Privacy Policy

What this document covers

The interactive features of the game, along with the website and applications, gather personal data. This Privacy Policy outlines how OneRed utilizes that data. This policy applies whenever you access information pages, create or manage an account, place bets, engage in live experiences, communicate with customer service, or use technologies to enhance your gaming experience. This policy has been established in compliance with the GDPR and the relevant Dutch regulations regarding its implementation. In the event that any provision of this policy is found to be in conflict with a legally enforceable rule, the rule shall prevail, and the remaining provisions shall continue to be in full force and effect. Your ongoing use of the platform after this policy is presented indicates your recognition of its contents and your comprehension of its practices. You may discontinue the use of this document and return to your selections at any time should you feel uneasy with any aspect of it.

Our role and how we approach privacy

OneRed acts as the controller for personal data processed through the platform. Acting as controller means OneRed decides why and how data is handled, and accepts responsibility for doing so lawfully and fairly. We appoint processors to provide hosting, security operations, payment handling, game delivery, analytics that respect consent, identity verification, and customer care technology. Processors act on documented instructions under strict confidentiality and security obligations. We maintain records of processing, conduct risk and impact assessments where appropriate, and build systems according to the principles of privacy by design and by default. These principles guide procurement, software development, change management, and staff training so that privacy is a habit rather than a slogan.

The meaning of personal data and other key terms

Personal data is information that relates to a person who is identified or can be identified. Processing is any action performed on personal data, including collection, storage, alteration, consultation, transmission, and erasure. A processor is a trusted provider that handles personal data for OneRed under written instructions. A supervisory authority is the public body responsible for enforcing data protection law. The Kansspelautoriteit is the public body that supervises the market for games of chance in the Netherlands. Partners are third parties that either act as processors on our instructions or operate as independent controllers for their own services. These explanations exist to keep the policy readable; they do not restrict your legal rights.

Information we handle

Using the platform naturally creates or reveals information about you. During registration you provide identity details and indicators that help confirm eligibility. Payment features rely on signals that demonstrate you are the rightful holder of a method. Devices and networks supply attributes that keep sessions secure, while logs capture events that help prevent misuse. Gameplay produces records that allow outcomes to be settled and fairness to be demonstrated. Safer play relies on settings such as deposit preferences, session reminders, breaks, and other choices that help you stay in control; we may also observe indicators that suggest fatigue or rising risk. Customer support generates transcripts that allow us to understand an issue and provide help. Marketing preferences capture whether you wish to receive offers or tailored information. In addition to what you provide, we may create derived indicators that help detect fraud or technical abuse, always with caution and with safeguards that match the sensitivity of the context.

Information we avoid and how we treat sensitive moments

OneRed does not seek to collect special category data such as health information or personal beliefs. If such material appears because you chose to share it in a support conversation, we restrict access to those who need it to help you, we use it only for that narrow purpose, and we remove it when no longer necessary. We do not add sensitive traits to profiles, and we do not use them for marketing or promotional eligibility. Where a proportionate assessment is required to protect people from harm, we act with restraint and document our reasoning.

Where the data comes from

Most personal data comes directly from you when you fill forms, change settings, or speak with support. Some information is produced by your device and browser as part of secure communication, for example general location inferred from network routing and technical identifiers that allow the platform to recognize a session. When law or licensing requires verification, we may consult official registers or rely on verification partners that provide signals about identity, eligibility, or ownership of a payment instrument. We expect those partners to honor strict confidentiality, security, and retention standards, and we reassess them at regular intervals.

Why we process personal data

We use your personal information in a legitimate, fair, and fun way so you may use our platform. Responsible gambling measures, account creation and maintenance, verification of identity and eligibility, processing of deposits and withdrawals, game settlement, prevention of fraud and abuse, enhancement of stability and usability, security of systems, and compliance with gambling, financial, and sanctions regulations are all purposes. We also follow the instructions of regulatory agencies when necessary. Some elements, including limited customisation or some measurements that aren’t necessary for fundamental tasks, are optional and depend on your cooperation. We move forward with processing when it is required by the contract between you and OneRed. Our reliance on legal responsibility arises whenever a binding norm necessitates a step. By considering your rights and expectations alongside our own goals, we ensure that you have a chance to voice your objections when we rely on legitimate interests.

Legal bases explained in plain terms

Contract covers actions that are essential for you to use the service. Legal obligation covers tasks imposed by law, including checks, reports, and cooperation with public authorities. Legitimate interests allow processing that improves safety, integrity, and product quality, provided those aims do not override your rights. Consent is reserved for features that are genuinely optional. You are free to refuse optional processing and free to change your mind later, and withdrawing consent is as easy as giving it.

Responsible play and wellbeing signals

Safer play is a shared effort. You can set deposit preferences, choose session reminders, take short breaks, and apply stricter limits where that helps. We watch for patterns that suggest rising risk, such as extended sessions or abrupt changes in behavior. When indicators suggest that a pause would help, we may nudge you to adjust settings or apply temporary restrictions that align with our duty of care and with supervisory expectations. Data used for these purposes concerns wellbeing; we handle it with particular care, and we do not use it to build marketing profiles.

Cookies, local storage, and telemetry

The platform uses cookies and comparable technologies for two broad purposes. Essential technologies keep sessions stable, defend against misuse, and allow core functions to work. Optional categories help us measure performance, troubleshoot defects, and offer modest personalization where permitted. On first visit and from time to time, you will see a consent interface that allows you to manage non essential categories. You can revisit those choices at any moment, and your browser provides additional control. We design product flows to avoid pressure tactics, and we honor the selections you make.

Automated checks, profiling, and your right to a human look

Many protective controls operate at machine speed. Fraud screening, payment risk assessment, game integrity checks, and alerts that support safer play rely on automated logic. We test these systems for fairness and proportionality, document their purposes and limits, and monitor outcomes to catch drift. If an automated step has a meaningful effect on your ability to use the platform, you may request human review, provide context that the system may have missed, and seek a fresh outcome. We treat automation as a tool for safety and consistency, not as a substitute for accountability.

Sharing with service providers and other recipients

OneRed shares personal data with carefully chosen providers that help operate the platform. Typical recipients include hosts, security specialists, studios that deliver game content, payment services, identity verification partners, analytics providers that honor consent, and customer care platforms. Providers that act as processors follow our instructions, keep data confidential, and implement strong security. Some partners act as independent controllers for their own services and present their own notices; they are responsible for handling rights requests addressed to them. We also share personal data with public bodies when law requires or permits it, including scenarios that protect vital interests such as safety and integrity. OneRed does not sell personal data.

International transfers and the safeguards we rely on

Some providers are based outside the European area. When personal data crosses borders, we apply safeguards recognized by European law, including contractual protections and layered technical measures. We assess the legal environment in destinations, monitor changes that could affect rights, and adjust our approach where necessary so that protections remain effective in practice. Records of cross border flows are maintained, and we can describe general safeguards on request without disclosing details that would weaken security.

Retention, deletion, and data minimization

We keep personal data only as long as necessary for the purposes described in this policy, including periods shaped by gambling regulation, financial and tax law, and anti money laundering duties. When a purpose ends, we delete or anonymize the data in an orderly and secure process. Backups and archives follow the same principles and are removed on rolling schedules. We review forms, logs, and telemetry with the goal of collecting less by default, and we adapt designs so that optional features do not expand collection quietly. Data minimization is an ongoing practice that steers product choices toward restraint.

Security of processing

Personal data protection takes discipline, not tools. OneRed uses encryption, access control, environment separation, continuous monitoring, secure development, and testing. Code and infrastructure changes are peer-reviewed and scheduled to reduce risk. We evaluate incidents swiftly, contain damage, alert supervisory bodies and impacted parties as required, and learn from them to build resilience. Choose strong credentials, enable additional verification for sensitive actions, sign out on shared devices, and be wary of strange notifications.

Your rights under data protection law

You have rights that allow meaningful control over your personal data. You may request confirmation that we process your data and receive a copy. You may ask us to correct information that is inaccurate or incomplete. In certain situations you may request deletion or restriction. You may object to processing based on legitimate interests, including for tailored messages, and we will weigh your reasons against our grounds. You may request a portable copy in a structured format. Where processing relies on consent, you may withdraw that consent at any time. Where a decision rests solely on automated processing and produces significant effects, you may request human involvement. These rights are exercised without charge except where requests are manifestly unfounded or excessive, a standard defined by law and guidance.

How to exercise those rights

Requests can be made using account tools. We may verify your identification before acting to safeguard your and others’ privacy. If a request may divulge personal data, confidential safeguards, or weaken security, we may limit the response and explain our explanation as the law allows. We record requests and outcomes and reply within appropriate timelines for accountability. We give legal reasons for denying a request, and you can appeal to the supervisory authority.

Marketing preferences and relevance controls

Control over promotional communication rests with you. In your account you can choose whether to receive offers and whether limited personalization suits your needs. When you opt out, we disable non essential channels and continue to send only messages that are required for security, policy updates, or transactions that you initiate. We record your preference and ask providers acting on our behalf to honor it. If you change your mind, you can revisit settings at any time and adjust the level of contact to match your comfort.

Children, young people, and protected persons

The gambling features of OneRed are intended for adults who meet the legal standard for participation in games of chance in the Netherlands. We implement checks to prevent access by minors. Persons recorded in the national exclusion register may not gamble on the platform. If we discover that an account was opened or used in breach of these rules, we close it and take steps consistent with legal and supervisory expectations, including safeguarding funds according to applicable procedures.

Product improvement and respectful measurement

We study aggregated and pseudonymized information to understand stability, speed, and usability. Insights guide bug fixes, capacity planning, and feature design. Where measurement is not essential to basic operation, we rely on your consent and present clear choices. We avoid building advertising profiles that follow you across unrelated services. Our goal is to improve the product you chose to use, not to expand surveillance.

Design ethics, clarity, and the way choices are presented

Notices and dialogs use plain language. Choices appear at moments when they matter. We avoid patterns that steer people toward accepting optional processing. When automated logic influences an outcome, we explain the main factors in ordinary words and keep a path open for human review. We consult independent guidance on fairness, learn from research into safer play and digital rights, and translate that learning into product decisions that respect dignity.

Changes to this policy

Law and technology evolve, and so does this policy. We may revise the text to reflect new obligations, clarify wording, or support new features. When a change is significant, we highlight it inside the product and, where required, ask for your acknowledgment. Continued use after an update signals acceptance of the revised policy. If you do not accept a change, you can limit optional features, adjust settings, or discontinue use.

Oversight, remedies, and cooperation

If you believe your rights have not been respected, you can raise a concern through the mechanisms available in your account. You also have the right to bring a matter to the Dutch data protection authority. We cooperate with oversight bodies, follow binding directions, and treat every complaint as an opportunity to improve our explanations and our operations. Transparency supports trust, and trust is the foundation for a sustainable platform.

Relationship to other documents and language

This policy works alongside the Terms and Conditions, the Cookie Policy, and the rules that apply to specific products and promotions. Where texts appear to conflict, the clause that most precisely addresses the situation will guide the outcome while mandatory consumer rights remain in place. This policy is written in English to keep the text accessible. If a translation appears and differences arise, the version identified within the service as authoritative will prevail.

Closing statement

Privacy is part of product quality and part of respect for the people who choose to play. OneRed seeks to collect less, explain more, and give you practical control without adding friction. If a setting feels unclear, slow down, review your options, and proceed only when comfortable. Entertainment should live alongside care and clarity, and that is the balance we work to maintain each day.