BantuBet Privacy Policy

This Privacy Policy explains how BantuBet, operated by BANTU BET, LDA, collects, uses, shares, and protects personal information when a member registers an account, uses the Services, or otherwise interacts with bantubet.ca. We handle personal data in line with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation. By using the platform, the member acknowledges the practices described in this Policy.

1. Who We Are

The data controller is BANTU BET, LDA, the operator of the bantubet.ca platform. For questions about this Policy or to exercise any of the rights described below, members can contact the Data Protection team at [email protected].

2. What Data We Collect

2.1 Information You Provide Directly

When a member registers an account, we collect full legal name, date of birth, residential address, email address, phone number, chosen username, and password. During KYC verification, we collect copies of government-issued identification, proof of address, and where applicable documentation of payment methods.

2.2 Transaction and Activity Data

We record all deposits, withdrawals, wagers, wins, bonus activity, and game-play sessions associated with the account. This includes timestamps, amounts, payment methods, and the games or markets involved.

2.3 Technical Data

We automatically collect IP address, device type, browser type and version, operating system, time-zone, screen resolution, referrer URL, and pages viewed. This information helps us secure the platform, optimise performance, and detect fraudulent activity.

2.4 Social Login Data

Where social login is available, we receive basic profile information (name, email, profile image) from the third-party identity provider, with the member's explicit consent.

3. How We Use Your Data

  • To create and manage the member account and provide the Services.
  • To process deposits, withdrawals, and bonus credits.
  • To verify identity, age, and source of funds in line with regulatory requirements.
  • To detect and prevent fraud, money laundering, and other unlawful activity.
  • To communicate service updates, account notices, and responses to support enquiries.
  • To send marketing communications where the member has opted in, with the option to unsubscribe at any time.
  • To improve the platform, develop new features, and analyse aggregated usage patterns.
  • To monitor responsible-gaming activity and apply any limits or self-exclusion settings configured on the account.
  • To comply with legal, regulatory, and licensing obligations.

Each of these purposes is connected to a specific legal basis. Account creation, processing transactions, and providing the Services rest on the contractual relationship between the member and the Operator. Identity verification, anti-money-laundering checks, and responsible-gaming monitoring rest on compliance with legal and regulatory obligations. Marketing communications rest on the member's consent, which can be withdrawn at any time without affecting the rest of the account.

4. How We Share Your Data

  • Payment processors and banking partners — to process deposits and withdrawals.
  • Identity verification providers — to complete KYC and age-verification checks.
  • Game and platform technology providers — to deliver game content and live dealer streams.
  • Fraud-prevention and security services — to detect suspicious activity and protect member accounts.
  • Regulatory authorities and law enforcement — where required by law, court order, or licensing obligation.
  • Professional advisors — lawyers, accountants, and auditors, under strict confidentiality obligations.

We do not sell personal data to third parties under any circumstances. Where data is shared with the categories of recipients listed above, contractual safeguards are in place to ensure the data is processed in line with this Policy and applicable Canadian privacy law. Some of our service providers may be located outside Canada; in those cases, we use appropriate transfer mechanisms (such as standard contractual clauses or equivalent safeguards) to maintain the level of protection required under PIPEDA.

5. Your Rights

  • Access — request a copy of the personal data held about the account.
  • Correction — request correction of inaccurate or incomplete data.
  • Deletion — request deletion of personal data, subject to legal retention obligations.
  • Restriction — request that we limit how we use the personal data.
  • Objection — object to certain uses of the personal data, such as direct marketing.
  • Portability — receive the personal data in a structured, machine-readable format.
  • Withdraw Consent — withdraw any consent previously given for processing.
  • Lodge a Complaint — file a complaint with the Office of the Privacy Commissioner of Canada or the relevant provincial privacy authority.

6. How We Protect Your Data

Security is treated as an ongoing discipline rather than a one-time setup. We combine technical controls with organisational procedures to keep personal data confidential, accurate, and available only to those who need it.

  • 256-bit SSL encryption across the entire platform.
  • Two-factor authentication available on every account.
  • Encrypted storage of sensitive personal data and payment information.
  • Segregated player funds held separately from operational accounts.
  • Regular security audits and penetration tests by independent specialists.
  • Role-based access controls limiting employee access to personal data on a need-to-know basis.
  • Mandatory privacy and security training for all staff with access to member data.
  • Documented incident-response procedures in case of a data breach, including notification timelines aligned with PIPEDA.

Despite these measures, no system can guarantee absolute security. Members can help protect their own accounts by using a strong, unique password, enabling two-factor authentication, signing out at the end of each session on shared devices, and reporting any suspicious activity to [email protected] as soon as it is noticed.

7. Cookies

We use cookies and similar technologies to operate the platform, remember member preferences, analyse usage patterns, and deliver relevant marketing. A consent banner on the first visit allows members to accept or reject non-essential cookie categories. Cookie preferences can be updated at any time through the cookie settings link in the footer.

8. Data Retention

We retain personal data for as long as the account is active and for a period afterwards required to meet legal, regulatory, and accounting obligations. Transaction and activity records are typically retained for a minimum of five years after account closure in line with anti-money-laundering rules. After the applicable retention period, data is securely deleted or anonymised.

9. Minors

The Services are intended only for adults aged 19 or older. We do not knowingly collect personal data from minors. If we discover that an account has been opened by a minor, the account is closed immediately, deposits are returned, and any data collected is deleted in line with regulatory obligations.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated to members through email and through a notice on the platform. The "last updated" date at the bottom of the Policy indicates the most recent version.

11. Contact Us

For any questions about this Privacy Policy or to exercise any of the rights described above, please contact the Data Protection team at [email protected]. For general account questions, please use [email protected].