burger icon
Bet Royale United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how the Bet Royale experience provided via royeles.com ("Website") collects, uses, discloses and protects your personal data. It applies to all players, registered account holders, and other visitors who access or use the Website from the United Kingdom and other locations. Effective date: 6 November 2025, with ongoing reviews carried out during 2026 to maintain compliance with applicable laws and industry standards.

Who We Are

OBSERVE: This section identifies the controller of your data. EXPAND: It clarifies how you can contact us about privacy. REFLECT: It helps you understand who is responsible for protecting your information.

The services associated with Bet Royale on royeles.com (the "Brand") are operated by the gambling operator and legal entity named in the Website footer and in the Terms & Conditions (the "Operator", "we", "us", "our"). That entity is the data controller for personal data processed in connection with your use of the Website, subject to local laws that may designate additional or joint controllers.

The Operator's full legal name, registered office address, company registration number, tax identification details, and any gaming licence references (including any UK Gambling Commission (UKGC) account number or offshore licence identifier) are set out in the Website footer and in the legal sections of the site. Because the exact details may change over time, you should always refer to those locations for the most current information.

We maintain a data protection function responsible for overseeing questions related to this Privacy Policy. Our current primary contact person for privacy matters is Oliver Bennett. You may contact our data protection team (including any appointed Data Protection Officer, if applicable) using the contact channels made available on the Website, such as:

  • any dedicated privacy or data protection email address shown in the "Contact Us" or "Privacy" sections of royeles.com;
  • any secure contact or support form provided on the Website; and
  • the postal address of the Operator stated in the Website footer, marked "FAO: Data Protection" or "FAO: Oliver Bennett".

What Personal Data We Collect

OBSERVE: We collect different categories of data when you visit the Website or use our services. EXPAND: This includes information you provide, data generated by your activity, and data gathered via cookies and similar technologies. REFLECT: Understanding these categories helps you see how and why data about you is processed.

Identification and Contact Data

  • Account and profile data: full name, date of birth, username, password, security questions, country of residence, and language preferences.
  • Contact details: email address, telephone number, postal address and any communication preferences you set (for example marketing opt-in or opt-out).
  • Verification data (KYC/AML): copies or details of identity documents (e.g. passport, ID card, driving licence), proof of address (e.g. utility bill, bank statement), information about the source of funds or source of wealth, and any other information required by anti-money laundering or responsible gambling rules.

Technical and Usage Data

  • Technical identifiers: IP address, device identifiers, browser type and version, operating system, time zone, approximate location derived from IP, and language settings.
  • Usage and log data: login dates and times, session duration, pages viewed, internal navigation and click paths, response times, download errors, and technical interaction logs generated by our systems and security tools.

Payment and Transaction Data

  • Payment information: partial payment card details or other payment instrument identifiers (processed mainly by payment service providers), deposit and withdrawal amounts, chosen payment method, and transaction timestamps.
  • Financial history: account balances, staking patterns, wins and losses, refunds, chargebacks, bonus use, and related accounting records.

Behavioural and Profile Data

  • Gameplay and betting history: bets placed, games played, session duration, outcomes, tournament participation, bonuses activated, and loyalty or VIP status information.
  • Behavioural profiles: risk and affordability indicators, responsible gambling markers (e.g. rapid deposit patterns, increased session frequency), self-exclusion status, time-outs, and limits set by you (deposit, loss, wagering, session limits).
  • Marketing and communication data: records of newsletters or promotions received, banners or offers viewed or clicked, and your responses to campaigns, surveys, feedback forms or complaint correspondence.

Cookies and Similar Technologies

  • Cookie data: unique identifiers stored on your device, referring URLs, and information about your interaction with our content, collected via cookies, pixels, tags, SDKs, and similar technologies.
  • Third-party tracking technologies: analytics and advertising identifiers that may be set by partners (for example analytics providers or advertising networks) when enabled or consented to, as described in the Cookies & Tracking section below.

Legal Basis for Processing

OBSERVE: Data protection law requires us to identify a legal basis for each type of processing. EXPAND: Under the UK GDPR, Data Protection Act 2018, and - where applicable - Mexican data protection law, different bases may apply depending on the purpose. REFLECT: Knowing these bases helps you understand when processing is necessary and when you have a right to object or withdraw consent.

  • Performance of a contract: We process your data when it is necessary to enter into and perform our agreement with you, including:
    • creating and managing your Bet Royale account on royeles.com;
    • verifying your identity and eligibility to gamble;
    • processing deposits, wagers, wins, withdrawals and bonuses; and
    • providing customer support and operating your account in accordance with our Terms & Conditions.
  • Compliance with legal obligations: We must process certain data to comply with laws and regulatory requirements, including those issued by gambling and financial regulators. This includes:
    • Know-Your-Customer (KYC) and anti-money laundering (AML/CFT) rules;
    • responsible gambling requirements and player protection obligations;
    • record-keeping for tax, accounting, and regulatory reporting; and
    • responding to lawful requests from courts, law-enforcement, regulators or supervisory authorities in the UK, EU/EEA, Mexico (where applicable), or other relevant jurisdictions.
  • Legitimate interests: We process personal data where necessary for our legitimate interests, provided your interests and fundamental rights do not override those interests. These include:
    • ensuring network and information security, preventing fraud, abuse and cheating, and protecting the integrity of our games;
    • monitoring and improving the performance, usability and security of royeles.com;
    • personalising content, bonuses or recommendations (within the limits of applicable law and your preferences); and
    • establishing, exercising or defending legal claims.
  • Consent: In some cases we rely on your consent, for example:
    • sending electronic marketing communications where required by law;
    • using certain non-essential cookies and similar technologies for analytics or advertising; and
    • processing special categories of data where explicitly required and permitted by law.
    You may withdraw your consent at any time as described in the "Your Rights" and "Cookies & Tracking Technologies" sections.
  • Mexican data protection principles: For users located in Mexico, we align our practices with the lawful bases under the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP), including consent, contractual necessity, legal obligation and legitimate purposes consistent with our relationship with you.

Purpose of Processing

OBSERVE: We use your data for specific, explicit and legitimate purposes. EXPAND: These purposes relate to operating Bet Royale on royeles.com, complying with legal obligations and improving our services. REFLECT: Understanding these purposes enables you to assess whether our processing is appropriate.

  • Providing and managing our gambling services: to open, verify and manage your account; process deposits, wagers and withdrawals; operate games and tournaments; apply bonuses and loyalty schemes; manage player limits; and provide technical and customer support.
  • Compliance and responsible gambling: to perform age verification, KYC and AML checks; detect and prevent fraud, money laundering, terrorist financing and other unlawful activities; monitor for responsible gambling indicators; implement self-exclusion, time-outs and limits; and comply with instructions from regulators or ADR providers.
  • Service improvement and analytics: to analyse how users interact with the Website; troubleshoot issues; test new features; measure campaign effectiveness; optimise user experience; and generate aggregated, anonymised or de-identified statistics that do not identify you personally.
  • Marketing and personalisation: to send you news, offers and promotions (where permitted and in line with your preferences); deliver tailored content, bonuses or recommendations; and manage opt-in/opt-out preferences for marketing communications and cookies.
  • Security, integrity and fraud prevention: to secure accounts and systems; detect and prevent unauthorised access, cheating or misuse; manage chargebacks and disputes; and protect the Brand, our players and third parties from security threats and financial crime.
  • Legal, regulatory and dispute resolution purposes: to maintain records for tax and accounting; respond to lawful requests from regulators, supervisory authorities or law-enforcement; manage internal and external audits; resolve disputes, claims and complaints; and defend our legal rights.

Disclosure & Sharing

OBSERVE: We share your personal data only with carefully selected third parties for legitimate reasons. EXPAND: These recipients help us provide services, comply with the law and support our business operations. REFLECT: This transparency enables you to understand when your data may leave our direct control.

  • Group companies and white-label partners: other entities within the Operator's corporate group, and any white-label or platform partners that help operate Bet Royale on royeles.com, to the extent necessary for centralised operations, risk management, compliance, reporting and support.
  • Payment service providers and banks: providers that process deposits, withdrawals and other financial transactions, card schemes, banks and financial institutions, who act as independent controllers or processors under their own legal and regulatory obligations.
  • Technology and service providers: hosting providers, IT and security vendors, analytics and performance monitoring services, customer support tools, communication platforms (e.g. email or SMS providers), identity verification and KYC/AML service providers, and other professional vendors who process data on our behalf under written contracts.
  • Regulators, supervisory authorities and law enforcement: gambling regulators (such as the UK Gambling Commission where applicable), financial and tax authorities, data protection regulators, alternative dispute resolution (ADR) bodies, courts and law-enforcement agencies, when we are legally required or permitted to disclose data.
  • Business partners and affiliates: carefully selected marketing partners, affiliate networks and advertising platforms that promote the Brand, but only in accordance with applicable marketing and privacy rules and, where required, based on your consent.
  • Corporate transactions: potential or actual buyers, investors, professional advisers (such as lawyers, auditors, consultants) and other parties in connection with any merger, acquisition, restructuring, financing, sale of assets or similar corporate event, subject to appropriate confidentiality protections.

We do not disclose your personal data to third parties for their own independent marketing purposes without your consent where such consent is required by law. When we share data with processors, we require them to process it only in accordance with our instructions and to implement appropriate security measures.

International Transfers

OBSERVE: Because online gambling services and support functions may be located in different countries, your data can be transferred internationally. EXPAND: These transfers may occur within our group, to technology or payment providers, or to regulators in other jurisdictions. REFLECT: We apply safeguards to ensure that your data remains suitably protected wherever it is processed.

  • Regions involved: Your data may be processed in the United Kingdom, the European Economic Area (EEA), Mexico (where users are located there), and other countries where our group companies, platform providers, payment processors, or support teams operate. Given the Brand's background and industry practices, some processing may also occur in offshore jurisdictions commonly used for gambling services.
  • Adequacy and local laws: Where your data is transferred from the UK or EEA to a country with an adequacy decision, we rely on that decision. In other cases, we implement appropriate safeguards in line with the UK GDPR and, where relevant, EU GDPR.
  • Standard contractual clauses and IDTA: For transfers to countries without adequacy decisions, we use recognised safeguards such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Agreement or Addendum, or equivalent contractual protections.
  • Additional safeguards: Depending on the risk, we may apply additional technical and organisational measures (for example encryption in transit and at rest, strict access controls, and data minimisation) to protect your data in transit and at the destination.
  • Transparency: You may contact us using the channels described in the "Who We Are" or "Complaints & Contacts" sections if you would like more information about the specific safeguards applied to international transfers relevant to your account.

Data Retention

OBSERVE: We keep your personal data only for as long as necessary for the purposes for which it was collected. EXPAND: Legal obligations and industry standards mean that different categories of data have different retention periods. REFLECT: This approach balances operational needs, regulatory requirements and your right to privacy.

  • Account and identification data: We generally retain core account and identification data for the lifetime of your account and for up to 5 years after account closure, or longer where required by AML, counter-terrorist financing or other applicable laws, to satisfy our legal obligations and resolve potential disputes.
  • KYC/AML and verification records: Copies of identification and verification documents, as well as records of checks performed, are retained for the period mandated by law and guidance from relevant regulators and financial intelligence units, typically 5 - 7 years from the end of the business relationship or from the date of the last transaction, whichever is later.
  • Transaction and financial records: Payment and wagering transaction data, accounting records and tax-related information are retained for the periods required under tax and accounting laws (commonly 6 - 7 years), and may be kept longer where necessary in connection with ongoing audits, investigations or disputes.
  • Marketing and communication data: Data related to marketing preferences and communications is kept for as long as you remain subscribed and for a short period thereafter (for example up to 2 years) to document your preferences and to demonstrate compliance. Basic records of your opt-out request may be kept longer to ensure we continue to respect your choice.
  • Technical logs and security data: Security logs and technical records are usually retained for shorter periods commensurate with their purposes (for example 90 days to 2 years), unless we need them for longer in connection with security incidents, investigations or legal claims.

When data is no longer needed, we will either securely delete or anonymise it so that you can no longer be identified. In some circumstances, you may ask us to delete data earlier; see the "Your Rights" section for more detail. We may also retain minimal information to record that your account has been closed and the reasons for closure, where legally permitted.

Your Rights

OBSERVE: You have rights over your personal data under data protection laws. EXPAND: These include rights under the UK GDPR and, where applicable, Mexican privacy law (LFPDPPP), as well as rights in other jurisdictions where you may be located. REFLECT: Exercising these rights allows you to control how your data is used.

Data Protection Rights

  • Right of access: You can request confirmation as to whether we process your personal data and obtain a copy of that data, along with information about how and why it is processed.
  • Right to rectification: You may ask us to correct or complete inaccurate or incomplete personal data we hold about you.
  • Right to erasure ("right to be forgotten" / cancellation): You may request deletion of your personal data where there is no longer a lawful basis for us to hold it, subject to our legal obligations (for example AML and gambling regulations may require continued retention of certain data).
  • Right to restrict processing: You can request that we limit the processing of your data in certain circumstances, such as when you contest its accuracy or object to our processing.
  • Right to object: You may object to processing based on our legitimate interests, including profiling, and we will stop processing unless we demonstrate compelling legitimate grounds. You always have the right to object to direct marketing, including profiling related to such marketing.
  • Right to data portability: Where processing is based on consent or contract and carried out by automated means, you may request that we provide you with certain personal data in a structured, commonly used, machine-readable format, and you may ask us to transmit that data to another controller where technically feasible.
  • Right to withdraw consent: Where we rely on your consent (e.g. for certain marketing communications or non-essential cookies), you may withdraw that consent at any time, without affecting the lawfulness of processing before withdrawal.

Alignment with Mexican ARCO Rights (Where Applicable)

For users located in Mexico, we seek to align with the ARCO rights under the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP): Access, Rectification, Cancellation and Opposition. These broadly correspond to the rights of access, rectification, erasure/cancellation and objection described above, and are handled through the same request mechanisms, taking into account any mandatory local legal or regulatory retention requirements.

How to Exercise Your Rights

  • Submitting a request: You can exercise your rights by contacting our data protection team using the channels set out in the "Who We Are" and "Complaints & Contacts" sections, or via any dedicated privacy tools or forms available in your account area on royeles.com.
  • Verification: We may need to verify your identity before acting on your request, for example by asking you to log into your account or provide additional information, to prevent unauthorised access to your data.
  • Timeframe and cost: We aim to respond to all valid requests within one month (30 days) of receipt. In complex cases or when you have made numerous requests, this period may be extended in accordance with law, and we will inform you of any extension. Requests are normally handled free of charge, although we may charge a reasonable fee or refuse to act when a request is manifestly unfounded or excessive, as allowed by law.
  • Limitations: Some rights may be limited or deferred where we must retain data to meet legal or regulatory obligations (for example AML, gambling and tax laws) or to establish, exercise or defend legal claims.

Cookies & Tracking Technologies

OBSERVE: We use cookies and similar technologies to make the Website work, to understand how it is used and, where permitted, to personalise content and marketing. EXPAND: Different types of cookies serve different purposes and may be set by us or by third parties. REFLECT: You can manage your preferences at any time.

Types of Cookies We Use

  • Strictly necessary (functional) cookies: session and persistent cookies that are essential for the operation of royeles.com, such as enabling login, maintaining your session, managing security, processing payments, and remembering your privacy choices. These cookies are usually set in response to actions you take and cannot be switched off in our systems, although you may be able to block them in your browser (which may impair the Website).
  • Performance and analytics cookies: cookies (often third-party) that collect aggregated information about how visitors use the Website, such as which pages are visited most often, how long sessions last and where errors occur. We use this information to improve functionality and performance. Where required by law, these cookies are used only with your consent.
  • Advertising and targeting cookies: cookies and similar technologies that may be set by us or our advertising partners to build a profile of your interests and show you relevant adverts on our sites or elsewhere. They work by uniquely identifying your browser or device. These cookies are non-essential and are only used when permitted under applicable law and, where required, with your explicit consent.

Managing Cookies

  • Cookie banner and settings: When you first visit royeles.com and from time to time thereafter, you may see a cookie banner or preference centre that allows you to accept, reject or customise your cookie settings (except for strictly necessary cookies).
  • Browser controls: You can usually configure your browser to refuse some or all cookies, or to alert you when sites set or access cookies. How you do this depends on the browser; please refer to your browser's help or settings menu.
  • Effect of disabling cookies: If you disable or refuse cookies, some parts of the Website may not function properly or may be less personalised, particularly those features that rely on cookies to remember your choices or maintain your session.

Data Security

OBSERVE: Protecting your personal data is a core priority. EXPAND: We implement technical and organisational measures designed to safeguard your information against unauthorised access, loss, misuse or alteration. REFLECT: These measures reduce risk but cannot guarantee absolute security.

  • Encryption and secure transmission: We aim to use industry-standard encryption technologies such as TLS 1.2+ to protect data in transit between your browser and our servers. Where practicable, we also encrypt sensitive data at rest.
  • Access controls and authentication: Access to personal data is restricted to authorised personnel and service providers who need it for legitimate business purposes and are bound by confidentiality obligations. We implement access controls, role-based permissions and, where appropriate, multi-factor authentication.
  • System security and monitoring: Our systems are protected by firewalls, intrusion detection or prevention tools, anti-malware solutions and other security technologies. We monitor systems for suspicious activity and maintain logs for security and audit purposes.
  • Policies, training and governance: We maintain internal policies and procedures governing data protection, information security, acceptable use and incident response. Staff with access to personal data receive training on privacy, security and regulatory obligations relevant to gambling services.
  • Incident response: We have processes in place to identify, assess and respond to data security incidents. Where required by law, we will notify the appropriate supervisory authority and affected individuals without undue delay, including in the UK under the UK GDPR and, where applicable, under Mexican privacy law.
  • Standards and continuous improvement: We aim to align our security practices with recognised international standards (such as ISO/IEC 27001 and SOC 2) where proportionate to risk. Unless expressly stated on the Website, references to such standards do not by themselves imply formal certification. We periodically review and update our controls to address emerging threats and regulatory expectations.

Complaints & Contacts

OBSERVE: You can contact us with questions or complaints about how we handle your data. EXPAND: We provide several channels to raise concerns and a structured process for responding. REFLECT: If you are not satisfied, you may escalate your complaint to a supervisory authority.

Contacting Us

  • Data protection contact: For privacy-related queries, you may write to our data protection team, marking your correspondence "FAO: Data Protection" or "FAO: Oliver Bennett", using:
    • any dedicated privacy or data protection email address shown in the "Contact Us" or "Privacy" sections of royeles.com;
    • any online contact or support form available on the Website; or
    • the postal address of the Operator provided in the Website footer.
  • Complaint content: When submitting a complaint, please provide your name, contact details, account identifier, a clear description of your concern and any relevant evidence, so that we can investigate effectively.

Our Complaint Handling Process

  • Step 1 - Acknowledgement: We will acknowledge receipt of your privacy complaint or request as soon as reasonably practicable.
  • Step 2 - Investigation: We will investigate your concern, liaising with relevant internal teams and, where necessary, with our service providers or legal advisers.
  • Step 3 - Response: We aim to provide a substantive response within one month (30 days), consistent with the timeframes in the UK GDPR and, where applicable, Mexican privacy law. If we cannot respond within this period due to complexity or volume, we will inform you of the delay and the expected timeframe.
  • Step 4 - Further steps: If you remain dissatisfied, you may request that the matter be escalated internally or pursue external remedies as described below.

Escalation to Supervisory Authorities

  • United Kingdom: If you are based in the UK or your issue relates to our UK operations, you have the right to lodge a complaint with the Information Commissioner's Office (ICO). Further information is available at ico.org.uk.
  • Mexico: If you are in Mexico and your concern relates to rights under the LFPDPPP, you may contact the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI). Details on how to file a complaint are available at inai.org.mx.
  • EU/EEA and other regions: If the EU GDPR applies to you, you may lodge a complaint with the data protection authority in your habitual residence, place of work, or place of the alleged infringement. Information about EU supervisory authorities is available on the European Data Protection Board's website.

We encourage you to contact us first so that we have an opportunity to address your concerns directly, but you are not obliged to do so before approaching a supervisory authority.

Updates

OBSERVE: Privacy laws and our operations may evolve over time. EXPAND: We may update this Privacy Policy to reflect changes in our practices, technologies, legal requirements or regulatory guidance. REFLECT: Keeping informed about updates helps you understand how your data continues to be used and protected.

  • Changes to this Policy: We may amend this Privacy Policy from time to time. Any updated version will be posted on royeles.com with a revised "Last updated" date.
  • Notification of material changes: Where changes are significant, we will provide additional notice, which may include email notifications, in-account messages, prominent notices or banners on the Website, and/or prompts requiring you to review and accept the updated terms before continuing to use our services.
  • Advance notice and choices: Where feasible and legally required, we will provide at least 30 days' notice of material changes that significantly affect how your data is processed. If you do not agree with the updated Policy, you may choose to close your account and stop using the Bet Royale services on royeles.com. We will continue to process your data in accordance with this Policy in relation to past activities, to the extent permitted or required by law.
  • Version control: For transparency, we may keep previous versions of this Privacy Policy accessible or available upon request, indicating the dates when each version was in force.

Last updated: March 2026 (original effective date: 6 November 2025).