Melbet Canada Privacy Policy – Your Data Protection and Security

The Melbet platform collects only the information needed to deliver and improve the services and to meet legal duties. Data that may be collected:

• Identification and account details: name, date of birth, address, contact details, account credentials, language and preferences.
• Verification records: copies of identity documents, proof of address, age-verification results, sanctions and watchlist checks required by anti-money laundering laws.
• Transaction and payment information: deposits, withdrawals, partial card details or payment tokens, billing history, chargeback records.
• Gameplay and responsible gambling information: activity logs, limits, self-exclusion status, session time, wagering history.
• Technical and device data: IP address, device identifiers, browser type, operating system, geolocation data to confirm eligibility to use online services in Canada.
• Support and communications: chat logs, emails, call recordings where permitted by law.
• Cookies and similar technologies: details described in the cookies section.

Why this information is collected:

• To create and manage accounts, deliver services, and process payments.
• To verify identity and age, prevent fraud, and meet anti-money laundering obligations.
• To provide customer support and handle disputes.
• To personalise the user experience and improve site performance through analytics.
• To send service notices and, where permitted, marketing communications under Canada’s anti-spam rules.

Safeguards and security measures:

• Transport Layer Security for data in transit, encryption at rest for sensitive fields, and tokenisation of payment data.
• Strict access controls, least-privilege permissions, and multi-factor authentication for administrative access.
• Network and application firewalls, anti-malware, intrusion detection, and security monitoring.
• Vendor due diligence, confidentiality obligations, and adherence to PCI DSS for payment processing.
• Staff training, background checks for relevant roles, and documented incident response.
• Breach notification to affected users and regulators when required by Canadian law.

User rights in Canada:

• Access and portability: request access to personal information and obtain a copy in a portable format where feasible.
• Correction: request corrections to inaccurate or incomplete data.
• Deletion: request deletion, subject to legal retention duties.
• Consent management: withdraw consent for non-essential processing and opt out of marketing.
• Complaints: contact the Privacy Officer using the channels listed on the website or the Office of the Privacy Commissioner of Canada. Provincial privacy commissioners may also have jurisdiction.

Compliance statement:

• The operator follows the Personal Information Protection and Electronic Documents Act (PIPEDA), applicable provincial private-sector privacy laws in Alberta, British Columbia, and Quebec, Canada’s Anti‑Spam Legislation (CASL), and recordkeeping duties under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act.

Personal information is processed lawfully and transparently for the following purposes:

• Account services: registration, login, profile settings, and responsible gambling tools.
• Transactions: deposits, withdrawals, refunds, fraud prevention, chargeback handling, and account funding reconciliation.
• Verification and compliance: identity checks, age confirmation, location validation, sanctions screening, and reporting required by anti-money laundering rules.
• Customer support: responding to questions, complaints, and dispute resolution.
• Service improvement: analytics, troubleshooting, audit logs, performance and usability analysis.
• Personalisation: content, preferences, and language settings.
• Marketing: service updates and offers sent under CASL, based on consent and opt-out choices.
• Legal enforcement: enforcing terms, protecting the platform, and cooperating with lawful requests.

The main legal basis is user consent. Certain processing is required to provide contracted services or to satisfy legal obligations.

Users can access, update, or delete personal information by using account settings or submitting a privacy request through the help centre or support channels listed on the website.

Process and timelines:

• Submit a request and provide sufficient details to locate the records.
• Identity verification is required before the request is processed.
• A response is provided within 30 days, or an explanation is provided if more time is needed as permitted by law.
• If a request is refused, reasons are provided and the user may contact the Office of the Privacy Commissioner of Canada.

Correction and deletion:

• Inaccurate information is corrected upon request.
• Deletion is honoured unless retention is required for legal, regulatory, tax, security, or dispute purposes.
• Records needed for anti-money laundering compliance may be retained for the period mandated by law.

Consent to checks and payment processing:

• By using Melbet, the user consents to security and identity checks required for lawful access to the services.
• Payment information may be processed by approved payment service providers for deposits, withdrawals, and fraud prevention.

The services are intended for users aged 18 years or older, or the legal gambling age in the user’s province or territory, whichever is higher. The operator cannot confirm age without appropriate identification documents during verification. If an account is discovered to belong to a minor, it is closed and personal data is deleted subject to legal obligations. A parent or legal guardian can request deletion by contacting support and providing evidence of authority.

Personal information may be stored or processed outside Canada in countries where service providers, payment partners, support teams, or compliance vendors operate. Use of the site indicates consent to these international transfers. Contractual safeguards, confidentiality obligations, technical measures, and audits are used to protect the information. Access is limited to personnel and partners that need the data to provide services or meet legal duties.

This policy forms part of the terms that govern use of the services. A legal disclaimer may limit or clarify how certain rules apply in specific situations, and may affect the scope or effect of the rules stated here. The disclaimer applies when the user accepts this policy by electronic acceptance, signature, or accession through continued use of the services. If any part of the policy is held invalid, the remaining sections continue to apply as permitted by law.

Cookies are small files stored on a device by websites to remember settings and understand usage. The platform uses cookies for statistics, behaviour analysis, personalisation, and site improvement. Key points:

• Types: essential cookies for secure login and transactions, preference cookies, and analytics cookies for understanding how users interact with the site.
• Retention: cookies are generally stored for up to 1 year, or less where a shorter technical or legal limit applies.
• Controls: users can manage cookie settings in their browser or through the on-site consent tool. Disabling certain cookies may affect some services.

Use of the services constitutes full acceptance of this Privacy Policy. The most recent version published on this page takes precedence over previous versions. Material changes are noted on the site or communicated through the account or email where appropriate. Continued use after an update indicates agreement to the revised policy.

Personal information may be shared in the following situations:

• To comply with law, court orders, regulatory requests, or to meet anti-money laundering and sanctions obligations.
• To process payments, perform identity verification, prevent fraud, and provide customer support through vetted service providers.
• To handle disputes, audits, or enforce terms and protect the rights, property, or safety of users and the platform.

Lists of key third parties, categories of recipients, or partner types are provided on the website where available. If a specific recipient is not listed, the user is informed of the purpose and scope before the information is shared unless a legal restriction applies. Providing data for these purposes constitutes consent, subject to legal requirements and opt-out options where applicable.

The site may contain links to third-party websites or services that operate under their own privacy policies. The operator is not responsible for how those external sites collect, use, or disclose personal information. Users should review the privacy practices of each site visited and exercise caution when sharing personal data outside this platform.