burger icon
Fresh Casino Canada
Log In

Privacy Policy

This Privacy Policy explains how Fresh Casino, operated via the domain freshbet-ca.com, collects, uses, discloses, and protects personal information of players and website visitors. It applies to all users who access or use our services, including the website, mobile versions, and related gaming services. By using freshbet-ca.com, you acknowledge and agree to the practices described in this Privacy Policy. This Privacy Policy is effective as of January 1, 2026.

Who We Are

OBSERVE: Users must know the identity and contact details of the operator responsible for personal data.

EXPAND: We specify corporate structure, licensing context, and a clear contact point for privacy matters.

REFLECT: This ensures transparency and supports the exercise of privacy rights.

The online casino service marketed as Fresh Casino and made available to Canadian users through the website freshbet-ca.com (the "Website") is operated by:

  • Operator: Galaktika N.V., a company incorporated under the laws of Curaçao
  • Registration number: 140803
  • Registered and legal address: Scharlooweg 39, Willemstad, Curaçao
  • Gaming licence: Antillephone N.V. sub-licence No. 8048/JAZ2016-050, issued under the authority of the Government of Curaçao (licensing framework currently in transition to the Curaçao Gaming Control Board regime; the above sub-licence remains valid during the transition)

Certain payment processing and financial operations for the platform may be carried out by our subsidiary:

  • Payment services entity: Unionstar Limited
  • Registration number: HE 356131
  • Registered address: Agias Fylaxeos & Zinonos Rossidi 2, 1st Floor, 3082 Limassol, Cyprus

Data Protection Contact:

  • Data Protection Officer / Data Protection Department: Privacy Team, Galaktika N.V.
  • Email: [email protected] (please indicate "Privacy Request" in the subject line)
  • Postal address for privacy matters: Galaktika N.V., Scharlooweg 39, Willemstad, Curaçao

You may also contact us via the official Website: https://freshbet-ca.com.

What Personal Data We Collect

OBSERVE: We collect various categories of information necessary to operate an online gambling platform and comply with legal and licensing obligations.

EXPAND: Data spans identity, contact, technical, payment, behavioral, and tracking technologies, each serving distinct compliance and service purposes.

REFLECT: Transparency about each category allows users to understand how and why their data is processed.

Identity and Contact Data

  • Full name, date of birth, and gender (where provided)
  • Residential address and country of residence
  • Email address and telephone number (where provided)
  • Username, account ID, and other registration details
  • Copies or details of identification documents (e.g., passport, ID card, driving licence) collected for KYC/AML purposes

Account and Verification Data

  • Account registration details and profile settings
  • Age and eligibility confirmation data
  • Proof of address, payment ownership evidence (e.g., redacted bank statements, utility bills)
  • Communication records with customer support (emails, chat logs, internal notes)

Technical and Usage Data

  • IP address and approximate geolocation derived from IP
  • Device identifiers (e.g., device type, operating system, browser type and version, language settings)
  • Log data relating to access times, pages visited, referral URLs, and session duration
  • Security logs (login attempts, password changes, device recognition data, and similar)

Payment and Financial Data

  • Payment method details (e.g., masked card numbers, payment wallet identifiers, bank transfer details), as permitted by payment partners
  • Deposits, withdrawals, balances, bonuses, and wagering requirements
  • Transaction identifiers, timestamps, and payment status
  • Data obtained from or shared with payment service providers and financial institutions to prevent fraud and comply with AML rules

Gameplay and Behavioral Data

  • Betting history and game participation (games played, stakes, wins/losses, timestamps)
  • Bonus usage, promotional participation, loyalty or VIP program activity
  • Clickstream data, navigation paths, and interaction with website elements
  • Responsible gambling behavior data (self-exclusion, limits, time-outs, interaction with responsible gaming tools)

Marketing and Communication Data

  • Preferences regarding marketing channels (email, SMS, push notifications, in-account messages)
  • Records of marketing consents, opt-ins, and opt-outs
  • Interaction with marketing messages (open rates, clicks, unsubscribes) where technically available

Cookies and Similar Technologies

  • Cookies, web beacons, pixels, SDKs, and similar technologies that store or access information on your device
  • Information such as session IDs, language preferences, referrer URLs, and interaction metrics

Further information on cookies and related technologies is provided in the "Cookies & Tracking Technologies" section below.

Legal Basis for Processing

OBSERVE: As an offshore operator serving Canadian users, we align our practices with internationally recognized standards such as GDPR principles while meeting gambling, KYC, and AML requirements under our licence.

EXPAND: The main legal grounds for processing personal data are contract performance, legal obligations (including AML/KYC), legitimate interests, and consent.

REFLECT: Clearly identifying the legal bases increases predictability and accountability in how your information is used.

Contract Performance

  • Purpose: To establish, manage, and terminate your player account and to provide casino services.
  • Scope: Processing necessary to:
    • Register and verify your account
    • Process deposits, bets, wins, and withdrawals
    • Provide access to games, promotions, and account features
    • Deliver customer support and service communications

Compliance with Legal and Regulatory Obligations

  • Purpose: To comply with laws, regulations, licence conditions, and supervisory requirements applicable to Galaktika N.V.
  • Scope: This includes:
    • Know Your Customer (KYC) and Anti-Money Laundering (AML) checks
    • Prevention of fraud, money laundering, and terrorist financing
    • Record-keeping obligations under gambling and financial rules
    • Responding to lawful requests from regulators, law enforcement, and courts

Legitimate Interests

  • Purpose: To pursue legitimate business interests that are not overridden by your interests or fundamental rights and freedoms.
  • Scope: This covers:
    • Maintaining and improving the security and integrity of our Website and services
    • Preventing abuse, cheating, and violations of our Terms and Conditions
    • Conducting analytics and statistical analysis to improve products, services, and user experience
    • Protecting our legal rights, defending claims, and managing disputes

Consent

  • Purpose: To process personal data for certain activities that are not strictly necessary for contract performance, legal obligations, or legitimate interests.
  • Scope: This may include:
    • Sending electronic marketing communications (email, SMS, push notifications) where consent is required
    • Using certain categories of cookies or tracking technologies for advertising and advanced analytics
    • Participating in specific promotions where additional data processing is required
  • Control: You can withdraw your consent at any time as described in the "Your Rights" and "Cookies & Tracking Technologies" sections. Withdrawal does not affect the lawfulness of processing prior to withdrawal.

Purpose of Processing

OBSERVE: Each category of data is processed for defined, explicit, and legitimate purposes.

EXPAND: We link purposes to core operations (gaming services), security, compliance, analytics, and marketing, ensuring no incompatible processing.

REFLECT: Purpose limitation safeguards against misuse or unexpected data uses.

Provision of Casino Services

  • Creating and managing your player account on freshbet-ca.com
  • Verifying your identity and age to ensure eligibility to gamble
  • Processing deposits, bets, winnings, and withdrawals
  • Operating games, tournaments, bonuses, and loyalty or VIP programs
  • Providing customer support and communicating essential service information

Compliance, Risk Management, and Fraud Prevention

  • Conducting KYC and AML checks in accordance with legal and licensing requirements
  • Monitoring transactions and gameplay for suspicious or fraudulent activity
  • Preventing account takeover, unauthorized access, and abuse of bonuses
  • Enforcing our Terms and Conditions and other applicable policies

Service Improvement and Analytics

  • Analyzing overall player behavior and website usage (in aggregated or pseudonymized form where possible)
  • Improving website performance, user interfaces, and game selection
  • Testing new features, products, or services
  • Performing statistical reporting for internal business planning

Marketing and Personalization

  • Sending marketing communications about bonuses, promotions, tournaments, and new products, subject to your preferences and applicable consent requirements
  • Customizing website content and offers based on your activity and preferences, where permitted
  • Measuring the effectiveness of campaigns and promotional activities

Customer Relationship Management and Support

  • Responding to your inquiries and complaints
  • Maintaining records of communications to improve support and resolve issues
  • Notifying you of changes to our services, policies, or terms

Disclosure & Sharing

OBSERVE: Certain processing activities require the involvement of third parties acting as processors or independent controllers.

EXPAND: We describe the categories of recipients, the circumstances of disclosure, and safeguards applied.

REFLECT: Users should understand that data may be shared, but always under contractual or legal protections.

Group Companies and Service Providers

  • Affiliated entities: We may share data with subsidiaries or associated companies such as Unionstar Limited (Cyprus) for payment processing and operational support.
  • IT and infrastructure providers: Hosting providers, cloud services, IT security providers, and technical support vendors assisting in operating our systems.
  • Payment partners: Banks, card schemes, payment processors, and e-wallet providers for the purpose of processing deposits, withdrawals, and fraud prevention.
  • Professional advisors: Lawyers, auditors, accountants, or consultants where necessary to protect our legal interests and comply with obligations.

Regulators, Authorities, and Dispute Resolution Bodies

  • Regulatory or supervisory authorities in Curaçao and other relevant jurisdictions, as required by our licence and applicable law.
  • Law enforcement agencies, courts, and governmental bodies when we are legally required to do so or to protect our rights, the rights of our users, or the safety of others.
  • Dispute resolution bodies or alternative dispute resolution entities, where applicable and with your knowledge, in the context of resolving complaints.

Business Transfers

  • In connection with any actual or potential merger, acquisition, reorganization, sale of assets, or similar corporate transaction, your data may be disclosed to prospective or actual purchasers or their advisers, subject to appropriate confidentiality obligations.

Marketing Partners and Affiliates

  • With your consent where required, we may share limited data with:
    • Marketing partners and advertising networks for campaign measurement and targeting
    • Affiliates who refer players to freshbet-ca.com, to verify referrals and pay commissions
  • Where possible, data used for these purposes is pseudonymized or aggregated.

In all cases where third parties process personal data on our behalf, we require them by contract to implement appropriate security measures and to process personal data only in accordance with our instructions and applicable law.

International Transfers

OBSERVE: As a Curaçao-licensed operator serving international users, data may be transferred across borders.

EXPAND: Transfers involve Curaçao, Cyprus, and other jurisdictions where our service providers or infrastructure are located.

REFLECT: We implement contractual and technical safeguards to protect data during and after such transfers.

  • Your personal data may be processed in:
    • Curaçao - where Galaktika N.V. is established and licensed.
    • Cyprus - where Unionstar Limited and certain payment or support operations are located.
    • Other countries where our IT, hosting, and payment service providers maintain operations or infrastructure.
  • We take steps to ensure that any international transfer is carried out in compliance with applicable data protection standards, including:
    • Using contractual safeguards such as data protection clauses comparable to Standard Contractual Clauses where appropriate.
    • Limiting access to personal data to those who need it for the purposes described in this Policy.
    • Implementing technical measures, including encryption in transit and at rest.
  • Where data is processed in jurisdictions that may not provide the same level of data protection as your home jurisdiction, we will take reasonable steps to ensure that your privacy rights are adequately protected in accordance with this Policy.

Data Retention

OBSERVE: Legal and regulatory frameworks require us to retain certain records for defined periods, especially for gambling and AML compliance.

EXPAND: We apply differentiated retention schedules for various categories while respecting data minimization.

REFLECT: Once data is no longer needed, it is securely deleted or anonymized.

  • General principle: We retain personal data only for as long as necessary for the purposes for which it was collected or to comply with applicable legal and regulatory obligations.

Indicative Retention Periods

  • Account and identification data: Typically retained for the duration of your account and for up to five (5) years after account closure or your last transaction, to comply with AML, KYC, and record-keeping obligations and to manage potential legal claims.
  • Transaction and gameplay records: Typically retained for up to five (5) years from the date of the relevant transaction or activity, subject to longer periods where required by law or necessary for dispute resolution.
  • Customer support communications: Retained for up to three (3) years after the resolution of the relevant query or complaint, unless a longer period is required for legal or regulatory reasons.
  • Marketing data and preferences: Retained for as long as you remain opted-in to receive marketing communications and, thereafter, for a limited period (usually up to two (2) years) to document your consent and its withdrawal.
  • Technical logs and security data: Retained for a period appropriate to security and audit purposes, generally between six (6) months and two (2) years, depending on the type of log.

Deletion and Anonymization

  • When data is no longer required for the purposes described above, we will:
    • Securely delete or destroy it; or
    • Irreversibly anonymize it so that it can no longer be associated with an identified or identifiable individual.
  • Your right to request deletion is subject to these legal and regulatory retention obligations. Where we cannot delete data due to such obligations, we will restrict its processing to the minimum necessary.

Your Rights

OBSERVE: We align our practices with core data subject rights comparable to those under GDPR and similar modern data protection regimes.

EXPAND: Users have rights such as access, rectification, deletion, restriction, portability, and objection, as well as rights regarding marketing consents.

REFLECT: Clear procedures and timeframes ensure that these rights can be exercised effectively and free of charge, subject to lawful limitations.

Overview of Your Rights

  • Right of access: You may request confirmation as to whether we process your personal data and obtain a copy of such data, together with information about the processing.
  • Right to rectification: You may request correction of inaccurate or incomplete personal data. In many cases, you can update certain details directly in your account settings.
  • Right to erasure ("right to be forgotten"): You may request deletion of your personal data where:
    • The data is no longer necessary for the purposes for which it was collected;
    • You withdraw consent (where consent is the legal basis) and there is no other legal basis for processing;
    • You have successfully objected to processing; or
    • The data has been unlawfully processed.
    This right is limited where we must retain data to comply with legal obligations (e.g., AML/KYC record-keeping) or to establish, exercise, or defend legal claims.
  • Right to restriction of processing: You may request that we restrict processing of your data in certain circumstances, for example while we verify its accuracy or where you have objected to processing.
  • Right to object: You may object to processing based on our legitimate interests, including profiling related to such interests. We will stop the processing unless we demonstrate compelling legitimate grounds, or the processing is required for legal claims.
  • Right to object to marketing: You may object at any time to the processing of your personal data for direct marketing purposes, including profiling to the extent it is related to such direct marketing. If you do so, we will stop using your data for marketing.
  • Right to data portability: Where processing is based on your consent or on a contract and carried out by automated means, you may request to receive the personal data you provided to us in a structured, commonly used, and machine-readable format and to have it transmitted to another controller where technically feasible.
  • Right to withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing that took place before withdrawal.

How to Exercise Your Rights

  1. Submit your request:
    • Send an email to [email protected] with the subject line "Privacy Request".
    • Clearly indicate which right(s) you wish to exercise and provide sufficient information to identify your account (e.g., username, registered email, and country of residence).
  2. Identity verification:
    • For your protection, we may need to request additional information to verify your identity before acting on your request, especially for access, portability, or erasure.
  3. Response timeframe:
    • We aim to respond to all valid requests without undue delay and in any event within 30 days of receipt.
    • Where requests are complex or numerous, we may extend this period by a further 60 days, in which case we will inform you of the extension and reasons.
  4. Fees:
    • We will handle your request free of charge. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded or excessive, in particular because of their repetitive character.

Nothing in this Policy limits any mandatory rights you may have under the laws applicable in your place of residence, to the extent those laws apply to our relationship with you.

Cookies & Tracking Technologies

OBSERVE: Cookies and similar tools are essential to operate an online casino platform and to analyze usage.

EXPAND: We distinguish between functional, analytical, and advertising cookies, and provide control mechanisms.

REFLECT: Transparent cookie practices support informed choices and compliance with consent standards.

Types of Cookies We Use

  • Session cookies: Temporary cookies that remain on your device only for the duration of your browsing session and are deleted when you close your browser. They are used to maintain your session state, for example to keep you logged in while you navigate the Website.
  • Persistent cookies: Cookies stored on your device for a predefined period or until you delete them. They help us remember your preferences (such as language or region) and recognize you as a returning user.
  • First-party cookies: Cookies set directly by the freshbet-ca.com domain and used primarily for functional and analytical purposes.
  • Third-party cookies: Cookies set by third-party domains (for example, analytics providers or advertising partners) that enable aggregated statistics and, where allowed, marketing and retargeting.

Purposes of Cookies

  • Strictly necessary / functional cookies:
    • Enable core site functionality, such as login, account management, and secure navigation.
    • Are generally required for the Website to operate correctly and cannot be switched off in our systems.
  • Preference cookies:
    • Remember choices you make (such as language, region, and display settings) to provide a more personalized experience.
  • Analytics cookies:
    • Help us understand how visitors use the Website by collecting anonymous or pseudonymous information about pages visited, time spent on pages, and technical performance.
    • Support service improvement and troubleshooting.
  • Advertising and marketing cookies:
    • Used, where permitted and subject to your preferences, to deliver relevant adverts and measure the effectiveness of marketing campaigns.
    • May be set by us or by carefully selected third-party partners.

Cookie Management

  • Browser settings: Most web browsers allow you to:
    • View which cookies are stored on your device;
    • Delete cookies;
    • Block cookies from all or specific sites; and
    • Configure preferences for how cookies are handled.
  • On-site controls: Where available, you may manage non-essential cookies (such as analytics and advertising cookies) through cookie banners or settings panels provided on the Website.
  • Impact of disabling cookies: If you disable or block certain cookies, parts of the Website may not function correctly, and your overall user experience may be affected.

Data Security

OBSERVE: Operating an online gambling platform involves handling sensitive information, including identification and financial data.

EXPAND: We employ technical and organizational measures designed to protect data against unauthorized access, loss, or misuse.

REFLECT: While no system can be completely secure, robust safeguards and incident response processes significantly reduce risks.

Technical Measures

  • Encryption in transit: We use TLS 1.2 or higher to encrypt data transmitted between your browser and our servers.
  • Encryption at rest: Sensitive data is stored using industry-standard encryption algorithms and secured storage solutions.
  • Access controls: Access to personal data is restricted to authorized employees and service providers who need it for the purposes described in this Policy and who are subject to confidentiality obligations.
  • Network and system security: Firewalls, intrusion detection and prevention systems, anti-malware tools, and regular system updates are used to protect our infrastructure.

Organizational Measures

  • Policies and training: Internal policies govern the handling of personal data, and staff members with access to such data receive regular training on privacy and security best practices.
  • Vendor management: We carefully select third-party service providers and require them to implement adequate security measures and comply with relevant data protection requirements.
  • Data minimization and pseudonymization: Where feasible, we limit personal data to what is strictly necessary and use pseudonymization or aggregation to reduce identification risks.

Monitoring and Incident Response

  • We monitor our systems for unusual activity, vulnerabilities, and threats.
  • We maintain incident response procedures to investigate and mitigate potential data breaches or security incidents.
  • Where required by applicable standards, we will notify relevant authorities and affected individuals of a qualifying data breach without undue delay.

While we strive to implement appropriate security measures, you are responsible for maintaining the confidentiality of your login credentials and for using adequate security settings on your devices and networks.

Complaints & Contacts

OBSERVE: Users need accessible channels to raise questions or concerns about privacy.

EXPAND: We define internal complaint processes and explain how to escalate matters to data protection authorities where applicable.

REFLECT: Effective complaint handling builds trust and supports regulatory compliance.

Contacting Us

  • Primary contact for privacy matters:
    • Email: [email protected] (subject: "Privacy Complaint" or "Privacy Request")
    • Postal: Data Protection Team, Galaktika N.V., Scharlooweg 39, Willemstad, Curaçao

Complaint Procedure

  1. Submission: Send your complaint or query with a detailed description of the issue, including any relevant dates, account information, and supporting documentation.
  2. Acknowledgement: We will acknowledge receipt of your complaint as soon as reasonably practicable, typically within 5 working days.
  3. Investigation: We will review the matter, which may include verifying your identity, examining system logs, and consulting with relevant departments.
  4. Response: We aim to provide a substantive response within 30 days of receiving a complete complaint. If additional time is required due to complexity, we will inform you of the extension and reasons.
  5. Further steps: If you are not satisfied with our response, you may request that the matter be escalated internally for further review.

Escalation to Supervisory Authorities

If you believe that your data protection rights have been infringed and we have not addressed your concerns to your satisfaction, you may have the right to lodge a complaint with a relevant data protection or privacy authority in your country of residence, place of work, or place of the alleged infringement, where such authority has jurisdiction over the matter.

Contact details of relevant authorities vary by jurisdiction. You may consult the website of your local privacy commissioner or data protection authority for information on how to file a complaint.

Updates

OBSERVE: Privacy laws, industry practices, and our services evolve over time.

EXPAND: We maintain version control, provide notice of material changes, and allow users to react (including by closing accounts).

REFLECT: Regular updates and transparent communication keep users informed and ensure ongoing compliance.

Changes to This Privacy Policy

  • We may update this Privacy Policy from time to time to reflect:
    • Changes in legal or regulatory requirements;
    • Updates to our services, technologies, or business structure;
    • Feedback from users or supervisory authorities.
  • Each version of this Policy will be identified by the "Last updated" date indicated below.

Notification of Material Changes

  • Where we make material changes that significantly affect how we process your personal data, we will provide you with prior notice by:
    • Email to your registered address, where appropriate;
    • Prominent banners or notices on the Website; and/or
    • Alerts within your account dashboard.
  • Except where an immediate change is required by law or necessary for security reasons, we will provide, where reasonably possible, at least 30 days' advance notice before material changes take effect.
  • During this notice period, you may review the updated Policy and:
    • Continue using the services, thereby acknowledging the updated Policy; or
    • Choose to object to specific changes where permitted by law; or
    • Close your account if you do not agree with the changes. Account closure is subject to settlement of any outstanding balances or obligations.

Last updated: January 2026