Privacy Policy

Who we are

We are Merkur Casino Holdings UK Limited

Company Registration Number: 07833708

We are registered as a data controller at the UK Information Commissioner’s Office under number Z1270684.
We are responsible for the processing of personal data that we have received in accordance with the General Data Protection Regulation 2018 and the DPA 2018.
We are an Operator of Adult Gaming Centres and / or Licenced Bingo premises in Great Britain.
We refer to these premises as Venues.

What is the Customer Care Portal?

The Customer Care Portal is a web-based portal to allow our customers to search and view solutions to any possible service or support issue related to one of our Venues.
The portal allows you to submit issues to us, and view and reply to responses from us.

You can also visit submit a support issue by visiting one of our Venues.

Our Customer Care Portal Provider

We partner with IHL Tech Ltd, who provide us multiple products and solutions, including the provision of the Customer Care Portal.

Our role in your privacy

If you are providing Personal Data to us to enable us to manage and respond to any issues you have with one of our Venues, this Privacy Notice applies to you.

Our responsibilities

Our responsibilities as a Data Controller

Whilst you are completing or have completed a request for support, we act as a ‘Data Controller’ of your data. This means we will determine why and how your Personal Data is processed to enable us to provide support to you.

Important Note 1

IHL Tech Ltd, act a ‘Data Processor’ of your data. This means they have been instructed by us as a ‘Data Controller’ to process your data in accordance with the purpose it has been collected.

Your responsibilities

Please read this Privacy Notice

When we collect data

We will collect data from you with your consent:

If you submit a support issue, either online on the Customer Care Portal or in-venue with a member of staff using a Tablet.

Types of data we may collect when you are registering for support

Contact Data

Required Data
Email Address

Issue Details

Depending on the issue, this may require you to provide supporting information that will assist us in supporting your issue. This may include Personal Data that will enable us to prove your identity.

Types of data we DO NOT collect

Any data relating to racial or ethnic origin.

Purposes for which we process your data

We collect your data solely for the purpose of providing and managing your support request. This includes the sending of emails and texts that may contain information relating to gambling support services and organisations.

Please note: We do not use any personal data you provide in the Customer Care Portal for Marketing.

How and why we use your data

Data protection law requires that we only use your data for certain reasons and where we have a lawful basis to do so. Here are the reasons why we process your data:

Providing support to you
Processing of your Personal Data to enable us to provide support to you.
In this context, our lawful basis for processing your personal data is the contract we have with you AND your explicit consent.

Here is what each "lawful basis" means:

You have given explicit and informed consent for us to process your personal data for the specific purpose of providing you with support.

You have entered into a contract with us for the service of providing you with support.

Your privacy choices and rights

Your choices

You can choose not to provide us with personal data
If you choose to do this, you can continue to use the Customer Care Portal and browse its pages, but we will not be able to provide support without personal data.

You can turn off or amend your cookie settings by:

Blocking cookies by activating a setting on your browser allowing you to refuse cookies. You can also delete cookies through your browser settings.

If you turn off cookies, you can continue to use the website and browse its pages, but the website and certain services within will not work effectively.

You can also change your cookie consent by clicking the ‘Change your Consent’ link found within the cookie policy on our website.

Your rights

You can exercise your rights by sending us an email at

You have the right to access information we hold about you

This includes the right to ask us for supplementary information about:

the categories of data we’re processing.
the purposes of data processing.
the categories of third parties to whom the data may be disclosed.
how long the data will be stored (or the criteria used to determine that period).
your other rights regarding our use of your data.

We will provide you with the information within one month of your request, unless doing so would adversely affect the rights and freedoms of others (e.g. another person’s confidentiality or intellectual property rights). We will tell you if we can’t meet your request for that reason.

You have the right to make us correct any inaccurate personal data about you

You have the right to port your data to another service

We will give you a copy of your data in CSV or JSON so that you can provide it to another service. We will not do so to the extent that this involves disclosing data about any other individual.

You have the right to be ‘forgotten’ by us

You can do this by asking us to erase any personal data we hold about you if it is no longer necessary for us to hold the data for purposes of your use of IHL or we have a legal obligation to retain your personal data.

You have the right to lodge a complaint regarding our use of your data

Please tell us first, so we have a chance to address your concerns. If we fail in this, you can address any complaint to the UK Information Commissioner’s Office, either by calling their helpline or as directed on their website at

secure is the data we collect?

Data collected during your support request is fully hosted and managed by IHL Tech Ltd

IHL Tech Ltd have physical, technical and organisational procedures in place to appropriately safeguard and secure the data we collect.

All data is stored in a secure ISO 27001 facility by AWS (Ireland).
All data traffic is encrypted with SHA-256 RSA Encryption.
Always-On Network Flow Monitoring is enabled.
DDos protection services provided by AWS are enabled, including Automated Mitigation and all APIs are protected using a Throttling middleware.
IP Attack Prevention in the form of Rack Attack Preventative is implemented.

However, please remember:
You provide personal data at your own risk: unfortunately, no data transmission across the internet is guaranteed to be 100% secure.
If you believe your privacy has been breached, please contact us immediately at

Where do we store the data?

The data we collect is processed online, in our Venues, and in our Head Office

The Customer Care Portal provided by IHL Tech Ltd, is hosted in AWS, Ireland and processed in IHL Tech Ltd’s offices in Northampton (UK), Nottingham (UK) and Withernsea (UK) and also in any data processing facilities operated by the third parties identified below.

By submitting your data, you agree to this transfer, storing or processing by us. If we transfer or store your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this Privacy Notice.

How long do we store your data?

We will delete any personal/identifiable information about you 7 years after the closure of your support request.

Other Third parties who process your data (Non-Partners)

Businesses often use third parties to help them host their application, communicate with customers, power their emails etc. We contract with third parties who we believe are the best in their field at what they do.

When we do this, sometimes it is necessary for us to share your data with them in order to get these services to work well.

Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Notice.

If third party providers (processors) are established outside of the EU/EEA, we shall ensure that we contract only with third-party providers that are located in countries that ensure adequate levels of protection based on the European Commission's adequacy decision or that IHL Tech Ltd has entered into agreements with corresponding Standard Contractual Clauses that ensure adequate safeguards with respect to the protection of the privacy and fundamental rights and freedoms of individuals.

Here are the details of our main third-party service providers, and what data they collect or we share with them, where they store the data and why they need it:

Amazon Web Services, Ireland - IHL Tech host the Customer Care Portal (on AWS Data Centres in Ireland).


We use cookies on the Customer Care Portal, please refer to our cookie policy for more information.