Effective from: 11.08.25
Version: 1.0
Privacy Policy may be changed or adjusted over time, so we recommend checking it occasionally to remain aware of how your data is handled.
This Privacy Policy (the "Policy") explains how we collect, use, disclose, and protect your personal data in accordance with applicable data protection laws, including but not limited to the Personal Information Protection and Electronic Documents Act (PIPEDA), the General Data Protection Regulation (GDPR).
1. General.
The kennyslot.com (referred to herein as the "Casino” or “we”") is operated by Metlait SRL (registrated in El Guayaval , Residencial La Campina Casa Numero Q -11, Cartago, El Guarco, Tejar, 30801 – Costa Rica, reg. number 3-102-911867 ).
We operate as the Data Controller given that we decide how and why your data is processed in accordance with this Policy in the context of our relationship with you. Our Data protection officer (DPO) is ready to help with any issues you may have with your personal data and to answer any questions you may have regarding this privacy policy. Please contact via [email protected].
2. Data processing.
We only collect and process personal data that is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
The categories of personal data we may collect and process include:
1. Identity data (Full name, username, date of birth, gender, nationality, and official identification numbers (e.g., passport or ID).
2. Contact data (Residential address, proof of address documentation, email address, telephone number, and other contact details). Financial and transaction data (bank account information, payment card details, and documents
3. verifying your source of funds or source of wealth (such as income declarations or bank statements, information relating to deposits, withdrawals, and other financial transactions carried out on our platform).
4. Gaming activity data (details of games played, login/logout timestamps, wagering activity, bonus usage, and any responsible gaming interventions).
5. Technical data (IP address, location data, login credentials, browser type and version, operating system, time zone settings, and other technical data relating to the devices used to access our 6. services).
6. Marketing and communication data (your marketing preferences and communications exchanged with our support or through other channels).
7. Other voluntary data (any other personal data you provide voluntarily when engaging with our services or customer support).
We collect personal data from the following sources to ensure data accuracy, regulatory compliance, and secure service delivery:
1. Directly from you when you register for our services, communicate with us, or provide information through your account.
2. From 3rd parties (for example, where applicable from verification service providers, financial Institutions and payment providers, AML and PEP databases, regulatory authorities and Responsible Gaming Databases, marketing and affiliate partners).
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law.
This includes compliance with anti-money laundering regulations (for a minimum of five yearsfrom the date your account is closed), tax obligations, and dispute resolution requirements. Once the data is no longer needed, we will securely delete, anonymize, or de identify it in accordance with the established data protection standards.
We process your personal data only where there is a valid legal basis. Each processing activity is limited to specific, explicit, and legitimate purposes:
1. To provide our services (on the basis of performance of a contract).
2. To perform regulatory compliance (on the basis of our legal obligation under applicable laws, including Anti-Money Laundering (AML) regulations, Know Your Customer (KYC) checks, responsible gaming requirements, reporting and other duties).
3. To prevent fraud and conduct risk management (on the basis of our legitimate interest of protecting our platform, users, and business integrity).
4. For marketing and personalisation (on the basis of consent or of our legitimate interests to deliver you relevant marketing communications, promotional content, and tailored advertising based on your preferences).
5. For analytical and service improvement purposes (on the basis of our legitimate interests to monitor platform performance, analyze usage trends, resolve technical issues, and improve the overall user experience).
6. To ensure the security and system integrity (on the basis of our legal obligation and legitimate interest to monitor and maintain system security, detect threats, and protect the confidentiality, integrity, and availability of data)
To provide our services, we may need to share your personal data with trusted 3rd parties.
All data sharing is conducted in accordance with applicable data protection laws, and we ensure hat third parties are contractually bound to use the data only for specified, lawful purposes and under strict security obligations. The categories of 3rd parties are the following:
1. Within our corporate group.
2. Game providers.
3. Payment providers.
4. Marketing partners.
5. Regulatory authorities.
6. 3rd-party services providers.
7. AML and KYC verification tools.
8. Business consultants as lawyers, accountants or notaries, etc.
9. Other trusted 3rd parties, for example in the event of a merger, acquisition, or sale, your personal data may be transferred, and we will inform you before such a change occurs.
3. Data transfers and security
In case we transfer your personal data internationally (for example, for purposes such as IT hosting, customer service, or verification services), we ensure appropriate safeguards are in place, such as the European Commission’s Standard Contractual Clauses (SCCs) or transfersm to countries with adequacy decisions. We ensure comparable protection is applied to personal information processed by our service providers in other jurisdictions, and we maintain accountability for their handling of your data.We implement robust technical and organizational measures to protect personal information against unauthorized access, loss, misuse, or alteration, in line with the safeguards principle. Our security measures include:
1. Data encryption (in transit and at rest).
2. Secure network infrastructure and firewalls.
3. Multi-factor authentication and access controls.
4. Regular staff training on privacy and security practices.
5. Continuous monitoring, audits, and vulnerability assessments.
6. Incident response protocols and breach notification procedures.
4. Data subject rights.
You are entitled to certain rights regarding your personal data. These rights help you understand, access, control, and, where applicable, limit how your information is used:
1. Access your personal data.
2. Correct inaccurate or incomplete data.
3. Request deletion of your data, subject to legal retention requirements. 4. Restrict processing in certain situations.
5. Transfer your data to another provider (data portability).
6. Object to processing based on legitimate interest or for marketing.
7. Withdraw consent at any time, where applicable.
8. File a complaint with your local data protection authority.
We do not typically use fully automated decision-making in our operations. If such automated processes are applied in certain situations, we will notify you separately, as required by applicable law.
5. Data protection of minors.
Access to this website and its services is restricted to individuals who have reached the minimum legal age for gambling in their respective jurisdiction (at least 18 years old). We do not knowingly collect or process personal data from anyone below the applicable legal age. If we become aware that such information has been submitted—particularly through misuse of our platform—we will take appropriate steps to delete the data and act in line with relevant legal requirements.