotional purposes. Data portability is limited to information provided directly by the player and processed by automated means under consent or contract.