burger icon
Euro Palace Review Canada
Log In

Privacy Policy

This Privacy Policy explains how personal information is collected, used, disclosed, and protected in connection with the Euro Palace content and related pages available at europalace-ca.com. It applies to players and prospective players who follow links to the Euro Palace online casino, as well as to all visitors who browse or interact with our review, comparison, and informational content from within Canada. By using europalace-ca.com you agree to the practices described in this Privacy Policy. Effective date: 1 January 2026.

Who We Are

For the purposes of this Privacy Policy, "we", "us" and "our" refer to the Euro Palace brand operators whose services are reviewed and promoted through Euro Palace at europalace-ca.com, as well as their appointed marketing and service providers, where applicable.

Operators and legal entities

  • Rest of Canada (outside Ontario): Online gaming services under the Euro Palace brand are provided by Digimedia Ltd, a limited company licensed and regulated by the Malta Gaming Authority (MGA) under licence number MGA/B2C/167/2008. Registered operational address (as provided): Villa Seminia, 8, Sir Temi Zammit Avenue, Ta' Xbiex XBX 1011, Malta.
  • Ontario: Online gaming services for Ontario residents are provided by Cadtree Limited, a limited company licensed by the Alcohol and Gaming Commission of Ontario (AGCO) and regulated by iGaming Ontario under licence number OPIG1237901. Cadtree Limited is listed as an active operator contributing to Ontario market reports. Detailed corporate and registration data are available via AGCO / iGaming Ontario public registries.
  • Review and informational environment: The Euro Palace content hosted on europalace-ca.com functions as an information and review interface for the Euro Palace brand for Canadian users.

Data controller and contact

  • Data controller: For players in Ontario, Cadtree Limited acts as data controller for personal data processed in the course of providing regulated gaming services. For players in the rest of Canada, Digimedia Ltd acts as data controller. For visitors using the Euro Palace informational pages only, the relevant Euro Palace operator and its appointed marketing partners will jointly determine the purposes of tracking and analytics, as explained in this Policy.
  • Data protection contact: A dedicated Data Protection Officer (DPO) or data protection contact point may be designated by the applicable operator. Where a specific privacy email or telephone number is published on europalace-ca.com or on the relevant operator site (such as europalace.com or europalace.ca), you should use those details. If such details are not specified, you may contact us through the general contact mechanisms provided on the website, clearly marking your request as "Privacy / Data Protection".
  • General contact details: Phone numbers, email addresses, and contact forms for the operators and for europalace-ca.com are subject to change and may be listed in the "Contact" or "Support" sections of the relevant websites. Where specific details are not currently specified, please use any available online contact form and indicate that your enquiry concerns privacy.

What Personal Data We Collect

We process different categories of personal data depending on whether you are browsing Euro Palace at europalace-ca.com, interacting with marketing communications, or opening and using a real-money gaming account with Euro Palace via the relevant operator's platform.

Identification and contact data

  • Personal identification: Full name, date of birth, nationality, and government-issued identification data (e.g., ID or passport details), where required for Know Your Customer (KYC) and age verification when you register or verify an account with Euro Palace.
  • Contact information: Email address, telephone number, residential address, province of residence, preferred language, and any other contact details you provide when registering, subscribing to newsletters, or contacting support.

Account, gaming and behavioural data

  • Account data: Username, account ID, security credentials (stored in encrypted form), account status, responsible gambling settings (deposit limits, self-exclusion status), and communication preferences.
  • Gaming and behavioural data: Game selections, betting and wagering history, wins and losses, session duration, clickstream and navigation patterns, interaction with promotions, and other usage data generated when you use Euro Palace services or interact with the Euro Palace pages.

Technical and device data

  • Technical identifiers: IP address, device identifiers, browser type and version, operating system, time zone, language settings, and approximate geolocation derived from IP (e.g., province or territory).
  • Log data: Access dates and times, pages viewed, referral URLs, error logs, and similar technical information generated by servers, security systems, and web analytics tools.

Payment and financial data

  • Payment information: Limited payment card or banking data (e.g., card type, masked card number, expiry date, IBAN or account number where relevant) processed through secure payment providers when you deposit or withdraw funds.
  • Transaction records: Deposits, withdrawals, bonus credits, and chargebacks, including timestamps, amounts, payment method, and associated account identifiers.

Cookies and similar technologies

  • Cookies: Small text files stored on your device that may include a unique identifier, browser and device information, preferences, and timestamps. These can be first-party (set by europalace-ca.com) or third-party (set by partners such as analytics or advertising networks).
  • Tracking technologies: Web beacons, pixels, tags, and similar technologies used to track interactions (e.g., clicks on affiliate links from Euro Palace to the operator's site), measure campaign performance, detect fraud, and personalize content.

Legal Basis for Processing

Our processing of personal data is grounded in applicable Canadian privacy legislation, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and substantially similar provincial laws, and, where relevant, aligned with the EU General Data Protection Regulation (GDPR) and Mexican privacy law principles. Depending on the context, we rely on one or more of the following legal bases.

Consent

  • Marketing and non-essential cookies: We obtain your consent for email marketing, SMS marketing, and the use of non-essential cookies or tracking technologies, in line with Canadian anti-spam and privacy requirements and, where applicable, GDPR and Mexican consent standards.
  • Optional services: Where we ask for optional information (for example, preferences or survey responses), we process such data based on your informed consent, which you may withdraw at any time.

Contractual necessity

  • Providing gaming services: When you register, verify, and maintain an account with Euro Palace, we process your personal data because it is necessary to perform the contract for the provision of online gaming services (e.g., opening your account, processing deposits and withdrawals, enabling gameplay, and providing customer support).
  • Affiliate journeys: When you click from Euro Palace at europalace-ca.com to the operator's platform, we use certain tracking identifiers to ensure correct routing and attribution for the services you requested.

Legitimate interests

  • Service improvement and analytics: We analyze aggregated and pseudonymized usage data to improve website performance, optimize content, develop new features, and better understand user behaviour, balancing these interests against your privacy rights.
  • Security and fraud prevention: We monitor for suspicious activity (such as bonus abuse, account takeover attempts, and payment fraud) in order to protect our players, our systems, and our regulatory obligations.

Legal obligations

  • KYC and AML: We are required by applicable laws and regulations (including anti-money laundering and counter-terrorist financing rules in Canada and Malta, as well as Ontario's regulatory framework) to verify your identity, monitor transactions, retain certain records for defined periods, and report suspicious activities to relevant authorities.
  • Regulatory and tax compliance: We process and retain personal data as necessary to comply with AGCO/iGaming Ontario requirements, Malta Gaming Authority rules, financial reporting standards, and general legal obligations such as responding to lawful requests from authorities or courts.

Where GDPR or Mexican privacy law (such as the Federal Law on Protection of Personal Data Held by Private Parties) applies due to your location or applicable conflict-of-law rules, we align our processing with the legal bases defined in those regimes.

Purpose of Processing

We collect and use personal data only for specific, explicit, and legitimate purposes. These purposes are described below, together with examples of how they apply both to your use of Euro Palace at europalace-ca.com and to the operation of Euro Palace gaming services.

Providing and managing services

  • Account creation and management: To register and manage your Euro Palace account, verify your eligibility to play (age and location), apply your preferences, administer bonuses, and process account closures or self-exclusions.
  • Gaming operations: To operate casino games, process your bets and wagers, settle outcomes, and credit or debit your account accordingly.

Payments and financial management

  • Deposits and withdrawals: To process payments, validate transactions with payment providers, and maintain accurate financial and transactional records.
  • Chargeback management: To investigate disputed transactions and manage any related claims or disputes with payment providers or financial institutions.

Customer support and communication

  • Support services: To respond to your queries, complaints, and requests submitted through support channels, live chat, or contact forms.
  • Service notifications: To send important service messages, such as confirmations, security alerts, updates to terms and policies, and information required by law (these are not optional marketing messages).

Marketing, personalization and analytics

  • Marketing communications: With your consent where required, to send promotional emails, SMS messages, or on-site notifications about offers, new games, features, and tournaments related to Euro Palace.
  • Personalization and analytics: To tailor content and promotions based on your profile and activity, and to perform statistical analysis to understand how users interact with Euro Palace and the operator platforms.

Security, integrity and compliance

  • Fraud and abuse prevention: To monitor for and prevent fraudulent activity, abuse of bonuses, money laundering, and other violations of our terms or of applicable law.
  • Legal and regulatory compliance: To comply with licensing conditions in Canada and Malta, satisfy reporting and audit requirements, maintain appropriate records, and cooperate with competent authorities.

Disclosure & Sharing

We do not sell your personal data. However, we may share your personal data with carefully selected recipients for the purposes described in this Policy, ensuring appropriate safeguards and contractual protections are in place.

Operational and technical service providers

  • Payment and banking partners: Banks, card schemes, payment processors, and e-wallet providers that process deposits, withdrawals, and refunds in accordance with applicable security standards.
  • IT and hosting providers: Cloud hosting services, data centre operators, content delivery networks, and technical support providers that enable the operation and security of europalace-ca.com and the Euro Palace platforms.
  • KYC, AML and verification services: Identity verification, age verification, geolocation, and risk-screening providers that assist us in fulfilling regulatory obligations.

Marketing, analytics and affiliate partners

  • Analytics providers: Third-party analytics tools that help us understand how visitors use Euro Palace and related pages, measure campaign performance, and improve user experience. Data shared is typically aggregated or pseudonymized.
  • Affiliate and advertising networks: Partners that help us display or track offers, measure conversions when you click from europalace-ca.com to the operator site, and, where you have given consent, deliver targeted advertising. Such sharing takes place only within the limits permitted by applicable law and your preferences.

Group companies and regulators

  • Group entities: Digimedia Ltd, Cadtree Limited, and any related group entities may share data among themselves where necessary for centralized operations, compliance, reporting, and group-level risk management, in accordance with appropriate safeguards.
  • Regulators and authorities: The Malta Gaming Authority, AGCO and iGaming Ontario, financial intelligence units, tax authorities, law enforcement agencies, courts, and other competent authorities may receive personal data where required by law, regulation, or legal process, or where necessary to protect our legal rights or those of others.

Corporate transactions and professional advisers

  • Professional advisers: Lawyers, auditors, consultants, and insurers may access relevant data in the course of providing professional services, subject to confidentiality obligations.
  • Business transfers: In the event of a merger, acquisition, reorganization, or sale of assets involving Euro Palace or europalace-ca.com, personal data may be disclosed to prospective or actual purchasers, subject to appropriate confidentiality protections and continued adherence to applicable privacy standards.

Whenever we share personal data with third parties, we limit the data to what is necessary and require recipients (where acting as processors) to process it only on our instructions and to implement adequate security measures.

International Transfers

Your personal data may be transferred to and processed in countries outside of your province or country of residence, including outside Canada. These transfers are necessary for the operation of Euro Palace services and the Euro Palace environment at europalace-ca.com.

Types of cross-border transfers

  • Canada <-> Malta / EU: Data may be transferred between Canada and Malta (where Digimedia Ltd is established) and other European Economic Area (EEA) locations for hosting, support, compliance, and gaming operations under the supervision of the Malta Gaming Authority.
  • Canada <-> other jurisdictions: Certain service providers (such as cloud hosting or analytics providers) may process data in other countries, including the United States or Mexico, depending on their infrastructure locations.

Safeguards for international transfers

  • Contractual protections: Where required by law (including GDPR for EEA data), we implement appropriate contractual safeguards, such as the European Commission's Standard Contractual Clauses or equivalent instruments, to ensure that your personal data receives a level of protection essentially equivalent to that in the originating jurisdiction.
  • Regulatory alignment: We consider guidance from Canadian regulators, including the Office of the Privacy Commissioner of Canada, on cross-border transfers, and we align with the principles of transparency and accountability set out in PIPEDA and comparable provincial laws.
  • Technical and organizational measures: We use encryption, access controls, and strict internal policies to protect personal data irrespective of where it is processed.

Where Mexican privacy law or GDPR applies to a particular transfer because of your location or the location of the operator, we ensure that all cross-border transfers comply with the applicable legal framework, including any consent or notice requirements.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, to comply with legal and regulatory obligations, to resolve disputes, and to enforce our agreements. Retention periods vary by data category and the applicable jurisdiction.

General retention periods

  • Account and identification data: Typically retained for the duration of your active account and for up to five (5) years after account closure, in line with KYC and anti-money laundering requirements in Canada and Malta, unless a longer period is required by law or justified by ongoing disputes.
  • Transaction and gaming records: Retained for up to seven (7) years after the relevant transaction or game session to comply with financial, tax, and gaming regulatory obligations.
  • Technical logs and security data: Retained for up to twenty-four (24) months from the date of collection, unless a longer retention is needed for security investigations, legal proceedings, or regulatory requirements.
  • Marketing data: Retained while you remain opted in to marketing communications and generally for up to twenty-four (24) months after your last interaction, unless you withdraw consent earlier.
  • Complaint and dispute records: Retained for up to seven (7) years after resolution of the complaint or dispute, or longer where required by applicable limitation periods.

Cookies and tracking technologies

  • Session cookies: Stored only for the duration of your browsing session and deleted when you close your browser.
  • Persistent cookies: Stored for a defined period, typically from several days up to thirteen (13) months, depending on their purpose, unless you delete them earlier through your browser settings.

When data is no longer required for its original purpose and there is no legal obligation or legitimate interest requiring its continued retention, we will securely delete it or irreversibly anonymize it so that it can no longer be linked to you.

Your Rights

We respect your rights in relation to your personal data. Our approach is designed to be consistent with Canadian privacy law (including PIPEDA and substantially similar provincial laws), and, where applicable, aligned with GDPR standards and Mexican privacy law (including the Federal Law on Protection of Personal Data Held by Private Parties), which recognize similar rights.

Access, correction and portability

  • Right of access: You may request confirmation of whether we hold personal data about you and receive a copy of such data, subject to limited exceptions (for example, where providing access would reveal confidential commercial information or personal data of others).
  • Right to rectification: You may request correction or updating of inaccurate or incomplete personal data, including account details and contact information.
  • Data portability (where applicable): Where supported by law (for example, under GDPR), you may request that we provide you with certain personal data in a structured, commonly used, and machine-readable format, or transfer it directly to another controller where technically feasible.

Erasure, restriction and objection

  • Right to erasure / cancellation: Subject to legal retention requirements, you may request deletion of your personal data, particularly where the data is no longer necessary for the purposes for which it was collected or where processing is based solely on consent. Under Mexican ARCO rights, this corresponds to the right to cancellation.
  • Right to restriction: In certain circumstances (e.g., while a dispute about accuracy or lawfulness is being resolved), you may request that we restrict processing of your personal data rather than delete it.
  • Right to object: You may object to processing of your personal data for direct marketing purposes at any time, and in other cases where we rely on legitimate interests and your particular situation justifies such objection. Under Mexican law, this corresponds to the right to opposition.

Consent and marketing preferences

  • Withdraw consent: Where processing is based on your consent (for example, for marketing or non-essential cookies), you may withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.
  • Marketing opt-out: You can opt out of marketing communications by using the unsubscribe link in emails, by changing your account preferences where available, or by contacting us using the methods described in this Policy.

How to exercise your rights and response times

  • Submitting a request: To exercise any of your rights, please contact us through the privacy or contact channels indicated on europalace-ca.com or on the relevant operator site, clearly describing your request and including sufficient information to verify your identity (such as your account username, registered email address, and province of residence).
  • Response timeframe: We aim to respond to all valid requests within 30 days of receipt. If more time is required due to complexity or volume, we will inform you of the extension and reasons.
  • Fees: Requests are handled free of charge, except where permitted by law in cases of manifestly unfounded, excessive, or repetitive requests, in which case a reasonable fee may be charged or the request may be refused with justification.

These rights apply in addition to any specific rights you may have under Canadian provincial laws, GDPR (for EU/EEA data subjects), and Mexican privacy regulations. Nothing in this Policy limits your statutory rights.

Cookies & Tracking Technologies

europalace-ca.com, including the Euro Palace pages, uses cookies and similar technologies to operate the site, enhance functionality, analyze usage, and support marketing and affiliate relationships. Some cookies are strictly necessary for the website to function, while others are optional and used only with your consent where required.

Types of cookies we use

  • Strictly necessary cookies: Essential for the functioning of the site and for providing the services you request (for example, to maintain your session, manage security, or remember privacy preferences). These cookies cannot be switched off through our systems.
  • Functional cookies: Enable enhanced functionality and personalization, such as remembering your language preferences or region.
  • Analytics cookies: Help us understand how visitors use Euro Palace and other pages on europalace-ca.com by collecting information such as page views, referral sources, and general usage patterns in aggregated form.
  • Advertising and affiliate cookies: Used to track clicks from europalace-ca.com to the Euro Palace operator sites, attribute registrations or transactions to the correct campaign, and, where allowed, tailor advertising content based on your interests.

Managing cookies and tracking

  • Browser settings: Most browsers allow you to manage cookies, including blocking or deleting them. Please refer to your browser's help section for instructions. Blocking certain cookies may impact website functionality.
  • On-site controls: Where available, a cookie banner or preference centre on europalace-ca.com will allow you to adjust your cookie preferences, particularly for non-essential cookies (analytics, advertising).
  • Do Not Track and similar signals: Our response to browser-based "Do Not Track" signals may vary depending on technical and legal requirements. Where required by law, we will honour such signals to the extent supported by our systems.

For more detailed information about individual cookies and their lifetimes, please refer to any cookie-specific documentation or settings presented on europalace-ca.com.

Data Security

We implement technical and organizational measures designed to protect personal data against unauthorized access, use, disclosure, alteration, or destruction. While no system can guarantee absolute security, we aim to align our practices with recognized industry standards.

Technical safeguards

  • Encryption in transit and at rest: Data transmitted between your browser and our systems is protected using modern transport layer security (TLS 1.2 or higher). Sensitive information stored by or on behalf of Euro Palace is encrypted or otherwise protected in accordance with best practices.
  • Access controls and authentication: Access to personal data is restricted to authorized personnel and service providers who need it for legitimate business purposes and are subject to confidentiality obligations. Strong authentication mechanisms, including multi-factor authentication where appropriate, are implemented.
  • Secure development and testing: Systems and applications are developed following secure coding principles and are tested for vulnerabilities prior to deployment and periodically thereafter.

Organizational and procedural measures

  • Policies and training: Staff who handle personal data receive training on privacy, data protection, and information security. Internal policies govern acceptable use, access rights, incident reporting, and data handling.
  • Vendor due diligence: Third-party service providers that process personal data on our behalf are subject to due diligence and contractual requirements regarding security and confidentiality.
  • Monitoring and audits: Systems are monitored for suspicious activity, and periodic security reviews and audits are conducted. Where applicable, we may rely on service providers that are certified or assessed against recognized standards such as ISO/IEC 27001 or SOC 2.

Incident response

  • Detection and response: We maintain processes to detect, investigate, and respond to potential data incidents, including steps to contain and mitigate any impact.
  • Notification: Where required by Canadian law, GDPR, Mexican law, or other applicable regulations, we will notify affected individuals and/or relevant supervisory authorities of a qualifying data breach without undue delay and in accordance with statutory timelines.

Complaints & Contacts

If you have questions or concerns about how your personal data is handled in connection with Euro Palace at europalace-ca.com or Euro Palace services, you have several avenues for contact and escalation.

Contacting us

  • Initial contact: Please first contact us using the support or contact channels provided on europalace-ca.com or on the Euro Palace operator site where your account is held. Clearly indicate that your enquiry relates to privacy or data protection.
  • Data protection contact / DPO: Where a specific Data Protection Officer or privacy email/phone is identified on the website or operator platform, please direct your privacy-related queries or complaints to that contact. If such details are not visible, use the general contact method and request that your query be forwarded to the team responsible for data protection.
  • Postal address: For matters relating to Digimedia Ltd, correspondence may be addressed to: Digimedia Ltd, Villa Seminia, 8, Sir Temi Zammit Avenue, Ta' Xbiex XBX 1011, Malta, marked "Data Protection". For Cadtree Limited, please refer to AGCO / iGaming Ontario public registers for the most current registered address, and direct your correspondence accordingly.

Complaint procedure and timelines

  1. Submission: Submit your complaint, including detailed information about your concern and any supporting documentation, via the available contact channels.
  2. Acknowledgement: We will acknowledge receipt of your complaint as soon as reasonably practicable.
  3. Investigation: We will investigate the matter, which may involve requesting additional information from you to verify your identity and understand the issue.
  4. Response: We aim to provide a substantive response within 30 days of receiving a complete complaint. If additional time is required due to complexity, we will inform you of the delay and the expected timeframe.

Escalation to supervisory authorities

  • Canada: If you are not satisfied with our response, you may have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada and, where applicable, with the relevant provincial privacy commissioner.
  • European Union / EEA: Where GDPR applies, you may lodge a complaint with the competent data protection authority, such as the supervisory authority in your habitual residence, place of work, or the place of the alleged infringement (for example, the data protection authority in Malta for processing under Digimedia Ltd).
  • Mexico: Where Mexican privacy law applies, you may lodge a complaint with the competent Mexican data protection authority for the private sector, in particular the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI).

We encourage you to contact us first so that we can attempt to resolve your concern directly, but you are not required to do so where applicable law allows direct access to supervisory authorities.

Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or services offered through Euro Palace at europalace-ca.com and the Euro Palace platforms.

Notification of changes

  • Minor updates: For non-material changes (such as clarifications or stylistic edits), we will revise the "Last updated" date and may post the updated Policy on europalace-ca.com without additional notice.
  • Material changes: For significant changes that affect how we process your personal data (for example, new purposes, new categories of data, or changes in data sharing practices), we will provide more prominent notice, which may include email notifications (where we have your email address), in-account alerts, or banners on europalace-ca.com.
  • Advance notice: Where required by law or where we consider it appropriate, we will provide at least 30 days' advance notice before material changes take effect, to give you the opportunity to review the changes.

Version control and your choices

  • Last updated: This Privacy Policy was last updated in January 2026.
  • Your continued use: By continuing to use Euro Palace at europalace-ca.com or Euro Palace services after an update takes effect, you acknowledge the revised Policy. If you do not agree with the updated Policy, you may discontinue use of the site and, where relevant, request closure of your gaming account.
  • Priority of operator policies: In the event of any inconsistency between this Privacy Policy and a privacy policy published directly on the operator's platform (such as europalace.com or europalace.ca), the operator's policy will govern the processing of personal data in connection with your gaming account, while this Policy governs processing associated with your use of europalace-ca.com, including Euro Palace pages.

You are encouraged to review this Privacy Policy periodically to stay informed about how we protect your personal data in the context of Canadian and international privacy and gaming regulatory standards.