Fishin Frenzy United Kingdom Privacy Policy Terms

This Privacy Policy explains how Fishin Frenzy collects, processes, and protects personal data relating to players in the United Kingdom. The document outlines the brand’s data handling practices in accordance with applicable data protection legislation, including the UK General Data Protection Regulation and the Data Protection Act 2018. Transparency regarding the types of information processed, the lawful bases for such processing, and the measures taken to safeguard personal data is maintained throughout. This policy also details compliance obligations related to account management, financial transactions, and identity verification. Players are informed of their statutory rights and the procedures for exercising those rights. The security of personal information is addressed through technical and organisational controls designed to prevent unauthorised access or loss.

Categories of Personal Data Collected During Player Interaction

Fishin Frenzy processes personal data that players provide during the account creation process and throughout the duration of the player relationship. Registration details include full name, date of birth, residential address, email address, and telephone number. Identification data is collected to satisfy anti-money laundering requirements and age verification checks under UK gambling regulations. This may include copies of passports, driving licences, or utility bills. Transactional information comprises deposit and withdrawal records, payment method details, gaming history, and bet amounts associated with the fishin' frenzy slot and other games. Technical data includes internet protocol addresses, device type, operating system, browser version, and session activity logs generated during use of the website or mobile platform. Compliance-related records encompass self-exclusion requests, time-out periods, deposit limit settings, and correspondence with regulatory authorities or responsible gambling bodies.

• Registration details: name, date of birth, address, email, telephone number
• Identification data: passport, driving licence, utility bills
• Transactional information: deposits, withdrawals, gaming history, bet amounts
• Technical data: IP address, device identifiers, browser logs
• Compliance records: self-exclusion, deposit limits, responsible gambling interactions

Additional data may be collected when players contact customer support, submit complaints, or participate in surveys. The information gathered from the fishin frenzy the big catch game session or the demo fishin frenzy interface is logged purely for operational and compliance purposes. No special category data as defined under UK law is processed unless required by a legal obligation or with explicit consent.

Legal Bases and Purposes for Processing Personal Data

Processing of personal data is conducted under several lawful bases as defined by the UK General Data Protection Regulation. Consent is relied upon for certain direct marketing communications and optional data-sharing preferences. Players may withdraw consent at any time without affecting the legality of processing carried out prior to withdrawal. Legal obligation forms the basis for processing related to anti-money laundering checks, age verification, and reporting to the UK Gambling Commission. These obligations require the retention of transaction logs and identification documents for specified periods.

Legitimate interest is invoked for purposes such as fraud prevention, network security, and improving the functionality of the fishin' frenzy slot offerings. When relying on legitimate interest, a balancing test is conducted to ensure that player rights are not overridden. Contractual necessity is used to process data required to manage accounts, process deposits and withdrawals, and facilitate gameplay. This includes the activation of free spins fishin frenzy promotions where applicable. Verification of identity is performed before any withdrawal request is processed.

All processing is documented in a legitimate interest assessment and reviewed annually. Data is not used for automated decision-making that produces legal effects concerning players unless explicitly authorised by law and disclosed in advance.

Storage Infrastructure, Protective Measures, and Retention Schedule

Personal data is stored on servers located within the United Kingdom and the European Economic Area. Encryption protocols, including transport layer security, are applied to data in transit. Data at rest is protected through advanced encryption standards and access is restricted to authorised personnel only. Access controls are enforced via role-based permissions, multi-factor authentication, and regular audit logging. Physical security measures are in place at data centre locations. Regular penetration testing and vulnerability assessments are carried out by external third parties to identify and remediate potential weaknesses.

Retention periods are determined in accordance with UK regulatory requirements. Transaction records are kept for a minimum of six years following the closure of an account. Identification documents are retained for the same period to satisfy anti-money laundering obligations. Marketing preference data is retained until the player withdraws consent or for two years after the last interaction, whichever occurs first. Technical logs are retained for a period of twelve months. After retention periods expire, data is securely deleted or anonymised using industry-standard methods. Archiving procedures ensure that data no longer in active use is stored separately and not accessible for routine processing.

• Transaction records: six years after account closure
• Identification documents: six years
• Marketing preferences: until consent withdrawal or two years after last interaction
• Technical logs: twelve months
• Anonymisation methods: irreversible hashing or aggregation

In the event of a data breach, Fishin Frenzy will notify the Information Commissioner’s Office within seventy-two hours where required and inform affected players if the breach poses a risk to their rights and freedoms.

Player Rights and Procedures for Submitting Subject Access Requests

Players in the United Kingdom have the right to request confirmation of whether personal data is being processed and to access a copy of that data. Requests must be submitted in writing or via the designated contact email address. Proof of identity is required before any request is processed. Acceptable identification includes a copy of a passport or driving licence combined with a recent utility bill. Requests will be responded to within one month, extendable by up to two months for complex or multiple requests.

Players may request the correction of inaccurate or incomplete personal data. Where data is no longer necessary for the purposes for which it was collected, players may request erasure, subject to overriding legal obligations to retain data. The right to restrict processing applies in cases where accuracy is contested, processing is unlawful, or the player has objected to processing based on legitimate interest. Data portability allows players to receive their personal data in a structured, commonly used, and machine-readable format for transfer to another controller. Objections to processing based on legitimate interest, including direct marketing, may be raised at any time.

Where processing is based on consent, players have the right to withdraw consent without affecting the lawfulness of processing carried out before withdrawal. All rights requests are logged and processed without undue delay. A record of the request, the verification steps taken, and the outcome is retained for compliance purposes. No fee is charged for exercising these rights unless requests are manifestly unfounded or excessive. In such cases, a reasonable administrative fee may be applied or the request may be refused. Players who are dissatisfied with the response may lodge a complaint with the Information Commissioner’s Office.