burger icon
Duelbits Сasino
Log In

Privacy Policy

This Privacy Policy explains how duelbits, operating via https://duelbits777-canada.com, collects, uses, discloses, and protects personal information of players and site visitors in Canada. It applies to account holders, prospective users, visitors, and recipients of our communications. Effective date: October 2025. OBSERVE: You need to understand what we collect and why. EXPAND: Canadian laws (PIPEDA and applicable provincial laws) require transparency, safeguards, and rights of access/correction. REFLECT: This Policy sets out our practices and your choices in clear terms.

Who We Are

OBSERVE: Identify the organization responsible for personal information. EXPAND: Provide registration, licensing, and contact channels. REFLECT: Ensure accountability and a point of contact for privacy matters.

  • Operator (data controller/organization): Liquid Entertainment N.V., Zuikertuintjeweg z/n (Zuikertuin Tower), Willemstad, Curaçao. Company No. 153298 (Commercial Register of the Curaçao Chamber of Commerce & Industry). Licensed under Curaçao sub-license GLH-OCCHKTW076092020.
  • Management/processing affiliate: Herpestidae Services Limited, 1, Avlonos, Maria House, Nicosia, 1075 Cyprus. Company No. HE 410029 (Cyprus).
  • Website covered: https://duelbits777-canada.com (the "Site").
  • Data Protection Officer (DPO) / Privacy Office: Email: [email protected]. Postal: Attention "Data Protection Officer", Liquid Entertainment N.V., Zuikertuintjeweg z/n (Zuikertuin Tower), Willemstad, Curaçao.

What Personal Data We Collect

OBSERVE: We collect information you provide and data generated by your use of the Site. EXPAND: Include AML/KYC, device data, cookies, and behavioral data needed for gaming operations. REFLECT: Collect only what is necessary and proportionate.

  • Identity and contact: name, date of birth, address, email, phone, government ID details and images, age verification records, usernames, security questions.
  • Account and behavioral data: registration details, preferences, session history, gameplay and betting history, wins/losses, bonus use, referral data, clicks and interaction logs.
  • Financial and KYC/AML: payment instrument details (tokenized where possible), deposits/withdrawals, transaction IDs, billing address, source of funds/wealth information, sanctions/PEP screening results.
  • Technical data: IP address, device identifiers, operating system, browser, language, time zone, app and SDK telemetry, performance and error logs.
  • Communications: chat transcripts, emails, support tickets, marketing preferences, consent records.
  • Cookies and similar technologies: session and persistent cookies, local storage, pixels, SDKs, analytics tags, advertising identifiers. See "Cookies & Tracking Technologies."

Legal Basis for Processing

OBSERVE: Canadian law (PIPEDA; AB/BC PIPA; Quebec Law 25) requires lawful purposes and appropriate consent. EXPAND: We also process under contractual necessity, legitimate interests, and legal obligations. REFLECT: We balance your rights with our operational and regulatory needs.

  • Consent: account creation, non-essential cookies, marketing (CASL-compliant), optional surveys. You may withdraw consent at any time.
  • Contractual necessity: to register your account, verify eligibility, provide games, process payments, deliver bonuses, and support services.
  • Legitimate interests: fraud prevention, network and information security, service analytics and improvement, enforcing terms, preventing bonus abuse, safeguarding users.
  • Legal obligations: KYC/AML screening, transaction monitoring, record-keeping, reporting to competent authorities, responding to lawful requests.

Purpose of Processing

OBSERVE: Clarify why data is used. EXPAND: Align purposes to operational and regulatory requirements. REFLECT: Limit use to stated purposes and compatible uses.

  • Service delivery: account setup, identity/age checks, payments, access to games, customer support.
  • Safety and integrity: fraud, anti-cheat, chargeback mitigation, risk scoring, sanctions screening, dispute handling.
  • Analytics and improvement: performance monitoring, A/B testing, feature development, troubleshooting.
  • Marketing and personalization: with consent, to send offers, bonuses, recommendations, and to measure campaign performance (CASL-compliant opt-in/opt-out).
  • Compliance: KYC/AML obligations, tax and regulatory reporting, record retention, auditing.

Disclosure & Sharing

OBSERVE: We use third parties to run a secure, compliant gaming service. EXPAND: Disclose categories, safeguards, and conditions. REFLECT: We contractually restrict use by recipients.

  • Payment and banking partners: card processors, e-wallets, crypto payment gateways, banks, chargeback services.
  • KYC/AML and risk providers: identity verification, document authentication, sanctions/PEP screening, fraud analytics.
  • Technology and operations: hosting (cloud and CDN), security providers, analytics, customer support tools, CRM, communications platforms.
  • Affiliates and group entities: Herpestidae Services Limited (management and processing support) and other processors acting on our instructions.
  • Advertising networks and partners: only with your consent for targeted ads and measurement where applicable in Canada.
  • Regulators and authorities: competent regulators, law enforcement, courts, and dispute bodies when legally required or to protect rights and safety.
  • Business transfers: in a merger, acquisition, financing, or sale, subject to confidentiality and continuity of protections.

International Transfers

OBSERVE: Data may be processed outside Canada. EXPAND: Identify destinations and safeguards. REFLECT: Maintain comparable protection via contracts and risk assessments.

  • Destinations: Curaçao and Cyprus (core operations), the EEA/UK (specialist providers), the United States and other jurisdictions where vetted vendors are located.
  • Safeguards for Canadian-origin data: contractual protections ensuring comparable protection to Canadian standards; vendor due diligence, access controls, and transfer risk assessments.
  • EEA/UK-origin data: EU Standard Contractual Clauses and, where applicable, UK IDTA/Addendum; supplementary measures based on transfer impact assessments. Where a U.S. recipient self-certifies to the EU-U.S. Data Privacy Framework, we may rely on that for EEA-origin transfers to the certified entity.
  • Quebec (Law 25): prior privacy impact assessments for cross-border disclosures and contractual clauses ensuring equivalent protection.

Data Retention

OBSERVE: Keep data only as long as needed. EXPAND: Align periods to AML, legal, and operational needs. REFLECT: Secure deletion or anonymization on expiry.

  • Account, identity, and KYC/AML records: retained for the life of the account and at least 5 years after account closure or last transaction, to meet anti-money laundering and record-keeping obligations.
  • Transaction and payment data: at least 5 years from the date of the transaction or account closure, whichever is later.
  • Gaming and behavioral logs: typically 3 years from creation; key fraud and self-exclusion records may be retained up to 7 years where necessary.
  • Marketing data: until you withdraw consent or after 24 months of inactivity, whichever occurs first.
  • Technical logs: 12-24 months, unless needed longer for security/investigations.
  • Deletion criteria: expiry of retention period, withdrawal of consent where applicable, successful objection, or when purposes end, subject to legal holds.

Your Rights

OBSERVE: Canadian law guarantees access and correction; Quebec and some regimes add portability and automated decision transparency. EXPAND: Provide practical procedures and timelines. REFLECT: We respond transparently and without undue delay.

  • Access: request confirmation and a copy of your personal information, including a listing of third-party disclosures where required (e.g., Quebec).
  • Correction: request rectification of inaccurate or incomplete data; we may ask for supporting documentation.
  • Deletion: request deletion where consent is withdrawn or information is no longer necessary, subject to legal retention (e.g., AML).
  • Restriction/objection: object to certain processing (e.g., marketing) or request we limit use during a dispute.
  • Portability: where required by applicable law (including Quebec Law 25 when fully in force), receive certain data in a structured, commonly used, machine-readable format.
  • Automated decisions: obtain information about automated decisions that significantly affect you (e.g., fraud/AML risk scoring) and, where required, request human review.
  • Marketing choices (CASL): withdraw consent at any time; we will honor unsubscribes within 10 business days.

How to exercise your rights

  • Submit a request: email [email protected] or write to the DPO (address above). Include your account ID and proof of identity.
  • Timeline: we respond within 30 days; extensions are possible for complex requests, with written notice.
  • Fees: requests are free of charge unless manifestly unfounded or excessive; any fee will be reasonable and disclosed in advance.
  • GDPR/Mexico alignment: If you are located in the EEA/UK, GDPR rights apply in addition to the above. If you are in Mexico, rights under the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP)-ARCO rights (Access, Rectification, Cancellation, Opposition)-are respected via the same contact channels.

Cookies & Tracking Technologies

OBSERVE: Cookies support core functionality, analytics, and marketing. EXPAND: Distinguish types and controls. REFLECT: Offer clear choices.

  • Session cookies (strictly necessary): authentication, load balancing, fraud protection; deleted when you close your browser.
  • Persistent cookies (functional): remember preferences and settings; limited lifetimes.
  • Analytics cookies/SDKs: measure usage and performance; aggregated reporting.
  • Advertising cookies/pixels: with your consent, for tailored ads and measurement across sites/apps.

Managing cookies: you can disable or delete cookies via browser settings and device controls. Where available, use our on-site cookie settings to manage non-essential cookies. Disabling certain cookies may impact site functionality.

Data Security

OBSERVE: Gaming services require robust safeguards. EXPAND: Apply layered technical, organizational, and procedural controls. REFLECT: Continuously improve and respond to incidents.

  • Encryption: TLS 1.2+ for data in transit; encryption at rest for key data stores.
  • Access controls: role-based access, least privilege, multi-factor authentication for privileged accounts, network segmentation.
  • Monitoring and testing: logging, anomaly detection, vulnerability management, penetration testing, and periodic audits.
  • Secure development: code review, dependency scanning, change management, and segregation of environments.
  • Staff measures: background checks as appropriate, confidentiality obligations, and regular security and privacy training.
  • Incident response: documented procedures for detection, containment, remediation, and notification. Under PIPEDA, we report to the Office of the Privacy Commissioner of Canada and notify affected individuals of breaches posing a real risk of significant harm; Quebec Law 25 and provincial PIPA notifications are observed where applicable.
  • Standards: controls are aligned with recognized frameworks (e.g., ISO/IEC 27001 and SOC 2) where appropriate. We do not claim certification unless explicitly stated.

Complaints & Contacts

OBSERVE: Provide clear complaint paths. EXPAND: Include internal resolution first, then supervisory authorities. REFLECT: We will cooperate with regulators.

Contact us

  • Email (preferred): [email protected]
  • Postal (DPO): Attention "Data Protection Officer", Liquid Entertainment N.V., Zuikertuintjeweg z/n (Zuikertuin Tower), Willemstad, Curaçao
  • Website: https://duelbits777-canada.com/policies/privacy

How we handle complaints

  1. Submit: send details of your concern and any supporting materials using the contact methods above.
  2. Acknowledgment: we acknowledge receipt within 5 business days.
  3. Investigation: we investigate and respond with findings and actions within 30 days (extensions notified in writing).
  4. Escalation: if unresolved, you may contact a supervisory authority.

Supervisory authorities (Canada)

  • Office of the Privacy Commissioner of Canada (PIPEDA): https://www.priv.gc.ca - Toll-free: 1-800-282-1376.
  • Commission d'accès à l'information du Québec (Law 25): https://www.cai.gouv.qc.ca
  • OIPC British Columbia (PIPA BC): https://www.oipc.bc.ca
  • OIPC Alberta (PIPA AB): https://www.oipc.ab.ca

EEA/UK or Mexico: If applicable, you may also contact your local data protection authority (e.g., an EU supervisory authority, the UK ICO at https://ico.org.uk, or Mexico's INAI at https://www.inai.org.mx).

Updates

OBSERVE: Policies evolve with services and law. EXPAND: Commit to transparent versioning and notice. REFLECT: Provide options if you disagree with material changes.

  • Version control: Last updated: October 2025. A changelog of material updates will be maintained on this page.
  • Notice of changes: for material changes, we will provide advance notice of at least 30 days via email (where possible), account dashboard alerts, or prominent website banners.
  • Your options: review changes; if you object, you may adjust settings, withdraw consent for marketing, or close your account before the effective date of the change.
  • Continued use: continued use of the Site after the effective date constitutes acceptance of the updated Policy, unless prohibited by law.

For prior versions or questions about changes, contact [email protected].