Privacy Policy

This Privacy Policy explains what personal information Ignition Casino collects when you visit our site or hold an account, why we collect it, who we share it with, how long we keep it, and what rights you have over it. It is written for US players in plain English, with separate sections for California residents under CCPA/CPRA and international players under GDPR-style frameworks. Where a stricter law applies to you, we follow that law.

Who We Are

Ignition Casino is operated under the Government of Curacao licensing framework by Lynton Limited. Throughout this policy "we", "our" and "us" refer to the operating entity that issued you your account. The privacy contact address is listed at the bottom of this page; please use it for any access or deletion request rather than the in-game chat.

What We Collect and Why

Account information. Your name, date of birth, email, phone number, postal address and chosen username. We need these to open an account, verify your age and prevent multiple accounts in the same household. Without them we cannot operate legally under our licence.

Identity verification (KYC). Government-issued photo ID, a recent utility bill or bank statement, and a selfie. We collect these only at first withdrawal or when a risk flag is raised. We store the documents in encrypted form and review-grade access is restricted to compliance staff.

Payment information. Card number (only the last four digits and an issuer-side token; we never store the full PAN), crypto wallet addresses you've used to deposit, voucher codes you've redeemed and bank account references for check withdrawals. This data is needed to settle deposits and withdrawals and to investigate fraud.

Gameplay records. Bets placed, hands dealt, sessions, balances, bonuses claimed and rewards earned. This is the data that makes the casino run; without it you couldn't be paid or audited.

Device and connection data. IP address, browser type and version, operating system, device fingerprint and approximate geolocation derived from the IP. We use these to detect bot activity, account sharing and prohibited geographies.

Communications. Live-chat transcripts, support emails, recorded phone calls (when you call our support line you'll hear a recording notice) and any documents you attach.

How We Use Your Data

We use your data to deliver the gambling service you signed up for: opening and securing your account, running games fairly, processing payments and resolving disputes. We use a subset of it — typically email, IP and gameplay summaries — to detect fraud, multi-accounting and bonus abuse. We use a smaller subset for marketing, but only if you opted in at signup or in your account settings, and you can unsubscribe at any time without losing access to your account.

Who We Share It With

We share data with: payment processors (so a deposit can settle), identity-verification vendors (for KYC), our software providers (so a game can run), our licensing authority and any regulator with jurisdiction, and law enforcement when properly compelled. Each third party receives only the minimum data needed for the task and is bound by a written data-processing agreement.

We do not sell your personal information for advertising purposes. California residents who want to confirm this can submit a Right to Know request via the contact at the bottom of this page.

How Long We Keep It

Account, KYC and gameplay data are retained for the life of your account plus seven years after closure, which is the standard retention period required by anti-money-laundering rules under our licence. Marketing data is purged when you opt out. Communication transcripts are retained for two years. Crypto-deposit address data is retained for the same seven-year window.

Your Rights

All players can ask us to confirm what we hold, correct inaccurate data and stop marketing. California residents can additionally request data export, ask us to delete data not required by AML or regulatory holds, and opt out of any "sale" or "sharing" of personal information under CCPA/CPRA. EU/UK residents can additionally request data portability and lodge a complaint with their national data-protection authority. Requests are answered within 30 days for general queries and within the statutory window for CCPA and GDPR.

Security

We encrypt data in transit using TLS 1.2 or higher and at rest using AES-256. KYC documents are stored in a separate, access-restricted vault and purged on the retention schedule above. We run periodic third-party penetration tests and bug-bounty programs. No system is unbreakable; if a breach affects you, we will notify you within the timeframe required by the strictest applicable law (usually 72 hours).

Changes and Contact

We update this policy when laws change or when we add a new processor or use case. Material changes are emailed to active accounts and shown on the site banner. For privacy questions, data-access requests or to file a complaint about how we handle your data, use the privacy email listed in your account dashboard under "Compliance contact". This is the formal channel; chat agents will redirect you here.