Who is the data controller?
Jackbit Casino is the data controller for personal data processed through the site. Where Jackbit relies on third-party providers, those providers act as data processors under written contracts that meet UK GDPR requirements. The full company details and registered address are listed at the foot of every page.
What personal data does Jackbit collect?
Account data includes your username, email address, date of birth, country of residence and password hash. Cashier data includes deposit and withdrawal records, transaction IDs, the banking rails you use and any documents you upload for verification. Play data covers the games and sports markets you interact with, your stakes, your results and your session timestamps. Technical data covers IP address, browser fingerprint, device type and the cookies set on your device. Communications data covers any chats, emails or support tickets you exchange with Jackbit.
Why does Jackbit need this data?
The data is used to operate your account, process deposits and withdrawals, meet anti-money-laundering and counter-fraud obligations, deliver promotions you have opted into, personalise the lobby and respond to your support requests. We also use anonymised data to improve the product and to detect technical issues before they become outages.
What is the legal basis for processing?
Processing is grounded in contract for everything required to deliver the service you signed up for, in legal obligation for anti-money-laundering and licensing requirements, in legitimate interests for fraud prevention and product improvement, and in consent for marketing communications and non-essential cookies. You can withdraw consent at any time without affecting the lawfulness of processing done before withdrawal.
How long does Jackbit keep your data?
Active account data is held for as long as the account is open and for a defined period after closure to meet licensing and tax obligations. Cashier records are typically retained for at least five years after the last transaction in line with anti-money-laundering rules. Marketing data is deleted on request or when consent is withdrawn. Anonymised analytics data may be kept indefinitely because it can no longer identify you.
What are your UK GDPR rights?
You have the right to access your data, to request correction of inaccurate data, to request deletion in defined circumstances, to restrict processing, to object to processing based on legitimate interests, to data portability and to withdraw consent. You can also lodge a complaint with the UK Information Commissioner's Office at ico.org.uk. Requests should be sent to the privacy contact listed in the footer and are answered within thirty days.
Data sharing and storage
Jackbit Casino does not sell personal data to third parties. Data is shared with regulators, banking partners, game providers and KYC processors strictly to deliver the service and meet legal obligations, all under written contracts that protect your rights. Data is stored in secure data centres in the European Economic Area and in jurisdictions that the UK considers adequate under UK GDPR. Where data has to flow to a non-adequate jurisdiction, Jackbit uses standard contractual clauses to protect transfer rights.
Subject access requests and breaches
Submit a data subject access request via the privacy contact in the footer. Jackbit responds within thirty days and provides the data in a structured, machine-readable format where technically feasible. Where a breach is likely to result in risk to your rights, Jackbit notifies the relevant supervisory authority within seventy-two hours and notifies affected players without undue delay. The notification explains what happened, the likely impact and the steps you can take to protect yourself.
How does Jackbit Casino protect your data day to day?
All cashier and login traffic is encrypted in transit with TLS, passwords are stored as salted hashes rather than plain text, and two-factor authentication is offered on every account from the first login. Internal access to player data is gated behind role-based controls and audited; only the smallest team needed to provide support and process payments has access at any one time. Production backups are encrypted at rest and are restricted to compliance-led recovery scenarios. If you want a deeper read on what cookies the site stores in your browser, the Cookie Policy page covers categories, lifespans and how to change preferences.
What happens to your data if you close the account?
Account, cashier and identity records are retained for the period required by anti-money-laundering rules, typically at least five years from the last transaction. Marketing data is deleted on request or when consent is withdrawn, and anonymised analytics may be kept indefinitely. A full deletion request removes personal data beyond the legal retention scope. The Close Account page documents every closure type, the withdrawal sequence and the marketing opt-out timing in detail.
How do I lodge a request or report a concern?
Subject access requests, deletion requests and any other UK GDPR enquiry should be sent to the privacy contact listed in the footer. Routine support and account queries belong on the Help page or with live chat, which operates twenty-four hours a day. Independent escalation is available through the UK Information Commissioner's Office at ico.org.uk; the ICO is the final route for any data protection concern that cannot be resolved with the operator directly.
Third-party processors and international transfers
Jackbit Casino relies on a small number of vetted third-party processors to deliver the service. Game providers receive the minimum data required to run a session and settle the round. Payment processors receive transaction data and the minimum identity information required to satisfy their own compliance obligations. KYC and anti-fraud providers receive the documents you upload during identity checks. Each processor operates under a written data-processing agreement that meets UK GDPR requirements and obliges them to apply the same security standards Jackbit applies internally. None of these processors are permitted to use the data for their own marketing purposes.
Data is stored in secure data centres located in the European Economic Area and in jurisdictions that the UK considers adequate under UK GDPR. Where a processor sits in a non-adequate jurisdiction, Jackbit uses standard contractual clauses with the additional safeguards recommended by the UK Information Commissioner's Office. The published list of processors is reviewed regularly and is available on request via the privacy contact.
Marketing, profiling and your control
Marketing emails and on-site bonus offers are sent only with explicit consent given at registration or later via the preferences panel. You can withdraw consent at any time with a single click and the change takes effect immediately. Limited profiling is used to personalise the lobby and to surface the games or sports markets you are most likely to enjoy, based on past play. Profiling is not used for automated decisions that have legal effects on you; KYC and anti-fraud reviews involve a human reviewer wherever a decision could lock or limit your account.