EN EN
Menu Welcome Bonus Banner Claim Bonus
Coolzino Casino Hero Banner
Welcome to Coolzino Casino 300% up to €1,500 + 325 Free Spins Premium Casino Licensed in Curaçao Claim Your Bonus
Over 5,000 Games
Over 5,000 GamesSlots from Pragmatic Play, Microgaming, BGaming and more
Live Casino 24/7
Live Casino 24/7Professional Evolution Gaming & Pragmatic Live dealers in HD
€1,500 + 325 Free Spins
€1,500 + 325 Free SpinsMassive welcome bonus for European players

Privacy Policy - Coolzino Casino

Coolzino Casino is committed to protecting your privacy and personal data. This Privacy Policy explains what information we collect, how we use it, who we share it with, and what rights you have regarding your personal data.

This policy applies to all users of casino-coolzino.com and related services.

Last updated: November 19, 2025

Data Controller: Coolzino Casino, registered in Curaçao, operating under license 365/JAZ


1. Information We Collect

We collect several categories of personal data when you use our services.

1.1 Information You Provide Directly

Registration Data

  • Full name (first and last name)
  • Email address
  • Date of birth
  • Phone number
  • Full residential address (street, city, postal code, country)
  • Username and password (password stored encrypted)
  • Preferred account currency

Verification Documents (KYC)

  • Copy of official ID (ID card, passport, driver's license)
  • Proof of address (utility bills, bank statements)
  • Photos of payment cards used (front/back - CVV hidden)
  • Selfie with ID for identity verification

Financial Information

  • Credit/debit card details (last 4 digits, expiry - we never store full card numbers)
  • E-wallet account identifiers (PayPal email, Skrill, Neteller, etc.)
  • Bank account details for withdrawals (IBAN, bank name)
  • Cryptocurrency wallet addresses
  • Complete transaction history (deposits, withdrawals, bets, wins)

Communications

  • Live chat conversation transcripts
  • Email correspondence with support
  • Feedback and reviews you submit
  • Survey responses

1.2 Information Collected Automatically

Technical and Device Data

  • IP address
  • Browser type and version
  • Operating system
  • Device type (desktop, mobile, tablet)
  • Screen resolution
  • Timezone and browser language
  • Internet Service Provider (ISP)

Usage and Behavior Data

  • Pages visited and navigation sequence
  • Time spent on each page
  • Links clicked
  • Search terms used on the site
  • Games played and session duration
  • Betting patterns and amounts wagered
  • Features used
  • Technical errors encountered

Location Data

  • Country derived from IP address
  • Approximate city/region
  • Precise GPS coordinates (only if explicitly authorized for regulatory compliance)

1.3 Information from Third Parties

  • Identity verification providers: To validate your documents and prevent fraud
  • Credit reference agencies: For AML screening when legally required
  • Affiliate partners: If you arrived via an affiliate link
  • Social media: If you use social login, we receive basic profile information
  • Public databases: For sanctions list screening and PEP (Politically Exposed Persons) checks

2. How We Use Your Personal Data

We use your information for specific and legitimate purposes. Each use has a legal basis under GDPR (consent, contractual necessity, legal obligation, or legitimate interest).

2.1 Provide and Manage Services

Legal basis: Contract performance

  • Create and manage your player account
  • Process deposits and withdrawals
  • Provide access to games and sports betting
  • Manage bonuses, promotions, and loyalty programs
  • Provide customer support and resolve issues
  • Process self-exclusion or account closure requests

2.2 Verify Identity and Prevent Fraud

Legal basis: Legal obligation + legitimate interest

  • Verify you're at least 18 years old
  • Confirm your identity through official documents
  • Prevent fraud, money laundering, and terrorism financing
  • Detect multiple or duplicate accounts
  • Identify suspicious activities or anomalous gaming patterns
  • Protect against hacking and unauthorized access

2.3 Legal and Regulatory Compliance

Legal basis: Legal obligation

  • Fulfill KYC (Know Your Customer) and AML (Anti-Money Laundering) obligations
  • Respond to legal requests from competent authorities
  • Maintain records required by our gaming license
  • Report suspicious transactions to financial authorities
  • Implement required responsible gaming limits

2.4 Marketing Communications

Legal basis: Consent (revocable anytime)

  • Send newsletters with promotions and new games
  • Notify personalized bonuses based on your VIP level
  • Send targeted offers via email, SMS, or push notifications
  • Communicate tournaments and special events
  • Conduct satisfaction surveys

You can unsubscribe from marketing communications anytime by clicking "Unsubscribe" in emails or modifying preferences in your account.

2.5 Improve and Personalize Experience

Legal basis: Legitimate interest

  • Analyze how users interact with the site to improve usability
  • Personalize content and game recommendations
  • Test new features (A/B testing)
  • Optimize site performance and speed
  • Remember your preferences (language, currency, layout)

2.6 Responsible Gaming and Player Protection

Legal basis: Legitimate interest + legal obligation

  • Monitor gaming patterns to identify problematic behaviors
  • Enforce deposit, loss, and session limits you set
  • Intervene proactively when we detect signs of compulsive gambling
  • Provide resources and support for responsible gaming
  • Manage self-exclusion requests

3. Who We Share Your Data With

We never sell your personal data to third parties. However, we must share certain information with trusted partners to provide our services and comply with legal obligations.

3.1 Essential Service Providers

  • Payment processors: To handle deposits and withdrawals (Stripe, PayPal, crypto processors)
  • Game providers: To deliver slots, live casino, and other gaming content (Pragmatic Play, Evolution, etc.)
  • Sports betting odds providers: For betting markets and live odds
  • Hosting/cloud services: For data storage and platform uptime (AWS, Curaçao servers)
  • Email service providers: For transactional and marketing communications
  • Customer support platforms: For live chat and ticketing system

3.2 Verification and Security Providers

  • KYC services: For identity and document verification (Jumio, Onfido)
  • AML screening: For sanctions list and PEP database checks
  • Anti-fraud systems: For suspicious transaction and activity detection
  • Cybersecurity services: For vulnerability assessment and attack mitigation

3.3 Marketing Partners (Consent-Based Only)

  • Advertising platforms: Google Ads, Facebook Ads for campaign delivery
  • Affiliate partners: Referral sources (receive only referral confirmation, not sensitive data)
  • Analytics tools: Google Analytics, Hotjar for user behavior insights

3.4 Legal Authorities and Regulators

We may be required to disclose information to:

  • Curaçao gaming license authority
  • Law enforcement when legally required
  • Tax authorities for reporting obligations
  • Financial intelligence units for suspicious transaction reports
  • Courts in response to judicial orders

3.5 Business Transfers

In case of merger, acquisition, asset sale, or bankruptcy, your personal data may be transferred to the new entity. We'll inform you of any such change and your options.

3.6 Data Transfer Safeguards

All partners receiving data are contractually obligated to:

  • Protect your data with adequate technical and organizational measures
  • Use data only for specified purposes
  • Not share data further without authorization
  • Comply with applicable data protection laws
  • Delete data when no longer necessary

4. International Data Transfers

Your personal data may be transferred and stored in countries different from your country of residence, including countries outside the European Economic Area (EEA).

4.1 Where We Store Data

  • Primary servers: Curaçao (our legal license domicile)
  • Backup servers: Global cloud infrastructure (AWS, potentially USA, Europe)
  • Third-party providers: May be globally located

4.2 Protections for Extra-EEA Transfers

When transferring data outside the EEA, we ensure adequate protections through:

  • Standard Contractual Clauses (SCC): EU Commission-approved contracts
  • Adequacy decisions: Transfers to countries the EU recognizes as safe
  • Privacy Shield (where applicable): For transfers to USA
  • Binding Corporate Rules: For intra-group transfers of large providers

4.3 Your Consent

By using our services, you explicitly consent to data transfers as described above. We implement rigorous security measures regardless of data location.


5. How We Protect Your Data

Data security is an absolute priority. We implement state-of-the-art technical and organizational measures to protect your information.

5.1 Technical Measures

  • 256-bit SSL/TLS encryption: All data transmissions encrypted
  • Database encryption: Data-at-rest protected with AES-256
  • Password hashing: Passwords hashed with bcrypt, never stored in plain text
  • Advanced firewalls: Perimeter defense against intrusions
  • Intrusion detection systems: 24/7 monitoring for suspicious activity
  • Regular backups: Encrypted backups every 6 hours with geographically distributed storage
  • Penetration testing: Quarterly security assessment by third-party firms

5.2 Organizational Controls

  • Limited access: Only authorized personnel access data, on need-to-know basis
  • Staff training: Regular security and privacy training for all employees
  • Non-disclosure agreements: Rigorous NDAs signed by all staff
  • Internal audits: Periodic reviews of data handling practices
  • Incident response plan: Documented procedures for security breaches
  • Data Protection Officer: Dedicated privacy oversight role

5.3 Your Responsibility

  • Keep your password secure and confidential
  • Never share login credentials
  • Use unique, complex passwords
  • Enable two-factor authentication (2FA)
  • Beware of phishing emails imitating Coolzino
  • Logout after use on shared devices
  • Report immediately any suspicious account activity

5.4 Data Breach Protocol

If a breach compromises your personal data:

  • We'll notify you within 72 hours of discovery
  • We'll detail which data was compromised
  • We'll advise on actions to take (password change, etc.)
  • We'll notify competent authorities as legally required
  • We'll implement immediate corrective measures

6. How Long We Keep Your Data

We keep your personal data only as long as necessary for the purposes collected, or as legally required.

6.1 Active Accounts

While your account remains active, we retain your information to provide services.

6.2 Inactive Accounts

If your account remains inactive (no login) for:

  • 12 months: Email reminder to reactivate
  • 24 months: Account flagged as dormant
  • 36 months: Non-essential data deletion may proceed

6.3 Closed Accounts

After voluntary closure or self-exclusion:

  • Essential data: Retained 5 years (AML/KYC legal requirement)
  • Transaction history: 5 years for financial compliance
  • Verification documents: 5 years for regulatory audits
  • Marketing data: Deleted immediately (opt-out list maintained)
  • Support communications: 2 years for dispute records

6.4 Legal Retention Obligations

Data Type Retention Period Legal Reason
Identity documents (KYC) 5 years post-closure Anti-money laundering regulations
Financial transactions 5 years post-transaction Tax obligations and AML
Gaming/betting history 5 years Gaming license requirements
Self-exclusion data Minimum 5 years Player protection
Disputes and complaints 6 years Legal statute of limitations

7. Your Privacy Rights

Under GDPR and other privacy laws, you have significant rights regarding your personal data.

7.1 Right of Access

You can obtain confirmation we're processing your data and access the personal data we hold.

How to exercise: Account → "Privacy" → "Download My Data" or email [email protected]

7.2 Right to Rectification

You can correct inaccurate or incomplete personal data.

How to exercise: Most information editable in your account. For sensitive data after verification, contact support with proof.

7.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your data in certain circumstances.

Limitation: We cannot delete data when legal retention obligations exist (typically 5 years for AML, gaming license).

How to exercise: Email [email protected] with subject "GDPR Erasure Request"

7.4 Right to Restriction of Processing

You can request we limit how we use your data in certain situations.

7.5 Right to Data Portability

You can receive your data in structured, machine-readable format and transmit it to another controller.

Format: CSV or JSON file

7.6 Right to Object

You can object to processing for:

  • Direct marketing: Always, unconditionally. Use "Unsubscribe" or account preferences
  • Marketing profiling: Request not to be targeted for personalized offers
  • Legitimate interest: Object when processing based on our legitimate interest

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce significant effects.

Where we use automated decisions: Fraud detection, bonus calculation, AML risk assessment

7.8 How to Exercise Your Rights

  1. Send request to: [email protected]
  2. Include: Full name, username, registered email
  3. Specify clearly which right you want to exercise
  4. Identity verification may be required
  5. We'll respond within 30 days (extendable to 60 days for complex requests)

7.9 Right to Lodge a Complaint

If you believe we're violating privacy laws, you have the right to file a complaint with your country's data protection authority.


8. Protection of Minors

Our services are strictly prohibited for anyone under 18 (or the legal gambling age in your jurisdiction if higher).

8.1 Protection Measures

  • Mandatory age verification during registration
  • Identity verification via official documents before first withdrawal
  • Age estimation technology in verification photos
  • Content filtering blocking access from parental control-enabled devices

8.2 If We Discover a Minor

  • Account closed immediately
  • All funds frozen
  • Parents/legal guardians contacted
  • Deposits returned (winnings confiscated)
  • Minor's personal data deleted
  • License authority notified

9. Changes to This Privacy Policy

We may update this policy periodically to reflect changes in our practices, technologies, legal requirements, or other operational reasons.

The "Last updated" date at the top is always refreshed. For significant changes affecting your rights materially, we'll require explicit consent before applying changes to existing data.


10. Contact for Privacy Questions

For any questions or requests regarding this policy or our privacy practices:

Data Protection Officer (DPO)

Email: [email protected]
Email subject: Start with "PRIVACY REQUEST:" for priority
Response time: Within 30 days (often faster)
Postal address:
Data Protection Officer
Coolzino Casino
Curaçao

What to Include

  • Full name and username
  • Registered email address
  • Clear description of your request or concern
  • Relevant documentation (if applicable)
  • Identity proof (for access/deletion requests)
Quick Links
Legal Information
18+

2026 Coolzino Casino. All rights reserved.