burger icon
Lucky Pari United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how the online gambling services marketed under the brand "Lucky Pari" and made available via luckiperi.com, including its UK-facing variant Lucky Pari (collectively, the "Website"), collect, use, disclose and protect your personal data. It applies to players, registered account holders, visitors, and any other individual who accesses the Website from the United Kingdom or elsewhere. By using the Website, you acknowledge that you have read and understood this Privacy Policy.

This Privacy Policy is prepared to comply with the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, and other applicable privacy laws and industry standards. It should be read together with our Terms and Conditions and any game or promotion rules published on the Website.

Effective date: 1 January 2026

Who We Are

The Website is operated by a group of companies that provide remote casino and sports betting services under a licence issued in Curaçao. For the purposes of data protection law, the entity that determines the purposes and means of processing your personal data acts as the "data controller".

Operator and regulatory background

  • Brand and Website: Lucky Pari, operated via https://luckiperi.com and its UK-facing variant Lucky Pari.
  • Licensing jurisdiction: The gambling services are provided under a remote gaming licence issued by Gaming Curaçao, Master Licence No. 365/JAZ.
  • Corporate structure: The brand is operated by a limited liability company established in Curaçao, with payment processing support typically provided by a related limited liability company based in Cyprus. Specific registration numbers and full legal addresses will be communicated on the Website once made available.

Data controller contact details

For privacy and data protection matters, you can contact us using the details published from time to time on the Website footer and in your account area. As of the effective date of this Privacy Policy, our primary contact channel for privacy issues is:

  • E-mail (data protection): privacy contact details as published on the Website
  • Postal address: Parent company in Curaçao and operating/payment processing entity in Cyprus (exact legal names and addresses to be confirmed on the Website). When you contact us, we will provide the most up-to-date corporate contact information upon request.

Data Protection Officer / privacy contact

We have appointed a dedicated privacy contact (Data Protection Officer or equivalent function) who is responsible for overseeing questions in relation to this Privacy Policy and our compliance with applicable data protection rules. You may contact this person via the data protection e-mail address or other channels specified on the Website. When you do so, please mark your communication as "Data protection - Lucky Pari / luckiperi.com".

What Personal Data We Collect

We collect only the personal data that is necessary for lawful operation of our offshore gambling services, for running the Website, and for complying with regulatory obligations (including anti-money laundering and responsible gambling requirements). The categories of data we may collect and process include the following:

Identity and contact data

  • Registration details: full name, date of birth, nationality, gender (where requested), residential address, country of residence, and chosen username.
  • Contact details: e-mail address, mobile and/or landline telephone number, communication language preferences, and preferred contact channels.
  • Verification data (KYC): scans or photos of identification documents (passport, ID card, driving licence), proof of address documents (utility bills, bank statements), and any additional documents or information requested to verify your identity, age, source of funds, or source of wealth.

Technical and device data

  • Network information: IP address, approximate geolocation derived from IP (e.g. indicating that you connect from the United Kingdom), Internet Service Provider, connection timestamps, and log files relating to your sessions.
  • Device information: device type, operating system, browser type and version, screen resolution, language settings, and other technical identifiers such as device IDs and cookies.
  • Usage logs: login and logout times, authentication logs, account changes, responsible gambling setting changes, error logs, and technical information about your interaction with the Website.

Financial and payment data

  • Payment instruments: partial card numbers, card expiry dates, cardholder name, issuing country (to the extent made available by payment providers), virtual card identifiers, and other payment-related metadata when you deposit or withdraw funds. For some methods (e.g. e-wallets or vouchers), we may receive and store associated account identifiers.
  • Cryptoasset data: wallet addresses, transaction hashes, and other blockchain transaction references when you deposit or withdraw using cryptocurrencies or tokens.
  • Transaction history: amounts, currencies, payment methods used, timestamps, and reference numbers related to deposits, withdrawals, refunds, chargebacks, and adjustments.

Gaming and behavioural data

  • Betting and gaming history: game sessions, sports bets placed, stake sizes, win and loss amounts, bonuses and promotions used, wagering requirements, and in-game events.
  • Behavioural patterns: frequency of play, duration of sessions, device switching patterns, interactions with responsible gambling tools, and indicators relevant to anti-fraud and anti-money laundering monitoring.
  • Interaction data: clicks, views of particular pages or banners, navigation paths through the Website, and responses to surveys or feedback forms.

Communication and support data

  • Support interactions: content of e-mails, chat transcripts, complaint submissions, self-exclusion requests, and other customer support communications.
  • Call data: if telephone support is implemented, we may record or log calls for quality and verification purposes, subject to applicable law and notice.

Cookies and similar technologies

  • Cookies: small text files placed on your device to support Website functionality, security, analytics, and advertising.
  • Similar technologies: web beacons, pixel tags, local storage, and software development kits (SDKs) used for session management, fraud detection, and performance monitoring.

Where we require personal data by law, under our contractual obligations, or for regulatory requirements (including KYC and anti-money laundering checks), failure to provide such data may mean we cannot open or maintain your account or provide certain services.

Legal Basis for Processing

We process your personal data in accordance with the UK GDPR, the Data Protection Act 2018, and other applicable laws. Depending on the specific context, we rely on one or more of the following legal bases:

Performance of a contract

  • Account operation: We process identity, contact, and technical data to create, manage, and secure your player account on luckiperi.com and Lucky Pari.
  • Provision of gambling services: We use your data to accept deposits, process bets, allow participation in games, credit winnings, and process withdrawals.
  • Customer support: We handle communications you send us in order to respond to queries, complaints, self-exclusion requests, or other account-related issues.

Compliance with legal obligations

  • KYC and AML: As an offshore gambling operator licensed in Curaçao, we must perform "know your customer" checks, monitor transactions, and report suspicious activity to relevant authorities. These obligations arise from anti-money laundering, counter-terrorist financing, and sanctions laws applicable to our operations.
  • Responsible gambling: We process data related to your behaviour and self-exclusion settings to help manage problem gambling risks and comply with responsible gambling standards.
  • Record-keeping and taxation: We retain transaction and account records for legally mandated periods for tax, accounting, and regulatory audit purposes.

Legitimate interests

  • Service improvement and analytics: We analyse aggregated or pseudonymised usage patterns to enhance Website performance, game offerings, and user experience, ensuring that our interests do not override your rights and freedoms.
  • Fraud and security: We process technical, behavioural, and transactional data to detect and prevent fraud, bonus abuse (for example, as described in our Terms & Conditions including sections such as 9.2 and 12), money laundering, and other misuse of our services.
  • Legal defence: Where necessary, we may process data in connection with potential or actual legal claims, regulatory investigations, or dispute resolution, always weighing our interests against your privacy.

Consent

  • Marketing communications: We will send direct marketing communications (such as e-mail or SMS promotions) only where you have given us your consent or where permitted by law, and you can withdraw this consent at any time.
  • Optional cookies and profiling: Where required by law, we will obtain your consent for non-essential cookies (for example, certain analytics or advertising cookies) and for specific forms of profiling for marketing purposes.

In some limited situations, we may also process data to protect your vital interests or those of another person (for example, sharing information with relevant services in case of a serious risk of harm), but such situations are rare and assessed carefully.

Purpose of Processing

We process your personal data for clearly defined and lawful purposes. The main purposes are as follows:

Provision and administration of services

  • Operating your account: Registering you as a player, verifying your identity, enabling logins, managing balances, and providing game access on the Lucky Pari section of luckiperi.com.
  • Payment processing: Handling deposits and withdrawals via supported payment instruments (including cards, e-wallets, vouchers, and cryptocurrencies), mitigating payment failures, and preventing chargebacks.
  • Customer support: Responding to your queries, complaints, self-exclusion notifications, refund requests, and other support interactions.

Compliance, risk management, and responsible gambling

  • Regulatory compliance: Implementing KYC/AML checks, record-keeping, and reporting obligations related to our Curaçao gaming licence and other applicable legal frameworks.
  • Fraud and abuse prevention: Detecting suspicious behaviour such as multi-accounting, arbitrage, bonus abuse, and misuse of payment instruments, and applying risk controls.
  • Responsible gambling: Monitoring gameplay patterns to detect potential problematic behaviour, administering account limits, time-outs, and self-exclusion, and honouring self-exclusion requests.

Improvement, personalisation, and marketing

  • Service improvement: Analysing Website performance, player preferences, and game popularity to refine our product offering, user interface, and technical stability.
  • Personalisation: Customising content (such as recommended games or bonuses) based on your previous interactions, within the bounds of applicable consent requirements and legal bases.
  • Marketing communications: Sending newsletters, promotional offers, and information about new games and features, subject to your marketing preferences and applicable consent requirements.

Security, dispute resolution, and legal obligations

  • Security monitoring: Maintaining logs, implementing access controls, and monitoring unusual activity to safeguard your data and our systems.
  • Dispute resolution: Investigating, documenting, and responding to internal complaints, refund requests (e.g. under our refund policies), and other disputes related to your use of the Website.
  • Legal and regulatory obligations: Complying with applicable laws, responding to lawful requests from competent authorities, and defending legal claims.

Disclosure & Sharing

We do not sell your personal data. However, to operate an offshore gambling service effectively and lawfully, we may share your data with certain third parties under strict conditions and appropriate safeguards:

Within our corporate group

  • Group companies: Parent and associated companies in Curaçao and Cyprus (or other jurisdictions) that assist in operating luckiperi.com and its regional variants, providing IT, payment processing, compliance, and customer support functions.

Service providers and partners

  • Payment service providers: Banks, card schemes, payment processors, crypto payment gateways, and other financial partners that facilitate deposits, withdrawals, and chargeback handling.
  • Technical and hosting providers: Companies that provide cloud hosting, content delivery networks, security services, logging, analytics, and maintenance of the Website.
  • Game providers and platforms: Casino game and sportsbook platform providers that may process your data for the purpose of delivering specific games and ensuring fairness and security.
  • Marketing and analytics providers: Subject to consent requirements, selected partners that provide analytics, e-mail delivery, or advertising services to support our marketing activities.

Regulators, authorities, and dispute-related recipients

  • Regulators: Gaming Curaçao and other regulatory or supervisory authorities that may request information in relation to our licence (Licence No. 365/JAZ) or related obligations.
  • Law enforcement and government authorities: Competent authorities, courts, or agencies where we are legally required to share data or where disclosure is necessary for legal claims, fraud investigations, or enforcement of our rights.
  • Professional advisers: Lawyers, auditors, and consultants who require access to certain data to provide professional services, subject to confidentiality obligations.

Affiliates and advertising networks

  • Affiliate partners: Marketing affiliates and traffic partners that refer players to luckiperi.com may receive limited performance data (for example, anonymised or aggregated metrics) to calculate commissions and evaluate campaign performance.
  • Advertising networks: Subject to your consent and applicable law, we may share pseudonymised identifiers with advertising networks for retargeting or campaign measurement.

Whenever we share personal data with third parties, we do so under contracts that require them to implement appropriate security measures and to process the data only for the purposes we specify and in accordance with applicable law.

International Transfers

Because Lucky Pari operates as an offshore non-GamStop gambling service under a Curaçao licence and uses infrastructure and providers in multiple jurisdictions, your personal data may be transferred to and processed in countries outside the United Kingdom, including countries that may have a different level of data protection than the UK.

Locations of processing

  • Curaçao: As our gaming licence and some corporate functions are based in Curaçao, certain data will be processed or accessed there.
  • Cyprus and other EEA states: Payment processing and operational services may be provided from Cyprus or other European Economic Area ("EEA") countries.
  • Other jurisdictions: Technical, hosting, or support providers may process data in other countries, subject to contractual safeguards.

Transfer safeguards

  • Adequacy decisions: Where we transfer personal data from the UK to a country or territory recognised by the UK government as providing an adequate level of data protection, we rely on that adequacy decision.
  • Standard Contractual Clauses / IDTA: For transfers to countries without adequacy decisions (for example, Curaçao or certain non-EEA hosting locations), we implement appropriate safeguards such as the UK International Data Transfer Agreement and/or UK-approved Standard Contractual Clauses, supplemented where necessary by additional technical and organisational measures.
  • Limited access and pseudonymisation: Where possible, we limit the data accessible from higher-risk jurisdictions and apply pseudonymisation or encryption to enhance protection.

Because Lucky Pari is an offshore, non-UKGC-licensed operator, there is an increased systemic risk that changes in UK regulatory or enforcement practice (for example, financial blocking of certain operators) could affect access to the Website or to payment channels. These risks relate to the availability of services and are separate from, but may indirectly impact, data processing. We continually review our transfer arrangements and will update this Privacy Policy if our safeguards or processing locations change.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, regulatory, or reporting requirements. Retention periods depend on the category of data and the context of processing.

Typical retention periods

  • Account and identity data: Core KYC/identity records (name, date of birth, address, ID documents) are typically retained for the duration of your relationship with us and for five (5) years after account closure or after the last transaction or interaction, whichever is later, in line with applicable anti-money laundering requirements and regulatory expectations.
  • Transaction and betting data: Payment records, bet histories, and game logs are normally retained for at least five (5) years after the relevant activity to meet legal, tax, audit, and regulatory requirements.
  • Marketing data: Data used for direct marketing (such as e-mail addresses and preference records) is typically retained while you remain opted in and for up to two (2) years after your last interaction with our marketing communications, unless you withdraw consent earlier.
  • Technical logs and security data: System logs, access logs, and fraud-related records are generally kept for up to two (2) years, or longer if necessary to investigate fraud, comply with legal obligations, or defend legal claims.
  • Complaint and dispute records: Records relating to complaints, disputes, or legal proceedings may be retained for the time necessary to manage the dispute and for the applicable limitation period under relevant law.

Deletion and anonymisation

  • Deletion criteria: When data is no longer required for the purposes outlined in this Privacy Policy and no legal obligation or legitimate interest justifies further retention, we will securely delete or anonymise it.
  • Anonymised data: We may retain anonymised or aggregated data (which no longer identifies you) for statistical, analytical, or business planning purposes without further notice to you.

Where you exercise your rights to erasure or restriction, we will consider these requests in light of our legal and regulatory obligations, which may require us to retain certain data for specified periods, even after your account is closed.

Your Rights

As a data subject, you have various rights in relation to your personal data under the UK GDPR and the Data Protection Act 2018, and similar rights may apply under other privacy laws where you are located. We respect these rights and provide mechanisms for you to exercise them efficiently and free of charge, subject to certain conditions.

Core rights under UK data protection law

  • Right of access: You can request confirmation of whether we process your personal data and obtain a copy of that data, together with information about how we use it.
  • Right to rectification: You can ask us to correct inaccurate or incomplete personal data. In many cases, you can update key details directly in your account settings.
  • Right to erasure ("right to be forgotten"): You can request deletion of your personal data in certain circumstances, for example where the data is no longer necessary for the purposes for which it was collected, or where you withdraw consent and there is no other legal basis for processing. We may need to retain some data to comply with legal obligations (for example, AML record-keeping).
  • Right to restriction of processing: You can request that we temporarily restrict processing of your data in certain situations (for example, while we verify the accuracy of data or assess an objection).
  • Right to object: You can object to processing based on our legitimate interests (including certain profiling) where you believe your fundamental rights outweigh our interests. You always have the right to object to direct marketing, in which case we will stop sending marketing messages.
  • Right to data portability: You can request certain personal data in a structured, commonly used, machine-readable format and ask us to transmit it to another controller, where technically feasible and where processing is based on consent or contract and carried out by automated means.
  • Right to withdraw consent: Where we rely on your consent (for example, for marketing or non-essential cookies), you can withdraw that consent at any time, without affecting the lawfulness of processing before withdrawal.

Alignment with Mexican and other privacy laws

  • Mexican ARCO rights: If you are located in Mexico and the Mexican Federal Law on Protection of Personal Data Held by Private Parties ("LFPDPPP") applies, you may have additional or overlapping rights to Access, Rectification, Cancellation, and Opposition ("ARCO rights"). We seek to handle such requests consistently with both UK and applicable Mexican standards, to the extent relevant.
  • Other jurisdictions: If we make our services available in additional jurisdictions, local privacy laws may grant further rights. Where there is a conflict, we will apply the standard that offers stronger protection, to the extent feasible and consistent with our legal obligations.

How to exercise your rights

  1. Submit a request: You can exercise your rights by contacting us via the privacy contact details provided on the Website (for example, via the dedicated privacy e-mail address or secure account area tools, where available). Please clearly state which right you wish to exercise and provide sufficient information to verify your identity and locate your data.
  2. Verification: To protect your account and prevent unauthorised access, we may ask you for additional information to confirm your identity (for example, by confirming certain account details or providing identification documents).
  3. Response times: We aim to respond to all valid requests within one (1) month of receipt. In complex cases or where you submit multiple requests, this period may be extended by up to a further one (1) month, in which case we will inform you of the extension and the reasons for it.
  4. Fees: We provide information and actions regarding your rights free of charge. However, where requests are manifestly unfounded or excessive (for example, repeated requests), we may charge a reasonable fee or refuse to act on the request, as permitted by law.

Please note that your rights are subject to legal limitations. For example, we may not be able to delete certain data where we are required to retain it for anti-money laundering, fraud prevention, tax, or regulatory purposes. If we cannot fully comply with your request, we will explain the reasons to you.

Cookies & Tracking Technologies

We use cookies and similar technologies to provide and improve the Website, secure your account, analyse performance, and, where permitted, deliver relevant marketing. Cookies may be set by us ("first-party cookies") or by third parties ("third-party cookies").

Types of cookies we use

  • Strictly necessary (functional) cookies: These cookies are essential for the operation of the Website and for enabling basic functions, such as logging in, navigating between pages, enabling secure areas, and remembering your session. Without them, the services you have requested cannot be provided.
  • Preference cookies: These cookies store your choices, such as language, region, or display settings, to provide a more personalised experience on luckiperi.com and its local variants.
  • Analytics and performance cookies: These cookies collect information about how visitors use the Website (for example, which pages are visited most often, and whether error messages are received). We use this information in aggregated form to improve the performance and usability of the Website.
  • Advertising and targeting cookies: Subject to your consent and local legal requirements, these cookies may be used to deliver relevant adverts, limit how often you see a particular advertisement, and measure the effectiveness of our marketing campaigns, including through third-party networks and affiliates.

Managing cookies

  • Browser settings: Most web browsers allow you to control cookies through their settings, including blocking or deleting them. Please refer to your browser's help section for instructions on how to manage cookie settings.
  • Cookie banners and tools: Where required by law, we will present you with a cookie banner or settings panel when you first visit the Website or after significant changes. You can use this interface to accept or reject non-essential cookies and to modify your choices at any time.
  • Consequences of disabling cookies: If you block or delete cookies, some parts of the Website may not function properly, and your overall experience may be affected (for example, you may need to log in more frequently or certain features may not be available).

Further details about specific cookies used on luckiperi.com and Lucky Pari, including their names, purposes, and lifetimes, may be provided in a dedicated cookie notice or within the cookie settings tool on the Website.

Data Security

We take the security of your personal data seriously and implement technical and organisational measures designed to protect it against unauthorised or unlawful processing, accidental loss, destruction, or damage. Given the nature of offshore gambling operations and the associated regulatory and financial risks, we place particular emphasis on access control, encryption, and incident response.

Technical and organisational measures

  • Encryption in transit and at rest: We seek to protect data transmitted between your device and our servers using industry-standard encryption technologies (such as TLS 1.2 or higher). Where feasible and proportionate, we also encrypt stored data at rest or apply other forms of logical segregation.
  • Access controls and authentication: Access to personal data is restricted to authorised personnel and service providers who require it for legitimate purposes. Internal user accounts are protected by role-based access controls, strong authentication requirements, and, where appropriate, multi-factor authentication.
  • Network and application security: We employ firewalls, intrusion detection and prevention systems, anti-malware tools, and other security mechanisms to protect our infrastructure. Our systems are monitored for unusual or suspicious activity related to fraud, money laundering, or unauthorised access.

Governance, training, and incident response

  • Policies and procedures: We maintain internal privacy and security policies governing how personal data is handled throughout its lifecycle, including classification, access, retention, and deletion.
  • Staff training: Staff members with access to personal data receive training on data protection, security awareness, and responsible gambling requirements, reflecting the particular risks of non-GamStop offshore gambling operations.
  • Incident response: We maintain processes to detect, assess, and respond to data breaches or security incidents. Where required by law, we will notify the relevant supervisory authority and affected individuals without undue delay.

Where appropriate, we aim to align our controls with recognised security frameworks and industry standards (such as ISO 27001 or SOC 2) to the extent proportionate to our operations. However, unless explicitly stated on the Website, this does not mean we hold formal certifications under these standards. Despite our efforts, no system can be completely secure, and you should also take steps to protect your account, such as using strong passwords and keeping your login details confidential.

Complaints & Contacts

We encourage you to contact us first if you have any questions or concerns about how we handle your personal data. We will do our best to resolve issues fairly and transparently, recognising the limitations inherent in offshore, non-UKGC-licensed operations.

How to contact us

  • Primary contact: Use the privacy or support contact details provided on luckiperi.com and within your account area. Please clearly state that your query concerns "Privacy" or "Data Protection".
  • Complaints e-mail: Where a dedicated complaints or privacy e-mail address is provided on the Website, you may use that channel to raise data protection concerns or general complaints.
  • Postal address: You may also write to our corporate addresses in Curaçao and/or Cyprus, as published on the Website or provided to you upon request, marking your letter for the attention of the Data Protection Officer or privacy contact.

Internal complaint handling procedure

  1. Initial submission: Submit your complaint or query using one of the contact channels above, providing as much detail as possible (including relevant dates, account ID, and a clear description of your concern).
  2. Acknowledgement: We aim to acknowledge receipt of your complaint within a reasonable time, typically within a few working days.
  3. Investigation and response: We will investigate your complaint, consult relevant internal teams (for example, security, compliance, or customer support), and provide a substantive response within one (1) month where possible. For complex matters, this period may be extended, and we will inform you of the reasons for the delay.
  4. Escalation: If you are not satisfied with the outcome, you may request that your complaint be escalated internally (for example, to our compliance or management team) for further review.

Escalation to supervisory authorities

  • United Kingdom - Information Commissioner's Office (ICO): If you are located in the UK and believe that we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the ICO. Contact details include:
    Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom
    Website: https://ico.org.uk
  • Mexico - National Institute for Transparency, Access to Information and Personal Data Protection (INAI): Where Mexican data protection law (including ARCO rights under the LFPDPPP) is applicable and you are located in Mexico, you may have the right to lodge a complaint with INAI. Website: https://www.inai.org.mx.
  • European Economic Area and other jurisdictions: If you reside in another country whose data protection laws apply to you, you may also have the right to complain to your local supervisory authority. Their contact details are usually available on official government or regulatory websites.

Please note that, while UK players cannot rely on UK Gambling Commission or UK Alternative Dispute Resolution (ADR) bodies (such as IBAS) for gambling disputes because Lucky Pari does not hold a UKGC licence, your data protection rights - including the right to complain to data protection authorities - remain available where applicable by law.

Updates

We may update this Privacy Policy from time to time to reflect changes in our processing activities, legal or regulatory developments, or improvements to our services. Because the regulatory landscape for offshore and non-GamStop operators targeting UK players is evolving, it is important that you review this Privacy Policy regularly.

How we will notify you

  • Website publication: The most current version of this Privacy Policy will always be available on luckiperi.com and on the Lucky Pari page. Each version will be identified by an effective date and/or version number.
  • E-mail and in-account notices: For material changes (for example, changes to how we use your data, new categories of recipients, or amendments required by new regulations), we will endeavour to notify you by e-mail (where we hold your current e-mail address) and/or by prominent notices in your account area.
  • Banners and pop-ups: We may also use banners, pop-ups, or similar notices on the Website to highlight important updates, particularly where continued use of the Website after a certain date will signify acceptance of the updated policy.

Timing and your options

  • Advance notice: Where feasible and appropriate, we will provide at least 30 days' notice of significant changes that materially affect your rights or the way we process your data, unless an earlier change is required by law or for security reasons.
  • Review and objection: If you do not agree with the updated Privacy Policy, you may choose to stop using the Website and, where permitted by law, request account closure. In some cases, you may also be able to exercise specific rights (such as withdrawing consent or objecting to certain processing) rather than closing your account entirely.

Last updated: January 2026. This version reflects our understanding of our data processing activities and applicable regulatory frameworks based on information available up to late 2025 and early 2026. Any future material changes will be communicated in accordance with this section.