Roobet Casino Privacy Desk: Data Use, Cookies and Security
Privacy matters, especially when personal details, gameplay records, and payment activity are connected to a single account.
Navigation
For players in Canada, we handle personal data carefully, explain why it is collected, and provide clear ways to manage consent. Our privacy approach covers account creation, session tools, cookies, verification, security checks, support records, and compliance duties tied to lawful gaming operations.
We also apply KYC, AML, and CFT controls to help protect the platform from misuse. This includes verifying identity details, reviewing certain transactions, and responding when activity does not match normal account use.
Information Roobet Collects and Uses
We collect only the information needed to open, secure, and operate your account. Depending on what you do, this may include your name, date of birth, address, contact details, identification information, device data, IP address, browser details, payment information, gameplay history, and support communications.
Some data is provided directly when you register or verify your profile. Other data is generated through normal use, such as session duration, selected features, game preferences, login patterns, and records linked to deposits or withdrawals in CAD.
We use this information for practical purposes, including creating and maintaining your account, processing transactions, personalising settings, supporting customer service, detecting fraud, carrying out analytics, meeting KYC duties, and responding to legal or regulatory requirements.
For higher-risk actions, we may ask for additional proof. This can include photo ID, proof of address, date-of-birth confirmation, video verification, SMS codes, geolocation checks, source-of-funds review, or screening against PEP and sanctions lists.
Where consent is the appropriate basis, you remain in control of optional marketing, analytics, and similar settings. Where processing is required for account delivery, fraud prevention, or legal compliance, some data handling is necessary to keep core services running safely.
Privacy Controls and Data Requests
Privacy controls should be easy to find. We provide settings that let you review how cookies, tracking tools, and certain communications work within your account.
You can adjust non-essential tracking, update analytics preferences, and manage personalisation choices through the privacy controls in the dashboard. Browser settings can also block some third-party tools, although this may reduce convenience features such as saved preferences, regional content, or faster sign-in.
We also support requests related to personal data. You may ask to review stored identity details, communication logs, activity summaries, or transaction records, and you may request correction, export, or deletion where the law permits.
| Control Area | What You Can Manage | Timing & Security Notes |
|---|---|---|
| Cookie and tracking preferences | Players can open Privacy Settings or Privacy Controls in the account dashboard, or use the site banner/icon, to manage analytics, personalisation, and required session tools. Non-essential tracking can be turned off, and a "Delete All" option removes non-essential stored data. | Changes take effect right away. Essential tools are marked as required and cannot be turned off. |
| Session continuity and convenience | Session identifiers help restore interrupted play, remember layout choices, language, preferred areas, and recent actions so players can continue without repeating steps. | Each browser identifier has a set expiration date. Persistent cookies may remain on the device for a defined period, and some are stored until their expiry unless deleted earlier. |
| Account and payment protection | Required controls support deposits, withdrawals, verification, and balance access in $. Multi-factor authentication helps protect money transfers, while unusual withdrawals or profile changes may trigger extra checks. | Short-lived HTTP-only session tokens, encrypted identifier storage, device fingerprints, browser metadata, network identifiers, and real-time monitoring help reduce unauthorized access. |
| How personal data is protected | Personal information is anonymised and separated across systems, with financial records, personal information, and authentication logs stored independently. Passwords are not stored in plain text. | AES-256 is used for databases and TLS 1.2+ for data in transit. Encrypted backups are created daily and stored in geo-redundant facilities. |
| Third-party services and sharing | External technologies may support fast sign-in, analytics, personalised content, fraud checks, identity verification, responsible gambling, and payment processing. Players can limit third-party tracking in browser settings or site controls. | Only authorised partners with contractual data protection duties can access information, and sensitive payment details or direct identification are not shared unless required for security or legal compliance. |
| Data access, export, and deletion | Registered players can request summaries of stored identity information, communication logs, and activity records, export transaction history, or ask for deletion through the secure dashboard or official support channels. | Personal records request: For up to 30 days. Transaction statement via "Export History": Right Away. Review stored identification documents: In 15 days. |
| Retention periods | Data is kept only as long as needed for operational, legal, fraud prevention, audit, or compliance purposes, then deleted from live and backup systems when eligible. | Behavioral and technical data: normally up to 5 years. Payment data: generally up to 7 years. Marketing and some security or segmentation tools may be up to 24 months. Some controls mention up to six months or up to 12 months depending on category. |
| Canada and international rules | For players in Canada, international transfers may be made to servers or providers outside Canada when operationally necessary, with safeguards in place. The platform also references GDPR, CCPA, and regional compliance reviews. | Standard Contractual Clauses and protection consistent with Canadian standards are used for transfers. The policy is effective as of June 2025, and the latest revision date is June 2025. |
Data Security and Retention Periods
Security starts with account structure. Where possible, we separate categories of information, limit access by role, and review permissions regularly so only authorised staff can handle sensitive records.
Technical safeguards support that structure. Database encryption, transport encryption, device fingerprints, browser metadata, network identifiers, session tokens, access logs, and real-time monitoring help reduce unauthorised access and make unusual behaviour easier to detect.
Cookies and similar tools also support security. Some preserve session continuity, some remember language and layout choices, some improve load times, and some help identify suspicious patterns linked to fraud or account takeover attempts.
Storage periods vary by purpose. Preference tools may remain for up to 12 months, while some analytics, security, or segmentation tools may run up to 24 months. Other categories are session-based or kept only until their expiry date unless removed sooner.
We also maintain audit-ready transaction records and support logs so important account actions remain traceable. This supports dispute handling, safer payments, and compliance checks linked to AML and CFT obligations.
We keep data only while there is a valid operational or legal reason to do so. Behavioral and technical data is normally kept for up to 5 years, while payment data is generally retained for up to 7 years. Some AML-related records may require longer retention, including periods of 10 years after account closure in specific compliance contexts.
Account Checks and Data Sharing at Roobet
Your account is where privacy settings and compliance controls come together. Registration, login, deposits, withdrawals, support contact, and verification can each trigger different checks designed to keep access secure and activity lawful.
Our KYC process verifies core identity details such as name, address, and date of birth. It can also involve PEP and sanctions screening, as well as source-of-funds review when the risk level or transaction pattern makes that necessary.
Transaction monitoring works alongside KYC. Internal and external tools review gameplay and financial activity to detect suspicious movement, flag unusual behaviour, and support reporting duties where required.
Oversight is not handled by automation alone. A designated MLRO supports AML controls, policy reviews, investigations, and internal coordination, while annual training helps staff recognise red flags and respond appropriately.
When data must be shared, we limit disclosure to what is necessary. This may include payment partners, IT and analytics providers, identity verification services, customer support functions, regulators, authorities, or selected business partners where consent or law permits it.
International transfers can take place when systems or providers are located outside Canada. In those cases, we apply safeguards intended to keep protection consistent with Canadian standards, including contractual measures for cross-border processing.
If you want to review your settings, records, or consent options, use the privacy controls in your account area or contact the data protection team through the support options available to players in Canada.