Privacy Policy

Last Updated: September 18, 2025

Introduction

Drop The Boss is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our gaming platform, website, and related services.

This policy applies to all users of Drop The Boss services, including visitors to our website, demo players, and registered users engaging in real-money gaming activities.

Data Controller Information

Address: 45 Canary Wharf, London E14 5AB, United Kingdom
Email: [email protected]

We are the data controller responsible for processing your personal information in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Information We Collect

Personal Identification Information

When you register for an account or use our services, we collect:

  • Basic Details: Full name, date of birth, gender
  • Contact Information: Email address, postal address
  • Identity Verification: Government-issued ID numbers, passport details
  • Financial Information: Payment method details, banking information
  • Account Credentials: Username, encrypted password, security questions

Gaming Activity Data

During your use of Drop The Boss, we automatically collect:

  • Gameplay Statistics: Bet amounts, win/loss records, session duration
  • Game Preferences: Preferred bet sizes, bonus feature usage, demo activity
  • Technical Performance: Game loading times, error reports, crash data
  • Device Information: IP address, browser type, operating system
  • Location Data: General geographic location for compliance purposes

Communication Records

We maintain records of:

  • Customer Support: Chat logs, email correspondence, support ticket history
  • Marketing Communications: Email preferences, promotional responses
  • Account Notifications: Transaction alerts, security notifications
  • Feedback and Reviews: User comments, suggestions, testimonials

Financial Transaction Data

For real-money gaming, we process:

  • Deposit Information: Payment amounts, methods, timestamps
  • Withdrawal Requests: Payout amounts, destination accounts, processing status
  • Transaction History: Complete financial activity records
  • Anti-Money Laundering: Source of funds verification, compliance checks

Legal Basis for Processing

We process your personal data based on the following legal grounds:

Contract Performance

  • Account creation and maintenance
  • Game service provision
  • Payment processing and financial transactions
  • Customer support services

Legal Compliance

  • Age verification and identity confirmation
  • Anti-money laundering obligations
  • Tax reporting requirements
  • Regulatory compliance for gaming licenses

Legitimate Interests

  • Fraud prevention and security monitoring
  • Website analytics and performance optimization
  • Marketing communications (with opt-out options)
  • Product development and improvement

Consent

  • Marketing emails and promotional communications
  • Optional data collection for enhanced features
  • Third-party integrations and social media connections
  • Cookies and tracking technologies (where required)

How We Use Your Information

Service Provision

Your data enables us to:

  • Provide access to Drop The Boss gaming platform
  • Process deposits, withdrawals, and gaming transactions
  • Maintain accurate account balances and transaction records
  • Offer customer support and technical assistance
  • Ensure fair gameplay and detect fraudulent activity

Legal and Regulatory Compliance

We use your information to:

  • Verify your identity and age (18+ requirement)
  • Comply with anti-money laundering regulations
  • Meet tax reporting obligations
  • Respond to legal requests from authorities
  • Maintain gaming license compliance

Security and Fraud Prevention

Your data helps us:

  • Monitor for suspicious account activity
  • Prevent unauthorized access and identity theft
  • Detect and prevent money laundering
  • Protect against technical security threats
  • Maintain platform integrity and fair gaming

Communication and Support

We use your contact information to:

  • Send important account notifications and updates
  • Provide customer support responses
  • Share relevant promotional offers (with consent)
  • Communicate security alerts and policy changes
  • Gather feedback for service improvements

Data Sharing and Disclosure

Third-Party Service Providers

We may share your data with trusted partners who help operate our services:

  • Payment Processors: Secure processing of deposits and withdrawals 
  • Identity Verification Services: Age and identity confirmation 
  • Cloud Storage Providers: Secure data hosting and backup services 
  • Analytics Providers: Website performance and user experience analysis 
  • Customer Support Tools: Efficient support ticket and communication management

Legal Requirements

We may disclose your information when required by:

  • Court orders, subpoenas, or other legal processes
  • Law enforcement investigations
  • Regulatory inquiries from gaming authorities
  • Tax authorities for reporting obligations
  • National security or public safety concerns

Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity, subject to the same privacy protections outlined in this policy.

Data Retention

We retain your personal information for the following periods:

Active Accounts

  • Personal and gaming data: Duration of account relationship plus 7 years
  • Financial transaction records: 7 years from transaction date
  • Communication records: 3 years from last contact

Closed Accounts

  • Essential compliance data: 7 years post-closure
  • Marketing preferences: Until withdrawal of consent
  • Legal hold data: Duration of legal proceedings plus applicable limitation periods

Automated Deletion

We implement automated systems to delete data when retention periods expire, unless extended retention is required for legal or regulatory purposes.

Your Rights and Controls

Under applicable data protection laws, you have the following rights:

Access and Portability

  • Request copies of your personal data
  • Receive data in a structured, machine-readable format
  • Transfer data to another service provider

Correction and Completion

  • Update incorrect or incomplete personal information
  • Request correction of inaccurate data
  • Add missing information to your profile

Deletion and Erasure

  • Request deletion of personal data (subject to legal retention requirements)
  • Exercise “right to be forgotten” where applicable
  • Close your account and request data removal

Processing Restrictions

  • Object to certain types of data processing
  • Restrict processing for specific purposes
  • Withdraw consent for optional data collection

Marketing Communications

  • Unsubscribe from promotional emails
  • Opt out of marketing communications
  • Update communication preferences

Data Security Measures

We implement comprehensive security measures to protect your personal information:

Technical Safeguards

  • Advanced encryption for data transmission and storage
  • Secure servers with regular security updates
  • Multi-factor authentication for account access
  • Regular security audits and penetration testing
  • Automated monitoring for suspicious activity

Administrative Controls

  • Limited access to personal data by authorized personnel only
  • Regular staff training on data protection practices
  • Incident response procedures for data breaches
  • Background checks for employees handling sensitive data
  • Clear data handling policies and procedures

Physical Security

  • Secure data centers with restricted access
  • Environmental controls protecting server equipment
  • Backup systems ensuring data availability
  • Disaster recovery procedures for business continuity

International Data Transfers

Some of our service providers may process your data outside the United Kingdom. We ensure adequate protection through:

  • Adequacy Decisions: Transfers to countries with adequate data protection laws
  • Standard Contractual Clauses: EU-approved contract terms ensuring data protection
  • Binding Corporate Rules: Internal policies ensuring consistent global protection
  • Certification Schemes: Third-party verified privacy frameworks

Children’s Privacy

Drop The Boss is intended exclusively for adults aged 18 and over. We do not knowingly collect personal information from individuals under 18. If we discover that we have inadvertently collected data from a minor, we will delete it immediately and take steps to prevent future occurrences.

Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will:

  • Assess the severity and scope of the breach within 72 hours
  • Notify relevant data protection authorities as required by law
  • Inform affected users without undue delay
  • Provide clear information about the nature of the breach
  • Explain steps being taken to address the incident
  • Offer guidance on protective measures you can take

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes through:

  • Prominent website notices
  • Email notifications to registered users
  • In-platform notifications during your next login
  • Updates to the “Last Updated” date at the top of this policy

Continued use of our services after policy updates constitutes acceptance of the revised terms.

Contact Information and Complaints

For questions about this Privacy Policy, to exercise your rights, or to make a complaint:

Email: [email protected]
Address: 45 Canary Wharf, London E14 5AB, United Kingdom

Data Protection Authority

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO):

Website: ico.org.uk
Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Responsible Gaming Privacy

We collect certain data to support responsible gaming initiatives:

  • Gaming behavior patterns for identifying potential problems
  • Self-exclusion requests and cooling-off periods
  • Deposit and loss limits set by players
  • Time-based gaming restrictions

This information is used solely for player protection and regulatory compliance, with the same privacy protections applied as other personal data.