Privacy Policy

Last updated: 23 June 2026

This privacy policy explains what personal data ecopayzcasinouk.com collects from visitors, the lawful basis for that processing, how long the data is retained, and what rights readers in the United Kingdom and the European Economic Area have over their own information. The policy is written to align with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations.

Who is the data controller

The data controller for personal data collected through ecopayzcasinouk.com is the editorial team that operates the site. The site is an independent publication and is not affiliated with any gambling operator, payment provider or regulator referenced in its editorial content. Readers who wish to exercise a data right described below may contact the editorial team through the channels listed on the About Us page.

What data we collect

The site collects a limited set of data, organised in three broad categories.

Technical access data. Standard server access logs are recorded automatically when a browser requests a page. These logs contain the requesting IP address, a timestamp, the URL requested, the response code returned, the user-agent string of the browser, and the referring page if one was sent. This information is used to monitor site performance, detect automated abuse, and produce aggregated traffic statistics. It is retained for a rolling window of no more than ninety days unless an active security investigation requires a longer hold.

Analytics data. If the visitor consents to analytics cookies, an anonymised page-view record is sent to a privacy-preserving analytics service. The record contains the page visited, the country of origin derived from the IP address, the device category, and a hashed visitor identifier that is rotated daily. The full IP address is not stored in the analytics layer. The visitor can withdraw analytics consent at any time through the cookie banner or by clearing site cookies in the browser.

Voluntary communications. If a visitor sends an email to the editorial team or submits a correction request, the content of that communication is retained for as long as needed to respond and to keep an audit trail of editorial changes. The site does not operate a public comments system, a newsletter list, or a user account system, so no profile, contact list or subscriber database is maintained.

Lawful basis for processing

The site relies on two lawful bases under UK GDPR. Technical access logs and security-related processing are carried out under the legitimate interests basis (Article 6(1)(f)) — specifically, the legitimate interest in protecting the site against fraud, automated scraping and denial-of-service activity. Analytics cookies and any non-essential tracking are placed on the basis of explicit consent (Article 6(1)(a)), recorded through the cookie banner the first time a visitor reaches the site.

How long data is kept

Server logs are retained for ninety days. Analytics records are retained in aggregate form for thirteen months and then rotated. Voluntary email correspondence is retained for as long as the underlying editorial matter remains open, and afterwards for a reasonable period to support audit and dispute resolution, then deleted. The site does not maintain a permanent profile of any individual visitor.

Sharing with third parties

The site uses external service providers for hosting, content delivery and analytics. These providers process data on instructions from the site and are bound by data-processing agreements that reflect UK GDPR requirements. The site does not sell reader data, does not share data with advertising networks for behavioural profiling, and does not pass data to gambling operators, payment providers or other commercial partners. If a legal order requires disclosure to a UK authority such as a court, the Information Commissioner’s Office or a law-enforcement body, the site will comply with the order and, where lawful, notify the affected reader.

International transfers

Some service providers are based outside the United Kingdom. Where personal data is transferred outside the UK, the site relies on either an adequacy decision recognised by the Secretary of State or on the UK International Data Transfer Agreement and any required supplementary safeguards. A current list of subprocessors and the basis of each transfer is available on request through the editorial contact channel.

Your rights

Under UK GDPR a visitor has the right to request access to the personal data the site holds about them, the right to request correction of inaccurate data, the right to request erasure where the data is no longer needed for the purpose for which it was collected, the right to object to processing carried out under legitimate interests, the right to withdraw consent for any consent-based processing, the right to data portability for data the visitor has supplied directly, and the right to lodge a complaint with the Information Commissioner’s Office at ico.org.uk.

Requests can be submitted in writing through the contact route on the About Us page. The site aims to respond within one calendar month from receipt of a verifiable request, in line with UK GDPR Article 12.

Children

The site is published for an adult audience interested in regulated UK gambling payments. The editorial content references UKGC-licensed gambling, which is restricted to persons aged eighteen years or older. The site does not knowingly collect data from anyone under the age of eighteen. If a parent or guardian believes their child has interacted with the site, they should contact the editorial team so the matter can be reviewed and any relevant data deleted.

Changes to this policy

This policy may be updated to reflect changes to legislation, service providers or the editorial workflow. The date at the top of the page indicates the latest revision. Material changes will be flagged in the page header for at least thirty days after they take effect.