Colossus Bets Privacy Policy

Colossus Bets is committed to protecting your personal data and being clear about how we use it. This privacy policy applies to all personal information collected when you use the Colossus Bets platform, including pool betting pools, syndicate participation, and free-entry competitions. We operate in full compliance with UK GDPR and the Data Protection Act 2018.

Data We Collect

• Registration details: Your name, date of birth, email address, home address, and phone number when you create a Colossus Bets account.
• Identity verification: Government-issued photo ID and proof of address, required by the UK Gambling Commission to confirm your age and identity.
• Payment information: Details of the payment methods you use to deposit funds, plus a full record of your deposits, withdrawals, and account transactions.
• Betting and pool data: A complete record of your entries into betting pools, syndicate memberships, picks made, and prizes won or claimed.
• Technical data: Your IP address, device type, browser version, and session logs, collected automatically when you access our platform.
• Support interactions: Records of any communication with our customer support team, including live chat, email, and any attachments you send us.

How We Use Your Data

• To set up, maintain, and operate your Colossus Bets account.
• To process your pool betting entries, syndicate shares, and any prize distributions.
• To verify your identity and age as required by our UK Gambling Commission licence.
• To process payments and maintain accurate financial records in compliance with anti-money laundering law.
• To detect and prevent fraud and protect the fairness of our pools for all participants.
• To monitor your betting patterns as part of our responsible gambling obligations.
• To communicate with you about your account, pool results, and promotions — where you have opted in to marketing.

Sharing Your Data

• Payment processors who handle your deposits and withdrawals on our behalf.
• Identity verification services used to fulfil our KYC obligations.
• Regulatory bodies including the UK Gambling Commission, when required by law.
• Fraud prevention agencies that help protect both Colossus Bets and its customers.
• We do not sell your data to any third party for commercial purposes.

Data Retention

• Account and transaction data is retained for a minimum of five years following account closure, per UK anti-money laundering requirements.
• Pool entry records may be retained for longer periods for audit and dispute resolution purposes.
• Communications and support records are retained for a minimum of three years.
• Data is securely deleted or anonymised once the retention period has expired.

Security Measures

Colossus Bets uses SSL/TLS encryption for all data transmitted between your device and our servers. Sensitive documents and financial data are stored in encrypted databases. Access to personal data is restricted to authorised staff on a need-to-know basis, and all staff who handle customer data receive regular data protection training.

Your Rights

• Access: You can request a full copy of the personal data we hold about you.
• Correction: You can ask us to update or correct any information that is inaccurate or incomplete.
• Erasure: You can request deletion of your data where we are not legally required to retain it.
• Restriction: You can ask us to pause processing of your data in specific circumstances.
• Objection: You can object to processing based on legitimate interests, including profiling for marketing.
• Portability: You can ask for your data in a structured, commonly used format.

To exercise any of the above rights, contact us at [email protected]. Unresolved privacy concerns may be raised with the Information Commissioner's Office at ico.org.uk. This policy is reviewed regularly and updated when our data practices change.