burger icon
North Casino Review Canada
Log In

Privacy Policy

This Privacy Policy explains how personal information is collected, used, stored, and shared when you visit or use the North Casino project hosted on northcasino-bet.ca (the "Website") and when you play at the North Casino online gaming platform operated through this Website (together, the "Services"). It applies to visitors, registered players, and any person whose data we process in connection with the Services. This Privacy Policy is effective and up to date as of February 2026.

Who We Are

The North Casino brand available via northcasino-bet.ca (including the North Casino project) is owned and operated by:

Hollycorn N.V.
Heelsumstraat 51, E-Commerce Park
Curaçao
Company number: 144359 (Curaçao Commercial Register)
Remote gaming licence: 8048/JAZ2019-015 (Antillephone N.V.)

For the purposes of data protection laws, Hollycorn N.V. is generally the "data controller" of personal data processed via northcasino-bet.ca in connection with your player account, gameplay, payments, and related Services. Certain processing activities (for example payment processing, analytics, or hosting) may be carried out by third parties as independent controllers or processors, as described in this Privacy Policy.

Data Protection Contact

If you have any questions about this Privacy Policy or how we handle your personal data, you may contact our data protection contact point:

  • Email (privacy matters): [email protected]
  • General support: [email protected] (24/7 support; typical response time 4 - 6 hours)
  • Live chat: On-site live chat on northcasino-bet.ca (24/7; typical response time under 1 minute)
  • Postal address for privacy correspondence: Hollycorn N.V., Data Protection Team, Heelsumstraat 51, E-Commerce Park, Curaçao

What Personal Data We Collect

We collect different categories of personal data depending on how you interact with the North Casino project and the North Casino platform via northcasino-bet.ca.

Identification and Account Data

  • Basic profile data: full name, username, date of birth, gender (if provided), country of residence.
  • Contact details: email address, telephone number(s), postal address (where required for verification or payments).
  • Account security data: passwords (stored in hashed form), security questions/answers, authentication tokens, and similar credentials.

Verification (KYC/AML) Data

  • Identity verification data: copies or details of identity documents (e.g., passport, ID card, driver's licence), proof of address (e.g., utility bills), and, where required, proof of source of funds or wealth.
  • Regulatory screening information: data obtained from sanctions lists, politically exposed person (PEP) lists, and other compliance databases, as required by applicable anti-money laundering (AML) and counter-terrorist financing rules.

Technical and Device Data

  • Internet and device information: IP address, browser type and version, operating system, device identifiers, language settings, referring URLs, and timestamp of visits.
  • Log data: login and logout times, session IDs, error logs, system events, and other technical logs generated when you access or use the Services.

Payment and Financial Data

  • Transaction details: deposits, withdrawals, payment method used, transaction dates, amounts, currencies, and status.
  • Payment instrument data: limited card or account information (such as masked card numbers) as processed by our payment providers; full card data is generally processed directly by PCI-compliant payment processors and not stored in full by us.
  • Fraud-prevention data: information obtained from payment service providers and fraud-prevention tools, such as chargeback history or risk scores.

Behavioral and Usage Data

  • Gameplay data: game preferences, betting and wagering history, wins and losses, session duration, and in-game actions.
  • Website interaction data: clicks, page views, navigation paths, scrolling behavior, and interactions with banners or offers on the North Casino pages and other parts of northcasino-bet.ca.
  • Marketing interaction data: whether and when you open our emails, click on links, or interact with promotions.

Responsible Gambling and Sensitive Information

  • Responsible gambling data: self-exclusion requests, deposit limits, loss limits, session reminders, reality checks, and related settings.
  • Voluntary disclosures: information you may provide about problem gambling, health, or other sensitive matters when contacting support or responsible gaming channels. We treat such information with heightened care, and only process it where necessary and permitted by applicable law (for example, to respect self-exclusion and protect your vital interests).

Cookies and Similar Technologies

  • Cookies: small files stored on your device that help us recognize you, remember your preferences, secure your account, and understand how you interact with the Website.
  • Other identifiers: web beacons, pixels, tags, local storage objects, SDKs, and similar technologies used for analytics, security, and (where permitted) advertising.

Communication Data

  • Support and complaint records: chat transcripts, emails to [email protected], complaint forms, and any attachments you send.
  • Regulatory and dispute correspondence: information contained in communications with regulator complaint portals (e.g., Antillephone N.V. disputes via certria.com) and third-party complaint platforms (e.g., AskGamblers), where relevant to your account or case.

Legal Basis for Processing

We process personal data only where we have a valid legal basis under applicable data protection laws, including Canadian law (such as PIPEDA), the EU/EEA General Data Protection Regulation ("GDPR"), United Kingdom data protection laws, and, where relevant, Mexican privacy laws.

Consent

  • We rely on your knowledge and consent (under Canadian and Mexican law) and on consent (under GDPR/UK law) when:
    • sending you marketing communications by email, SMS, or push notifications (where consent is required);
    • setting non-essential cookies (e.g., for advertising or granular analytics);
    • processing any special-category or sensitive information you voluntarily provide (e.g., health-related information connected to responsible gambling), where applicable law requires consent.

Contractual Necessity

  • We process data when it is necessary to perform a contract with you or to take steps at your request before entering into a contract, for example:
    • creating and managing your player account;
    • providing access to games and ensuring proper functioning of gaming sessions;
    • processing deposits, bets, and withdrawals;
    • providing customer support and resolving operational issues.

Legitimate Interests

  • We process data where it is necessary for our legitimate interests or those of a third party, provided these interests are not overridden by your rights and freedoms. These interests include:
    • preventing fraud, misuse, and security incidents;
    • protecting the integrity of our games and systems;
    • performing statistical analyses and service improvement;
    • defending and exercising legal claims;
    • operating and improving the North Casino content and affiliate tracking where applicable.

Compliance with Legal Obligations

  • We process data when necessary to comply with legal obligations under:
    • gambling, AML/CTF, and financial regulations in Curaçao and other applicable jurisdictions;
    • tax reporting, accounting, and record-keeping duties;
    • data protection and consumer protection laws in Canada, the EU/EEA, the UK, Mexico, and other jurisdictions where such laws apply to us.

Vital Interests and Public Interest

  • In limited circumstances, we may process data to protect your vital interests or those of others (e.g., to assist you in connection with serious responsible gambling concerns) or where processing is necessary for reasons of substantial public interest as recognized by applicable law.

Purpose of Processing

We use personal data for the following purposes, which align with the legal bases described above:

Provision and Management of Services

  • To register and maintain your player account.
  • To provide access to North Casino games and related services.
  • To process deposits, bets, bonuses, promotions, and withdrawals.
  • To provide customer support and handle queries or complaints.

Safety, Compliance, and Integrity

  • To perform identity verification, age checks, and KYC/AML screening.
  • To monitor transactions and gameplay for fraud, collusion, money laundering, and other prohibited activity.
  • To enforce our Terms & Conditions, Bonus Terms, and Responsible Gaming rules.

Service Improvement and Analytics

  • To analyze how visitors interact with the Website and the North Casino content.
  • To improve site navigation, game offering, and user experience.
  • To perform statistical, aggregate, and anonymized analytics (e.g., on popular games or features).

Marketing and Personalization

  • To send you promotional communications where permitted (or where you have consented), including bonuses, tournaments, and offers tailored to your profile.
  • To manage affiliate relationships and campaigns relating to northcasino-bet.ca.
  • To measure effectiveness of marketing campaigns and optimize them.

Responsible Gambling

  • To implement and respect self-exclusion, deposit limits, loss limits, and other responsible gambling tools.
  • To monitor gameplay for signs of harmful gambling behavior and intervene where appropriate.

Legal and Regulatory Purposes

  • To comply with legal obligations such as AML/CTF checks, financial record-keeping, and reporting requirements.
  • To respond to lawful requests from regulators or law enforcement authorities.
  • To establish, exercise, or defend legal claims.

Disclosure & Sharing

We do not sell your personal data. We may share personal data with carefully selected third parties in the circumstances described below, always subject to appropriate safeguards and, where required, contracts.

Categories of Recipients

  • Group and operational entities: internal departments and related entities involved in operating North Casino and the North Casino project on northcasino-bet.ca.
  • Payment service providers: banks, card schemes, e-wallet providers, and other payment processors to handle deposits, withdrawals, and fraud checks.
  • KYC/AML and identity verification providers: third-party services performing identity checks, sanctions screening, and other compliance services on our behalf.
  • IT and hosting providers: data centers, cloud hosting, content delivery networks, and technical support providers that host or maintain our systems.
  • Analytics and performance tools: providers of analytics, error tracking, and performance monitoring tools that help us understand how northcasino-bet.ca is used and improve it (for example, web analytics providers).
  • Marketing and affiliate partners: email service providers, marketing agencies, and affiliate networks, but only where permitted by law and, where required, based on your consent. Advertising networks may receive limited pseudonymized data for campaign measurement and targeting.
  • Regulators and authorities: gambling regulators (including Antillephone N.V.), financial intelligence units, tax authorities, law enforcement, and other public authorities when we are legally obliged or permitted to disclose information.
  • Dispute resolution and complaint platforms: regulator dispute services (such as the Antillephone N.V. complaint portal at certria.com) and third-party complaint platforms (such as AskGamblers) when you or we initiate a complaint or dispute through those channels.
  • Professional advisers: lawyers, auditors, accountants, and consultants where necessary for legitimate business purposes and subject to confidentiality obligations.
  • Corporate transactions: potential buyers, investors, or business partners, if we undergo a merger, acquisition, reorganization, or asset sale. We will take steps to ensure your data remains protected and notify you where required by law.

Legal Grounds for Disclosure

  • Disclosures are made to comply with contracts, fulfil legal obligations, pursue legitimate interests (such as fraud prevention and service improvement), protect vital interests, or with your consent, as applicable in each case.

International Transfers

Because Hollycorn N.V. is established in Curaçao and uses international service providers, your personal data may be transferred to and processed in countries outside your country of residence, including:

  • Curaçao: where Hollycorn N.V. is registered and operates its core gaming infrastructure.
  • European Union / European Economic Area (EU/EEA) and United Kingdom: where some of our service providers, hosting, and support services may be located.
  • Canada: where users are located and where certain processing (such as support or marketing) may be targeted.
  • United States and other countries: where some payment processors, cloud providers, analytics tools, or marketing partners may operate.

Whenever we transfer personal data internationally, we take steps to ensure an adequate level of protection consistent with applicable data protection laws, including by:

  • Relying on adequacy decisions issued by the European Commission or UK authorities (where applicable).
  • Entering into Standard Contractual Clauses (SCCs) or equivalent data transfer agreements with recipients, including additional safeguards where required.
  • Ensuring that our service providers implement robust technical and organizational security measures.

Further information about international transfers and copies of applicable safeguards can be requested via [email protected], subject to redactions for security and confidentiality.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, including meeting legal, accounting, and regulatory obligations. Retention periods may vary depending on the category of data and applicable law.

Data Category Typical Retention Period Main Criteria
Account and identification data Up to 5 years after account closure Limitation periods for legal claims; AML and gambling regulations.
KYC/AML verification records At least 5 years after the end of the business relationship or last transaction Mandatory AML/CTF and financial record-keeping laws.
Transaction and payment data 5 - 7 years after the transaction Accounting, tax, and regulatory requirements.
Gameplay and betting history Up to 5 years after account closure Dispute resolution, regulatory and responsible gambling obligations.
Marketing preferences and records Until you withdraw consent or object, plus up to 2 years Proof of consent and compliance with marketing laws.
Responsible gambling and self-exclusion data For the duration of the restriction/self-exclusion and a further period (typically 5 years) where required Protecting your vital interests and regulatory requirements.
Technical logs and security data 6 - 24 months, unless needed longer for investigations Security monitoring, troubleshooting, and incident response.
Support and complaint records Up to 5 years after resolution Evidence for dispute resolution, legal claims, and regulatory oversight.

When the relevant retention period expires, we will either securely delete or irreversibly anonymize the data. We may retain anonymized or aggregated data (which no longer identifies you) for longer periods for analytics and business purposes.

You may request more specific information about applicable retention periods for your data by contacting [email protected].

Your Rights

Depending on your place of residence and applicable law (including PIPEDA and comparable Canadian laws, the GDPR, and the Mexican Federal Law on Protection of Personal Data Held by Private Parties and its Regulations), you may have some or all of the following rights. We aim to align our practices with these standards where reasonably practicable.

Key Rights

  • Right of access: to obtain confirmation of whether we process your personal data and to receive a copy of that data, together with information about how it is used.
  • Right to rectification (correction): to request that inaccurate or incomplete personal data be corrected or completed.
  • Right to erasure ("right to be forgotten" / cancellation): to request deletion of your personal data where, for example, it is no longer necessary for the purposes for which it was collected, or where you have withdrawn consent and there is no other legal basis. We may need to retain some data where required by law (e.g., AML, tax, or gambling regulations).
  • Right to restriction of processing: to request that we limit processing of your data in certain circumstances (for example, while we verify its accuracy or assess an objection).
  • Right to object: to object to processing based on our legitimate interests, including profiling based on those interests, and to object at any time to the use of your data for direct marketing.
  • Right to data portability: where applicable (e.g., under GDPR), to receive personal data you have provided to us in a structured, commonly used, and machine-readable format and to transmit it to another controller where technically feasible.
  • Rights related to consent: where processing is based on your consent, you may withdraw that consent at any time, without affecting the lawfulness of processing prior to withdrawal.
  • ARCO rights (Mexico): for users in Mexico, the rights of Access, Rectification, Cancellation, and Opposition (ARCO) are recognized by law. We will handle ARCO requests in line with the Mexican data protection framework where applicable.

How to Exercise Your Rights

  1. Submit a request: You can exercise your rights by contacting us at [email protected] or via the on-site live chat (for initial guidance). Please clearly specify which right(s) you wish to exercise.
  2. Verify your identity: For security reasons, we may request additional information to verify your identity (such as logging into your account, confirming certain data, or providing identification documents).
  3. Our response time: We aim to respond to all valid requests within 30 days of receipt and verification of your identity. If your request is particularly complex or we receive many requests, we may extend this period as permitted by law, and will inform you of any extension and the reasons for it.
  4. Fees: Requests are generally handled free of charge. We may charge a reasonable fee or refuse to act on requests that are manifestly unfounded or excessive, in accordance with applicable law.

Please note that these rights are subject to limitations and exceptions under applicable laws. For example, we may not be able to fully delete data that we are required to keep for AML/CTF, tax, gambling, or other regulatory purposes.

Cookies & Tracking Technologies

We use cookies and similar technologies on northcasino-bet.ca, including the North Casino content areas, to ensure proper functioning, improve performance, and (where permitted) support analytics and marketing.

Types of Cookies We Use

  • Strictly necessary cookies (session and persistent): required for the Website to function, including enabling basic navigation, login, and security features. Without these cookies, the Services may not operate correctly.
  • Functional cookies: used to remember your preferences (such as language and region) and provide enhanced, more personalized features.
  • Analytics/performance cookies: help us understand how visitors use the Website and the North Casino content, which pages are most popular, and whether users encounter errors. Data is typically aggregated and used to improve the Website.
  • Advertising/targeting cookies (third-party): used, where permitted, to deliver relevant advertisements, measure the effectiveness of marketing campaigns, and prevent the same ads from being shown too often.

Managing Cookies

  • You can manage or disable cookies via your browser settings. Most browsers allow you to refuse all cookies, accept only certain types, or delete cookies that have already been set. Guidance is usually available in your browser's help section.
  • Where available, we may also provide an on-site cookie or privacy preferences panel allowing you to adjust your choices for non-essential cookies.
  • Disabling certain cookies (especially strictly necessary or functional cookies) may affect the performance of the Website or your ability to use some features.

Data Security

We take the security of your personal data very seriously and implement appropriate technical and organizational measures designed to protect it against unauthorized access, disclosure, alteration, and destruction.

Technical Measures

  • Encryption in transit: data transmitted between your browser and our servers is protected using TLS (Transport Layer Security) version 1.2 or higher.
  • Encryption at rest: where appropriate, stored data (including backups) is encrypted or otherwise protected using industry-standard mechanisms.
  • Access controls: data is accessible only to authorized personnel who require access to perform their duties, using role-based access controls, strong authentication, and, where appropriate, multi-factor authentication.
  • Network and system security: firewalls, intrusion detection/prevention systems, anti-malware tools, and regular patching are used to reduce vulnerabilities.

Organizational Measures

  • Policies and training: staff with access to personal data receive training on data protection, confidentiality, and security practices and are bound by contractual confidentiality obligations.
  • Vendor due diligence: we carefully select service providers and require them to apply appropriate security measures. Where possible, we engage providers that are certified or aligned with recognized standards (such as ISO/IEC 27001 or SOC 2) or equivalent best practices.
  • Data minimization and pseudonymization: we seek to collect only the data we need, retain it for no longer than necessary, and, where feasible, use pseudonymization or aggregation for analytics and reporting.

Incident Response

  • We maintain procedures for detecting, investigating, and responding to potential data breaches or security incidents.
  • In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required by law, inform affected individuals without undue delay, specifying the nature of the breach and recommended measures.

No system can be guaranteed 100% secure, but we are committed to continuously reviewing and improving our security practices in line with industry standards and regulatory expectations as of 2026.

Complaints & Contacts

If you have concerns about how we handle your personal data, we encourage you to contact us first so that we can try to resolve the issue directly.

Contacting Us

Complaint Procedure

  1. Initial contact: Send us a detailed description of your concern, including relevant dates, account details, and any supporting documents.
  2. Acknowledgment: We will acknowledge receipt of your complaint as soon as reasonably practicable, typically within a few business days.
  3. Investigation: We will review your complaint, consult relevant records, and, if needed, contact you for additional information.
  4. Response: We aim to provide a substantive response within 30 days from receiving your complete complaint. If we cannot meet this timeframe due to complexity or other legitimate reasons, we will inform you of the delay and provide an updated timeframe.
  5. Further steps: If you are not satisfied with our response, you may escalate your complaint to the appropriate supervisory authority, as described below.

Supervisory Authorities and External Recourse

  • Canada: If you reside in Canada, you may contact the Office of the Privacy Commissioner of Canada (OPC):
    Website: https://www.priv.gc.ca/en/
  • Mexico: For users in Mexico, you may contact the National Institute for Transparency, Access to Information and Personal Data Protection (INAI):
    Website: https://www.inai.org.mx
  • European Union / EEA: For users in the EU/EEA, you may contact your local data protection authority. A list of authorities is available via the European Data Protection Board (EDPB):
    Website: https://edpb.europa.eu/about-edpb/about-edpb/members_en
  • United Kingdom: Users in the UK may contact the Information Commissioner's Office (ICO):
    Website: https://ico.org.uk
  • Gambling dispute resolution: For disputes primarily relating to gambling transactions rather than data protection, you may also use the Antillephone N.V. dispute resolution service at https://certria.com/disputes or third-party complaint platforms such as AskGamblers at https://askgamblers.com/submit-complaint. These channels are separate from data protection authorities but may be relevant for broader complaints.

Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the Services provided through the North Casino project and northcasino-bet.ca.

How We Inform You About Changes

  • Website notice: We will publish the updated Privacy Policy on northcasino-bet.ca with a revised "Last updated" date.
  • Email notification: For material changes, we may notify registered users by email sent to the address associated with their account.
  • On-site alerts: We may use banners, pop-up notices, or messages within your account dashboard to highlight important changes.

Advance Notice and Your Options

  • Where changes are material and, in our reasonable judgment, significantly affect your rights or how we use your data, we will, where practicable, provide at least 30 days' notice before the new terms take effect.
  • If you do not agree with the updated Privacy Policy, you may choose to stop using the Services and request closure of your account before the changes take effect.
  • Continuing to use the Services after the effective date of the updated Privacy Policy will constitute your acknowledgement of the changes, to the extent permitted by applicable law.

Last updated: February 2026

Any earlier versions of this Privacy Policy may be retained internally for compliance and record-keeping purposes. On request, we can provide a summary of material changes made in the most recent update.