This Privacy Policy explains how Big Bass Splash (referred to as "the brand," "we," "us," or "our") collects, uses, stores, and protects personal data when you access or use our gambling services. This document formalises our data handling practices in accordance with the United Kingdom General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Transparency regarding processing activities is maintained to allow you to understand what information is gathered and why. Our processing is lawful, limited to necessary purposes, and subject to ongoing compliance obligations with the Gambling Commission. Account management functions, including registration and financial transactions, require specific data points to verify identity and prevent unlawful activity. Security measures are implemented to safeguard your information from unauthorised access or loss. By reading this policy, you acknowledge the terms under which your personal data is administered.
Categories of Personal Data Collected During Registration and Play
When you register an account with Big Bass Splash, we collect information that identifies you as an individual. This includes your full legal name, date of birth, residential address, email address, and a valid telephone number. Further identification data may be required to satisfy our anti-money laundering (AML) and know-your-customer (KYC) obligations, such as a copy of your passport or driving licence, a recent utility bill, or a bank statement. Transactional information is recorded for each deposit, withdrawal, and wager placed, including the amount, date, time, and payment method used (for instance, debit card, e-wallet, or bank transfer). Technical data is automatically captured when you access our website, including your IP address, browser type and version, operating system, device identifiers, and session duration logs. Compliance-related records encompass correspondence with you regarding account verification, responsible gambling interactions, and any reports of suspicious activity. Additionally, we may process information relating to your use of promotional features, such as a bonus big bass splash offer acceptance or participation in a big bass splash demo bonus buy event.
Legal Bases Applied for Processing Personal Data
We process personal data under several lawful bases as prescribed by UK GDPR. Where we require your consent, such as for receiving direct marketing communications or for processing certain optional cookies, consent is obtained through a clear affirmative action and may be withdrawn at any time without penalty. Processing necessary for the performance of a contract includes handling registration data to open and maintain your account, executing transactions for deposits and withdrawals, and administering wagering activity. Legal obligation processing occurs to comply with the Gambling Commission’s licence conditions, the Money Laundering Regulations 2017, and the Prevention of Gambling Harms code. This requires us to verify identity, monitor transactions for financial crime indicators, and retain records for specified periods. Legitimate interest processing is applied for network and information security, fraud detection, and internal analytics to improve our service stability. We do not rely on legitimate interest for direct marketing or for profiling that produces legal effects. When processing data for a big bass bonanza splash demo oyna feature, we apply the same legal bases as for standard gameplay, ensuring all actions are documented and justifiable.
| Processing Purpose | Legal Basis | Data Categories Involved |
|---|---|---|
| Account creation and maintenance | Performance of a contract | Registration details, identification data |
| Verification of identity and age | Legal obligation (Gambling Act 2005, AML regulations) | Identification documents, proof of address |
| Transaction processing and financial records | Performance of a contract / Legal obligation | Transactional information, payment method details |
| Fraud detection and security monitoring | Legitimate interest | Technical data, behavioural logs |
| Responsible gambling interventions | Legal obligation | Account activity logs, correspondence records |
Data Storage Infrastructure, Retention Durations, and Protection Measures
Personal data collected by Big Bass Splash is stored on secure servers located within the European Economic Area (EEA) or the United Kingdom. We employ encryption protocols, including Transport Layer Security (TLS) for data in transit and Advanced Encryption Standard (AES) for data at rest, to protect against interception or unauthorised decryption. Access to personal data is restricted to authorised personnel who require it to perform their specific duties, such as customer support agents, compliance officers, and payment processing staff. Access controls include multi-factor authentication, role-based permissions, and regular audit logs. Retention periods are determined by regulatory requirements and operational necessity. Account data is retained for the duration of your active account and for a period of five years following account closure, as mandated by the Gambling Commission’s licence conditions. Transaction records are kept for a minimum of six years to satisfy financial and anti-money laundering regulations. Technical logs, such as IP addresses and session data, are retained for twelve months unless required for an ongoing investigation. Where data is no longer required, secure deletion is performed using overwriting or degaussing methods. If you participate in a feature like big bass splash demo bonus buy, the associated data is subject to the same retention and deletion rules applicable to standard gameplay records.
Exercising Your Statutory Rights and Access Procedures
As a data subject under UK GDPR, you hold specific rights regarding your personal data held by Big Bass Splash. You may request access to a copy of the data we process, along with details of the purposes, categories, recipients, and retention periods involved. You may request correction of inaccurate or incomplete data without undue delay. You may request erasure of your personal data where it is no longer necessary for the original purpose, where processing was based solely on consent and that consent is withdrawn, or where the data has been unlawfully processed. You may request restriction of processing during verification of accuracy or while a lawful basis is contested. You may object to processing carried out under legitimate interest, including profiling for direct marketing, and we will cease processing unless we demonstrate compelling legitimate grounds. You may request data portability of information you provided and which is processed by automated means based on consent or contract performance; this will be provided in a structured, machine-readable format. All requests must be submitted in writing via email or postal mail to our Data Protection Officer. We require evidence of your identity before processing any request, which may include a copy of your passport or driving licence together with a recent utility bill. We will respond to your request within one calendar month unless the request is complex or multiple requests are submitted, in which case an extension of two further months may apply. No fee is charged unless the request is manifestly unfounded or excessive. For any concerns regarding our handling of your data, you may lodge a complaint with the Information Commissioner’s Office (ICO) in the United Kingdom.