Privacy Policy

This Privacy Policy explains how the operator of the Cool Bet profile on coolbetis.com ("we", "us", "our") collects, uses, discloses and protects your personal data when you visit our website, interact with our content, or contact us. It applies to website visitors, players who use our informational and referral services, and individuals who communicate with us by email or other channels. By accessing or using coolbetis.com, you acknowledge that you have read and understood this Privacy Policy.

This Privacy Policy is designed to comply with the UK General Data Protection Regulation ("UK GDPR"), the UK Data Protection Act 2018, and other applicable data protection laws. Where relevant, it also aligns with EU GDPR standards and, for users in Mexico, key principles of Mexican data protection law.

Effective date: 1 January 2026

Who We Are

OBSERVE: coolbetis.com is an informational and affiliate website that presents profiles of online gambling brands, including the Cool Bet profile for the "Cool Bet" brand. The website does not itself provide gambling services to users in the United Kingdom and is not licensed by the UK Gambling Commission.

EXPAND: Gambling services accessible via links on coolbetis.com may be offered by third-party operators outside the UK, including entities operating under Tier-1 licences such as:

Malta: Polar Limited, licensed by the Malta Gaming Authority ("MGA") under licence number MGA/B2C/685/2019.
Estonia: Operators licensed by the Estonian Tax and Customs Board ("EMTA"), for example under licence HKL000206.
Ontario, Canada: Operators registered with the Alcohol and Gaming Commission of Ontario ("AGCO").

The "Cool Bet" brand is owned by GAN Limited (NASDAQ: GAN), a B2B technology provider. These entities are independent controllers for any personal data you provide directly to them through their own websites or apps. coolbetis.com does not operate in the UK market as a gambling provider, is not UKGC-licensed, does not appear on GamStop, and does not pay UK Point of Consumption Tax. UK users are advised to use UKGC-licensed alternatives for gambling services.

REFLECT: For the purposes of this Privacy Policy, the data controller for data processed through coolbetis.com is the legal entity that operates the website (the "Website Operator"). The Website Operator's full legal name, registered office address, and company registration number should be displayed in the site's legal imprint or footer. Where such details are not visible to you, you may request them using the contact details below, and we will provide them as required by applicable law.

Data Protection Contact

Data controller: The Website Operator of coolbetis.com (controller for website and contact data).
Data Protection Officer (DPO) / Data Protection Contact: reachable via [email protected] (please include "Privacy request" in the subject line).
Postal address: The Website Operator's current legal/mailing address will be provided on request if not displayed elsewhere on the site.
Primary website: https://coolbetis.com
Related pages: Terms and conditions at https://coolbetis.com/en/terms, Responsible Gaming at https://coolbetis.com/en/responsible-gaming.

This Privacy Policy has been prepared based on research compiled by our UK-based content team, including Daniel Thompson (UK).

What Personal Data We Collect

OBSERVE: We collect personal data when you visit coolbetis.com, interact with the Cool Bet profile, contact us, or engage with our content. This includes information you provide directly, data generated automatically by your device, and information relating to your interactions with our partners.

EXPAND: We do not operate player accounts or take bets in the UK, and we do not directly process your gambling payment details for wagering purposes. However, the Website Operator may still process limited information regarding your interactions with gambling brands for analytics, referral tracking, and compliance purposes.

Data You Provide Directly

Identification and contact data: your name, email address, and any other contact details you provide when:
- Contacting us via email (e.g. [email protected]).
- Requesting information, feedback or support.
- Subscribing to newsletters or marketing communications (if offered).
Content of communications: any information you choose to include in messages, support requests, complaints, or feedback.

Technical and Usage Data

Technical identifiers: IP address, device type, operating system, browser type and version, language settings, approximate location (e.g. city/country), and referrer URL.
Log data: pages viewed (including the Cool Bet profile), time and date of visits, time spent on pages, click paths and navigation events, error logs, and similar diagnostic information.

Behavioral and Interaction Data

Interaction data: clicks on links, outbound clicks to third-party gambling operators, engagement with banners and calls-to-action, scroll depth, and device interaction events used for analytics and optimization.
Affiliate and referral data: anonymous or pseudonymous identifiers associated with outbound links to operators (for example, affiliate tracking IDs) and aggregated statistics provided by partners about conversions (such as account registrations or deposits) without identifying you directly, unless you choose to share such information with us.

Cookies and Similar Technologies

Cookies: small text files stored on your device that can be session-based (deleted when you close your browser) or persistent (stored for a defined period).
Similar technologies: web beacons, pixels, local storage, SDKs, and tags used for analytics, fraud detection, and (where permitted) marketing.

Payment and KYC/AML Data

REFLECT: coolbetis.com does not process your gambling payment details (such as card numbers or bank account information) and does not perform Know-Your-Customer ("KYC") identity checks or Anti-Money Laundering ("AML") screening on UK users, because we are not a UK gambling operator. Any KYC/AML or payment data you provide directly to third-party operators linked from coolbetis.com is processed by them under their own privacy policies. We may, however, receive aggregated or pseudonymous reporting from those partners (for example, statistics on registrations or deposits by referral ID) for performance analysis and compliance with our contractual obligations.

Legal Basis for Processing

OBSERVE: Under the UK GDPR and related laws, we must have a valid legal basis for each type of personal data processing. Different legal bases may apply depending on the context in which we process your data.

EXPAND: For the Cool Bet profile and other content on coolbetis.com, our primary legal bases are consent, contractual necessity, legitimate interests, and compliance with legal obligations. In limited circumstances, we may rely on vital interests or the public interest, for example when handling serious security issues.

Contractual Necessity

Purpose: To respond to your enquiries, provide requested information, and supply any informational or subscription services you actively sign up to (for example, newsletters, if offered).
Legal basis: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract (Article 6(1)(b) UK GDPR).

Consent

Purpose:
- Setting and reading non-essential cookies (for example for advertising or advanced analytics).
- Sending you marketing communications by email or other electronic means.
- Using certain profiling or personalization features where required by law.
Legal basis: Your freely given, specific, informed and unambiguous consent (Article 6(1)(a) UK GDPR). You can withdraw your consent at any time, without affecting the lawfulness of processing prior to withdrawal.

Legitimate Interests

Purpose:
- Operating, maintaining and improving coolbetis.com, including the Cool Bet profile.
- Measuring and understanding the performance of affiliate links and content.
- Preventing fraud, abuse, and security incidents (for example, detecting bots or malicious traffic).
- Defending, establishing or exercising legal claims.
Legal basis: Processing is necessary for our legitimate interests or those of a third party (Article 6(1)(f) UK GDPR), provided that those interests are not overridden by your rights and freedoms. We conduct balancing tests to ensure that our interests do not unfairly impact you.

Compliance with Legal Obligations

Purpose:
- Accounting, audit and tax obligations relating to our business activities.
- Responding to lawful requests from law enforcement or regulatory authorities.
- Complying with applicable KYC/AML and gambling-related obligations where we are legally required to cooperate with licensed operators or regulators outside the UK.
Legal basis: Processing is necessary to comply with a legal obligation to which we are subject (Article 6(1)(c) UK GDPR).

Special Categories of Data

REFLECT: We do not intentionally collect special categories of personal data (such as health data, political opinions or religious beliefs) via coolbetis.com. If, in exceptional circumstances, you provide such data in a message (for example, describing problem gambling issues), we will process it only to the extent necessary to respond to your request, relying on your explicit consent or another lawful basis (for example, legal claims) as required under Articles 9 and 10 UK GDPR.

Purpose of Processing

OBSERVE: We process personal data only for specified, explicit and legitimate purposes related to operating coolbetis.com and the Cool Bet profile.

EXPAND: Below we describe the main purposes for which we use your data and how these purposes connect to our services.

Providing and Supporting Our Services

Operating the website: enabling you to browse coolbetis.com, load pages correctly, and access the Cool Bet profile and related content.
Responding to enquiries: handling your questions, support requests, or complaints sent to [email protected] or other channels.
Managing subscriptions: processing opt-ins and opt-outs to newsletters or other communications, if available.

Improving Our Content and User Experience

Analytics and performance measurement: understanding how visitors use the Cool Bet profile and other pages (for example, which pages are most visited, how long users stay, and which links they click).
Optimization: testing and improving page layouts, navigation, and content structure to make our site clearer, faster and more useful.

Marketing and Communication

Direct marketing (with consent): sending newsletters or promotional messages about updates to coolbetis.com, new content, and relevant offers from trusted partners, where you have explicitly opted in.
Tailored content: using aggregated or pseudonymous data to understand which segments of users might be interested in certain types of content (for example, casino reviews vs. sports betting guides), subject to your cookie preferences.

Fraud Prevention, Security and Compliance

Security: monitoring for suspicious or malicious activity, protecting our systems, and preventing abuse of our services.
Legal compliance: retaining certain records to comply with our legal obligations and to demonstrate compliance with data protection and other applicable laws.
Dispute resolution: managing and resolving actual or potential disputes, including communication with regulators or authorities where required.

REFLECT: We do not use your personal data to make solely automated decisions that produce legal or similarly significant effects on you (for example, automated decisions that would prevent you from accessing services) in the context of coolbetis.com.

Disclosure & Sharing

OBSERVE: We share personal data only where necessary, proportionate, and consistent with applicable law and this Privacy Policy.

EXPAND: Depending on how you use coolbetis.com and the Cool Bet profile, your data may be disclosed to several categories of recipients.

Service Providers (Processors)

Hosting and infrastructure providers: companies that host our website, databases and related services.
Analytics providers: third parties that help us analyse website traffic and usage patterns (for example, web analytics platforms).
Security and anti-fraud providers: tools and services used to detect and prevent security threats and abusive behaviour.
Communication tools: email service providers and ticketing tools used to manage communications sent to [email protected].

These providers act as processors and may only process your personal data according to our documented instructions and under appropriate confidentiality and security obligations.

Affiliate and Advertising Partners

Affiliate networks and operators: we may share limited pseudonymous identifiers and aggregated statistics with gambling operators and affiliate networks we work with (for example, to confirm that a particular referral link resulted in a registration), without disclosing your identity to them unless you have provided it directly.
Advertising networks (with consent): where permitted and subject to your cookie settings, we may work with third-party advertising networks that use cookies or similar technologies for audience measurement and ad delivery.

Regulators, Authorities and Legal Processes

Regulatory authorities: we may share information with data protection authorities, gambling regulators, or financial regulators when legally required (for example, in Malta with the MGA, in Estonia with the EMTA, in Ontario with the AGCO, or with the UK Information Commissioner's Office).
Law enforcement and courts: we may disclose data in response to lawful requests, court orders or legal processes, or to establish, exercise or defend legal claims.

Corporate Transactions

Business transfers: if the Website Operator is involved in a merger, acquisition, sale of assets, or similar transaction, your data may be transferred to the relevant third parties as part of the transaction, subject to appropriate safeguards.

REFLECT: We do not sell your personal data in the sense often understood under data protection laws. Where we provide links to third-party websites (including gambling operators), those third parties are independent controllers of any personal data you provide directly to them, and their privacy policies govern such processing. We encourage you to review the privacy policy of each operator you choose to register with.

International Transfers

OBSERVE: Because coolbetis.com works with partners in multiple jurisdictions, your personal data may be transferred outside the United Kingdom, including to the European Economic Area ("EEA"), Malta, Estonia, Canada (including Ontario), and other countries.

EXPAND: Whenever we transfer your data outside the UK, we take appropriate steps to ensure that it is afforded a level of protection essentially equivalent to that under UK law.

Where Your Data May Be Processed

United Kingdom and EEA: many of our core systems and providers are located in the UK or EEA, where the UK GDPR or EU GDPR applies.
Malta and Estonia: where we work with partners or infrastructure providers connected to operators licensed by the MGA (for example, Polar Limited, licence MGA/B2C/685/2019) or the Estonian EMTA (licence HKL000206).
Canada (Ontario): where we cooperate with operators registered with the AGCO or related service providers.
Other countries: certain processors or partners may be located in other jurisdictions with different data protection laws.

Safeguards for International Transfers

Adequacy regulations: where the UK Government has recognised a country as providing an adequate level of data protection, we may rely on that decision to transfer data.
Standard contractual clauses: for transfers to countries without an adequacy decision, we typically use appropriate safeguards such as the UK International Data Transfer Agreement or UK addendum to EU Standard Contractual Clauses, together with additional technical and organisational measures where necessary.
Data Privacy Frameworks: where applicable, we may work with providers certified under recognised data transfer frameworks (for example, the UK extension to the EU-U.S. Data Privacy Framework). We do not rely on the former EU-U.S. Privacy Shield, which has been invalidated.

REFLECT: If you would like further information about the specific transfer mechanisms or safeguards used for your personal data, you can contact us at [email protected].

Data Retention

OBSERVE: We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including satisfying legal, accounting, or reporting requirements.

EXPAND: Retention periods vary depending on the category of data and the context in which it was collected.

Typical Retention Periods

Contact and communication data: emails and correspondence with you are generally stored for up to 5 years after our last meaningful interaction with you, to allow us to manage ongoing issues, respond to follow-up queries, and demonstrate how we handled your requests.
Technical and analytics data: logs and analytics identifiers are usually retained for between 6 and 26 months from the time of collection, depending on the specific tool and configuration, after which they are deleted or anonymised.
Cookie data: cookie lifetimes depend on the specific cookie. Session cookies expire when you close your browser. Persistent cookies typically last from a few days up to 24 months, unless you delete them earlier through your browser settings or our cookie management tools.
Legal and compliance data: data related to disputes, regulatory investigations, or legally required records may be kept for longer periods (for example, 6 years or more) where necessary to comply with our legal obligations or defend legal claims.

REFLECT: When the applicable retention period expires or the data is no longer needed for the relevant purpose, we will delete or irreversibly anonymise it. If you exercise your right to erasure, we will also consider whether we need to retain certain information for legal or legitimate reasons (for example, to prevent duplicate complaints or to comply with a legal obligation).

Your Rights

OBSERVE: As a data subject, you have various rights over your personal data under the UK GDPR and, where applicable, EU GDPR and Mexican privacy regulations.

EXPAND: We are committed to helping you exercise these rights in a clear and straightforward way, free of charge, unless your requests are manifestly unfounded or excessive.

Rights Under UK GDPR (and EU GDPR Where Applicable)

Right of access: you can request confirmation as to whether we process your personal data and receive a copy of that data, along with certain information about how we use it.
Right to rectification: you can ask us to correct or complete inaccurate or incomplete personal data about you.
Right to erasure: in certain circumstances, you can request that we delete your personal data (for example, where it is no longer needed for the original purpose and there is no overriding legal reason to keep it).
Right to restrict processing: you can ask us to limit how we use your data in specific situations (for example, while we verify its accuracy or consider an objection you have raised).
Right to object: you can object at any time to processing based on our legitimate interests, including profiling. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or the processing is needed for legal claims.
Right to data portability: where processing is based on consent or a contract and carried out by automated means, you can request to receive your personal data in a structured, commonly used, machine-readable format and ask us to transmit it to another controller where technically feasible.
Right to withdraw consent: where processing is based on your consent (for example, marketing emails or certain cookies), you can withdraw that consent at any time. This will not affect the lawfulness of processing carried out before withdrawal.

Additional Alignment with Mexican Privacy Law

ARCO rights: for users located in Mexico, we aim to align with key principles of Mexican data protection regulations by recognising rights broadly analogous to Access, Rectification, Cancellation and Opposition (ARCO) in respect of personal data we process.
Transparency: we provide clear information about the purposes of processing, the data we collect, and how you can exercise your rights, in line with international standards and Mexican best practices.

How to Exercise Your Rights

Submit your request: send an email to [email protected] with "Privacy request" in the subject line. Please specify which right(s) you wish to exercise and provide sufficient information to identify you (for example, the email address you used to contact us).
Verification: we may ask you for additional information to verify your identity, but we will keep this to a minimum and use it only for verification.
Response timeframe: we aim to respond to all valid requests within one month (30 days) of receipt. In complex cases or where you have made multiple requests, we may extend this period by up to two further months, in which case we will inform you of the extension and the reasons for it.
Cost: we provide our response free of charge. If requests are manifestly unfounded or excessive (for example, repeated requests), we may charge a reasonable fee or refuse to act, as permitted by law.

REFLECT: If you are dissatisfied with our response, you also have the right to lodge a complaint with your local data protection authority, such as the UK Information Commissioner's Office or, for users in Mexico, the competent Mexican data protection authority.

Cookies & Tracking Technologies

OBSERVE: coolbetis.com uses cookies and similar technologies to operate the site, enhance user experience, measure performance, and, where permitted, deliver and measure advertising.

EXPAND: Some cookies are strictly necessary for the site to function, while others are optional and used only with your consent.

Types of Cookies We Use

Strictly necessary cookies (session or short-term): required for core site functionality, such as loading pages, managing navigation, and preventing malicious activity. These cookies are usually session-based and expire when you close your browser.
Functional cookies: used to remember your preferences (for example, language or cookie settings) and provide enhanced features.
Analytics cookies: help us understand how visitors use the Cool Bet profile and other pages (for example, which pages are visited most frequently and where users come from). These may be first-party or third-party cookies.
Advertising and affiliate cookies (third-party): used by advertising networks and affiliate partners to measure the performance of marketing campaigns, track referrals to gambling operators, and, where permitted, show more relevant content or offers.

Managing Cookies

Cookie banner and preferences: when you first visit coolbetis.com, you may see a cookie banner or preferences panel allowing you to accept or reject non-essential cookies. You can change your preferences at any time using the tools provided on the site (where available).
Browser settings: most browsers allow you to block or delete cookies via their settings. Doing so may affect your ability to use certain features of the website.
Opt-out tools: some third-party analytics or advertising providers offer their own opt-out mechanisms. Information about these tools is typically available in their privacy policies.

REFLECT: Strictly necessary cookies are used based on our legitimate interests in providing a secure and functional website. All other cookies and similar technologies are used based on your consent, which you can withdraw at any time through your browser or our cookie management tools.

Data Security

OBSERVE: We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, accidental loss, destruction or damage.

EXPAND: While no online service can guarantee absolute security, we continuously work to maintain a level of protection that is appropriate to the risks associated with our processing activities.

Technical Measures

Encryption: data transmitted between your browser and coolbetis.com is protected using industry-standard TLS (Transport Layer Security) 1.2 or higher, helping to safeguard it from interception.
Secure hosting: we use reputable hosting providers and modern server configurations, including firewalls, intrusion detection tools, and access controls.
Access control and authentication: access to systems containing personal data is limited to authorised personnel and, where applicable, protected by strong passwords and multi-factor authentication.
Data minimisation and pseudonymisation: where feasible, we minimise the amount of personal data stored and use pseudonymous identifiers for analytics and reporting.

Organisational Measures

Policies and training: staff who handle personal data receive guidance or training on data protection and security best practices.
Vendor due diligence: we select service providers that implement appropriate security measures and, where possible, align with recognised international standards (for example, ISO 27001 or SOC 2) in their own operations.
Incident response: we maintain procedures for identifying, investigating, and responding to suspected personal data breaches. Where required by law, we will notify the relevant supervisory authority and affected individuals without undue delay.

REFLECT: Although we strive to protect your data, transmission of information over the internet is not completely secure. You should take appropriate precautions, such as using up-to-date antivirus software and avoiding sending highly sensitive information in unencrypted emails.

Complaints & Contacts

OBSERVE: You can contact us at any time with questions, concerns or complaints about how we handle your personal data.

EXPAND: We aim to resolve issues promptly and fairly. If you are not satisfied with our response, you may escalate your complaint to the relevant supervisory authority.

How to Contact Us

Email (primary channel): [email protected] (24/7). Please include "Privacy" in the subject line for data protection matters.
Live chat: where available on coolbetis.com, you may use live chat to ask general questions. For formal rights requests, we recommend email so we can verify and document your request.
Postal address: you may write to the Website Operator at its legal or mailing address, which will be provided upon request if not shown elsewhere on the site.

Internal Complaint Procedure

Step 1 - Submit your complaint: send us a detailed description of your concern by email to [email protected], including any relevant background and copies of previous correspondence if applicable.
Step 2 - Acknowledgement: we will normally acknowledge receipt of your complaint within a reasonable time, typically within 7 days.
Step 3 - Investigation: we will investigate your complaint, which may involve reviewing logs, consulting with relevant teams, and, where necessary, asking you for further information.
Step 4 - Response: we aim to provide a substantive response within 30 days of receiving your complaint or request. If we cannot respond within this period, we will explain the reason and inform you of the extended timeframe.

Escalation to Supervisory Authorities

United Kingdom - Information Commissioner's Office (ICO): if you are in the UK and are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the ICO:
Website: https://www.ico.org.uk
Telephone: see the contact details provided on the ICO website.
European Union: if you are located in the EEA, you may lodge a complaint with your local data protection authority. A list of supervisory authorities is available on the European Data Protection Board's website.
Mexico - Data Protection Authority: if you are resident in Mexico and believe your data protection rights have been infringed, you may lodge a complaint with the competent Mexican data protection authority (for example, the National Institute for Transparency, Access to Information and Personal Data, INAI) in accordance with applicable Mexican privacy regulations.

REFLECT: We encourage you to contact us first so that we can try to resolve your concern directly, but you may contact a supervisory authority at any time.

Updates

OBSERVE: We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services offered on coolbetis.com, including the Cool Bet profile.

EXPAND: When we make material changes, we will take appropriate steps to notify you and, where required, to obtain your consent.

Notification of Changes

Website notice: we will post the updated Privacy Policy on https://coolbetis.com with a new "Last updated" date.
Email or account notices: if you have provided us with your email address (for example, for newsletters), we may send you an email notification about material changes that affect you.
Banners or pop-ups: for significant updates, we may display a banner or pop-up notification on the site.

Advance Notice and Your Choices

Advance notice: for material changes that significantly affect how we process your personal data or your rights, we will, where practical, provide at least 30 days' advance notice before the new terms take effect.
Right to object: if you do not agree with the updated Privacy Policy, you may choose to stop using coolbetis.com and, where applicable, unsubscribe from communications.
Account or subscription closure: if we ever introduce user accounts or registration features, you will be able to close your account or cancel your subscription if you do not accept material changes.

Last updated: January 2026

Changelog of Material Changes

January 2026 (Version 4.0): comprehensive update to align with UK GDPR and current UK data protection practices; explicit clarification that coolbetis.com does not operate as a UK-licensed gambling operator; enhanced description of international transfers, security measures, and user rights; additional references to Mexican privacy principles for users in Mexico.

REFLECT: Your continued use of coolbetis.com, including the Cool Bet profile, after any changes to this Privacy Policy have taken effect will constitute your acknowledgement of the updated policy. We encourage you to review this page regularly to stay informed about our privacy practices.