burger icon
Instant Casino United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Instant Casino, operated as Instant Casino on instentcasino.com, collects, uses, stores and protects personal data of players and website visitors. It applies to anyone who accesses or uses our website, registers an account, participates in games, or interacts with our services in any way, including from the United Kingdom and other countries. By using our services, you acknowledge that your personal data will be processed in accordance with this Privacy Policy. Effective date: 1 January 2026.

We follow a structured approach to privacy: we clearly set out what data we observe and collect, how we expand its use for specific purposes and legal bases, and how we reflect your rights, safeguards and choices. This Policy is designed to comply with the UK General Data Protection Regulation ("UK GDPR"), the UK Data Protection Act 2018, and relevant international standards applicable to our activities.

Who We Are

For the purposes of data protection laws, the primary data controller for personal data collected through https://instentcasino.com and its relevant sub-pages (including the Instant Casino project) is SIMBA N.V. (the "Operator"). SIMBA N.V. is a company incorporated under the laws of Curaçao and is authorised to operate online gambling services under licence number OGL/2025/168/0281 issued by the Curaçao Gaming Control Board (GCB). Further details about SIMBA N.V.'s registered office and company registration will be provided on instentcasino.com as they are formally confirmed.

Certain technology and platform services may be provided on behalf of SIMBA N.V. by its associated entity Sand Tech (the "Service Provider"). In such cases, SIMBA N.V. acts as the data controller and Sand Tech acts as a data processor, processing personal data only in accordance with SIMBA N.V.'s documented instructions and this Privacy Policy.

Instant Casino currently operates under a Curaçao gaming licence and does not hold a licence from the UK Gambling Commission (UKGC). This may affect certain gambling-specific regulatory protections available to players in the UK; however, your data protection rights under the UK GDPR and other applicable privacy laws remain unaffected. For any privacy-related questions, SIMBA N.V. is responsible for responding to you as controller.

You may contact our data protection contact point (Data Protection Officer / data protection team) using the details below:

  • Email (primary contact): support@instentcasino.com (please include "Data Protection" in the subject line)
  • Website: https://instentcasino.com (additional contact options may be provided on-site)
  • Postal: You may write to the Operator at its registered office address as published on instentcasino.com, marked "Data Protection".

What Personal Data We Collect

We collect different categories of personal data when you visit Instant Casino on instentcasino.com, create an account, use our services, or interact with us. We do so in a structured way: first by observing what you provide directly, then by expanding this with technical and behavioural data needed to operate a secure online casino, and finally by reflecting these data in our records under strict safeguards.

Identification and Contact Data

  • Registration and profile data: full name, date of birth, gender (where provided), username, password, security questions and answers.
  • Contact details: email address (for example, the address used to contact support@instentcasino.com), mobile and/or landline phone numbers, country of residence, preferred language.
  • Verification (KYC/AML) data: copies or details of identity documents (passport, ID card, driving licence), proof of address (utility bill, bank statement), source-of-funds or source-of-wealth information, where required by law.

Technical and Usage Data

  • Technical identifiers: IP address, device identifiers, operating system, browser type, language settings, time zone, and approximate location inferred from your IP.
  • Log and session data: login times, pages visited, clickstream data, session duration, errors and crash reports, and other diagnostic information.
  • Security-related data: authentication logs, multi-factor authentication data (if enabled), device trust indicators, and anti-fraud signals.

Financial and Transaction Data

  • Payment data: limited card details (such as card type and masked card number), payment method identifiers, e-wallet or bank account references as provided to our payment partners.
  • Transaction history: deposits, withdrawals, bonuses credited or forfeited, chargebacks, and related communications.

Behavioural and Profile Data

  • Gameplay data: betting history, stakes, wins and losses, game preferences (e.g. Book of Dead or other games), session length and frequency.
  • Responsible gambling data: self-exclusion status (including requests sent by email to support), deposit or loss limits, time-out periods, affordability assessments where conducted.
  • Marketing and preference data: subscription status for marketing communications, interaction with emails (opens, clicks), consent and opt-out records.

Cookies and Similar Technologies

  • Cookies: small text files placed on your device, including session cookies, persistent cookies and cookies set by third parties (such as analytics or advertising partners).
  • Similar technologies: pixels, tags, SDKs and local storage used for analytics, fraud prevention, and personalisation.

Certain information is mandatory for us to provide gambling and account services (for example, identification data required by KYC/AML laws). Where we ask for optional data, we will make it clear that the information is not required to use our core services.

Legal Basis for Processing

We process your personal data in line with the legal bases set out in the UK GDPR and, where applicable, corresponding international standards. For each operation we observe the purpose, expand only to what is necessary, and reflect this in a documented legal basis.

  • Performance of a contract: We process data that is necessary to create and manage your Instant Casino account on instentcasino.com, verify your identity, provide access to games, process deposits and withdrawals, credit bonuses, and provide customer support. Without this data we cannot provide you with our services.
  • Compliance with legal obligations: We process your identification, transactional and related data to meet obligations under anti-money-laundering (AML) and counter-terrorist-financing (CTF) rules, fraud and crime prevention laws, tax and accounting requirements, and to respond to lawful requests from regulators such as the Curaçao Gaming Control Board or other competent authorities.
  • Legitimate interests: We process data for our legitimate interests, provided that these are not overridden by your rights and freedoms. This includes: maintaining network and information security, preventing fraud and abuse, improving our website and games, conducting internal analytics and reporting, and defending our legal rights and interests (for example in disputes or audits).
  • Consent: We rely on your consent where required by law, notably for certain categories of cookies and online trackers, and for direct electronic marketing (for example, promotional emails or SMS where consent is required). You can withdraw your consent at any time, as described in the "Your Rights" and "Cookies & Tracking Technologies" sections.
  • Protection of vital interests and other bases: In rare cases we may process data to protect your vital interests or those of another person (for example, where we have serious concerns about harm), or on other legal bases recognised by applicable law.

Where we rely on legitimate interests or consent, we aim to be transparent and to provide clear, accessible choices so you can understand and influence how your data is used.

Purpose of Processing

We use personal data only for specific, explicit and legitimate purposes. We observe what is necessary for each purpose, avoid expanding use beyond what is compatible, and reflect those purposes in our internal records and this Policy.

  • Providing and operating casino services: To register and verify your account, allow you to log in securely, offer games, handle deposits and withdrawals, manage bonuses and promotions, and provide customer support through channels such as support@instentcasino.com.
  • Compliance, risk management and fraud prevention: To conduct KYC/AML checks, monitor gameplay and transactions for suspicious activity, detect and prevent fraud, money laundering or abuse, and comply with our licence obligations in Curaçao and other applicable laws.
  • Service improvement and analytics: To analyse aggregated and pseudonymised usage data, understand how Instant Casino users interact with instentcasino.com, optimise game offerings, enhance user experience, and maintain performance and stability.
  • Marketing and personalisation: To send you marketing communications (where permitted), present tailored content, recommendations and promotions, and measure the effectiveness of campaigns, subject to your preferences and consent requirements.
  • Responsible gambling and player protection: To implement self-exclusion requested via email or other channels, apply limits and restrictions, monitor play patterns for signs of harm, and contact you where we identify potential risks.
  • Legal claims and record-keeping: To maintain records for accounting and tax purposes, handle complaints and disputes, respond to regulatory requests, and exercise or defend legal claims.

Disclosure & Sharing

We do not sell your personal data. We disclose it only where necessary, under appropriate safeguards, and in line with the purposes and legal bases described above. We observe who needs access, expand disclosure only to relevant data, and reflect each relationship in contracts that protect your information.

  • Group and affiliated entities: SIMBA N.V. may share data with associated entities such as Sand Tech that provide technology, hosting or operational support, strictly under data processing agreements.
  • Payment and financial partners: We share necessary transaction details with banks, card schemes, payment processors and e-wallet providers to process deposits, withdrawals, refunds and chargebacks.
  • Service providers: We use third-party vendors for hosting, IT support, customer support tools, analytics, anti-fraud and security solutions, email delivery, and other business services. These providers act as processors and are bound by confidentiality and data protection obligations.
  • Regulators and authorities: We may disclose data to the Curaçao Gaming Control Board and other regulators, law enforcement or competent authorities when required by law or licence conditions, or when necessary to protect our rights or the rights of others.
  • Affiliates and marketing partners: Where you arrive at our site via an affiliate link or marketing campaign, certain limited data (such as registration or first deposit status) may be shared with the relevant affiliate or partner for attribution and reporting, under contractual limitations.
  • Advertising and analytics networks: With your consent, we may allow advertising and analytics partners to set cookies or similar technologies on instentcasino.com to measure traffic, improve our services, and deliver personalised content or offers.
  • Business transfers: In the event of a merger, acquisition, reorganisation or sale of business assets, your data may be transferred to the relevant third parties, subject to continued protection and notice to you where required.

Whenever we share personal data, we require recipients to process it only for the purposes for which it was provided, under appropriate technical and organisational safeguards.

International Transfers

Instant Casino operates internationally. This means your personal data may be transferred to and processed in countries outside the United Kingdom, including Curaçao and other jurisdictions where our service providers are located. We carefully observe each transfer, expand it only where necessary, and reflect suitable safeguards in our contracts and practices.

  • Transfers within the EEA and similar jurisdictions: Where data is transferred to countries that the UK government has recognised as providing an adequate level of data protection (for example, countries in the European Economic Area), we rely on those adequacy decisions.
  • Transfers to Curaçao and other non-adequate countries: When transferring data to Curaçao (where SIMBA N.V. is established) or to other countries that may not have the same level of data protection as the UK, we implement appropriate safeguards, such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, as applicable.
  • Transfers to third-party service providers: Many of our processors (for example for hosting, payment processing, anti-fraud tools or email delivery) are located in, or process data from, multiple jurisdictions. We ensure that contractual safeguards, including standard contractual clauses or equivalent mechanisms, are in place to protect your data.

Regardless of where your data is processed, we require that it is protected in line with this Privacy Policy, applicable law and industry best practices, and that you continue to benefit from effective privacy rights and remedies.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, accounting and reporting obligations. We observe the lifecycle of each data category, expand retention only where law or legitimate interests require, and reflect clear deletion or anonymisation criteria in our internal policies.

  • Account and identification data: Typically retained for the life of your account and then for up to 5 years after account closure, to comply with AML, CTF and record-keeping obligations and to handle potential disputes.
  • Transaction and financial data: Retained for the periods required by tax and accounting rules, usually up to 5 - 7 years from the end of the relevant financial year, depending on applicable law.
  • Responsible gambling records: Data relating to self-exclusion, limits and interventions is kept for the period of the limitation or exclusion and for a reasonable period afterwards (normally up to 5 years) to allow us to honour your choices and comply with legal obligations.
  • Marketing and preference data: Retained until you withdraw consent or object to processing, or until the data becomes outdated (for example, if emails repeatedly bounce or remain inactive over a prolonged period).
  • Technical and log data: Retained for security, troubleshooting and analytics purposes for periods typically ranging from a few days to up to 24 months, depending on the type of log and our legitimate interests.

When data is no longer required, we will delete it or irreversibly anonymise it, unless we are legally required or permitted to retain it for longer (for example, in relation to ongoing investigations, disputes or regulatory inquiries). You may also request deletion, subject to the limitations described in the "Your Rights" section.

Your Rights

You have a range of rights over your personal data under the UK GDPR and comparable data protection laws. We observe each request carefully, expand our internal checks only to what is necessary to verify and respond, and reflect the outcome clearly to you. For users located in Mexico, we also consider the Federal Law on Protection of Personal Data Held by Private Parties ("LFPDPPP") and related regulations, including the supervisory role of the Mexican data protection authority.

Data Protection Rights

  • Right of access: You can request confirmation of whether we process your personal data and receive a copy of that data, together with information about how we use it.
  • Right to rectification: You can request correction of inaccurate or incomplete personal data (for example, updating your contact details or documentation).
  • Right to erasure ("right to be forgotten"): You can request deletion of your data where it is no longer needed, you withdraw consent (where consent was the basis), you successfully object, or where we have processed it unlawfully. This right may be limited where retention is required by AML, gambling, tax or other legal obligations.
  • Right to restriction of processing: You can ask us to restrict processing in certain circumstances, such as while we verify accuracy, assess an objection, or where you need data kept for legal claims.
  • Right to object: You can object at any time to processing based on legitimate interests, including profiling, and we will stop unless we have compelling legitimate grounds or need the data for legal claims. You also have an absolute right to object to direct marketing, including profiling related to such marketing.
  • Right to data portability: You can request that we provide certain personal data in a structured, commonly used and machine-readable format, or that we transmit it to another controller where technically feasible, when processing is based on consent or contract and carried out by automated means.
  • Rights related to consent: Where we rely on consent (for example, for marketing or certain cookies), you may withdraw it at any time. This will not affect the lawfulness of processing before withdrawal, but we will stop the relevant processing going forward.

How to Exercise Your Rights

  • Contact channel: To exercise any of these rights, please contact us at support@instentcasino.com with "Data Protection Request" in the subject line. Clearly state your name, account details (if any), the right you wish to exercise, and the relevant context.
  • Verification: We may request additional information to verify your identity and ensure that we are not disclosing personal data to unauthorised persons.
  • Response timeframe: We aim to respond to all valid requests within 30 days of receipt. If your request is complex or numerous, we may extend this period by up to a further two months, but we will inform you of any extension and the reasons for it.
  • Fees: Requests are processed free of charge. We may charge a reasonable fee or refuse to act on requests that are manifestly unfounded or excessive, in line with applicable law.

If you are located in Mexico, you may also exercise ARCO rights (Acceso, Rectificación, Cancelación y Oposición) under Mexican law using the same contact details. We will handle such requests in accordance with the LFPDPPP and related regulations, while ensuring consistency with the protections afforded by the UK GDPR where applicable.

Cookies & Tracking Technologies

We use cookies and similar technologies on instentcasino.com to ensure the website functions correctly, to enhance your experience, and to support security, analytics and marketing activities. We observe what is strictly necessary, expand additional tracking only with appropriate legal bases, and reflect your choices in our systems.

Types of Cookies

  • Session cookies: Temporary cookies that exist only while your browser is open and are deleted when you close it. They help us recognise you within a single session, manage logins, and maintain security.
  • Persistent cookies: Cookies that remain on your device for a defined period. They allow us to remember your preferences (such as language or region), recognise returning users, and improve the site over time.
  • Third-party cookies: Cookies set by third-party providers such as analytics services or advertising partners, used to measure traffic, understand usage patterns, prevent fraud, and deliver or measure personalised content or offers.

Purposes of Cookies

  • Strictly necessary / functional: Enable core features such as page navigation, account login, and secure areas of the site. These cookies are essential and cannot be disabled through our systems.
  • Analytics and performance: Help us understand how visitors use instentcasino.com, which pages are popular, and where we can improve performance and usability. Data is generally aggregated or pseudonymised.
  • Advertising and personalisation: Used to tailor content, offers and advertisements to your interests, and to measure the effectiveness of campaigns, subject to your consent and local legal requirements.

Managing Cookies

  • Browser settings: Most browsers allow you to block or delete cookies via their settings. Doing so may impact your ability to use certain features of Instant Casino on instentcasino.com.
  • On-site controls: Where available, you can manage your cookie preferences via our cookie banner or internal preference tools on instentcasino.com, enabling or disabling non-essential cookies.
  • Do Not Track and similar signals: At present, our systems may not respond to all browser-based "Do Not Track" signals, but we continue to monitor evolving standards.

Data Security

We take security seriously and implement technical and organisational measures designed to protect your personal data against unauthorised access, loss, misuse or alteration. We observe threats, expand protective controls proportionately, and reflect security responsibilities in our contracts and policies.

  • Encryption in transit and at rest: Data transmitted between your device and instentcasino.com is protected using industry-standard TLS (Transport Layer Security) with protocols such as TLS 1.2 or higher, where supported. Sensitive data is protected by encryption or equivalent safeguards when stored.
  • Access controls and authentication: Access to systems containing personal data is restricted to authorised personnel on a need-to-know basis, using strong passwords, role-based access controls and, where appropriate, multi-factor authentication.
  • Network and infrastructure security: We use firewalls, intrusion detection and prevention systems, anti-malware tools and other controls to protect our infrastructure. Systems are regularly updated and patched where reasonably practicable.
  • Monitoring, audits and testing: We monitor systems for suspicious activity, review access logs, and conduct periodic security assessments. Where appropriate, we engage specialist providers and follow recognised international security practices (for example, drawing on frameworks such as ISO 27001 or SOC 2 where applicable to our service providers).
  • Staff awareness and training: Personnel with access to personal data receive training on confidentiality, data protection and security obligations, and are bound by contractual confidentiality duties.
  • Incident response: We maintain procedures to detect, respond to and remediate security incidents. Where a personal data breach is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required, inform affected individuals without undue delay.

While no online service can guarantee absolute security, we continually review and improve our safeguards to reflect evolving risks and best practices.

Complaints & Contacts

We aim to resolve all privacy concerns promptly and fairly. We observe every complaint received, expand our investigation to collect relevant facts, and reflect the outcome transparently to you.

Contacting Us

  • Email: For privacy questions or complaints, contact our data protection contact point at support@instentcasino.com, including "Privacy Complaint" or "Data Protection" in the subject line.
  • Online forms: Where instentcasino.com offers a contact or support form, you may use it to raise privacy concerns, clearly indicating that your request relates to data protection.
  • Postal: You may write to the Operator's registered office address as published on instentcasino.com, marked "Data Protection".

Complaint Procedure

  1. Submission: Send us your complaint with sufficient detail (including your contact information, account details where relevant, and a description of the issue).
  2. Acknowledgement: We will acknowledge receipt of your complaint as soon as reasonably practicable, typically within a few working days.
  3. Investigation: We will investigate your complaint, which may include reviewing logs, communications and internal policies, and may request additional information from you if needed.
  4. Response timeframe: We aim to provide a substantive response within 30 days. If more time is required due to complexity, we will inform you, explaining the reasons and expected timeframe.
  5. Outcome: We will explain our findings, any actions taken or proposed, and how you can escalate the matter if you remain dissatisfied.

Escalation to Supervisory Authorities

  • United Kingdom: If you are located in the UK and are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO): https://ico.org.uk. Telephone and postal details are available on the ICO website.
  • Mexico: If you are located in Mexico, you may submit a complaint to the National Institute for Transparency, Access to Information and Personal Data Protection (INAI), in accordance with the LFPDPPP: https://home.inai.org.mx.
  • EU/EEA and other regions: If you are in the European Union or European Economic Area, you may also lodge a complaint with your local data protection authority. Information about EU authorities is available at https://edpb.europa.eu.

For gambling-specific complaints (for example, regarding fairness or licence conditions) relating to our Curaçao licence, you may also refer to the Curaçao Gaming Control Board via https://gamingcontrolcuracao.org. This does not replace your data protection rights with the authorities mentioned above.

Updates

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, regulatory guidance, or industry best practices. We observe developments affecting your privacy, expand or adjust our policy where necessary, and reflect material changes transparently.

Notification of Changes

  • Prior notice for significant changes: Where we make material changes that significantly affect how Instant Casino processes personal data on instentcasino.com (for example, introducing new processing purposes or changing legal bases), we will provide advance notice of at least 30 days where reasonably practicable.
  • Communication channels: We may notify you via email, in-account messages, website banners, pop-up notices, or other appropriate channels, depending on the nature of the change.
  • User options: If you do not agree to the updated Policy, you may choose to stop using our services and, where applicable, close your account. Continued use of the services after the effective date of the updated Policy will constitute acceptance of the changes, to the extent permitted by law.

Version Control

  • Last updated: January 2026.
  • Change log (illustrative): Updates may include clarifications on our data controller identity (SIMBA N.V. and associated entities), revisions to international transfer safeguards, enhancements to user rights explanations (including references to Mexican data protection regulations where relevant), and adjustments to reflect evolving regulatory expectations in the UK and Curaçao.

We encourage you to review this Privacy Policy periodically to stay informed about how Instant Casino processes and protects your personal data on instentcasino.com.