Privacy Policy and Personal Data Protection
Last updated: October 26, 2025
Version: 3.2
Introduction
Mostbet (hereinafter — "We", "Our Company", "Platform") takes seriously the protection of privacy and personal data of our users. This Privacy Policy describes how we collect, use, store, transmit and protect your personal data:
- ✅ GDPR (General Data Protection Regulation, EU 2016/679) — for European Union users
- ✅ CCPA (California Consumer Privacy Act) — for California, USA users
- ✅ UK Data Protection Act 2018 — for UK users
- ✅ Curaçao data protection law — jurisdiction of our license
- ✅ Local data protection laws in countries where we operate
By using our services (website, mobile application, software), you agree to the terms of this Privacy Policy.
Important: If you do not agree to the terms of processing your data, do not use our platform.
Data Controller
Personal data controller:
Bizbon N.V.
Abraham de Veerstraat 9
Willemstad, Curaçao
Registration number: 152125
Email: privacy@most-bet-apk.org
Data Protection Officer (DPO):
Email: dpo@most-bet-apk.org
Response time: within 72 hours
What personal data we collect
We collect only data necessary to provide our services, ensure security and comply with legal requirements.
1️⃣ Identification data
Data allowing to identify you as a unique user:
- Full name (first name, last name, father's name)
- Date of birth (to confirm age 18+)
- Citizenship and country of residence
- Identity document number (passport, ID card, driver's license)
- Registration address and actual residence address
- Mobile phone number (with country code)
- Email address
Source: provided by you during registration and verification (KYC).
2️⃣ Financial data
Information about your transactions and payment methods:
- Deposit history: date, amount, payment method, status
- Withdrawal history: date, amount, withdrawal method, status
- Source of funds (for AML compliance)
- Banking data: account number, IBAN, SWIFT (for transfers only)
- Electronic wallet numbers: Skrill, Neteller, WebMoney, etc.
- Cryptocurrency wallet address: Bitcoin, USDT, Ethereum, etc.
Important: We do not store complete bank card data (CVV, full card number). Payment data is processed by PCI DSS Level 1 certified processors. We store only:
- First 6 and last 4 digits of card number (masked)
- Card expiration date
- Card type (Visa, Mastercard, etc.)
Source: provided by you during deposit/withdrawal; received from payment providers.
3️⃣ Gaming activity
Information about platform usage:
- Betting history: date, time, bet type, amount, odds, result
- Casino games history: games played, bets, winnings
- Bonus: activated bonus, wagering conditions, status
- Responsible gaming limits: restrictions set by you
- Gaming session time: duration, frequency
Source: automatically created by our platform.
4️⃣ Technical data
Information about your device and connection:
- IP address (for geolocation and security)
- Device type: smartphone, tablet, computer
- Operating system: Android, iOS, Windows, macOS (version)
- Browser: Chrome, Safari, Firefox (version)
- Screen resolution and language settings
- Unique device identifier (Device ID)
- Connection information: provider, speed, stability
Source: automatically collected when using the platform.
5️⃣ Communications
Records of interactions with us:
- Live chat messages (conversation history)
- Emails (incoming and outgoing)
- Phone calls (recordings for quality control, with your consent)
- Telegram, WhatsApp, Viber messages (when contacting support)
- Reviews and complaints
Source: provided by you during conversations with support.
6️⃣ Marketing preferences
Information about your interests and consents:
- Consent to receive promotional materials (email, SMS, push)
- Types of products that interest you: sports, casino, live games
- Click history on email newsletters and push notifications
- Communication language preferences
Source: provided by you during registration; updated via profile settings.
7️⃣ Cookies and analytics data
Data collected by web technologies (see "Cookies" section below):
- Pages visited on our website
- Time spent on each page
- Traffic source: direct access, search engines, advertising campaigns
- Clicks on interface elements and buttons
- Behavior patterns: scrolling, hover, clicks
Source: automatically collected via cookies, Google Analytics, pixels.
Why we use your data
We process your personal data only for legitimate purposes, including:
1️⃣ Service provision (Contract fulfillment)
- Account registration and management
- Processing deposits and withdrawals
- Placing bets and participating in games
- Calculating bonuses and wagering
- Providing technical support
Legal basis: contract fulfillment (User Agreement).
2️⃣ Legal compliance (Legal obligation)
- Identity verification (KYC) — age 18+ confirmation, multi-account prevention
- Anti-money laundering (AML) — fund source verification, suspicious transaction monitoring
- Sanctions list checks — OFAC, UN, EU, Interpol
- Regulatory reporting — data transmission to Curaçao Gaming Control Board
- Cooperation with law enforcement — during official inquiries
Legal basis: compliance with legal obligations.
3️⃣ Security and fraud prevention (Legitimate interest)
- Detection and prevention of fraudulent transactions
- Detection of bonus-hunting and abuse
- Protection against account compromise (bruteforce, phishing)
- DDoS attack monitoring
- Bot and automated betting system detection
Legal basis: our legitimate interest in protecting the platform and users.
4️⃣ Marketing and personalization (Consent)
- Sending promotional email newsletters about bonuses, promotions, new games
- Sending SMS and push notifications about special offers
- Targeted advertising via partners (Google Ads, Facebook Ads)
- Personalized game and betting offers
Legal basis: your explicit consent (can be withdrawn at any time).
5️⃣ Analytics and service improvement (Legitimate interest)
- User behavior analysis to improve interface
- A/B testing of new features
- Study of game and sports popularity
- Loading speed and performance optimization
Legal basis: our legitimate interest in improving service quality.
Who we share your data with
We do not sell your personal data to third parties. However, we may transfer data to these categories of recipients:
1️⃣ Payment processors
For processing deposits and withdrawals:
- Venson Ltd (Cyprus) — our main payment operator
- Skrill, Neteller, ecoPayz — electronic wallets
- Visa, Mastercard processors — bank cards
- Coinbase, Binance Pay — cryptocurrency transactions
Data transferred: name, email, transaction amount, payment method.
Protection: all processors are PCI DSS Level 1 certified.
2️⃣ Game and sports data providers
For providing content:
- Evolution Gaming, Pragmatic Play, NetEnt — live casino and slots
- Sportradar, Betradar — sports data and odds
- Spribe — Aviator game
Data transferred: user ID (pseudonymized), game history.
Protection: data protection agreements (DPA — Data Processing Agreements).
3️⃣ Verification and control services (KYC/AML)
For regulatory compliance:
- Sumsub, Onfido — biometric document verification
- ComplyAdvantage, Dow Jones — sanctions list and PEP checks
- SEON, Sift — fraud monitoring
Data transferred: name, date of birth, document number, document photo.
Protection: GDPR compliant, ISO 27001 certified.
4️⃣ Analytics and marketing platforms
For analysis and advertising:
- Google Analytics — web traffic analysis
- Facebook Pixel, TikTok Pixel — retargeting
- AppsFlyer, Adjust — mobile traffic attribution
- Mailchimp, SendGrid — email newsletters
Data transferred: IP address, cookies, web behavior, email (hashed for targeting).
Protection: data protection agreements, opt-out option.
5️⃣ Cloud hosting providers
For data storage:
- Amazon Web Services (AWS) — servers in Ireland (EU), Singapore, Virginia (USA)
- Cloudflare — CDN and DDoS protection
Data transferred: all platform data.
Protection: encryption at rest (AES-256), in transit (TLS 1.3).
6️⃣ Regulators and law enforcement
During legal requests:
- Curaçao Gaming Control Board — regulator of our license
- Financial Intelligence Units (FIU) — in case of money laundering suspicion
- Interpol, national police — during official investigation requests
- Tax authorities — according to local law upon request
Data transferred: any data requested within the legal request framework.
Protection: we verify the legality of each request.
7️⃣ Responsible gaming partners
For providing support (only with your consent):
- GamCare, BeGambleAware, Gamblers Anonymous
Data transferred: only upon your request, anonymously or with your consent.
International data transfers
Mostbet serves users in 93 countries. Your data may be transferred and processed outside your jurisdiction to other countries, including:
- 🌍 European Economic Area (EEA): Ireland (AWS servers)
- 🌍 USA: Virginia (AWS servers)
- 🌍 Singapore: AWS servers for Asian users
- 🌍 Curaçao: our main headquarters
Protection mechanisms for international transfers:
- ✅ Standard Contractual Clauses (SCC) — approved by European Commission
- ✅ Binding Corporate Rules (BCR) — internal rules of corporate group
- ✅ Adequacy decisions — countries recognized by EU as safe (e.g., Switzerland)
- ✅ Encryption in transit — all data encrypted during transfer (TLS 1.3)
How we protect your data
We apply comprehensive technical and organizational measures to protect your personal data:
🔒 Technical measures:
- ✅ SSL/TLS 256-bit encryption — all data between your device and our servers encrypted
- ✅ Encryption at rest — database encrypted with AES-256
- ✅ Two-factor authentication (2FA) — available for all users
- ✅ Payment data tokenization — bank cards replaced with tokens
- ✅ Firewalls — multi-layer server protection
- ✅ Intrusion detection systems (IDS/IPS) — 24/7 anomaly monitoring
- ✅ DDoS protection — Cloudflare Enterprise
- ✅ Penetration testing — every 6 months
🔐 Organizational measures:
- ✅ Access restriction — only authorized employees have data access (principle of least privilege)
- ✅ Non-disclosure agreements (NDA) — all employees sign NDA
- ✅ Employee training — continuous data protection training
- ✅ Access logging — all data actions recorded in audit logs
- ✅ Incident response procedures — action plan for data breaches
- ✅ Regular audits — external ISO 27001 reviews
Security statistics:
- 🏆 Zero data breach incidents in 15 years of operation
- 🏆 99.98% uptime — server stability
- 🏆 PCI DSS Level 1 certification — highest payment security standard
How long we keep your data
We keep your personal data only as long as necessary for processing purposes:
| Тип данных | Срок хранения | Основание |
|---|---|---|
| Identification data | 5 years after account closure | AML/KYC legislation |
| Financial data | 7 years after last transaction | Tax legislation, AML |
| Gaming and betting history | 5 years after account closure | Regulatory requirements, disputes |
| Support communications | 3 years after last contact | Service quality, disputes |
| Technical logs (IP, Device ID) | 1 year | Security, fraud |
| Cookies | Up to 2 years (by type) | Marketing, analytics |
| Marketing data | Until consent withdrawal or 2 years of inactivity | User consent |
After retention period expiration:
- Data is irreversibly deleted (secure deletion)
- Or anonymized for statistical purposes (personal identification impossible)
Your rights regarding personal data
Under GDPR and other data protection laws, you have the following rights:
1️⃣ Right to access
You can request a copy of all data we keep about you.
How to exercise:
- Personal panel → Settings → Privacy → "Download my data"
- Or send request to privacy@most-bet-apk.org with subject "Data Access Request"
Provision deadline: within 30 days (usually 3-5 days).
Format: CSV/JSON files in ZIP archive.
2️⃣ Right to rectification
You can update or correct incorrect data.
How to exercise:
- Personal panel → Settings → Profile → Edit
- Or write to support@most-bet-apk.org
Important: Changing name, date of birth requires new verification (KYC).
3️⃣ Right to erasure ("Right to be forgotten")
You can request deletion of your data.
Conditions:
- ✅ Account closed and no active obligations (debts, disputed transactions)
- ✅ Retention period for regulatory purposes expired
- ❌ Data cannot be deleted if necessary for contract fulfillment or legal obligations (AML, taxes)
How to exercise:
- Write to privacy@most-bet-apk.org with subject "Data Deletion Request"
Processing deadline: within 30 days.
4️⃣ Right to restriction of processing
You can stop processing your data in certain cases (e.g., during disputes about data accuracy).
How to exercise:
- Write to privacy@most-bet-apk.org with justification
5️⃣ Right to data portability
You can get your data in structured, machine-readable format (CSV, JSON) for transfer to another provider.
How to exercise:
- Personal panel → Download my data
- Or send request to privacy@most-bet-apk.org
6️⃣ Right to object
You can object to processing your data for marketing purposes or legitimate interest.
How to exercise:
- For marketing: "Unsubscribe" button in every email or profile settings
- For other purposes: write to privacy@most-bet-apk.org
7️⃣ Right to withdraw consent
If processing is based on your consent, you can withdraw it at any time.
How to exercise:
- Personal panel → Settings → Privacy → Consent management
Important: Consent withdrawal does not affect legality of processing before withdrawal.
8️⃣ Right to lodge a complaint
You can lodge a complaint with data protection supervisory authority.
Contacts:
- EU: Your national data protection authority (list)
- UK: Information Commissioner's Office (ICO) — ico.org.uk
- USA (California): California Privacy Protection Agency — cppa.ca.gov
Cookies and web technologies
What are cookies?
Cookies are small text files stored on your device when visiting our website. They help with:
- Remembering your settings (language, currency)
- Remembering login session (no need to enter password every visit)
- Analyzing website usage
- Showing similar advertisements
Types of cookies we use:
1️⃣ Strictly necessary cookies
Purpose: Ensuring basic website functions (login, security, cart).
- session_id — session identifier
- csrf_token — CSRF attack protection
- auth_token — authentication token
Duration: until browser closes (session) or 30 days.
Can be disabled? ❌ No — website won't work.
2️⃣ Performance cookies
Purpose: Collecting anonymous information about website usage (which pages are popular, where users make mistakes).
- _ga, _gid — Google Analytics
- _hjid — Hotjar (session recordings, heatmaps)
Duration: 1-2 years.
Can be disabled? ✅ Yes — via cookie settings.
3️⃣ Functionality cookies
Purpose: Remembering your settings for experience personalization.
- language — selected language
- currency — selected currency
- theme — light/dark theme
Duration: 1 year.
Can be disabled? ✅ Yes — but website won't remember settings.
4️⃣ Targeting/advertising cookies
Purpose: Tracking your behavior to show similar advertisements.
- _fbp — Facebook Pixel
- _gcl_au — Google Ads
- _ttp — TikTok Pixel
- IDE — DoubleClick (Google Display Network)
Duration: up to 2 years.
Can be disabled? ✅ Yes — via cookie settings or NAI opt-out (optout.networkadvertising.org).
Cookie management
In website settings:
- Click "Cookie settings" banner (on first visit)
- Or: Website footer → "Cookie preferences"
- Enable/disable cookie categories
In browser settings:
- Chrome: Settings → Privacy → Cookies
- Firefox: Settings → Privacy → Cookies
- Safari: Settings → Privacy → Cookies
- Edge: Settings → Cookies and permissions
Important: Disabling all cookies may prevent website from working (no access possible).
Other web technologies
Besides cookies, we use:
- Tracking Pixels: Invisible 1x1 images to track email newsletter opens and clicks.
- Local Storage: Local settings storage on HTML5 devices.
- Device Fingerprinting: Collecting device configuration information for identification without cookies (resolution, fonts, plugins) (used for fraud prevention).
Marketing and newsletter unsubscribe
Types of marketing messages:
We may send you:
- 📧 Email newsletters: bonuses, promotions, new games, tournaments
- 📱 SMS: urgent offers, verification codes
- 🔔 Push notifications: (in app) live events, bonus notifications
How to unsubscribe:
Email:
- "Unsubscribe" button in footer of every email
- Or: Personal panel → Settings → Communication → Disable "Promotional emails"
SMS:
- Reply "STOP" to every SMS
- Or: profile settings
Push notifications:
- App settings → Notifications → Disable "Promo"
- Or: OS settings (Android/iOS)
Important: You will still receive transactional messages (deposit confirmation, withdrawals, password change) — they are necessary for service operation.
Children protection
Mostbet strictly prohibits registration and use of service by persons under 18 years old (in some jurisdictions — under 21 years old).
Меры защиты:
- Mandatory age verification (KYC)
- Account blocking upon suspicion of minors
- We do not knowingly collect children's data
If you discover a registered child:
- Immediately write to compliance@most-bet-apk.org
- We will delete account and all data within 24 hours
Privacy Policy changes
We may regularly update this Policy to reflect changes in legislation or our experience.
For significant changes:
- ✅ We will notify 30 days before effective date via email
- ✅ We will place notice on website and in app
- ✅ We will request new consent (if required by GDPR)
How to track changes:
- Last update date is indicated at document beginning
- Policy version is indicated at document beginning
- Change history available upon request at privacy@most-bet-apk.org
Contacts for privacy questions
If you have questions, requests or complaints regarding processing of your data:
Email контакты:
- 📧 General questions: privacy@most-bet-apk.org
- 📧 Data Protection Officer (DPO): dpo@most-bet-apk.org
- 📧 Data deletion requests: privacy@most-bet-apk.org (subject "Data Deletion Request")
- 📧 Data access requests: privacy@most-bet-apk.org (subject "Data Access Request")
Другие способы связи:
- 💬 Live chat: available 24/7 in personal panel ("Privacy" section)
- 📞 Phone: support line (numbers by country)
Response times:
- Email: within 72 hours
- Access/deletion requests: within 30 days
- Live chat: 1-5 minutes
Mailing address:
Bizbon N.V.
Abraham de Veerstraat 9
Willemstad, Curaçao
Attn: Data Protection Officer
Conclusion
Mostbet is committed to protecting your privacy and processing your data transparently, legally and fairly. We use advanced technologies and strictly adhere to international data protection standards.
Your trust is our foundation.
By using our platform, you confirm that you have read this Privacy Policy and agree to its terms.
Mostbet — your data is securely protected since 2009.