burger icon
Cobra Casino United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how personal data is collected and used when you access or use kobra.casino in connection with the Cobra Casino project, including when you browse the website, register an account, place bets, make payments, or otherwise interact with our services. It applies to players, prospective players, and other visitors to kobra.casino from the United Kingdom and other relevant regions. By using kobra.casino, you acknowledge that you have read this Privacy Policy as in force from 6 November 2025 (Last updated: November 2025).

Who We Are

The online casino service marketed as Cobra Casino and made available via kobra.casino is owned and operated by:

  • Controller (operator): Dama N.V., a company incorporated under the laws of Curaçao
  • Registration number: 152125
  • Registered / legal address: Scharlooweg 39, Willemstad, Curaçao
  • Gambling licence: 8048/JAZ2020-013, issued by Antillephone N.V., Curaçao

For the purposes of payment processing and certain back-office services, Dama N.V. engages affiliated and partner companies acting as its processors, including:

  • Friolion Limited, Cyprus - payment processing services
  • Strukin Ltd, Cyprus (registration number ΗΕ 407624) - alternative payment processing services

Dama N.V. is the main "controller" of your personal data under the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (GDPR) where applicable, and comparable laws such as the Mexican Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP), to the extent those laws apply.

You can contact us about any privacy matter using the following details:

  • Data Protection Contact / DPO: Data Protection Officer, Dama N.V.
  • Email: [email protected] (preferred channel for privacy requests)
  • Postal address: Data Protection Officer, Dama N.V., Scharlooweg 39, Willemstad, Curaçao

When we refer to "we", "us" or "our" in this Privacy Policy, we mean Dama N.V. in relation to the operation of kobra.casino for the Cobra Casino project.

What Personal Data We Collect

Identification and Contact Data

  • Account data: full name, username, password (stored in hashed form), date of birth, nationality, language, and country of residence.
  • Contact details: email address, telephone number, postal address, and any other contact data you choose to provide to us (for example in support requests or complaint forms).

KYC, Verification and Compliance Data

  • Identity verification data: copies or details of identity documents (e.g. passport, ID card, driving licence), proof of address (e.g. utility bills, bank statements), and, where required, enhanced due diligence information.
  • Regulatory and risk data: results of checks against public databases, sanctions lists, politically exposed person (PEP) lists, fraud prevention databases, and information connected to responsible gambling checks.

Payment and Financial Data

  • Payment details: limited payment card or account information (such as card type, truncated card number, expiry date), e-wallet identifiers, crypto wallet details where applicable, and associated billing information. Sensitive payment data may be processed directly by our payment providers.
  • Transaction history: deposits, withdrawals, bet amounts, wins and losses, bonuses claimed and wagering progress, currency, timestamps, and payment status.

Gaming and Behavioural Data

  • Gameplay information: games played, session times and durations, betting patterns, stake size, win/loss records, bonuses used, tournament participation, and in-game actions.
  • Behavioural and interaction data: clicks, pages viewed, navigation paths, time spent on particular pages, communication preferences, marketing interactions (opens, clicks, unsubscribes), and responses to surveys or feedback forms.

Technical and Log Data

  • Device and connection data: IP address, device identifiers, operating system, browser type and version, screen resolution, language settings, time zone, and approximate location derived from your IP address.
  • Usage logs: login and logout timestamps, authentication attempts, account changes, security events, and technical error logs.

Cookies and Similar Technologies

  • Cookies: small text files stored on your device that support core site functionality, remember your preferences, and help us analyse usage.
  • Similar technologies: web beacons, pixels, tags, local storage, and SDKs used to measure performance, prevent fraud, and support personalised content and advertising where permitted.

Where the data we collect is not directly provided by you, it may be obtained from trusted third parties such as payment providers, KYC/AML service providers, marketing partners, or publicly available sources, in accordance with applicable law.

Legal Basis for Processing

We process personal data in accordance with the UK GDPR, the Data Protection Act 2018, the EU GDPR where applicable, and comparable laws such as the Mexican LFPDPPP. Depending on the context, we rely on one or more of the following legal bases:

  • Contractual necessity: We process personal data that is necessary to enter into, perform, and administer the contract between you and us. This includes:
    • creating and managing your kobra.casino account for Cobra Casino;
    • facilitating deposits, withdrawals, and in-game transactions;
    • providing customer support and resolving technical issues.
  • Compliance with legal obligations: We are required to process certain data to meet anti-money laundering (AML), counter-terrorist financing (CTF), fraud prevention, taxation, accounting, and gambling regulation requirements in Curaçao and other relevant jurisdictions. This includes:
    • identity verification and age checks;
    • record-keeping of transactions and KYC documentation for statutory periods;
    • responding to lawful requests from regulators, law enforcement, or courts.
  • Legitimate interests: We process personal data where it is necessary for our legitimate interests (or those of a third party) and these interests are not overridden by your rights and freedoms. Our legitimate interests include:
    • preventing, detecting and investigating fraud, abuse, cheating, and security incidents;
    • maintaining and improving our website, systems, and user experience;
    • conducting analytics, statistics, and reporting to better understand how kobra.casino is used;
    • defending our legal rights and handling complaints or disputes.
  • Consent: In situations where neither contract, legal obligation, nor legitimate interests provide an appropriate legal basis, we will seek your prior consent. Typical examples include:
    • sending certain forms of direct electronic marketing, especially where local rules require opt-in;
    • placing non-essential cookies or using similar technologies for personalised advertising;
    • sharing data with advertising networks or partners for profiling-based marketing.
    You can withdraw your consent at any time as described in the "Your Rights" section.
  • Legal claims and protection of vital interests: In limited cases, we may process data to establish, exercise or defend legal claims, or to protect your vital interests or those of another person, in line with relevant laws including UK, EU and Mexican data protection rules.

Purpose of Processing

We use your personal data for clearly defined purposes, which we align with appropriate legal bases and safeguards:

  • Providing and operating casino services: to register and verify your account, enable gameplay at kobra.casino for Cobra Casino, process deposits and withdrawals, administer bonuses and loyalty programmes, and provide the core functionality of the website.
  • Account administration and support: to manage account settings, handle enquiries and complaints, provide technical and customer support, communicate with you about service updates, and verify your identity when you contact us.
  • Regulatory compliance and risk management: to meet AML/CTF duties, responsible gambling responsibilities, age verification requirements, payment card scheme rules, and other legal or regulatory obligations applicable to Dama N.V. and its processors.
  • Fraud prevention and security: to monitor for suspicious behaviour, prevent account takeover or abuse, secure our systems and infrastructure, and investigate potential breaches or violations of our Terms and Conditions.
  • Service improvement and analytics: to analyse how players and visitors use kobra.casino, test and enhance features, optimise performance, personalise content, and improve the overall user experience.
  • Marketing and personalisation: where permitted by law and, where required, based on your consent, to send promotional communications, newsletters, bonuses, and offers; to tailor marketing to your interests; and to measure the effectiveness of our campaigns.
  • Business operations and administration: to conduct internal audits, financial reporting, planning and forecasting, and to support corporate transactions or restructuring if they occur, subject to appropriate safeguards.

Disclosure & Sharing

We do not sell your personal data. However, we may share it with carefully selected third parties where necessary for the purposes described above, always subject to contractual safeguards and applicable law.

Service Providers and Processors

  • Payment processors: entities such as Friolion Limited and Strukin Ltd in Cyprus, as well as banks, card schemes, e-wallet providers, and other payment intermediaries that process your deposits and withdrawals on our behalf.
  • KYC/AML and verification providers: specialist service providers that assist with identity checks, age verification, sanctions screening, affordability analysis, and other compliance functions.
  • IT, hosting and security providers: companies that host our systems, provide cloud infrastructure, security monitoring, content delivery, and technical support.
  • Analytics and marketing tools: third-party tools that help us analyse website usage and, where permitted, deliver or measure marketing communications. Cookies and similar technologies used for this purpose will be subject to your consent where required.

Other Recipients

  • Group companies and business partners: affiliated companies that assist in operating kobra.casino or providing support functions, subject to intra-group data protection arrangements.
  • Regulators and public authorities: gambling regulators (including the Curaçao regulator Antillephone N.V.), tax authorities, law enforcement, courts, and other public bodies, where we are legally required or permitted to disclose data, for example in relation to AML/CTF obligations or lawful investigations.
  • Professional advisers: lawyers, auditors, accountants, and other professional advisers where necessary to obtain advice, manage disputes, or comply with audit and reporting obligations.
  • Advertising networks and partners: where you have given consent for marketing cookies or similar technologies, we may share limited data with advertising networks to deliver personalised advertising and track campaign performance.
  • Corporate transactions: if we are involved in a merger, acquisition, sale of assets, restructuring or similar transaction, your data may be disclosed to potential or actual counterparties and their advisers, subject to appropriate confidentiality and data protection safeguards.

Whenever we share personal data with processors, we require them by contract to act only on our instructions, implement suitable security measures, and not use the data for their own unrelated purposes.

International Transfers

Due to the international nature of online gambling and our corporate structure, your personal data may be transferred to, and processed in, countries outside the United Kingdom and the European Economic Area (EEA), including Curaçao and Cyprus, as well as other locations where our service providers operate.

  • Transfers to Curaçao: Your data may be processed by Dama N.V. in Curaçao, where the primary gambling operations and licensing are based. Curaçao may not provide the same level of data protection as the UK or EEA.
  • Transfers to Cyprus: Payment processing and related services may be carried out by Friolion Limited, Strukin Ltd, or other partners located in Cyprus, which is within the EEA and therefore generally provides an adequate level of data protection.
  • Other third countries: Certain IT, security, or analytics providers may process data in other jurisdictions that are not subject to an adequacy decision by the UK or EU authorities.

Where personal data is transferred outside the UK or EEA to a country that does not provide an equivalent level of protection, we implement appropriate safeguards, such as:

  • standard contractual clauses (SCCs) or their UK equivalents approved by relevant regulators;
  • robust technical and organisational security measures, including encryption and access controls;
  • internal policies and data protection agreements with our group companies and service providers.

You may request further information about international transfers, including copies of relevant safeguards (subject to redactions for security or confidentiality), by contacting us at [email protected].

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, to comply with legal and regulatory obligations, and to resolve disputes. Retention periods may vary depending on the type of data and applicable laws (including AML/CTF and gambling regulations). In general:

  • Account and identity data: Stored for the lifetime of your account and normally for up to 5 years after account closure, to comply with AML, gambling, and record-keeping obligations, and to handle potential disputes.
  • KYC and compliance documents: Copies of identity documents, proof of address and due diligence records are typically kept for at least 5 years from the end of the business relationship or from the date of the last transaction, or longer if required by specific regulations.
  • Transaction and gaming history: Details of deposits, withdrawals, bets, wins/losses, bonuses and gameplay logs are retained for as long as required for financial reporting, regulatory compliance and dispute resolution, generally 5-10 years depending on the nature of the records.
  • Customer support correspondence: Emails, chat logs and other communications are usually stored for up to 5 years following resolution of the issue, to help us manage follow-up queries and defend against legal claims.
  • Technical logs and security data: Server logs, security events and similar data are kept for shorter periods, typically 12-24 months, unless a longer period is required for security investigations or legal proceedings.
  • Marketing data: Information relating to marketing consents and preferences is retained while you remain subscribed, and for a short period thereafter to demonstrate compliance with your choices. If you unsubscribe, we keep minimal data on a suppression list to ensure you are not contacted again.

When personal data is no longer required, we will securely delete or anonymise it, unless retention is mandated or permitted by law. If you request deletion, we will also assess whether we are legally permitted to erase certain data or whether ongoing retention is required (for example, under AML rules or for legal claims).

Your Rights

Depending on your location and the laws that apply to you (including the UK GDPR, EU GDPR where applicable, and Mexican LFPDPPP), you may have the following rights in relation to your personal data:

  • Right of access: to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of that data along with relevant information about the processing.
  • Right to rectification / correction: to have inaccurate or incomplete personal data corrected or updated. You can often edit key details directly in your kobra.casino account.
  • Right to erasure ("right to be forgotten" / cancellation): to request deletion of your personal data where it is no longer necessary, where you withdraw consent and there is no other legal basis, or where the data has been processed unlawfully. This right may be limited where we must retain data to comply with legal or regulatory requirements (for example, AML and gambling rules).
  • Right to restriction of processing: to request that we limit the processing of your data in certain cases, such as while we verify accuracy or assess an objection.
  • Right to object: to object to processing carried out on the basis of our legitimate interests, including profiling related to such interests. You also have the right to object at any time to processing of your data for direct marketing purposes, in which case we will stop such processing.
  • Right to data portability: to receive certain data you have provided to us in a structured, commonly used and machine-readable format, and to transmit that data to another controller where technically feasible and legally justified.
  • Right to withdraw consent: where processing is based on your consent, you may withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
  • Rights under Mexican law (where applicable): individuals protected by Mexican data protection law may have specific ARCO rights (Access, Rectification, Cancellation, Opposition) and related rights, which we aim to respect in line with the LFPDPPP, subject to our legal obligations.

Exercising Your Rights

To exercise your rights, please contact us at [email protected] and clearly indicate:

  • your full name, username, and registered email address;
  • which rights you wish to exercise (for example, access, rectification, objection);
  • any relevant details that will help us identify the data concerned.

We may need to request additional information to verify your identity before fulfilling your request, particularly where sensitive data or financial information is involved. We will respond to your request without undue delay and in any event within one month (30 days) of receipt. This period may be extended by up to two further months where necessary due to the complexity or number of requests; if so, we will inform you of the extension and reasons.

We do not normally charge a fee for handling rights requests. However, where a request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act, in accordance with applicable law.

Cookies & Tracking Technologies

kobra.casino uses cookies and similar technologies to support the operation of the Cobra Casino project, improve performance, and, where permitted, deliver personalised content and marketing.

Types of Cookies We Use

  • Strictly necessary (functional) cookies: session and persistent cookies that are essential for core functionality, such as enabling log-in, maintaining your session, processing transactions, and securing the website. These cookies cannot be switched off via our cookie tools.
  • Preference cookies: cookies that remember your language, region, and other preferences so that we can tailor the site to you on subsequent visits.
  • Analytics and performance cookies: cookies and similar technologies used to understand how visitors use kobra.casino, to measure performance, detect technical issues, and improve our services. Data is typically aggregated and used in statistical form.
  • Advertising and targeting cookies: third-party or first-party cookies that help deliver personalised offers and advertising, track campaign effectiveness, and build an understanding of your interests. These are only used where permitted by law and, where required, after you have provided consent.

Managing Cookies

  • You can manage your cookie preferences through the cookie banner or settings panel presented on your first visit (and available thereafter) to kobra.casino.
  • You can also configure your browser to block or delete cookies. The method varies by browser; please refer to your browser's help section for instructions.
  • Disabling certain cookies, especially strictly necessary or functional cookies, may impact your ability to use some features of kobra.casino, including logging in and placing bets.

Data Security

We take the security of your personal data seriously and implement technical and organisational measures designed to protect it against unauthorised access, alteration, disclosure, or destruction.

  • Encryption in transit and at rest: data transmitted between your browser and our servers is protected using up-to-date transport layer security (TLS 1.2 or higher). Where appropriate, we also encrypt data at rest.
  • Access controls and authentication: access to systems and databases containing personal data is restricted to authorised personnel on a need-to-know basis, enforced through authentication, role-based access controls, and, where appropriate, multi-factor authentication.
  • Network and system security: we use firewalls, intrusion detection and prevention mechanisms, vulnerability management, and other security technologies to protect our infrastructure.
  • Organisational measures: we maintain internal policies and procedures on data protection, information security, and incident response. Staff with access to personal data receive appropriate training and are subject to confidentiality obligations.
  • Service provider oversight: we carefully select third-party providers that process data on our behalf and require them to implement appropriate security measures through contractual commitments.
  • Incident response: we have processes to detect, investigate and respond to suspected personal data breaches. Where required by law, we will notify the relevant supervisory authority and affected individuals without undue delay.

While we strive to align our security practices with recognised industry standards and best practices (such as principles reflected in ISO 27001 or SOC 2 frameworks), no system is completely secure. You also play an important role in protecting your data by keeping your login credentials confidential, enabling any available account security features, and notifying us immediately if you suspect any unauthorised use of your account.

Complaints & Contacts

If you have any questions, concerns or complaints about how we handle your personal data when you use kobra.casino in connection with Cobra Casino, you can contact us using the following channels:

  • Email (privacy / DPO): [email protected]
  • General support: through the support or help section available on kobra.casino (for account-related queries that may involve personal data).
  • Postal address: Data Protection Officer, Dama N.V., Scharlooweg 39, Willemstad, Curaçao.

Internal Complaint Procedure

  1. Step 1 - Contact support: For routine issues, please first contact our customer support team with full details of your concern. Many matters can be resolved quickly at this stage.
  2. Step 2 - Escalate to DPO: If your concern relates specifically to data protection or you are not satisfied with the initial response, email our Data Protection Officer at [email protected], explaining that you are raising a privacy complaint.
  3. Step 3 - Our response: We aim to acknowledge all privacy-related complaints promptly and to provide a substantive response within 30 days. If we require more time due to complexity, we will inform you of the delay and the reasons.

Escalation to Supervisory Authorities

Without prejudice to any other rights you may have, you are entitled to lodge a complaint with a data protection authority if you believe your data protection rights have been infringed:

  • United Kingdom: UK Information Commissioner's Office (ICO). For contact details and guidance, please visit the ICO's website at www.ico.org.uk.
  • European Union / EEA (where applicable): your local data protection authority in the EU/EEA, in the country of your habitual residence, place of work, or where you consider that a violation occurred.
  • Mexico (where applicable): the National Institute for Transparency, Access to Information and Personal Data Protection (INAI), which supervises compliance with the Mexican LFPDPPP. Information on how to file a complaint is available on the INAI's official website.

We encourage you to contact us first so we can attempt to resolve your issue directly, but you are not obliged to do so before approaching a supervisory authority.

Updates

We may update this Privacy Policy from time to time to reflect changes in our processing activities, legal or regulatory developments, industry best practices, or adjustments to how kobra.casino operates for the Cobra Casino project.

  • Notification of changes: When we make material changes, we will take appropriate steps to inform you in advance, which may include email notifications, in-account messages, website banners, or notices on relevant pages.
  • Advance notice for significant changes: For changes that materially affect your rights or how your data is used (for example, introducing new processing purposes or sharing arrangements), we will, where practicable, provide at least 30 days' notice before the changes take effect.
  • Your options: If you do not agree with an updated Privacy Policy, you may choose to stop using kobra.casino and, where applicable, request account closure and exercise your data protection rights. Continued use of our services after the effective date of a revised policy will normally be taken as acceptance of the updated terms.

Version Control

  • Version: 4.0
  • Last updated: November 2025
  • Key recent changes: clarified legal bases under UK GDPR; expanded information about international transfers to Curaçao and Cyprus; enhanced explanation of user rights, including reference to Mexican data protection principles where applicable; and updated contact and complaint channels.

We recommend that you review this Privacy Policy periodically to stay informed about how we protect your personal data when you use kobra.casino in connection with Cobra Casino.