Log InRegister

Privacy Policy

Last updated: February 16, 2026. This policy describes how RichBid collects, uses, and protects your personal data.

1. Introduction

RichBid ("RichBid", "we", "us", or "our") is committed to protecting the privacy of our players and visitors. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our online casino platform, visit our website at richbid.net, or interact with us in any capacity. By creating an account, depositing funds, or using any of our gaming services, you consent to the data practices described in this policy. RichBid is operated by RichBid Ltd., a company registered in Malta and licensed by the Malta Gaming Authority (MGA). We comply with the EU General Data Protection Regulation (GDPR), the Malta Data Protection Act, and other applicable data protection laws.

2. Information We Collect

We collect information necessary to provide our gaming services, verify your identity, and comply with regulatory obligations: Account Data: Full name, date of birth, residential address, email address, phone number, username, and password. This information is collected during registration and is required to create and maintain your player account. Gaming Activity: Game history, bet amounts, wins and losses, bonus usage, session duration, game preferences, and gameplay patterns. This data is essential for providing our gaming services and ensuring fair play. KYC Documents: Government-issued identification (passport, national ID card, or driving licence), proof of address (utility bills, bank statements), and proof of payment method ownership. These documents are required to verify your identity and comply with anti-money laundering regulations. Financial Data: Deposit and withdrawal amounts, payment method details, transaction history, and currency preferences. Payment card details are processed by our licensed payment service providers and are not stored on our servers in plain text. Device & Technical Data: IP address, browser type and version, operating system, device type, screen resolution, referring URL, and geolocation data. This information is collected automatically to ensure platform security and comply with geographic licensing restrictions. Communications: Records of customer support interactions, emails, live chat transcripts, and any feedback or complaints you submit.

3. How We Use Your Data

We use your personal information for the following purposes: Providing Gaming Services: To operate your player account, process bets and wagers, calculate winnings, credit your account, and deliver a seamless gaming experience across all of our casino games. Identity Verification: To verify your identity, age, and residential address as required by the Malta Gaming Authority and applicable anti-money laundering regulations. You must be 18 years or older to use our services. Responsible Gambling: To monitor gaming activity for signs of problem gambling, enforce deposit limits, loss limits, and session time limits you have set, administer self-exclusion requests, and provide responsible gambling interventions when necessary. Fraud Prevention & Security: To detect and prevent fraudulent activity, money laundering, bonus abuse, collusion, use of automated software, and any other prohibited activities. We use transaction monitoring, behavioural analysis, and device fingerprinting for these purposes. Marketing & Promotions: To send you promotional offers, bonus notifications, and personalised marketing communications where you have opted in. You can unsubscribe from marketing emails at any time via the link in any promotional email or through your account settings. Legal & Regulatory Compliance: To comply with our obligations under Malta Gaming Authority regulations, anti-money laundering laws, tax reporting requirements, and other applicable legislation. Service Improvement: To analyse gameplay patterns, improve our game selection, enhance platform performance, and develop new features based on aggregated usage data.

4. Data Sharing

We may share your information with the following categories of recipients: Regulatory Authorities: We disclose information to the Malta Gaming Authority (MGA) and other relevant gambling regulators as required by law, including player activity reports, suspicious transaction reports, and self-exclusion data. Game Providers: We share necessary player data with our licensed game providers (such as session tokens and jurisdiction information) to deliver casino games. Game providers operate under their own data processing agreements and privacy policies. Payment Processors: Transaction data is shared with our licensed payment service providers, banks, and e-wallet operators to process deposits and withdrawals securely. Anti-Fraud & Verification Services: We share data with identity verification providers, fraud detection services, and responsible gambling databases (such as GAMSTOP) to ensure compliance and player safety. Law Enforcement: We comply with lawful requests from law enforcement agencies and judicial authorities where required by applicable law. We never sell your personal data to third parties for their own marketing purposes.

5. Data Security

We implement industry-standard security measures to protect your personal data: SSL/TLS Encryption: All data transmitted between your device and our servers is protected using 256-bit SSL/TLS encryption. Our website is served exclusively over HTTPS. Encrypted Storage: Sensitive personal data, including KYC documents and financial information, is encrypted at rest using AES-256 encryption. Payment card details are tokenised and handled by PCI DSS Level 1 compliant payment processors. Access Controls: We enforce role-based access controls, multi-factor authentication for administrative access, and principle of least privilege across all systems that handle personal data. Monitoring & Testing: Our systems are monitored 24/7 for security threats. We conduct regular penetration testing and vulnerability assessments by independent security firms. Incident Response: We maintain a comprehensive data breach response plan. In the event of a data breach affecting your personal information, we will notify you and the relevant supervisory authority within the timeframes required by GDPR.

6. Data Retention

We retain your personal data for the minimum period necessary to fulfil the purposes outlined in this policy and to comply with our legal obligations: Player Account Data: Retained for the duration of your account plus a minimum of 5 years after account closure, as required by Malta Gaming Authority regulations and anti-money laundering legislation. Gaming Activity & Transaction Records: Retained for a minimum of 5 years from the date of the transaction to comply with regulatory requirements and to resolve any disputes. KYC Documents: Retained for a minimum of 5 years after your last transaction or account closure, whichever is later. Marketing Preferences: Retained until you withdraw consent or close your account. Technical Logs: Retained for 12 months for security and debugging purposes. Upon expiry of the retention period, your data is securely deleted or irreversibly anonymised in accordance with our data destruction procedures.

7. Your Rights (GDPR)

Under the General Data Protection Regulation and applicable data protection laws, you have the following rights: Right of Access: You may request a copy of all personal data we hold about you. We will provide this in a commonly used electronic format within 30 days of your request. Right to Rectification: You may request correction of any inaccurate or incomplete personal data. You can also update your account details directly through your player account settings. Right to Erasure: You may request deletion of your personal data, subject to our legal and regulatory retention obligations. Please note that we may be required to retain certain data for compliance purposes. Right to Restriction: You may request restriction of processing in certain circumstances, such as where you contest the accuracy of your data. Right to Data Portability: You may request your personal data in a structured, commonly used, machine-readable format and have the right to transmit that data to another controller. Right to Object: You may object to processing based on our legitimate interests or for direct marketing purposes at any time. Right to Withdraw Consent: Where processing is based on your consent (such as marketing communications), you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal. Right to Lodge a Complaint: You have the right to lodge a complaint with the Office of the Information and Data Protection Commissioner (IDPC) in Malta or your local data protection authority.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, regulatory requirements, or applicable laws. Material changes will be communicated to you via email and/or a prominent notice on our website at least 14 days before they take effect. The "Last Updated" date at the top of this policy indicates when it was last revised. We encourage you to review this policy periodically.

9. Contact Us

If you have questions about this Privacy Policy, wish to exercise your data protection rights, or have any concerns about how we handle your personal data, please contact us: Data Protection Officer RichBid Ltd. Level 3, Quantum House, Abate Rigord Street Ta' Xbiex XBX 1120, Malta Email: [email protected] You also have the right to lodge a complaint with the Office of the Information and Data Protection Commissioner (IDPC) in Malta or your local supervisory authority.