Privacy Policy
This privacy policy was last updated on 2026-04-30 and explains how Crazy Time UK handles personal data when readers visit, browse, or contact the desk. The applicable law for this edition is the UK Data Protection Act 2018 (alongside UK GDPR), and the supervising authority is the Information Commissioner’s Office (ICO). The page covers data we collect, why we process it, cookies, recipients, security, your rights, retention, and the complaints route.
Last updated: 2026-04-30
Who Is the Data Controller
The data controller for Crazy Time UK is the publisher of this site, reachable for privacy matters at [email protected] . We do not list a public postal address; contact runs through the privacy email and through the form on /contact/.
Where UK GDPR / DPA 2018 requires a Data Protection Officer, our DPO is reachable at [email protected] . Where the law does not require a DPO, the privacy address handles the same role. Both inboxes are monitored by the editorial desk during working days.
This site processes personal data in line with the UK Data Protection Act 2018 (alongside UK GDPR) and any other privacy rules that apply in the United Kingdom.
Applicable Law for This Edition
This edition of Crazy Time UK is published for readers in the United Kingdom and follows the UK Data Protection Act 2018 (alongside UK GDPR). The supervising authority is the Information Commissioner’s Office (ICO), which oversees UK GDPR / DPA 2018 in the UK. Public information, complaint forms, and contact details for the ICO live at ico.org.uk .
This site currently publishes one UK-focused English edition. It does not publish alternate language editions or language-switcher variants; readers outside the UK should check the privacy and gambling rules that apply in their location.
How We Process Data Principles
We follow the principles below on every page that collects, processes, or stores personal data. The principles come from UK GDPR / DPA 2018 and the broader GDPR baseline, and they shape the editorial method for trust pages.
Data-protection principles
- Lawfulness, fairness, and transparency: every data point has a stated legal basis and a stated purpose.
- Purpose limitation: data collected for one purpose is not silently reused for another.
- Data minimisation: the site collects only what each purpose requires.
- Accuracy: stored data is corrected on request and on detection.
- Storage limitation: data is kept only for as long as the stated retention period requires.
- Integrity and confidentiality: data is protected against unauthorised access, loss, and disclosure.
- Accountability: the controller can demonstrate compliance to the Information Commissioner’s Office (ICO) on request.
Data We Collect
The full data inventory below splits into three sub-tables: data collected automatically when a reader visits, data the reader provides voluntarily, and data this site does not collect at all. Every row carries a purpose and, where relevant, a legal basis.
Automatic data
| Data | Purpose | Legal basis |
|---|---|---|
| IP address (anonymised) | Aggregate analytics, security, fraud prevention | Legitimate interest |
| Browser and device type | Site rendering, mobile vs desktop split | Legitimate interest |
| Pages visited and time on page | Aggregate analytics, content improvement | Legitimate interest or consent under UK GDPR / DPA 2018 |
| Analytics cookies | Anonymised traffic measurement | Consent |
Voluntary data
| Data | Required | Purpose |
|---|---|---|
| Name | Required | Routing the message to the right desk |
| Required | Replying to the enquiry; logging the correction | |
| Message | Required | Understanding the request and acting on it |
| Phone (optional) | Optional | Calling back where the user requests it |
Voluntary data is collected only through the form on /contact/. We do not run open enrolment forms anywhere else.
Data we do NOT collect
Data this site does NOT collect
- Government identification documents (passport, ID card, driver licence).
- Financial data: card numbers, bank details, crypto wallet addresses.
- Gambling data: bets, deposits, withdrawals, winnings, account balances.
- Passwords or authentication tokens for any third-party service.
- Special-category data under UK GDPR / DPA 2018: health, biometric, racial, religious, political, sexual orientation.
Reason: this site is informational, not a casino. Real-money play happens at the linked licensed casinos, which carry their own privacy policies.
Why We Process This Data Purposes
Three purposes cover all processing on this site. Each card below lists the purpose, the legal basis, and the retention period attached to that purpose.
-
Analytics and site improvement
-
Replying to enquiries
-
Optional newsletter
Currently inactive
Cookies on This Site
Cookies are small text files that the browser stores on the device when a page loads. We use cookies to keep the site functional, to remember preferences, and to measure aggregate traffic. The categories below match the UK GDPR / DPA 2018 cookie classification. Strictly necessary cookies do not require consent; the rest do.
| Type | Purpose | Duration | Required |
|---|---|---|---|
| Strictly necessary | Session, security, language preference | Session | Required |
| Preferences | Saved settings such as language and display mode | 1 year | Optional |
| Analytics | Anonymised traffic measurement via Google Analytics 4 with IP anonymisation | 2 years | Optional |
| Advertising / affiliate-tracking | Not used on this edition | Not used | Optional |
To change cookie preferences, write to the desk through contact or use browser-level cookie controls. Your settings apply to the next page load.
Who We Share Data With Recipients
This section splits into two short blocks: a list of things we never do with personal data, and a list of authorised processors that handle data on our behalf under written agreements.
- We do not sell personal data to advertisers, brokers, or any third party.
- We do not share personal data with any unauthorised third party.
- We do not use personal data outside the purposes named above.
Personal data is shared only with the processors below, each bound by a written processing agreement and each compliant with the UK Data Protection Act 2018 (alongside UK GDPR).
How We Secure Data
Security sits in two layers. Technical measures sit on the server and the code; organisational measures sit in policy, training, and audit. Both are listed in plain rows below.
Technical measures
- HTTPS and TLS encryption on every page.
- Server-side firewall and rate-limiting on form endpoints.
- Daily encrypted backups with limited retention.
- Software, framework, and dependency updates on a rolling schedule.
- Restricted access to the server and to processing tools, with audit logs.
Organisational measures
- Internal security policy reviewed once a year.
- Staff and contractor training on data handling.
- Periodic audits of processors and of the access list.
- A processing register that lists every category of data and every legal basis.
- Data Protection Impact Assessments (DPIAs) for any new processing that may carry risk under UK GDPR / DPA 2018.
Security is a continuous duty, not a one-off claim.
Your Rights
Under the UK Data Protection Act 2018 (alongside UK GDPR), readers in the UK have the rights below. Article references use UK GDPR numbering, which mirrors the GDPR structure for articles 15 to 22 and article 7.
-
Right to access (UK GDPR Art. 15)
Get a copy of the personal data we hold and the purposes of processing.
-
Right to rectification (UK GDPR Art. 16)
Correct data that is inaccurate or incomplete.
-
Right to erasure (UK GDPR Art. 17)
Also called the right to be forgotten: delete data that is no longer necessary or that was processed unlawfully.
-
Right to restriction (UK GDPR Art. 18)
Limit how the data is used while a complaint or correction is being handled.
-
Right to data portability (UK GDPR Art. 20)
Receive the data in a structured, machine-readable format.
-
Right to object (UK GDPR Art. 21)
Object to processing based on legitimate interest.
-
Right to withdraw consent (UK GDPR Art. 7)
Withdraw consent for any consent-based processing, at any time, without affecting past lawfulness.
How to exercise: write to [email protected] from the email address tied to the data, with one short sentence stating the right and the dataset. We reply within 1 month under UK GDPR. We may ask for one identity check before acting, only when the request would otherwise expose data to a third party.
Email a rights requestComplaints Route
If you believe your rights under the UK Data Protection Act 2018 (alongside UK GDPR) are violated, you can file a complaint with the Information Commissioner’s Office (ICO). Public information, complaint forms, and contact details live at ico.org.uk . Filing a complaint with the authority does not require contacting the desk first, but writing to [email protected] often resolves issues faster.
Minors
This site publishes Crazy Time gambling content. The minimum legal age to follow links to a casino in the UK is 18. We do not knowingly collect personal data from anyone below 18. If a parent or guardian believes a minor has submitted data through the contact form, they can write to [email protected] and the desk will delete the record.
For age-related support and parental controls, see responsible gambling .
How Long We Keep Data
The retention table below lists every category of data the site holds, the period it is kept for, and the legal basis for that period. The periods reflect what each purpose actually needs, not a default maximum.
| Data category | Period | Legal basis |
|---|---|---|
| Analytics data (anonymised) | 26 months | Statistical purpose |
| Contact-form enquiries (name, email, message) | 12 months from last reply | Consent + record of contact |
| Newsletter subscription data | Until cancellation by the reader | Explicit consent |
| Security logs (server access, blocked attempts) | 6 months | Legitimate interest, security duty |
| Affiliate-tracking attribution data | Not used on this edition | Not applicable |
After the period in the table ends, the data is deleted or fully anonymised. Anonymised data may continue in aggregate analytics and is no longer linked to any reader.
Changes to This Policy
We update this privacy policy when the law changes, when our processing changes, or when a processor or retention period changes. Substantial changes are signalled by an updated date at the top of the page and, for material changes, a short notice on the homepage with a dated link to this page. Past versions are kept on request to [email protected] .
For the broader legal information frame around the site, and the terms and conditions for site use, see those pages.
| Topic | Short answer |
|---|---|
| Controller | Crazy Time UK, contact [email protected] |
| Applicable law | UK GDPR / DPA 2018, supervised by the Information Commissioner’s Office (ICO) |
| Data sold | Never |
| Cookies | Strictly necessary always on; rest by consent |
| Your rights | Access, rectify, erase, restrict, port, object, withdraw consent |
| Complaints | Information Commissioner’s Office (ICO) at https://ico.org.uk |
For data requests, contact the desk.
Last updated: 2026-04-30