burger icon
National Casino Canada
Log In

Privacy Policy

This Privacy Policy explains how National Casino, operated via national-ca.com, collects, uses, discloses, and protects personal information of players and website visitors in Canada. It applies to current and prospective customers, account holders, and any visitor who accesses or uses our website, products, or services. By using our services, you acknowledge that you have read and understood this Privacy Policy. This Privacy Policy is effective as of 1 January 2026 and supersedes all previous versions for Canadian users.

Who We Are

OBSERVE: Identify the legal operators and contact details behind National Casino for Canadian users.

EXPAND: Clarify corporate structure, registered addresses, licensing jurisdictions, and the point of contact for privacy matters.

REFLECT: Provide a transparent overview so users and regulators can identify the data controller(s) and reach us regarding privacy.

The online gambling services offered under the brand National Casino for Canadian users through the domain national-ca.com (referred to as "National Casino", "National Casino", "we", "us", "our") are operated primarily by:

  • TechSolutions Group N.V., a company incorporated under the laws of Curaçao, with registered address at Dr. H. Fergusonweg 1, Curaçao, registration number 144920. TechSolutions Group N.V. holds a gaming license 8048/JAZ2017-067 issued by Antillephone N.V. under the laws of Curaçao.
  • TechSolutions (CY) Group Limited, a company incorporated in Cyprus, with registered address at Parthenonos 5, Flat 103, 2020 Nicosia, Cyprus, registration number HE 377018, acting as a billing agent for certain fiat payment transactions, including CAD card processing.
  • TechOptions Group B.V., holder of interactive gaming license number 00867 issued by the Kahnawake Gaming Commission, supporting Canadian-facing operations and payment solutions (including Interac), in cooperation with TechSolutions Group N.V.

For the purposes of this Privacy Policy, TechSolutions Group N.V. is generally the primary data controller for personal information processed in connection with National Casino via national-ca.com, with TechSolutions (CY) Group Limited and TechOptions Group B.V. acting as processors and/or joint controllers in specific contexts (notably payment processing and Canadian licensing support).

Data Protection Contact

  • Data Protection / Privacy Contact: Data Protection Department, National Casino
  • Email (primary privacy & support contact): [email protected]
  • Alternative general contact: [email protected]
  • Postal contact (primary corporate address): TechSolutions Group N.V., Dr. H. Fergusonweg 1, Curaçao

When you contact us about privacy, please indicate that your request concerns National Casino / national-ca.com and include sufficient information to identify your account.

What Personal Data We Collect

OBSERVE: Our operations require a range of information to verify identity, provide gambling services, process payments, and comply with law.

EXPAND: Distinguish between categories (personal, technical, financial, behavioral, cookies) and indicate typical examples and sources.

REFLECT: Help users understand exactly what may be collected, from whom, and for which broad purposes.

1. Identification and Contact Data

  • Account registration data: full name, date of birth, residential address, email address, phone number, country and province/territory of residence, chosen username, password or other credentials.
  • Verification (KYC) data: copies or details of identification documents (e.g., passport, national ID, driver's licence), proof of address (utility bill, bank statement), and where required, source-of-funds/source-of-wealth information.
  • Communication data: records of communications with our support team (emails, chat logs, complaint submissions), language preferences, and related metadata (time, date, channel).

2. Technical and Device Data

  • Device information: IP address, device identifiers, operating system, browser type and settings, screen resolution, and similar technical characteristics.
  • Usage and log data: login timestamps, session duration, pages visited, clicks, referring URLs, error logs, game crashes, and performance data.
  • Geolocation data: approximate location derived from IP address and, where permitted, more precise location data to confirm eligibility and manage risk (e.g., provincial restrictions, fraud detection).

3. Payment and Financial Data

  • Deposit and withdrawal data: selected payment method (e.g., Interac, cards, e-wallets, bank transfer, crypto where allowed), transaction amounts, currency, timestamps, and transaction identifiers.
  • Card and banking details: partially masked card numbers, expiry dates, IBAN or account numbers, payment provider identifiers; these may be stored mainly by certified payment processors, not by us directly.
  • Financial verification data: where required by AML/KYC rules, employment details, income ranges, source of funds, and documentation supporting affordability checks.

4. Behavioral and Gaming Data

  • Gaming activity: game selections, stakes, betting history, wins and losses, bonuses used, wagering patterns, and game session durations.
  • Site interaction data: click paths, navigation history, preferences, responses to in-site surveys or feedback prompts.
  • Responsible gambling data: self-imposed limits, self-exclusion status, reality check interactions, and notes regarding responsible gambling interventions.

5. Marketing and Preference Data

  • Marketing consents: your choices about receiving email, SMS, push notifications, phone calls, or on-site promotions.
  • Campaign interaction data: whether you open or click our marketing emails, redeem promotional codes, or interact with specific campaigns.
  • Profile and segmentation data: inferred or assigned segments (e.g., preferred games, activity level) used to tailor offers where permitted by law and your preferences.

6. Cookies and Similar Technologies

  • Cookie identifiers: unique IDs allocated to your browser or device.
  • Tracking data: information on how you reach and use our site (visited pages, session length, frequency of visits) collected via cookies, pixels, tags, and SDKs.

Further details are provided in the "Cookies & Tracking Technologies" section below.

Legal Basis for Processing

OBSERVE: We must ground each processing activity on a recognized legal basis, reflecting EU-style standards as a high benchmark and aligning with Canadian privacy concepts (e.g., meaningful consent, reasonable purposes).

EXPAND: Map main purposes - account operation, KYC/AML, marketing, analytics, fraud prevention - to legal bases such as consent, contract, legal obligation, and legitimate interests.

REFLECT: Provide clarity on why processing is necessary and how we balance our interests with your privacy expectations.

1. Performance of a Contract

We process personal information where it is necessary to enter into and perform our contract with you, including:

  • Creating and managing your player account on national-ca.com.
  • Providing access to games, bonuses, tournaments, and related services.
  • Processing deposits, wagers, withdrawals, and account balance adjustments.
  • Providing customer support and handling routine queries or account requests.

2. Compliance with Legal and Regulatory Obligations

We are required by applicable laws and licensing conditions (including AML/CTF and responsible gambling obligations in jurisdictions such as Curaçao and Kahnawake, and by general Canadian legal expectations) to process certain data, for example:

  • Performing identity checks (KYC) and age verification to prevent underage gambling.
  • Monitoring transactions and player behaviour for signs of fraud, money laundering, or other offences.
  • Retaining records for audit, tax, and regulatory reporting purposes for mandatory periods.
  • Meeting responsible gambling obligations, such as administering self-exclusions and limits.

3. Legitimate Interests

We may process your data based on our legitimate interests, provided these are not overridden by your rights and interests. These include:

  • Maintaining the security and integrity of our website, systems, and games (fraud detection, abuse prevention, security monitoring).
  • Conducting statistical analysis and internal reporting to improve our products and services.
  • Personalizing your on-site experience (e.g., showing relevant games or content) where allowed without additional consent.
  • Defending and exercising legal claims and handling disputes with players, regulators, or third parties.

4. Consent

In certain cases we rely on your freely given, specific, informed and unambiguous consent, which you may withdraw at any time (see "Your Rights" section). This applies in particular to:

  • Sending you marketing communications by email, SMS, phone, or push notifications, where such consent is required under applicable law.
  • Using certain non-essential cookies or similar technologies for advertising and cross-site tracking.
  • Processing special categories of data if ever applicable (for example, information relating to self-exclusion or health aspects relevant to responsible gambling), where explicit consent or clear notice is required under relevant standards.

Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal, but may impact services that rely on that consent (e.g., receiving marketing offers).

Purpose of Processing

OBSERVE: Each data category supports specific operational and legal needs.

EXPAND: Link data types to defined purposes in a transparent way.

REFLECT: Ensure purposes are limited, legitimate, and consistent with user expectations and regulatory requirements.

1. Provision of Gambling Services

  • To register and authenticate users, manage accounts, and enable gameplay across National Casino products.
  • To process deposits, bets, wins, losses, and withdrawals in CAD or other permitted currencies.
  • To provide bonuses, loyalty rewards, tournaments, and promotional features you opt into.

2. Regulatory Compliance and Risk Management

  • To verify age, identity, address, and eligibility to participate in our games.
  • To comply with anti-money laundering (AML), counter-terrorist financing (CTF), sanctions, and fraud-prevention requirements.
  • To monitor and enforce responsible gambling measures, including limits, reality checks, and self-exclusions.

3. Customer Support and Service Improvement

  • To respond to your questions, complaints, and requests submitted via email or other channels.
  • To troubleshoot technical issues, enhance site performance, and improve user experience.
  • To conduct surveys or gather feedback (where appropriate) in order to improve our services.

4. Marketing, Personalization, and Analytics

  • To provide you with offers, promotions, and news about National Casino that may be of interest to you, subject to your marketing preferences and applicable law.
  • To personalize content, recommend games, and tailor bonuses based on your profile and behaviour.
  • To perform analytics on aggregated or pseudonymized data to understand trends, optimize marketing campaigns, and improve risk models.

5. Security, Fraud Prevention, and Legal Protection

  • To detect and prevent fraud, abuse, unauthorized access, and other harmful activities.
  • To secure our systems, investigate suspicious behaviour, and take necessary actions against violators.
  • To establish, exercise, or defend legal claims and resolve disputes with players, payment providers, or authorities.

Disclosure & Sharing

OBSERVE: Certain operations and legal duties require us to share data with carefully selected third parties.

EXPAND: Identify categories of recipients, circumstances of disclosure, and safeguards.

REFLECT: Ensure users understand that we do not sell personal data but share it for defined purposes under contractual and security controls.

1. Group Companies and Related Licensees

  • TechSolutions Group N.V., TechSolutions (CY) Group Limited, and TechOptions Group B.V. may share data among themselves to operate National Casino, process payments, fulfil licensing obligations, and perform consolidated risk and compliance functions.

2. Payment Service Providers and Financial Institutions

  • We share necessary payment and identification data with banks, card schemes, Interac processors, e-wallet providers, and crypto payment gateways that process transactions on our behalf.
  • These partners use the data to execute payments, prevent fraud, comply with their own legal obligations, and resolve chargebacks or disputes.

3. Service Providers and Technical Vendors

  • We engage third-party providers for hosting, cloud storage, game content, customer support tools, analytics, anti-fraud solutions, identity verification, email/SMS delivery, and IT security.
  • These parties act as processors under our instructions, bound by strict confidentiality, data protection, and security requirements.

4. Regulators, Licensing Bodies, and Authorities

  • We may disclose information to regulators and licensing authorities (including but not limited to Curaçao regulators and the Kahnawake Gaming Commission) as required to comply with licensing and reporting obligations.
  • We may also disclose information to law enforcement, courts, tax authorities, or other governmental bodies where required by law, valid legal process, or to protect our rights or the rights of others.

5. Affiliates, Marketing and Advertising Partners

  • With your consent where required, we may share limited data (such as identifiers and conversion data) with marketing networks, affiliates, and advertising partners who promote National Casino.
  • These parties may use cookies and similar technologies for attribution and, where applicable, personalized advertising, subject to your cookie and marketing preferences.

6. Corporate Transactions

  • In the event of a merger, acquisition, sale of assets, reorganization, or insolvency, personal data may be transferred to a successor or related entity, subject to continued protection consistent with this Privacy Policy.

7. No Sale of Personal Data

We do not sell your personal information to third parties in exchange for money. Any sharing for marketing or analytics is limited to the purposes and safeguards described above.

International Transfers

OBSERVE: Operations and infrastructure involve multiple jurisdictions (Curaçao, Cyprus, Kahnawake, and others).

EXPAND: Explain how data may be stored or accessed from outside Canada and what protections apply.

REFLECT: Demonstrate that transfers are governed by contract, security measures, and recognized international safeguards.

1. Locations of Processing

  • Your personal data may be processed in, or transferred to, countries where our group companies, servers, or service providers are located, including but not limited to Curaçao, Cyprus, Canada (including Kahnawake), and other countries in the European Economic Area (EEA) or elsewhere.

2. Transfer Safeguards

  • We implement contractual and technical safeguards to protect your data when it is transferred across borders.
  • These safeguards may include:
    • Data processing agreements imposing confidentiality and security duties.
    • Standard contractual clauses or equivalent data transfer clauses where appropriate.
    • Robust technical protections such as encryption in transit and at rest, strict access controls, and logging.

3. User Information on Cross-Border Risks

By using our services, you understand that your data may be processed in jurisdictions that may have different (and in some cases less comprehensive) privacy laws than those in your home province or territory in Canada. However, we take all reasonable steps to ensure that an equivalent level of protection is applied to your personal information as required by our contractual and regulatory obligations.

Data Retention

OBSERVE: Retention must satisfy legal, regulatory, and operational needs without keeping data longer than necessary.

EXPAND: Provide indicative retention periods for major categories and triggers for deletion or anonymization.

REFLECT: Balance AML and licensing requirements with privacy and storage limitation principles.

1. General Retention Principles

  • We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
  • We also consider factors such as the nature and sensitivity of the data, potential risk of harm from unauthorized use or disclosure, and the time limits for potential claims or regulatory inquiries.

2. Indicative Retention Periods

  • Account and identification data: Typically retained for the duration of your account and for up to 5 - 7 years after account closure, in line with AML and regulatory record-keeping obligations applicable to our licensees and payment partners.
  • Payment and transaction records: Generally retained for at least 5 years after the relevant transaction or account closure, whichever is later, to comply with financial and audit requirements.
  • Gaming and behavioural data: Retained while your account is active and for a period (often up to 5 years) after closure for responsible gambling monitoring, dispute resolution, and compliance purposes.
  • Marketing data: Retained while you remain subscribed and for a reasonable period (usually up to 2 years) after you opt out, to document consent history and honour your preferences.
  • Customer support communications: Retained typically for 3 - 5 years after closure of the matter, subject to regulatory and litigation hold requirements.

3. Deletion, Anonymization, and Archiving

  • Once retention periods expire, we will either securely delete or anonymize your data so that it can no longer be associated with you.
  • Where full deletion is not immediately possible (for example, due to technical limitations or back-up cycles), we will isolate and securely store the data until deletion is feasible.
  • We may retain aggregated or anonymized data indefinitely for statistical, research, or analytical purposes, provided it cannot reasonably be used to identify you.

Your Rights

OBSERVE: Users in Canada are entitled to transparent access and control over their data; we also align with international best practices such as GDPR-style rights.

EXPAND: Set out rights to access, correction, deletion, restriction, objection, portability, and marketing consent withdrawal; explain procedures and timelines.

REFLECT: Even though references to Mexican law were in the template, National Casino is targeted at Canada; we therefore align primarily with Canadian privacy principles and EU-style standards as a benchmark, not Mexican regulations.

1. Right of Access

  • You have the right to request confirmation of whether we hold personal information about you and to receive a copy of such information, along with an explanation of how we process it.

2. Right to Rectification

  • You may request correction of inaccurate or incomplete personal information. In many cases, you can update basic details (such as contact information) directly through your account settings, subject to verification rules.

3. Right to Erasure ("Right to be Forgotten")

  • You may request deletion of your personal information where:
    • the data is no longer necessary for the purposes for which it was collected;
    • you have withdrawn consent (where consent is the legal basis) and there is no other legal ground;
    • you have successfully objected to processing and there are no overriding legitimate grounds; or
    • we are required under law to delete the information.
  • This right is subject to legal and regulatory retention requirements, particularly for AML, accounting, and licensing obligations; in such cases we may restrict use of your data rather than delete it.

4. Right to Restriction of Processing

  • You may request that we restrict processing of your personal information (for example, while we verify its accuracy or assess an objection), except for storage and certain legal uses.

5. Right to Object

  • You may object to processing carried out on the basis of our legitimate interests, particularly for direct marketing (including profiling related to marketing). We will cease such processing unless we demonstrate compelling legitimate grounds or where processing is required for legal claims.

6. Right to Data Portability

  • Where technically feasible and applicable, you may request to receive certain personal information you have provided to us in a structured, commonly used and machine-readable format, and to have it transmitted to another controller.

7. Right to Withdraw Consent

  • Where processing relies on your consent (e.g., for marketing or certain cookies), you may withdraw that consent at any time by:
    • using the unsubscribe link in marketing emails;
    • adjusting your marketing preferences in your account (if available); or
    • contacting us at [email protected].

8. Exercising Your Rights and Timeframes

  • You can exercise your rights by contacting us at [email protected] and clearly describing your request and the jurisdiction in which you reside.
  • We may need to verify your identity before acting on your request, which can include requesting additional information or documentation.
  • We aim to respond to your request within 30 days from receipt of a complete and verifiable request. Where permitted by law, this period may be extended in complex cases; if so, we will inform you of the extension and reasons.
  • We do not normally charge a fee for handling your request. However, where requests are manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act, as permitted by applicable law.

Nothing in this section limits any additional rights you may have under mandatory Canadian federal or provincial privacy legislation. In case of conflict between this Policy and such laws, the latter shall prevail.

Cookies & Tracking Technologies

OBSERVE: Cookies and trackers are integral for functionality, security, and analytics, but some require consent.

EXPAND: Describe types of cookies, their purposes, and how users can manage them.

REFLECT: Allow users to make informed choices without compromising essential service operation.

1. Types of Cookies We Use

  • Strictly necessary (functional) cookies: Required to operate the website and provide core features such as login, session management, load balancing, and security. These cannot be disabled via our consent tools because the site will not function properly without them.
  • Preference cookies: Remember choices such as language, region, or display settings so we can provide a more personalized experience.
  • Analytics and performance cookies: Collect aggregated statistics on how visitors use our site (e.g., pages visited, time spent, error messages). This helps us improve performance and usability.
  • Advertising and targeting cookies: Used (sometimes by third parties) to deliver more relevant advertising and to measure the effectiveness of campaigns, including affiliate tracking and conversion measurement.

2. Third-Party Cookies and Tracking

  • Some cookies are placed by third-party service providers (for example, analytics tools, affiliate networks, or advertising partners) to support our operations and marketing.
  • These third parties may combine information collected through our site with data they receive from other sources, according to their own privacy policies and in line with applicable law.

3. Managing Cookies

  • You can manage or disable cookies through:
    • Browser settings: Most browsers allow you to block or delete cookies. Refer to your browser's "help" or "settings" section.
    • On-site tools (if available): We may provide cookie banners or preference centers on national-ca.com that allow you to accept or reject certain categories of cookies (excluding strictly necessary cookies).
  • Disabling some cookies may affect the functionality of the website, including the ability to log in, play games, or access certain features.

Data Security

OBSERVE: Gambling operations handle financial and identity data that require robust security controls.

EXPAND: Outline key technical and organizational measures, consistent with industry best practices.

REFLECT: Demonstrate our commitment to protecting data, while clarifying that no system is entirely risk-free.

1. Technical Measures

  • Encryption in transit: We use TLS 1.2+ (or higher where available) to encrypt data transmitted between your browser and our servers.
  • Encryption at rest: Sensitive data elements are stored in encrypted form using strong encryption algorithms and secure key management practices.
  • Access controls: Access to personal data is restricted based on job role and "need-to-know" principles, enforced by authentication mechanisms, password policies, and, where appropriate, multi-factor authentication (MFA).
  • Segregated environments: Production systems are separated from testing and development environments; anonymized or pseudonymized data is used for non-production purposes wherever feasible.

2. Organizational Measures

  • Policies and training: Staff are subject to confidentiality obligations and receive regular training on data protection, information security, and responsible gambling.
  • Vendor due diligence: We assess the security posture of key third-party processors and include security and privacy obligations in our contracts.
  • Incident response: We maintain procedures to detect, investigate, and respond to suspected data breaches or security incidents. Where required by law, we will notify affected users and relevant authorities without undue delay.
  • Audits and testing: We perform periodic internal reviews, vulnerability assessments, and where appropriate, third-party penetration testing to evaluate and improve our security controls.

While we implement extensive security measures consistent with recognized international standards and industry best practices (including aspects comparable to ISO 27001 and SOC 2 frameworks), no system can be guaranteed to be completely secure. You are responsible for maintaining the confidentiality of your account credentials and for using appropriate security measures on your own devices.

Complaints & Contacts

OBSERVE: Users must know how to contact us and escalate concerns, including privacy complaints.

EXPAND: Provide clear channels, steps, and expected response times, and indicate external escalation options.

REFLECT: Encourage resolution with us first while recognizing supervisory and regulatory routes where applicable.

1. Contacting Us

  • Primary email for privacy and general support: [email protected]
  • General contact email: [email protected]
  • Postal address: TechSolutions Group N.V., Dr. H. Fergusonweg 1, Curaçao (please mark your letter "Privacy - National Casino").

2. Internal Complaint Procedure

  1. Submission: Send your complaint or inquiry (including privacy concerns) to [email protected], describing the issue, relevant dates, and your account details.
  2. Acknowledgement: We will aim to acknowledge receipt of your complaint within 5 business days.
  3. Investigation: The relevant department (including our Data Protection team where appropriate) will review your complaint, may request additional information, and will investigate the matter internally and, where necessary, with relevant partners.
  4. Response: We aim to provide a substantive response within 30 days of receiving a complete complaint. If we need more time due to complexity, we will inform you of the delay and provide an estimated timeframe.
  5. Further steps: If you are dissatisfied with our response, you may request that the complaint be escalated within our organization for further review.

3. External Escalation and Regulatory Contacts

Depending on the nature of your complaint (e.g., gaming-related dispute vs. data protection), you may have additional avenues:

  • Gaming-related disputes (licensing/ADR): For disputes concerning fairness of games, payouts, or related gaming issues that cannot be resolved with us, you may refer the matter to alternative dispute resolution bodies or licensing contacts indicated in our Terms and Conditions. For Curacao-licensed operations, complaints may be referred, where applicable, via https://gaminglicences.com (email: [email protected]).
  • Canadian privacy regulators: As a resident of Canada, you may be entitled to lodge a privacy complaint with the federal or provincial privacy commissioner, such as the Office of the Privacy Commissioner of Canada (OPC) or the relevant provincial authority (e.g., Alberta, British Columbia, Quebec) depending on your location and the circumstances. Contact details can be found on the official websites of these regulators.

We encourage you to contact us first so we can attempt to resolve your issue directly and efficiently.

Updates

OBSERVE: Privacy requirements and our operations may evolve over time.

EXPAND: Explain how and when we will update this Policy and inform users.

REFLECT: Ensure users have advance notice of significant changes and can make informed decisions about continued use.

1. Changes to This Privacy Policy

  • We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal or regulatory requirements, or for other operational reasons.
  • Each version will be identified by the "Last updated" date below. Previous significant versions may be archived and made available on request where feasible.

2. Notification of Material Changes

  • Where we make material changes to this Policy (for example, expanding the purposes of processing, introducing new categories of data sharing, or changing your rights materially), we will endeavour to provide you with clear notice in advance, which may include:
    • email notifications to the address associated with your account;
    • prominent notices or banners on national-ca.com;
    • alerts in your account dashboard or message centre.
  • Where required or appropriate, we will provide at least 30 days' advance notice before material changes take effect for active account holders, unless an earlier effective date is mandated by law or necessary for security or compliance reasons.

3. Your Options Following Changes

  • If you continue to use our services after the effective date of an updated Policy, you will be deemed to have accepted the changes, to the extent allowed by law.
  • If you do not agree with the updated Policy, you may choose to discontinue use of our services and request closure of your account. You may also exercise your privacy rights as described in the "Your Rights" section.

Last updated: January 2026