Privacy Policy

Last Updated: 16 September 2025

This Privacy Policy explains how Drop The Boss collects, uses, protects, and shares your personal information when you access our website and use our gaming services. We are committed to protecting your privacy and ensuring transparency about our data handling practices.

Who We Are

Drop The Boss is a physics-based casino gaming platform that provides innovative entertainment experiences. We are the data controller responsible for your personal information and are committed to processing your data in accordance with UK data protection laws.

Contact Details:
Email: [email protected]
Address: 125 Piccadilly, London W1J 9EX, United Kingdom

Information We Collect

We collect different types of information to provide and improve our gaming services, ensure security, and comply with legal obligations.

Information You Provide Directly

Account Registration:

  • Full name and date of birth (for age verification)
  • Email address and chosen username
  • Residential address and country of residence
  • Payment information and preferred currencies

Gaming Activity:

  • Betting preferences and game settings
  • Transaction history and account balance information
  • Communication with our support team
  • Feedback and survey responses

Identity Verification:

  • Government-issued identification documents
  • Proof of address documentation
  • Financial verification documents
  • Biometric data for enhanced security (when consented)

Information We Collect Automatically

Technical Information:

  • IP address and geographic location
  • Device information (type, operating system, browser)
  • Website usage patterns and navigation data
  • Game performance and interaction statistics

Gaming Data:

  • Game rounds played and outcomes
  • Time spent on different features
  • Bonus activation patterns
  • Demo mode usage statistics

Cookies and Tracking:

  • Session cookies for login status
  • Performance cookies for optimization
  • Functional cookies for personalized experience
  • Marketing cookies (with your consent)

How We Use Your Information

We process your personal information for specific purposes based on legal grounds under UK GDPR:

Service Provision (Contractual Basis)

  • Account Management: Creating and maintaining your gaming account
  • Game Functionality: Enabling gameplay, processing bets, and calculating winnings
  • Payment Processing: Handling deposits, withdrawals, and transaction verification
  • Customer Support: Responding to queries and resolving technical issues

Legal Compliance (Legal Obligation)

  • Age Verification: Ensuring all users meet minimum age requirements (18+)
  • Identity Verification: Confirming user identity to prevent fraud
  • Anti-Money Laundering: Monitoring transactions for suspicious activity
  • Regulatory Reporting: Providing information to gambling authorities when required

Legitimate Interests

  • Security: Protecting your account and preventing unauthorized access
  • Fraud Prevention: Detecting and preventing fraudulent activities
  • Service Improvement: Analyzing usage patterns to enhance gaming experience
  • Technical Optimization: Monitoring performance and fixing bugs

Consent-Based Processing

  • Marketing Communications: Sending promotional emails and notifications
  • Personalized Content: Tailoring game recommendations and bonuses
  • Social Media Integration: Enabling social sharing features
  • Advanced Analytics: Detailed behavior analysis for service enhancement

Legal Basis for Processing

PurposeLegal BasisData Types
Account ServicesContract PerformanceRegistration details, payment info
Age/Identity VerificationLegal ObligationID documents, biometric data
Security & Fraud PreventionLegitimate InterestTransaction patterns, device data
MarketingConsentContact details, preferences
AnalyticsLegitimate Interest/ConsentUsage data, gaming behavior

Information Sharing and Disclosure

We share your personal information only when necessary and in accordance with data protection laws:

Service Providers

  • Payment Processors: For secure transaction handling
  • Identity Verification Services: For compliance with regulations
  • Technical Support Partners: For platform maintenance and security
  • Analytics Providers: For service improvement (anonymized data where possible)

Legal Requirements

  • Regulatory Authorities: UK Gambling Commission and other relevant bodies
  • Law Enforcement: When required by court orders or legal investigations
  • Tax Authorities: For tax reporting and compliance purposes
  • Legal Proceedings: To protect our legal rights and interests

Business Transfers

In the event of a merger, acquisition, or asset sale, your information may be transferred to the new entity, subject to the same privacy protections.

International Data Transfers

Some of our service providers may be located outside the UK. When we transfer your data internationally, we ensure adequate protection through:

  • Adequacy Decisions: Transferring to countries recognized by the UK as providing adequate protection
  • Standard Contractual Clauses: Using approved contractual terms for data protection
  • Certification Schemes: Working with providers certified under recognized privacy frameworks
  • Binding Corporate Rules: For transfers within multinational service providers

Data Retention

We retain your personal information only as long as necessary for the purposes outlined in this policy:

Data TypeRetention PeriodReason
Account Information5 years after account closureRegulatory requirements
Transaction Records5 years after transactionFinancial regulations
Identity Documents5 years after verificationAnti-money laundering laws
Gaming Logs2 years after activityTechnical support and dispute resolution
Marketing DataUntil consent withdrawnMarketing purposes

Your Rights Under UK GDPR

You have several rights regarding your personal information:

Access Rights

  • Data Portability: Receive a copy of your data in a structured format
  • Access Requests: Obtain information about how your data is processed
  • Processing Details: Learn about the purposes and legal basis for processing

Control Rights

  • Rectification: Correct inaccurate or incomplete information
  • Erasure: Request deletion of your data (subject to legal obligations)
  • Restriction: Limit how we process your information
  • Objection: Object to processing based on legitimate interests

Communication Rights

  • Marketing Opt-out: Unsubscribe from promotional communications
  • Consent Withdrawal: Withdraw consent for consent-based processing
  • Complaint Rights: Lodge complaints with the Information Commissioner’s Office

Exercising Your Rights

To exercise any of your rights:

  1. Email Request: Send detailed requests to [email protected]
  2. Identity Verification: Provide proof of identity for security purposes
  3. Specific Information: Clearly state which rights you wish to exercise
  4. Response Timeline: We will respond within one month of receiving valid requests

Data Security

We implement comprehensive security measures to protect your personal information:

Technical Safeguards

  • Encryption: All data transmissions and storage use strong encryption
  • Access Controls: Strict limitations on who can access personal data
  • Regular Audits: Frequent security assessments and vulnerability testing
  • Backup Systems: Secure data backup and recovery procedures

Organizational Measures

  • Staff Training: Regular privacy and security training for all personnel
  • Data Minimization: Collecting only necessary information
  • Privacy by Design: Building privacy protections into all systems
  • Incident Response: Established procedures for handling data breaches

Automated Decision-Making

We may use automated systems for:

  • Fraud Detection: Automated analysis of transaction patterns
  • Risk Assessment: Algorithmic evaluation of account activities
  • Bonus Eligibility: Automated determination of promotional offers
  • Game Recommendations: Personalized content suggestions

You have the right to:

  • Request human intervention in automated decisions
  • Express your point of view regarding automated decisions
  • Contest decisions that significantly affect you

Children’s Privacy

Our services are strictly intended for adults aged 18 and over. We do not knowingly collect personal information from minors. If we discover that we have collected information from someone under 18, we will delete it immediately and may suspend the associated account.

Privacy Policy Updates

We may update this Privacy Policy to reflect:

  • Changes in data protection laws
  • New features or services
  • Enhanced security measures
  • Improved privacy practices

Notification Methods:

  • Email notifications to registered users
  • Website banners and notifications
  • Clear indication of update dates
  • Highlighted changes in updated versions

Complaints and Contact

For privacy-related questions, concerns, or complaints:

Email: [email protected]
Postal Address: 125 Piccadilly, London W1J 9EX, United Kingdom

Regulatory Compliance

This Privacy Policy complies with:

  • UK General Data Protection Regulation (UK GDPR)
  • Data Protection Act 2018
  • Privacy and Electronic Communications Regulations (PECR)
  • UK Gambling Commission requirements
  • Financial Conduct Authority guidelines

We regularly review our privacy practices to ensure continued compliance with evolving regulations and industry best practices.