Privacy Policy

This Privacy Policy explains how ProgressPlay Limited, operating the online casino brand Conquer Casino via the website conquarcasino.com, collects, uses, discloses and protects your personal data. It applies to players, registered account holders, visitors to our website and users of our services, tools and communications channels.

This Privacy Policy is designed to comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, applicable e-privacy rules, and, where relevant, the EU GDPR and Mexican data protection law (including the Federal Law on the Protection of Personal Data Held by Private Parties). It should be read together with our Terms & Conditions and other policies published on conquarcasino.com.

This version of the Privacy Policy is effective from 6 November 2025 and reflects our practices and legal requirements as applicable in 2025 and into 2026.

Who We Are

Data controller and operator

The services offered under the brand Conquer Casino at conquarcasino.com are operated by:

Company name: ProgressPlay Limited
Legal form: Limited company (Ltd)
Company registration number: C58305
Registered jurisdiction: Malta
Registered office / legal address: Soho Office, The Strand, Fawwara Building, Gzira, GZR 1027, Malta

ProgressPlay Limited is licensed and regulated by:

United Kingdom Gambling Commission (UKGC) under account number 39335 for remote gambling services offered to players in the United Kingdom (including Conquer Casino via conquarcasino.com).
Malta Gaming Authority (MGA) under licence number MGA/B2C/231/2012 for eligible international markets.

Details of these licences can be verified via the UKGC and MGA public registers.

Contact details for privacy matters

ProgressPlay Limited is responsible for your personal data. You can contact us for any data protection query or to exercise your rights using the following channels:

Email (primary contact): customersupport@conquarcasino.com (please include "Data Protection" or "Privacy" in the subject line so your request is routed to the appropriate team).
Live chat: on-site live chat at conquarcasino.com, available 24/7 (bot-first with escalation to human agents typically within 2 - 10 minutes during peak UK hours).
Postal address for privacy correspondence: Data Protection Officer, ProgressPlay Limited, Soho Office, The Strand, Fawwara Building, Gzira, GZR 1027, Malta.

Data Protection Officer (DPO)

ProgressPlay Limited has appointed a person or team responsible for overseeing questions in relation to this Privacy Policy and our compliance with data protection law. You can contact our DPO or data protection team using the contact details above, clearly marking your communication "FAO: Data Protection Officer".

What Personal Data We Collect

We collect and process different categories of personal data depending on how you interact with Conquer Casino and conquarcasino.com. Some data is provided directly by you, some is generated by your use of our services, and some is obtained from third parties (for example, identity verification providers or payment institutions).

Identification and contact data

Account details: full name, username, password (stored in hashed form), date of birth, gender (where provided), nationality, preferred language.
Contact information: email address, mobile phone number, residential address (street, city, postal code, country).
Verification documents: copies or data extracted from IDs and supporting documents you provide (e.g., passport, national ID card, driving licence, residence permit, utility bills, bank statements), including document numbers, issuing authority, expiry dates and images where required.

Technical and device data

Usage and log data: IP address, device identifiers, operating system, browser type and version, time zone settings, referring URLs, pages visited, session timestamps, clickstream data, game loading/exit events, errors and crash logs.
Device and network data: language preferences, screen resolution, mobile network information, approximate geolocation derived from IP address (country, region, city level where applicable).

Payment, financial and transactional data

Payment details: limited card details (such as card type, masked card number and expiry date), digital wallet identifiers, bank account identifiers or other payment instrument details as necessary to process deposits and withdrawals. Full card data is usually handled by our PCI-compliant payment providers.
Transaction records: deposits, wagers, game participation, bonus use, withdrawals, chargebacks, refunds and account balances, including timestamps, methods used and currencies.
Anti-fraud and AML data: risk scores, sanctions and politically exposed person (PEP) screening results, enhanced due diligence information, source-of-funds and source-of-wealth information, as required by law.

Behavioral and profile data

Gaming activity: betting and game history (games played, stakes, wins and losses, session duration, frequency, volatility preferences), bonuses claimed and wagering progress.
Responsible gambling data: limits set (deposit, loss, wager, session), self-exclusion and cooling-off choices, reality check preferences, interactions relating to safer gambling and any relevant notes or classifications we make to support you.
Marketing and communication preferences: consents and opt-outs, channels preferred (email, SMS, push notifications), engagement with campaigns (opens, clicks, unsubscribes).

Communications and support data

Customer support records: transcripts or records of live chat conversations, emails, complaint correspondence and feedback forms, including metadata (time, date, channel used).
Call and incident information: internal notes relating to investigations (fraud, AML, responsible gambling, technical incidents), including outcomes and action taken.

Cookies and similar technologies

Cookies: small text files stored on your device to support core site functionality, remember your preferences, secure your sessions and understand how you use our website.
Similar technologies: web beacons, pixels, tags, SDKs and local storage used for analytics, security, fraud detection and, where consented, advertising and personalisation.

Some personal data is mandatory for regulatory or contractual reasons (for example, to verify your age and identity under UK gambling law). If you choose not to provide such data, we may be unable to open or maintain your account or provide some or all services.

Legal Basis for Processing

We process your personal data in accordance with the legal bases provided under the UK GDPR and Data Protection Act 2018, and, where applicable, the EU GDPR and relevant Mexican data protection rules. In most cases one or more of the following legal grounds will apply.

Performance of a contract

Account creation and management: we process your identification, contact and account data to register you as a player, maintain your account, verify your eligibility and provide access to the Conquer Casino services on conquarcasino.com.
Provision of gaming services: we use your data to process deposits and withdrawals, enable game play, calculate bets, settle wagers, award bonuses and manage loyalty or VIP schemes where applicable.
Customer support: we process your support communications and associated data to respond to your requests, troubleshoot, and resolve technical or service issues.

Compliance with legal obligations

Gambling, AML and KYC regulation: under UK and EU/EEA anti-money laundering rules, UKGC licence conditions and other applicable laws, we must verify your identity and age, assess risk, monitor transactions, prevent money laundering and terrorist financing, and retain certain records for defined periods.
Regulatory reporting and responsible gambling: we process data to meet obligations imposed by the UK Gambling Commission, the Malta Gaming Authority and other competent authorities, including reporting, self-exclusion and safer gambling measures.
Data protection and consumer laws: we process data to comply with rights requests, record consents and maintain documentation required by data protection and consumer protection legislation, including Mexican data protection law where relevant.

Legitimate interests

Service improvement and analytics: we analyse usage, performance and interaction data to improve site stability, usability, game offering, features and customer experience in a way that respects your privacy.
Security and fraud prevention: we use technical, transactional and behavioural data to detect and prevent fraud, abuse, bonus misuse, account takeovers, cyberattacks and breaches of our Terms & Conditions.
Business operations: we process data for internal reporting, management, forecasting, auditing and the exercise or defence of legal claims, provided these interests are not overridden by your rights and freedoms.

Consent

Direct marketing: we send promotional communications by email, SMS, push notifications or similar channels only where you have given valid consent or where permitted by law, and always with a clear option to withdraw consent at any time.
Non-essential cookies and tracking: we use analytics, performance and advertising cookies and similar technologies based on your consent obtained through our cookie banner or settings.
Specific optional features: in limited cases, we may ask for your explicit consent to process certain data (for example, use of certain documentation or special categories of data) where required by UK, EU or Mexican law.

Where we rely on consent, you may withdraw it at any time using the mechanisms described in this Privacy Policy. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

Purpose of Processing

We process your personal data only for specified, explicit and legitimate purposes. These purposes include, in particular:

Providing casino services: creating and managing your account; verifying your age, identity and eligibility; enabling deposits, wagers, game play and withdrawals; administering promotions, tournaments and loyalty schemes; and providing customer support.
Meeting legal and regulatory obligations: complying with UKGC licence conditions, MGA requirements, anti-money laundering and counter-terrorist financing laws, responsible gambling duties, taxation, accounting, and other statutory obligations.
Improving and personalising our services: monitoring and analysing site performance, game popularity and player behaviour to enhance our platform, fix bugs, test new features and provide relevant content and offers.
Marketing and promotions (where permitted): sending you tailored offers, bonuses, newsletters and surveys, subject to your marketing preferences and consent; measuring engagement and campaign effectiveness to refine our communications.
Analytics and statistics: generating aggregated or anonymised statistics about our player base, game performance and site usage to inform strategic decisions, without identifying individual players.
Fraud prevention and risk management: detecting, investigating and preventing fraud, chargebacks, identity theft, account misuse, bonus abuse, collusion and other unlawful or prohibited activities.
Ensuring security and integrity: protecting our systems, networks, services and players from cyber threats, enforcing our Terms & Conditions, and safeguarding the integrity of our games.
Handling complaints and legal claims: managing queries, disputes, complaints and regulatory investigations, and establishing, exercising or defending legal claims in courts or before authorities.

Disclosure & Sharing

We treat your personal data as confidential. We will not sell your personal data to third parties. However, we may share it with carefully selected recipients where necessary for the purposes described above, in compliance with UK GDPR, EU GDPR (where applicable) and relevant Mexican data protection rules.

Service providers and business partners

Payment service providers and banks: to process deposits, withdrawals and chargebacks, verify ownership of payment instruments and comply with anti-fraud and AML obligations.
Identity verification and AML/KYC providers: to verify your identity, age, address, payment methods and to conduct risk assessments, sanctions and PEP screening as required by law.
IT, hosting and platform providers: including ProgressPlay platform services, data centres, cloud service providers, website hosting, maintenance, security, monitoring and backup services.
Game providers: where required to operate games, investigate technical issues or comply with regulatory obligations related to specific game content.
Analytics and marketing providers: for site analytics, performance monitoring and, where you have consented, sending or optimising marketing communications and online advertising.

Regulators, authorities and scheme operators

Regulatory authorities: including the UK Gambling Commission, Malta Gaming Authority, tax and law enforcement authorities, and other competent regulators where required by law or licence conditions.
Self-exclusion and safer gambling schemes: such as GamStop and other licensed self-exclusion databases or responsible gambling organisations, where required or permitted by law to protect you and fulfil our responsible gambling obligations.
Alternative dispute resolution (ADR) entities: where a dispute relating to our services is referred to an approved ADR provider, we may share relevant data to help resolve the dispute.

Group entities, affiliates and advertising networks

Group and related entities: where ProgressPlay Limited operates or cooperates with other brands or entities for operational, compliance or reporting purposes, data may be shared on a need-to-know basis.
Affiliates and marketing partners: we may share limited information (for example, confirmation of registration or aggregated performance reports) to reconcile referrals and measure campaign performance, subject to contractual safeguards.
Advertising networks and social media platforms: where you have consented to marketing cookies or similar technologies, we may share cookie-based identifiers or pseudonymous data to deliver or measure advertising.

Other circumstances

Professional advisers: such as lawyers, auditors and consultants, where necessary to obtain professional services and subject to confidentiality obligations.
Corporate transactions: in the context of a proposed or actual merger, acquisition, sale of assets, restructuring or similar transaction involving ProgressPlay Limited or the Conquer Casino brand, your data may be disclosed under appropriate confidentiality safeguards.
Legal claims and enforcement: where necessary to establish, exercise or defend legal claims, enforce our Terms & Conditions, or protect our rights, property, players or others, in accordance with applicable law.

Whenever we share personal data with third parties acting as processors, we ensure that they are subject to contractual obligations to protect your data, act only on our instructions and comply with applicable data protection laws.

International Transfers

ProgressPlay Limited is based in Malta and serves players in the United Kingdom and certain other jurisdictions. As a result, your personal data may be processed in, or transferred to, different countries, including:

United Kingdom - where UK players access and use Conquer Casino via conquarcasino.com and data is stored or processed in UK-based systems.
European Economic Area (EEA), including Malta - where our core platform, support operations or service providers are located.
Other countries - including countries outside the UK and EEA (for example, where cloud services, support teams, fraud detection services or marketing providers are based).

Some of these countries may not provide the same level of data protection as the UK or EEA. When we transfer personal data internationally, we implement appropriate safeguards required by law, such as:

Adequacy decisions: relying on decisions by the UK government or European Commission that a country provides an adequate level of data protection.
Standard Contractual Clauses (SCCs) and UK-specific instruments: entering into approved contractual clauses (such as the EU SCCs together with the UK Addendum, or the UK International Data Transfer Agreement) with recipients to ensure appropriate data protection and enforceable rights.
Additional measures: applying technical and organisational measures (encryption, access controls, data minimisation) and conducting transfer risk assessments where required.

Where Mexican data protection law applies to specific data subjects, we also ensure that any international transfers comply with its requirements, including implementing contractual and security safeguards for transfers outside Mexico where necessary.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, regulatory, accounting or reporting requirements. Retention periods depend on the type of data and context of processing.

General principles

Active accounts: we keep your personal data for the duration of your registered account and active relationship with Conquer Casino on conquarcasino.com.
After account closure: once your account is closed, we typically retain core account, identification and transactional data for up to five (5) years from the date of closure or from the last transaction, in line with anti-money laundering, gambling and financial record-keeping requirements, unless a longer period is required by law or necessary for legal claims.

Illustrative retention periods

Identification and KYC data: usually up to 5 years after the end of the business relationship or the date of the last transaction, or as otherwise mandated by applicable AML and gambling laws.
Transactional and financial records: retained for the periods necessary to comply with tax, accounting and anti-money laundering obligations, generally up to 5 years or longer if required by local law.
Responsible gambling and self-exclusion data: retained for the duration of your limits or self-exclusion plus an additional period as necessary to comply with regulatory obligations and prevent circumvention.
Marketing preferences and consent records: retained while you remain subscribed to marketing communications and for a reasonable period afterwards to demonstrate compliance with consent and opt-out requirements.
Cookies and analytics data: stored in accordance with the lifespan of each cookie or similar technology (as described in our cookie banners or settings) and then deleted or anonymised.

When the applicable retention period expires, or when processing is no longer necessary, we will either securely delete or irreversibly anonymise your data, unless we are legally required or justified to retain it longer (for example, due to ongoing legal claims, investigations or regulatory requests).

Your Rights

Depending on your place of residence and the laws that apply (including UK GDPR, EU GDPR and, where relevant, Mexican data protection law), you may have the following rights in relation to your personal data. We respect and facilitate these rights for all eligible data subjects.

Key data protection rights

Right of access: to obtain confirmation whether we process your personal data and, if so, to receive a copy of the data and information about the processing.
Right to rectification: to request correction of inaccurate data and completion of incomplete data held about you.
Right to erasure ("right to be forgotten"): to request deletion of your personal data where there is no longer a lawful basis for us to retain or process it, subject to legal and regulatory limitations (for example, AML record-keeping duties).
Right to restriction of processing: to request that we temporarily suspend processing of your data in certain circumstances (for example, while we verify its accuracy or assess an objection).
Right to object: to object at any time to processing based on our legitimate interests, including profiling, and to object specifically to direct marketing (including profiling for marketing), in which case we will stop such processing.
Right to data portability: to receive certain personal data you have provided to us in a structured, commonly used and machine-readable format and to request that we transmit it to another controller where technically feasible.
Right to withdraw consent: where processing is based on your consent (for example, marketing or certain cookies), you may withdraw that consent at any time without affecting prior lawful processing.
Rights under Mexican law (where applicable): if Mexican data protection law applies, you may have ARCO rights (Access, Rectification, Cancellation and Opposition) and related rights concerning transfers and consent, which we honour in line with that framework.

How to exercise your rights

Submitting a request: you can exercise your rights by contacting us at customersupport@conquarcasino.com with the subject "Data Protection Request" or via our live chat, clearly indicating the right you wish to exercise.
Verification: to protect your privacy, we may need to verify your identity before acting on your request, which may involve asking for additional information or documentation where appropriate.
Response times: we aim to respond to all valid requests without undue delay and, in any event, within one (1) month from receipt, in line with UK GDPR. This period may be extended by up to two additional months for complex or numerous requests; in such cases, we will inform you of the extension and reasons. Where Mexican law applies, we will also respect any specific statutory periods set by that law.
Fees: exercising your rights is generally free of charge. We may charge a reasonable fee or refuse to comply with requests that are manifestly unfounded, excessive or repetitive, as permitted by law.

You also have the right to lodge a complaint with a supervisory authority, as described in the "Complaints & Contacts" section, if you believe we have not handled your personal data in accordance with applicable law.

Cookies & Tracking Technologies

We use cookies and similar technologies on conquarcasino.com to ensure the site functions correctly, to improve performance and security, and, subject to your consent, to personalise content and marketing. Cookies are small text files stored on your device when you visit our site.

Types of cookies we use

Strictly necessary (functional) cookies: essential to operate the website and provide core services, such as enabling secure log-in, maintaining sessions, processing payments and storing your cookie preferences. These cookies cannot be switched off in our systems and do not require consent.
Preference cookies: used to remember your choices (for example, language, region, interface settings) to enhance your experience when returning to our site.
Analytics and performance cookies: help us understand how visitors use our website, which pages are popular, and how users move around the site, so we can improve performance and usability. Data is typically aggregated and used for statistical purposes.
Advertising and targeting cookies: set by us or third parties to build a profile of your interests and show you relevant advertisements on our site or other websites, and to measure the effectiveness of campaigns. These cookies operate only where you have given your consent.
Third-party cookies: placed by third-party providers (for example, analytics, payment or marketing partners) when their services are integrated into our site. These providers may act as independent controllers for some processing operations.

Managing cookies and tracking technologies

On-site settings: you can manage your cookie preferences through our cookie banner or settings panel (where available), choosing which categories of cookies (except strictly necessary ones) you wish to accept or reject.
Browser settings: most browsers allow you to block or delete cookies through their settings. Please note that blocking certain cookies may affect the functionality or performance of conquarcasino.com and limit your ability to use some features.
Opt-out mechanisms: for certain third-party advertising or analytics services, you may be able to opt out directly via their own tools or industry platforms, where available.

Further information about specific cookies used, their duration and purposes may be provided in a dedicated cookie notice or via our cookie management interface.

Data Security

We are committed to protecting your personal data and to maintaining the confidentiality, integrity and availability of the information we process for Conquer Casino and conquarcasino.com. We use a combination of technical and organisational measures designed to provide an appropriate level of security in light of the risks.

Technical measures

Encryption in transit: data transmitted between your browser and our servers is protected using industry-standard transport layer security (TLS 1.2 or higher), helping to prevent interception or tampering.
Encryption at rest (where applicable): sensitive data is stored using encryption or other appropriate safeguards to reduce the risk of unauthorised access.
Access controls and authentication: access to systems and databases is restricted to authorised personnel based on role and business need, using strong authentication and regular access reviews.
Network and application security: firewalls, intrusion detection and prevention systems, anti-malware tools, secure development practices and regular patching are used to protect our infrastructure and applications.

Organisational measures

Policies and procedures: we maintain internal data protection, information security and acceptable use policies that govern how staff may access and process personal data.
Staff training: employees and contractors with access to personal data receive appropriate training on data protection, confidentiality and security obligations.
Vendor due diligence: we select service providers that implement appropriate security measures and we contractually require them to protect your data and process it only as instructed.
Security reviews and testing: we conduct periodic reviews, audits and technical testing to assess and improve our security posture in line with applicable standards and best practices. Where proportionate, we seek to align our security controls with recognised frameworks such as ISO/IEC 27001 or SOC 2.

Incident response

Monitoring and detection: we monitor our environment for suspicious activity and potential security incidents.
Response plans: we maintain procedures for identifying, investigating and responding to potential data breaches or other security incidents.
Notification: if we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required by law, inform affected individuals without undue delay, describing the nature of the breach and the measures taken.

Complaints & Contacts

We take privacy and data protection seriously. If you have questions about this Privacy Policy or how we process your personal data, or if you wish to make a complaint, you can contact us using the channels below.

Contacting ProgressPlay Limited

Email: customersupport@conquarcasino.com (mark your message "Privacy complaint" or "Data Protection query").
Live chat: available 24/7 on conquarcasino.com; you can request escalation to a supervisor or the data protection team.
Postal address: Data Protection Officer, ProgressPlay Limited, Soho Office, The Strand, Fawwara Building, Gzira, GZR 1027, Malta.

Internal complaint procedure

Submission: send us your complaint or query with as much detail as possible about your concerns.
Acknowledgement: we will acknowledge receipt of your complaint and provide a reference where appropriate.
Assessment: our team will review your complaint, request additional information if needed and investigate the issues raised.
Response: we aim to provide a substantive reply within one (1) month from receipt of your complaint or, where applicable, within the timeframes required by relevant law. If we cannot respond within this period, we will inform you of the reasons and the expected timeframe.
Escalation: if you remain dissatisfied after our response, you may request further internal review or escalate your complaint to a competent supervisory authority.

Supervisory authorities and external escalation

United Kingdom - Information Commissioner's Office (ICO): if you are located in the UK or your issue relates primarily to UK data protection law, you can lodge a complaint with the ICO:
- Website: https://ico.org.uk
- Telephone (UK): 0303 123 1113
Mexico - National data protection authority: where Mexican data protection law applies to you, you may lodge a complaint with the competent Mexican authority responsible for personal data protection (currently the National Institute for Transparency, Access to Information and Personal Data Protection - INAI). You can find up-to-date contact information and complaint procedures via its official website or government channels.
European Union / EEA: where EU GDPR applies (for example, if services are accessed from the EU/EEA under relevant conditions), you may be entitled to lodge a complaint with your local data protection authority in the Member State of your habitual residence, place of work or alleged infringement.

We encourage you to contact us first, so we can try to resolve your concerns directly, but you are not required to do so before contacting a supervisory authority.

Updates

We may update this Privacy Policy from time to time to reflect changes in our processing activities, legal requirements, regulatory guidance, or our business operations related to Conquer Casino and conquarcasino.com.

How we will inform you of changes

Website publication: the latest version of this Privacy Policy will always be available on conquarcasino.com.
Account notifications: for material changes, we may notify you via in-account messages, dashboard alerts or prominent banners on our website.
Email notifications: where appropriate, we will also inform registered players by email using the address associated with their account.

Effective dates, advance notice and your options

Last updated: this Privacy Policy was last updated in November 2025.
Advance notice: for significant changes that materially affect your rights or how we process your personal data, we will, where practicable and required by law, provide at least 30 days' notice before the changes take effect.
Your continued use: if you continue to use Conquer Casino services on conquarcasino.com after the effective date of any changes, you will be deemed to have acknowledged the updated Privacy Policy.
Right to object or close your account: if you do not agree with material changes, you may object to certain processing, withdraw your consent where processing is based on consent, or close your account. We will continue to process your data only as permitted or required by applicable law.

We recommend that you review this Privacy Policy regularly to stay informed about how we protect your personal data.