logo pelican casino
logo pelican casino
EN PL DE DE LT LV
EN
EN PL DE DE LT LV
EN
EN PL DE DE LT LV
EN

Pelican Casino Privacy policy

This Pelican Casino Privacy policy sets out the principles and conditions under which personal data are collected and used in connection with pelicanonlinecasino.com and related services. The policy is intended for a global audience and is framed to reflect widely applicable personal data protection standards, including GDPR principles where they are relevant to the processing context. The administrator determines the purposes and means of data processing and applies governance measures designed to ensure lawfulness, fairness, and transparency. This document addresses privacy, users’ expectations, and the safeguards applied to maintain data security across account, gameplay, and support interactions. Where local mandatory rules provide a higher level of protection than the terms described herein, the higher standard prevails to the extent required by law.

Definitions and roles

For the purposes of this document, personal data means any information relating to an identified or identifiable natural person, including identification data and online identifiers. The term administrator refers to the entity responsible for determining why and how data processing occurs, including the selection of technical and organizational measures. Data processing covers any operation performed on personal data, whether automated or manual, such as collection, recording, storage, consultation, disclosure, or erasure. Files means structured records and system logs maintained in electronic form, including security logs, transactional records, and compliance registers. Cookies are small files placed on a device that enable functionality, security, and measurement of service performance, subject to applicable consent rules.

Categories of personal data processed

The data categories processed may include identification data such as name, date of birth, and nationality when required for eligibility and regulatory checks. Registration data may include email address, telephone number, preferred language, and account configuration details that are necessary to establish and maintain an account. Login data may include authentication credentials, device identifiers, IP address, and security tokens used to prevent unauthorized access and to support encryption and session integrity controls. Financial data may include payment method identifiers, transaction references, and limited verification attributes required for deposits, withdrawals, chargeback management, and fraud detection. Certain technical data such as usage logs and error reports may be collected to maintain service availability, integrity, and data security.

Methods of data collection and sources

Operationally, data are collected when an account is created, when registration data are submitted, and when identity or age verification is performed. Data may also be generated through normal service use, including login events, gameplay records, and device telemetry needed to detect anomalies and support security measures. Some information may be received from service providers engaged for payment processing, identity verification, fraud prevention, and customer support, where such transfers are necessary and appropriately governed. The administrator may collect data from communications, such as emails and chat transcripts, when users request assistance or submit complaints. The casino Pelican environment may also produce system files that record access attempts, configuration changes, and security alerts to support incident response and accountability.

Processing is carried out under one or more legal bases depending on the context, including performance of a contract where data are required to provide gaming services, manage accounts, and process transactions. Processing may be necessary to comply with legal obligations, including responsible gambling requirements, tax or accounting rules, and identity verification duties imposed by competent authorities. Legitimate interests may apply where processing is required to prevent fraud, ensure network and information security, and defend legal claims, provided that such interests are not overridden by the rights and freedoms of the data subject. Consent may be relied upon for specific uses such as certain cookies or marketing preferences, and consent may be withdrawn at any time with effect for future processing. When special restrictions apply under local law, the administrator applies the relevant compliance framework and documents the assessment in internal records.

Purposes of processing under the Pelican Casino Privacy policy

This Pelican Casino Privacy policy describes the purposes for which personal data are processed, including account administration, verification, and delivery of the requested services. Processing may be performed to validate eligibility, to prevent duplicate accounts, and to maintain the integrity of responsible gambling controls, including age and identity checks. Data may be used to process deposits and withdrawals, to handle reversals and disputes, and to meet anti fraud and risk management objectives aligned with data security requirements. Communications data may be used to respond to support requests, to provide service notices, and to document resolutions for audit purposes. Where applicable, processing may be conducted to meet regulatory reporting obligations and to maintain records demonstrating compliance with personal data protection principles.

Data retention and deletion standards

Retention is limited to periods necessary for the purposes described and for demonstrable compliance with legal obligations, after which data are deleted or anonymized. Identification data and verification records are generally retained for 5 years following account closure when required for regulatory, anti fraud, or audit purposes, subject to local law. Financial data and accounting records may be retained for 7 years to meet statutory bookkeeping requirements and to manage chargebacks and dispute resolution. Login data and security logs may be retained for 12 months to support incident detection, access control review, and forensic analysis, unless a longer period is required due to an ongoing investigation. Support communications may be retained for 24 months to address recurring issues and to evidence complaint handling, after which files are reduced or removed in accordance with documented schedules.

Disclosure, sharing, and third party recipients

Personal data may be shared with carefully selected processors that provide services such as hosting, payment processing, identity verification, fraud prevention, analytics limited to necessity, and customer support tooling. Such disclosures are governed by written agreements requiring confidentiality, appropriate security measures, and limitations on further processing. Data may be disclosed to banks, payment institutions, or card networks to complete transactions, manage refunds, and investigate disputes, within the bounds of contractual and legal requirements. The casino Pelican operations may also involve disclosure to professional advisers such as auditors, legal counsel, and compliance consultants where necessary for governance and defense of claims. Disclosure to public authorities may occur when required by law, valid court order, or lawful request by competent regulators, with the scope limited to what is legally necessary.

International transfers and cross border processing

Regulatory framing is relevant because the service may be accessed globally and certain processors may be located in jurisdictions outside the country of residence of the data subject. Where international transfers occur, the administrator applies appropriate safeguards such as adequacy decisions, standard contractual clauses, or equivalent contractual mechanisms recognized under applicable law. Transfer impact assessments may be performed to evaluate risks associated with access by foreign public authorities and to document mitigation steps. Encryption in transit and at rest may be required for cross border transfers involving identification data, financial data, or other sensitive operational records. The administrator seeks to ensure that privacy protections remain essentially equivalent, taking into account the nature of the data processing, the recipient’s security posture, and the enforceability of contractual commitments.

Information security and integrity controls

Security measures are applied to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or unauthorized access. Controls may include encryption, access management with least privilege, multi factor authentication for administrative systems, network segmentation, and continuous monitoring of security logs. System hardening, vulnerability management, and patching practices are designed to reduce exploitation risk, with critical updates targeted within 72 hours where feasible and proportionate. The administrator applies governance processes intended to maintain an availability target of 99.5% for core services, while recognizing that occasional maintenance windows or external outages may occur. Incident response procedures include detection, containment, investigation, and remediation, and where required, notification to competent authorities and affected individuals is handled in accordance with applicable legal time frames.

Cookies and similar technologies

This Pelican Casino Privacy policy also addresses cookies and related tracking technologies used to ensure functionality, maintain security, and measure service performance. Cookies may store session identifiers, language preferences, and security tokens that reduce the risk of unauthorized access and support fraud detection. Where consent is required by applicable law, non essential cookies are activated only after a valid preference choice is recorded and can be modified through available settings. Some cookies may be set by service providers acting as processors, and such placement is subject to contractual controls and purpose limitation. The casino Pelican environment may also use similar technologies in applications, such as device identifiers used to maintain login security and detect abnormal access patterns.

Data subject rights and exercise procedures

Rights based framing applies because individuals may have enforceable rights under GDPR like regimes and other local privacy laws, subject to eligibility and lawful limitations. These rights may include the right of access, the right to rectification, the right to erasure, the right to restriction of processing, the right to data portability, and the right to object in certain circumstances. Where processing is based on consent, withdrawal does not affect the lawfulness of prior processing but applies prospectively to the relevant purpose. Requests are verified to protect privacy and may require additional identification data where reasonable to prevent unauthorized disclosure. The administrator aims to respond within 30 days of receipt of a complete request, and where complexity requires an extension, the requester is informed of the reasons and the expected timeline in accordance with applicable law.

Verification and representation

Where there is a reasonable doubt regarding the identity of the requester, additional verification may be requested, and the scope of verification is limited to what is necessary for secure handling. If an authorized representative acts on behalf of a data subject, proof of authority may be required and retained for a limited period such as 90 days for auditability. The administrator assesses whether the request relates to registration data, login data, financial data, or support files, and applies the least intrusive method of fulfillment. If a request is manifestly unfounded or excessive, the administrator may refuse to act or may charge a reasonable fee where permitted, while documenting the rationale. Any refusal includes information about available complaint mechanisms under applicable law.

Complaints and supervisory engagement

Where relevant legal frameworks provide supervisory authorities, a complaint may be lodged with the competent authority in the jurisdiction of habitual residence or place of the alleged infringement. The administrator maintains internal procedures to record, assess, and remedy complaints in a manner consistent with accountability obligations. Communication records related to complaints are processed for the purpose of dispute handling and are retained for a period aligned with retention standards described in this policy. The administrator may request clarification to narrow the scope of a complaint and to ensure accurate handling, while maintaining privacy and confidentiality. The use of internal dispute resolution does not limit any statutory rights to seek judicial remedies where applicable.

Contact channels and data request submission

Operational explanation applies to the procedure for submitting inquiries and rights requests, including questions about data processing, cookies, or security practices. Requests should specify the nature of the inquiry, the relevant account identifiers where available, and the preferred method of response to facilitate accurate processing. Communications may be logged and retained as files for accountability, training, and audit, with access limited to authorized personnel. The administrator may request supplementary information where necessary to locate the relevant personal data and to avoid disclosing data to the wrong individual. The casino Pelican support function may provide status updates during request handling, provided that such communications do not compromise investigative integrity or security controls.

Amendments, governance, and compliance statement

This Pelican Casino Privacy policy is maintained as a controlled document within the administrator’s compliance framework and is reviewed at intervals aligned with operational and regulatory change. Amendments may occur due to changes in applicable law, guidance from competent authorities, updates to processing activities, introduction of new security measures, or material changes in service providers. Where changes are material, reasonable steps are taken to provide notice through the website or account communications before the changes take effect, unless immediate amendment is necessary to address a security or legal risk. The administrator records version history and applies internal approvals to ensure that updates reflect personal data protection principles, including purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality. Data processing activities remain subject to periodic risk assessments, including review of encryption practices, access controls, and vendor oversight, and the administrator targets a documented compliance review at least once every 18 months. The casino Pelican operations remain committed to maintaining data security and privacy safeguards consistent with GDPR principles where applicable, while recognizing that legal obligations may vary by jurisdiction and may impose specific procedures or additional rights. Questions about amendments, the exercise of the right of access, or other rights requests should be submitted through the designated contact channels referenced on pelicanonlinecasino.com, and such requests are handled within the applicable legal time frames, including the 30 day response standard where required.