Privacy policy

1. INTRODUCTION

Welcome to CasinoAlpha’s Privacy Policy. This notice explains, in clear terms, how CasinoAlpha (“we,” “us,” or “our”) collects, uses, discloses, and safeguards your personal information when you access or use casinoalpha.com (the “Website”).

CasinoAlpha operates as an independent casino review and information platform, and we handle personal data in line with applicable laws, including the General Data Protection Regulation (GDPR) and, for visitors in Ireland, the Data Protection Act 2018 and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 (the Irish ePrivacy Regulations, S.I. No. 336 of 2011).

Data Controller:
Extremoo Marketing SRL
Romania, Dobroesti, Ilfov, Mesteacanului 4
Email: [email protected]

If you have questions about this Policy or about how we process your data, please get in touch via the form available on our contact page.

2. INFORMATION WE COLLECT

2.1. Information You Provide Directly

There are a few ways you may choose to share personal information with us. When subscribing to the newsletter, the only mandatory field is your email address; you may also provide your name, country or region, and language preferences if you wish.

If you reach us via a Website contact form, we process the name and email address you submit, the subject of your message, the content of your inquiry, and any other details you add voluntarily. Where comments or reviews are enabled, we process your name or username, email address, the comment or review content, and any rating scores you decide to post.

2.2. Information Collected Automatically

When you use the Website, certain information is collected automatically through cookies or similar technologies. This includes technical data such as your IP address, browser type and version, device type (desktop, mobile, or tablet), operating system, screen resolution, referring and exit pages, together with the date and time of your visits.

We also collect usage data, for example, the pages you view, how long you stay, click patterns and navigation paths, on-site search queries, links you click (including affiliate links), scroll depth, and other interactions with our content. In addition, we infer general location at country or city level from your IP address; we do not collect precise geolocation. Information stored via cookies and similar tools is treated as cookie data and is explained further in Section 5.

2.3. Information From Third Parties

To operate responsibly, we occasionally receive limited information from other sources. Casino operators we review may provide verification details, such as confirmation of licence validity or game providers, used solely for accuracy checks.

Analytics providers may supply aggregated, anonymised performance metrics, and advertising partners may share ad performance information that does not identify you (non-PII). We do not purchase or obtain personal data from data brokers.

3. HOW WE USE YOUR INFORMATION

We process personal data for the purposes below.

3.1. Purpose Table

Ireland note: Non-essential cookies (e.g., analytics/marketing) require prior consent under Ireland’s ePrivacy Regulations (S.I. No. 336 of 2011) alongside GDPR.

3.2. Detailed Purposes

Newsletter & Communications: We use your details to send casino reviews, bonus offers, and industry news. We also share updates about the Website and our services. When you contact us, the information you provide is used to respond to your questions and support requests.

Website Operations: Data is processed to run the Website reliably: delivering core functionality, reflecting your preferences where applicable, remembering settings so you do not need to re-enter them, and protecting the service against abuse while maintaining security.

Analytics & Improvement: We study how visitors use the Website to understand behaviour and traffic patterns, identify popular content and features, test new functionality, optimise the user experience, and diagnose technical problems when they occur.

Security & Fraud Prevention: To keep the service safe, we detect and prevent fraudulent activity, monitor for threats and vulnerabilities, block spam and abusive behaviour, and enforce our Terms and Conditions when necessary.

Legal Compliance: Certain processing is carried out to meet legal and regulatory requirements, respond to lawful requests or court orders, protect our legal rights and interests, and comply with tax and financial reporting obligations.

Affiliate Marketing: We track referrals to casino operators so commissions are attributed correctly and the effectiveness of our recommendations can be measured. For transparency, see Section 12 for the full disclosure.

3.3. Legitimate Interests

When we rely on legitimate interests, these include operating and improving our services, providing free high-quality content, securing the Website and preventing fraud, understanding user preferences to deliver relevant content, sustaining our business model through affiliate marketing, and analysing performance to improve the user experience. We have completed a Legitimate Interest Assessment (LIA) and concluded that these interests are not overridden by your rights and freedoms.

4. LEGAL BASIS FOR PROCESSING UNDER GDPR

For EU/EEA residents (including Ireland), we process personal data under GDPR Article 6. The applicable legal basis depends on the context.

4.1. Consent (Art. 6(1)(a))

We rely on consent where you actively agree to specific processing. This covers newsletter subscriptions, the use of marketing cookies (for example, Google Analytics for EEA users), advertising and marketing communications, and optional data collection such as surveys or preference fields.

You may withdraw consent at any time; withdrawal does not affect the lawfulness of processing carried out before withdrawal. To withdraw, use the Unsubscribe link in any newsletter or adjust your choices in Cookie Settings for cookies.

4.2. Legitimate Interests (Art. 6(1)(f))

We process data on the basis of legitimate interests for website analytics (Matomo), fraud prevention and security, site functionality and improvements, affiliate tracking, responding to enquiries, and general business operations. We have assessed these interests and concluded that they do not override your fundamental rights and freedoms. You may object at any time, see Section 9.6.

4.3. Legal Obligation (Art. 6(1)(c))

Some processing is necessary to comply with legal requirements. This includes complying with court orders or legal processes, tax and financial record-keeping, regulatory compliance, and responding to lawful government requests.

4.4. Contract (Art. 6(1)(b))

We also process data where it is necessary to perform a contract or to take steps at your request before entering into one. This covers providing services you request, processing enquiries and support requests, and fulfilling our obligations under the Terms and Conditions.

5. COOKIES AND TRACKING TECHNOLOGIES

5.1. What Are Cookies?

Cookies are small text files stored on your device. They help us remember preferences and understand how you use the Website.

5.2. Types of Cookies We Use

A. Strictly Necessary Cookies

These are essential for the Website to function and cannot be disabled.

Legal Basis: Necessary for site operation / Legitimate interests (GDPR Art. 6(1)(f)); no consent required for strictly necessary cookies.

B. Analytics and Performance Cookies

Help us understand how visitors interact with the Website.

1. Matomo Analytics (Self-Hosted, Privacy-Focused)

What is Matomo?
Matomo (formerly Piwik) is an open-source, privacy-focused analytics platform hosted on our EU servers.

Privacy features:

• EU hosting (data does not leave the EU/EEA)
• No data sharing with third parties
• Automated data deletion after 24 months
• Respects “Do Not Track” (DNT) signals
• GDPR-compliant by design

Data not collected:

• Personally identifiable information (PII)
• Cross-site tracking data
• Advertising profiles

Purpose:

• Understand visitor behaviour and preferences
• Improve content and navigation
• Identify technical issues
• Measure performance

Legal Basis: Legitimate interests (Art. 6(1)(f))—supported by an LIA.
Opt-out: Update Cookie Settings • Enable DNT in your browser (Matomo respects DNT)
More info: https://matomo.org/privacy/

2. Google Analytics 4 (GA4)

Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Configuration:

• IP anonymisation enabled
• Data sharing with Google disabled (no advertising features)
• User-ID tracking disabled
• Advertising features disabled (no remarketing)
• Google Signals disabled (no cross-device tracking)
• Data retention: 14 months (auto-deletion)
• Cookie timeout: up to 24 months

Purpose:

• Comprehensive analytics
• Behaviour and content analysis
• Traffic sources
• Conversion tracking (e.g., newsletter signups, affiliate clicks)
• Benchmarking and performance monitoring

Legal Basis:
EEA (including Ireland): Consent (Art. 6(1)(a)), explicit opt-in before activation
Non-EEA users: Legitimate interests (Art. 6(1)(f))

International data transfer: Data may be processed in the USA.

Transfer safeguards:
EU-US Data Privacy Framework: Google LLC certified (verify at https://www.dataprivacyframework.gov/s/)
Standard Contractual Clauses (SCCs): EU Commission-approved
Additional measures: Encryption, access controls, security audits

Data Processing Agreement: In place with Google (GDPR Art. 28).

Policies and opt-out:
Privacy: https://policies.google.com/privacy
Terms: https://marketingplatform.google.com/about/analytics/terms/
How Google uses data: https://policies.google.com/technologies/partner-sites
Opt-out add-on: https://tools.google.com/dlpage/gaoptout
Or use our Cookie Settings to refuse analytics cookies

C. Marketing and Advertising Cookies

Track activity for campaign measurement and relevant advertising.

Legal Basis: Consent (GDPR Art. 6(1)(a)).

D. Notification Cookies

Purpose: Enable optional web push notifications for promotions and updates.
Legal Basis: Consent (Art. 6(1)(a)).

5.3. Cookie Consent Management

When you first visit, a cookie banner (CookieCarousel) appears with options to:
Accept All Cookies (all categories), or Reject All non-essential cookies.

Consent must be freely given and is revocable at any time. Your choices are stored in CookieConsent for 12 months, after which we will ask again.

Ireland note: Under the Irish ePrivacy Regulations, we obtain prior consent before setting non-essential cookies.

5.4. Managing and Controlling Cookies

You have several options:

Browser settings
Chrome: https://support.google.com/chrome/answer/95647
Firefox: https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-desktop
Safari: https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
Edge: https://support.microsoft.com/microsoft-edge/delete-cookies-in-microsoft-edge-63947406
Blocking all cookies may affect site functionality.

Analytics-specific opt-out
Google Analytics: install the opt-out add-on (link above)
Matomo: use Cookie Settings to reject analytics; enable DNT (honoured by Matomo)

Do Not Track (DNT) signals
Matomo respects DNT
Google Analytics does not by default (use the add-on)
Marketing cookies follow your consent choices regardless of DNT

Industry opt-out tools
EDAA (EU): https://www.youronlinechoices.com/
NAI (US): https://optout.networkadvertising.org/
DAA (US): https://optout.aboutads.info/

5.5. Withdrawing Consent

Click Cookie Settings (footer) to switch to “Necessary Only” or customise; then Save Preferences. Effects are immediate and do not affect earlier lawful processing. Some features may be limited.

5.6. Consequences of Disabling Cookies

5.7. Third-Party Cookies

Some services place cookies:

Embedded Content
YouTube videos: Google cookies

Social share buttons
Facebook, Twitter/X, LinkedIn cookies

Affiliate tracking
Casino operator cookies when you click links

Policies
YouTube: https://policies.google.com/privacy
Facebook: https://www.facebook.com/privacy/
Twitter/X: https://twitter.com/privacy

5.8. Cookie Lifespan and Deletion

Session cookies: deleted when you close your browser
Persistent cookies: expire as specified (maximum 24 months)
You can manually delete cookies via browser settings at any time

5.9. Technical Cookie Implementation

WordPress Integration
Security cookies (e.g., Secure-wp-show-) • Application state via g_state

Cookie Security

• Secure flag where HTTPS is available
• SameSite attributes for CSRF protection
• HttpOnly for security-sensitive cookies

5.10. Cookie Audit and Monitoring

We audit cookies regularly to keep this policy accurate.
Last audit: 14.10.2025
Next scheduled audit: 11.2026

6. THIRD-PARTY SERVICES AND DATA SHARING

We share data with trusted third parties only where necessary.

6.1. Analytics Services

A. Matomo Analytics (Self-Hosted)

Provider: Self-hosted on our EU servers (no external processor)
Location: Germany
Relationship: We act as Data Controller; Matomo is our tool (not a separate processor)

Data Collected:

• IP addresses
• Pages visited/time spent
• Referral source
• Device type, browser (anonymised)
• Geographic location (country/city from IP)
• Click events and interactions

Data Not Collected:

• PII
• Cross-site tracking
• Data shared with advertisers

Privacy Features:

• EU-hosted (no international transfers)
• No third-party sharing
• Respects DNT
• GDPR-compliant by design

Purpose: Behaviour insights, UX improvements, performance monitoring
Legal Basis: Legitimate interests (Art. 6(1)(f)) , LIA conducted
Retention: 24 months
Opt-Out: Cookie Settings or enable DNT
More Info: https://matomo.org/privacy/

B. Google Analytics 4 (GA4)

Provider: Google LLC
Address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Relationship: Processor under GDPR Art. 28 (DPA in place)

Data Collected:

• IP addresses
• Pages viewed, user journeys
• Session duration, bounce rate
• Traffic sources/referrals
• Device info (type, OS, browser)
• Approximate location (city level)
• Custom events/interactions
• Conversion tracking

Data Not Collected (disabled):

• Advertising features
• Google Signals (cross-device)
• Enhanced advertising measurement

Privacy Configuration:

• Data sharing with Google disabled
• Advertising features disabled
• Google Signals disabled
• Data retention: 14 months
• Cookie timeout: max 24 months

Purpose: Analytics, behaviour insights, traffic sources, conversions, benchmarking, performance monitoring

Legal Basis:
EEA (including Ireland): Consent (Art. 6(1)(a)) — explicit opt-in
Non-EEA: Legitimate interests (Art. 6(1)(f))

International Data Transfer: USA
Transfer Safeguards: EU-US Data Privacy Framework (Google certified) • SCCs (EU Commission-approved) • Additional safeguards (encryption, access controls, audits)

Google Policies:
Privacy: https://policies.google.com/privacy
Terms: https://marketingplatform.google.com/about/analytics/terms/
DPA: https://privacy.google.com/businesses/processorterms/
Partner sites: https://policies.google.com/technologies/partner-sites

Opt-Out:
Add-on: https://tools.google.com/dlpage/gaoptout
Cookie Settings: reject analytics cookies
Browser: block cookies manually
Your Rights: Access, opt-out, withdraw consent, request deletion

6.2. Comparison: Matomo vs. Google Analytics

Why both: Matomo for privacy-first analytics; Google for benchmarking/advanced features.
Your choice: Consent to both, Matomo only, or neither via Cookie Settings.

6.3. Casino Operators (Affiliate Relationships)

Important affiliate disclosure: CasinoAlpha earns commissions when you register/play at casinos through our links.

How affiliate tracking works:
You click an affiliate link on our site → The casino places a tracking cookie (typically 30–90 days) → You register and/or deposit → The casino attributes the referral to CasinoAlpha → We receive commission (e.g., €20–€150 CPA or 20%–40% revenue share)

Data shared with the casino: referral source (casinoalpha.com), click timestamp, our affiliate ID, click ID (session).
Data shared back to us: aggregate conversion info and commission due.
We do not receive: your name, email, address, deposit amounts, balances, payment details, or gameplay data.

Once you visit a casino, you are subject to their Terms and Privacy Policy. Review those before registering.
Editorial independence: See our Editorial Policy (https://casinoalpha.com/uk/about/editorial-policy/).
Legal Basis: Legitimate interests for affiliate tracking (Art. 6(1)(f)); consent (Art. 6(1)(a)) if required by the operator.
Opt-Out: Reject Marketing Cookies in Cookie Settings (may affect referral attribution).

6.4. Email Service Provider

Provider: Aweber
Purpose: Newsletter delivery and email marketing

Data shared: email address, name (if provided), subscription preferences, engagement (opens/clicks)
Legal Basis: Consent (Art. 6(1)(a))
Privacy Policy: https://www.aweber.com/privacy.htm

6.5. Hosting and Infrastructure

Provider: Google Cloud
Location: EU/EEA

Services: Website hosting, CDN, DDoS protection, SSL/TLS, database management, backups
DPA: GDPR-compliant DPA in place
Data transferred: Operational website data as necessary
Legal Basis: Legitimate interests (Art. 6(1)(f))

6.6. When We Must Disclose Data

We may disclose personal data when legally required:

Legal obligations: court orders, subpoenas, legal processes; compliance with laws/regulations; lawful requests from authorities; tax/financial reporting.
Protection of rights: enforce Terms and Conditions; detect/prevent fraud and security issues; protect our rights, property, safety; protect users and the public.
Business transfers: merger, acquisition, bankruptcy, or sale of assets. We will notify via email and Website notice. Any acquirer must honour this Privacy Policy or seek fresh consent.
With your consent: any other disclosure with explicit consent.
Data minimisation: we disclose only the minimum necessary.

6.7. We Do Not Sell Your Personal Data

CasinoAlpha does not sell, rent, or trade personal data.
Affiliate commissions are not a “sale” under GDPR/CPRA because we do not transfer PII to operators.

6.8. Third-Party Links

The Website contains links to casino/third-party sites.Once you click, their terms and privacy policies apply. We do not control their practices and are not responsible for their content, security, or data handling.
Your responsibility: review third-party privacy policies and use caution when sharing personal information.

6.9. List of Third-Party Data Recipients

Full details: see subsections above.

7. INTERNATIONAL DATA TRANSFERS

7.1. Where Your Data Is Processed

Primary location: EU/EEA
Website servers: Germany, United Kingdom
Matomo analytics: EU (self-hosted)
Hosting provider: EU data centres
Most data remains within the EU/EEA.

7.2. Transfers Outside EU/EEA

United States (USA) — Google Analytics
Recipient: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Why transfer occurs: Google processes data on US servers to provide analytics.

Legal basis for transfer:
EU-US Data Privacy Framework (DPF): Google LLC certified (check status at https://www.dataprivacyframework.gov/s/)
Standard Contractual Clauses (SCCs): EU Commission-approved, Module 2 (Controller→Processor), 2021 version
Supplementary measures: TLS 1.3 in transit; encryption at rest; strict access controls; third-party security audits; transparency reports; legal mechanisms to challenge unlawful access
Your consent (EEA): we request explicit consent before GA is activated; you can withdraw consent via Cookie Settings at any time

Your rights:
Opt-out add-on: https://tools.google.com/dlpage/gaoptout
Withdraw consent via Cookie Settings to stop transfer
Alternative: Choose Matomo-only (EU-hosted) to avoid international transfers.

Other potential transfers
Casino operators: various jurisdictions (Malta, Curaçao, Gibraltar, UK, etc.). You enter a direct relationship with the operator; their policies apply.
Social media platforms: Facebook, Twitter/X, LinkedIn (EU/USA as applicable) under their SCCs/DPF.

7.3. Adequacy Decisions

The EU Commission recognises certain countries as providing “adequate” protection (e.g., Andorra, Argentina, Canada (commercial), Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, South Korea, Switzerland, UK, Uruguay; USA for entities certified under the DPF).
Full list: European Commission website.

7.4. Your Rights Regarding International Transfers

You may:

• Be informed (as set out here)
• Object by withdrawing consent
• Request details about SCCs/DPF certification
• Opt out via Cookie Settings (e.g., reject GA)
  

7.5. No Transfer to High-Risk Jurisdictions

We do not transfer data to countries/organisations subject to EU sanctions, known for mass surveillance without safeguards, or lacking adequate protection.

7.6. Monitoring Legal Changes

We monitor developments (e.g., Schrems II, DPF updates) and adjust our approach. Material changes will be reflected in this Privacy Policy.

8. DATA RETENTION8. DATA RETENTION

We retain personal data only as long as necessary.

8.1. Retention Periods

8.2. Retention Criteria

We set retention based on:

• Purpose fulfilment
• Legal obligations
• Legitimate business needs (e.g., defending legal claims)
• Consent period

8.3. Secure Deletion

After expiry:

• Personal data is securely deleted or anonymised
• Backups are removed per retention schedule (max 90 days)
• Third parties are instructed to delete data
• Deletion methods: secure overwrite; anonymisation.

8.4. Exceptions

We may retain data longer where:

• Required by law
• Needed for legal claims
• You request retention
• Data is fully anonymised

9. YOUR RIGHTS UNDER GDPR

For EU/EEA residents (including Ireland), the following rights apply.

9.1. Right to Access (Art. 15)

Request a copy of your personal data and related information.
How: Complete the form from our Contact page with your full name, email, and scope.
Response: within 30 days (may extend to 60 days for complex requests).
Fee: free unless requests are excessive/unfounded.

9.2. Right to Rectification (Art. 16)

Ask us to correct inaccurate or incomplete personal data.
Response: within 30 days.

9.3. Right to Erasure / “Right to be Forgotten” (Art. 17)

Request deletion when applicable (e.g., data no longer needed, consent withdrawn, unlawful processing, or legal obligation to erase).
Exceptions: where retention is legally required or needed for legal claims/public interest.
How: Complete the form from our Contact page.
Response: within 30 days.

9.4. Right to Restrict Processing (Art. 18)

Request that we limit processing where appropriate (e.g., accuracy disputed, legal claims).
Effect: we store data but limit processing.
Response: within 30 days.

9.5. Right to Data Portability (Art. 20)

Receive your data in a structured, machine-readable format (CSV/JSON/XML) where processing is based on consent or contract and carried out by automated means.
How: Complete the form from our Contact page
Response: within 30 days.

9.6. Right to Object (Art. 21)

Object to processing based on legitimate interests or to direct marketing.
Legitimate interests: we stop unless we demonstrate compelling grounds.
Direct marketing: we stop immediately.

9.7. Rights Related to Automated Decision-Making (Art. 22)

You have the right not to be subject to solely automated decisions with legal or similarly significant effects.
Our practice: we do not use such profiling. If this changes, we will notify you and explain safeguards (human intervention, ability to contest, etc.).

9.8. Right to Withdraw Consent

Withdraw consent at any time:
Newsletter: click Unsubscribe
Cookies: update Cookie Settings

Withdrawal is immediate and does not affect prior lawful processing.

9.9. How to Exercise Your Rights

Contact:
Email: [email protected]
Mail: [Company Name], [Full Address]
Subject line: specify the right (e.g., “GDPR Access Request”)
Include: full name, email, specific request, and proof of identity if needed.

Response time: 30 days (extendable to 60 days; we’ll inform you).
Fee: none unless requests are manifestly unfounded or excessive.
If we refuse, we’ll explain why and inform you of your right to complain to a supervisory authority.

9.10. Right to Lodge a Complaint

If you believe your rights have been violated:

Your Local Data Protection Authority (EU/EEA):
List: https://edpb.europa.eu/about-edpb/board/members_en

Ireland:
Data Protection Commission (DPC)
Website: https://www.dataprotection.ie/
Phone: +353 57 868 4800 / +353 761 104 800
Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland

You may contact us first at [email protected]. Judicial remedies remain available.

10. DATA SECURITY

We implement appropriate technical and organisational measures to protect personal data.

10.1. Technical Measures

Here are all the technical setting we use:

• SSL/TLS encryption: TLS 1.3 in transit
• Secure hosting: reputable provider with ISO 27001 (where applicable)
• Firewalls: WAF and network firewalls
• Intrusion detection: real-time monitoring and alerts
• Regular updates: timely security patches
• Secure passwords: bcrypt hashing for any stored passwords
• Access controls: role-based access control (RBAC)
• Two-factor authentication: for admin access
• Backup encryption: encrypted backups stored securely

10.2. Organisational Measures

Here are the measures we take to keep all we do professionally:

• Internal data protection policies
• Regular employee training
• Limited, need-to-know access
• Confidentiality/NDAs
• Vendor due diligence
• Documented incident response plan
• Periodic security audits
• Data Protection Officer (if applicable)

10.3. No Absolute Security

Please note that no internet transmission or storage system is 100% secure.
Your responsibility: use strong, unique passwords; keep devices secure; log out on shared devices; report suspicious activity promptly.

10.4. Data Breach Notification

If a personal data breach occurs:

Our obligations:

• Notify the supervisory authority within 72 hours if there is risk to rights and freedoms
• Notify affected individuals without undue delay where risk is high

We will share: the nature of the breach, likely consequences, measures taken/proposed, contact point for more info, and advice on protective steps.

10.5. Phishing and Security Warnings

We will never request passwords or payment details by email, nor send urgent “account problem” links. Legitimate messages come from @casinoalpha.com (e.g., newsletter@, support@, privacy@). If you receive a suspicious message: do not click links or download files; verify by typing casinoalpha.com directly;

Common scams include fake bonus emails, “update payment details urgently,” and spoofed casino messages. Always verify via official channels.

11. CHILDREN’S PRIVACY

11.1. Age Restriction: 18+ Only

The Website is intended for adults (18+). We follow:

• UK Gambling Commission (UKGC) regulations
• Malta Gaming Authority (MGA) standards
• Curaçao eGaming requirements
• Responsible gambling standards generally

By using the Website, you confirm you are 18+ (or the legal gambling age in your jurisdiction, whichever is higher).

11.2. No Knowing Collection from Children

We do not knowingly collect data from individuals under 18, target minors with marketing, or allow minors to subscribe. If we learn we have collected such data, we will delete it and, where possible, notify parents/guardians.

We are not liable for unauthorised use of the Website by minors.

11.3. Parental Controls

We recommend parental control tools such as:

• Net Nanny: https://www.netnanny.com
• Qustodio: https://www.qustodio.com
• Norton Family: https://family.norton.com
• Kaspersky Safe Kids: https://www.kaspersky.com/safe-kids
• Built-in OS controls: Windows Family Safety, macOS/iOS Screen Time, Android Family Link

Enable Safe Search and consider site-blocking extensions if needed.

Organisations:

• • GamCare: https://www.gamcare.org.uk
  • BeGambleAware: https://www.begambleaware.org

11.4. Reporting Concerns

If you believe a minor has accessed the Website or provided personal information, contact us through the form on the contact page (subject “Minor Data Concern”). We will investigate and act promptly.

12. AFFILIATE MARKETING DISCLOSURE

12.1. Transparency Notice

CasinoAlpha is an affiliate marketing website.
We may earn commissions when you register or play at casinos via our links. This does not change your costs or bonus terms. Our reviews remain objective and based on rigorous testing.

12.2. How Affiliate Marketing Works

Steps:

• You visit CasinoAlpha and click a tracked link
• The operator sets a cookie (usually 30–90 days)
• You register and/or deposit
• The operator attributes the referral to CasinoAlpha
• We earn commission

What we receive: registration/deposit confirmation (yes/no), commission owed, aggregated data such as “a player from CasinoAlpha deposited.”
What we don’t receive: your name, email, address, deposit amounts, wins/losses/balances, payment details, or gameplay data.

12.3. Impact on Your Experience

Affiliate tracking does not affect signup, bonuses, wagering requirements, odds, withdrawals, customer support, or your legal rights.

12.4. Editorial Independence

Commissions do not influence ratings. We apply a documented methodology, list only licensed casinos, and adjust ratings based on player feedback and testing. No pay-for-play.
Example: If Casino B offers better security/games/UX than Casino A, Casino B rates higher, even if Casino A pays a higher commission.
Methodology: see our Editorial Policy.

12.5. Sponsored and Featured Content

We label placements clearly: Featured Partner, Exclusive Offer, Sponsored, Ad/Advertisement.
Non-labelled content follows standard editorial processes (it may still contain affiliate links).

12.6. Your Privacy in Affiliate Tracking

Operators may place tracking cookies. You can reject Marketing Cookies via Cookie Settings (note this may impact our attribution). We do not receive your PII from operators.

12.7. Regulatory Compliance

We follow:
FTC Endorsement Guidelines (US) – 16 CFR Part 255
ASAI Code (Ireland) – Advertising Standards Authority for Ireland
GDPR transparency requirements (EU)

12.8. Why Affiliate Marketing

It allows us to offer free, comprehensive reviews, remain independent of operators, and invest in testing and research, without charging subscription fees.

12.9. Your Choice

To avoid affiliate links:

• Type the casino URL directly
• Search for the casino independently
• Reject Marketing Cookies in Cookie Settings

We respect your decision.

12.10. Questions About Affiliate Relationships

Contact Us through the form of this page and expect our response within 5 business days.

12.11. Summary Checklist

• We earn commissions from referrals
• Your costs don’t increase
• We don’t receive your personal information from casinos
• Editorial independence maintained
• Ratings are methodology-based
• Sponsored content is clearly labelled
• You control tracking via Cookie Settings
• We comply with FTC, ASAI, GDPR
• Your trust is our priority

13. CONTACT INFORMATION

13.1. General Contact

For privacy-related questions, requests, or complaints:
Form: Write us through our form from the contact page
Contents: [Company Name], [Full Address]
Response time: within 30 days

13.2. Company Information

Legal Name: Through the form for our Contact page
Registration Number: J23/6289/2017
Registered Address: Romania, Dobroesti, Ilfov, Mesteacanului 4
VAT Number (if applicable): RO38630895
Website: https://casinoalpha.com

14. CHANGES TO THIS PRIVACY POLICY

14.1. Right to Modify

We may update this Privacy Policy periodically to reflect:

• Changes in our practices
• Legal or regulatory updates
• New features or services
• User feedback

14.2. How We Notify You

Material changes: email to subscribers, prominent Website notice/banner, and, where feasible, a 30-day notice period before the effective date.
Minor changes: update the Last Updated date; effective upon posting.

14.3. Your Options

If you disagree with changes, stop using the Website, delete any accounts, and request deletion of personal data (subject to legal retention).
Continued use after changes means you accept the updated Policy.

14.4. Review Regularly

Please review this Privacy Policy periodically and note the Last Updated date.

15. YOUR PRIVACY RIGHTS SUMMARY

Response time: 30 days (extendable to 60 days for complex cases).

ACKNOWLEDGMENT

By using this website, you acknowledge that

• You have read and understood this Privacy Policy
• You agree to the collection, use, and disclosure of your personal information as described
• You consent to cookies according to your Cookie Settings

If you do not agree, please do not use the Website.