Privacy Policy

General Information

Rooli Casino takes user privacy seriously and operates in complete compliance with key data protection laws such as the Personal Information Protection and Electronic Documents Act (PIPEDA) and the General Data Protection Regulation (GDPR). The guidelines apply to every interaction on the site, including all services and related communications. Access is restricted to adults aged 18 and above. We make every effort to avoid collecting information from anyone under this age, and if we identify such data, we follow strict legal procedures to handle it appropriately.

About the Operator

The platform is owned and managed by Novatrix SRL, a Costa Rican company registered under number 3-102-893958. The registered office is situated in the Province of Cartago, County of Oreamuno, Potrero Cerrado, on the north side of Manuel Ávila Camacho School. As the data controller, Novatrix SRL decides how and why personal information is processed according to the details provided in this policy.

To ensure ongoing adherence to data protection standards and to handle any related questions, the company has appointed a Data Protection Officer (DPO). Users may contact the DPO directly at [email protected] for clarifications about this policy, to exercise their rights, or to report any issues concerning their personal data.

Types of Personal Data Collected

To deliver high-quality services, maintain security, and meet regulatory requirements, we collect several categories of information. These typically include:

Identity details such as your full name, chosen username, date of birth, gender, nationality, and government-issued identification like passport or ID numbers.

Contact information covering your home address and supporting documents, email address, telephone number, and preferred communication methods.

Financial records including banking information, payment card details, and proof of funds or wealth such as bank statements or income verification.

Transaction history related to deposits, withdrawals, and other monetary activities on the platform.

Gaming behaviour covering the games you play, session durations, betting patterns, bonus participation, and any responsible gaming measures.

Technical data such as your IP address and general location, login details, browser and device specifications, operating system, and connection methods.

Marketing preferences including your choices about receiving promotional content and any additional information provided during support interactions.

Purposes and Legal Basis for Processing

We process personal data for specific, justified reasons supported by relevant legal grounds:

Service delivery, which involves account management, processing payments, verifying identities, providing customer assistance, and delivering promotions — all based on contractual obligations.

Legal compliance, including anti-money laundering (AML) checks, Know Your Customer (KYC) verification, responsible gaming initiatives, and mandatory regulatory reporting — grounded in legal requirements.

Fraud prevention and risk management to detect and prevent suspicious activity, bonus abuse, and other threats — justified by our legitimate interests in protecting the platform and its users.

Marketing and personalization to send relevant offers and customized communications — based on consent or legitimate business interests.

Analytics and service improvement to understand usage patterns, resolve technical issues, and enhance the overall player experience — supported by legitimate interests.

Security protection to defend the website against potential threats — backed by both legitimate interests and legal duties.

Sources of Data Collection

We obtain information from various trustworthy sources to ensure accuracy and regulatory compliance. Primary sources include data you provide directly during registration or while using our services. Additional details may come from identity and address verification agencies, financial institutions handling transactions, specialized AML and politically exposed persons (PEP) screening databases, responsible gaming and regulatory authorities, as well as partners such as affiliates and analytics providers who may share anonymized or pseudonymized information.

Sharing Personal Information with Third Parties

To run our operations smoothly, we may share data with trusted third parties under strict agreements. Recipients can include affiliated companies for internal compliance and risk management, game developers who need basic information to supply their content, payment service providers for handling transactions, marketing partners only when you have given explicit consent, and official regulatory bodies when required by law. We also collaborate with AML and KYC service tools, messaging platforms, and professional advisors like legal experts, all of whom operate under formal data processing contracts.

In the event of a corporate transaction such as a merger or acquisition, personal data may be transferred to the successor organization, with advance notice given whenever feasible. Every third party is contractually obligated to process information lawfully, securely, and only for the specified purposes. We always minimize the volume of shared data and prevent partners from using it for their own independent goals.

International Data Transfers

If personal information is transferred outside the European Economic Area (EEA), we implement appropriate safeguards. These typically involve Standard Contractual Clauses endorsed by the European Commission or transfers to countries deemed to offer an adequate level of protection, thereby maintaining strong privacy protections for all users.

Data Retention Practices

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations. Retention periods depend on the nature of the data, relevant regulations, and associated risks. For example, anti-money laundering legislation often requires certain records to be kept for a minimum of five years following account closure, which may prevent immediate deletion in those instances. Anonymized information can be retained for extended periods to support ongoing service development and analytical purposes, without relying on automated decision-making processes.

User Rights and Consent

By accessing and using the platform, you indicate your acceptance of the data handling practices described in this policy, in accordance with applicable laws. Under GDPR and PIPEDA, you hold several key rights. These include the right to withdraw consent at any time, request access to or correction of your data, ask for deletion or limitation of processing, obtain data portability, unsubscribe from marketing communications, and lodge complaints with relevant supervisory authorities if you believe your rights have been violated.

Automated Decision-Making

Rooli Casino generally does not rely on fully automated decisions that would produce significant legal or similar effects on users. In the rare cases where such processes are used, we provide separate notifications as required by law.

Data Security Measures

We maintain comprehensive technical, physical, and administrative controls to protect personal information against unauthorized access, loss, or misuse. Data travels through secure servers, and access is limited strictly to personnel who require it for legitimate business activities. Player accounts are protected by individual login credentials, and we strongly recommend enabling two-factor authentication (2FA) while advising users to keep their account details private at all times.

Updates to the Privacy Policy

This privacy policy may be updated from time to time to account for developments in technology, business practices, or legal requirements. We encourage all users to check this document periodically to stay informed about how their personal information is collected, used, and protected.

Contacting Us

If you have any questions regarding this Privacy Policy or the management of your personal data, please contact our Data Protection Officer at [email protected]. For general assistance, you can also reach [email protected] or use the live chat option available directly on the website.