Privacy Policy

At GenerationVIP Casino, we value your trust. Protecting your personal data is a priority, and we handle information securely, responsibly, and lawfully. This Privacy Policy explains how we collect, use, share, protect, and retain your data, and outlines your rights. Please read it carefully so you can make informed decisions about using our services.
Effective date: 14 October 2025

Who We Are

GenerationVIP Casino is operated by Aspire Global International LTD (for players outside the UK) and by AG Communications Limited (for players in the UK).

  • Aspire Global International LTD (Company No. C42296) is licensed and regulated by the Malta Gaming Authority (MGA/CRP/148/2007). Registered address: 135, High Street, Sliema, SLM 1549, Malta.
  • AG Communications Limited (Company No. C48328) is licensed and regulated by the UK Gambling Commission (Remote Operating Licence No. 000-039483-R-319409-001). Registered address: 3rd Floor, 135, High Street, Sliema, SLM 1549, Malta.

Data Controller: Aspire Global International LTD or AG Communications Limited, depending on your jurisdiction.

Scope

This Policy applies to visitors and registered players who access GenerationVIP websites, mobile experiences, and related services (customer support, payments, verification, and marketing communications).

Data We Collect

  • Identity & KYC Data: Full name, date of birth, nationality, address, ID/passport, selfies/biometrics (where required for verification), source-of-funds/source-of-wealth information.
  • Contact Data: Email, phone number, postal address, communication preferences.
  • Account & Gameplay Data: Username, account IDs, session history, bets, wins/losses, bonus usage, responsible-gaming limits, account status.
  • Transaction Data: Deposits, withdrawals, payment method details (tokenized/last 4 digits where applicable), billing details, chargebacks, anti-fraud signals.
  • Technical & Device Data: IP address, device identifiers, browser/OS, language, time zone, cookies/pixels/SDK telemetry, approximate geolocation.
  • Communication Records: Live chat, email, support tickets, call notes (where applicable).
  • Compliance Documentation: AML/CTF screening results, watchlist/PEP checks, sanctions results, risk ratings, audit trails.
  • Marketing & Preferences: Consent status, unsubscribe flags, campaign interactions (opens/clicks), referral/affiliate codes.

Legal Bases for Processing

We process personal data under the following legal grounds (depending on your location and the activity):

  • Contract necessity: Account creation/management, gameplay, payments, support.
  • Legal obligation: KYC/AML/CTF checks, responsible gambling, tax/reporting, record-keeping.
  • Legitimate interests: Fraud prevention, network and information security, analytics, product improvement, quality assurance, dispute handling.
  • Consent: Optional marketing communications, certain cookies/analytics (where required), and specific verification methods where consent is appropriate.

How We Use Your Data

  • Account & Service Delivery: Registration, login, gameplay, wallet, transactions, bonuses, tournaments, support.
  • Verification & Compliance: Identity checks, sanctions/PEP screening, affordability/source-of-funds (where required), responsible-gaming monitoring.
  • Security & Fraud Prevention: Device/IP checks, behavioural analysis, risk scoring, multi-account and bot detection, incident response.
  • Analytics & Improvement: Performance monitoring, crash diagnostics, feature usage, A/B testing, service optimisation.
  • Marketing (with consent): Newsletters, promotions, re-engagement campaigns, surveys; suppression of marketing if you opt out.
  • Legal & Claims: Complaints, chargebacks, disputes, enforcing terms, responding to lawful requests.

Marketing Communications

With your prior consent (where required), we may send promotional emails/SMS/push messages about GenerationVIP products and services. You can withdraw consent at any time via:

  • Account marketing preferences,
  • Unsubscribe links in emails, or
  • Contacting support or the DPO.
    Service/transactional messages (e.g., receipts, security alerts) will still be sent when necessary.

Disclosures and Recipients

We do not sell or rent personal data. We share data under contractual, confidentiality, and security commitments with:

  • Group entities (Aspire Global International LTD, AG Communications Limited) for operations and compliance,
  • Payment providers/banks for deposits, withdrawals, and chargeback handling,
  • KYC/AML vendors for identity, sanctions, PEP screening, and affordability checks,
  • Fraud/security providers for device fingerprinting, risk scoring, and abuse prevention,
  • IT/Cloud/Hosting & analytics providers for infrastructure and performance,
  • Marketing platforms (with consent where required) for communications and measurement,
  • Auditors, regulators, and authorities where legally required or to protect rights and safety,
  • Professional advisers (legal, compliance, accounting).

International Data Transfers

Where data is transferred outside your jurisdiction (e.g., from the EEA/UK to other countries), we implement safeguards such as Standard Contractual Clauses (SCCs), robust Data Processing Agreements, and technical measures (access controls, encryption). You may request details of applicable safeguards from the DPO.

Data Security

We maintain technical and organisational measures to protect data against unauthorised access, alteration, disclosure, or destruction, including encryption (as appropriate), strict access controls, network segmentation, monitoring and logging, vendor due diligence, staff training, and secure development and change-management practices.

Data Retention

We retain data only as long as necessary for the purposes described and to meet legal/regulatory requirements:

  • KYC/AML records: generally at least five (5) years after account closure (or longer if required by law),
  • Transaction records: retained in line with financial/AML obligations,
  • Marketing data: retained until consent is withdrawn or after a defined inactivity period,
  • Support/communications: retained for audit and dispute windows.
    When retention ends, we securely delete or irreversibly anonymise data.

Cookies and Tracking

We use cookies, pixels, SDKs, and similar tools to:

  • Maintain session/login and remember preferences,
  • Analyse performance and usage,
  • Personalise content and measure campaigns,
  • Enhance security and prevent abuse.
    You can manage cookies in your browser/device settings. Some cookies are essential and cannot be disabled without impacting core functionality. Where legally required, we request your consent for non-essential cookies.

Automated Decision-Making & Profiling

We use limited automated processing to support fraud detection, risk management, and responsible-gaming obligations. Where required by law, you may request human review of a decision that significantly affects you, express your view, and contest the decision.

Your Rights

Subject to applicable law (e.g., GDPR/UK GDPR), you may:

  • Access your data and obtain a copy,
  • Rectify inaccurate or incomplete data,
  • Erase data (where legal grounds permit),
  • Restrict or object to certain processing,
  • Withdraw consent (for consent-based processing),
  • Data portability (where applicable),
  • Lodge a complaint with your local supervisory authority.
    We may need to verify your identity before processing requests.

Responsible Gambling

We support safer gambling and provide tools such as deposit limits, reality checks, time-outs, and self-exclusion. We may process behavioural data to identify risk and offer support or apply protective measures, in line with legal duties.

Children’s Data

Our services are not intended for persons under the legal gambling age in their jurisdiction. If we become aware of underage use, we will close the account and delete data consistent with legal obligations.

Third-Party Links

Our site may link to third-party websites/apps with independent privacy practices. Review their policies before providing personal data.

Changes to This Policy

We may update this Policy to reflect legal, technical, or business developments. Material changes will be communicated appropriately (e.g., on-site notice or email). Continued use after updates constitutes acceptance of the revised Policy.

Contact & DPO

  • Data Protection Officer (DPO): dpo@aspireglobal.com
  • Privacy Inquiries: privacy@generationvip.com
  • Customer Support: support@generationvip.com
    Postal: 135, High Street, Sliema, SLM 1549, Malta (attention to the relevant data controller listed above).
    If you are in the EEA/UK, you may also contact your local data-protection authority to lodge a complaint.