burger icon
Leovegas Canada
Log In

Privacy Policy

This Privacy Policy explains how Leovegas, operated via the website leovegasbet-ca.com, collects, uses, discloses and protects personal information of players and website visitors in Canada. It applies to all users who access or use our services (including games, promotions, customer support and related tools) through leovegasbet-ca.com. By using our services, you acknowledge that you have read and understood this Privacy Policy. This Privacy Policy is effective and deemed valid through at least 31 December 2026 and will continue to apply until updated or replaced in accordance with the procedures described below.

Who We Are

OBSERVE: Identify the operating entities and contact points relevant for Canadian users.

EXPAND: Reflect the dual regulatory structure (MGA for Rest of Canada and AGCO/iGO for Ontario), and align with corporate information provided.

REFLECT: Present clear operator identity and data protection contact details for all Canadian users.

For Canadian users (including Ontario and the Rest of Canada), the services branded as Leovegas and offered via leovegasbet-ca.com are operated within the LeoVegas group, whose principal licensed entity for Rest of Canada is:

  • Operator (Rest of Canada): LeoVegas Gaming plc (MGA-licensed entity within the LeoVegas group)
  • Registered / Legal Address: Level 7, The Plaza Business Centre, Bisazza Street, Sliema SLM1640, Malta
  • Primary International Gaming License: Malta Gaming Authority (MGA), License No. MGA/CRP/237/2013

For Ontario players, services are provided under a licence issued by the:

  • Regulator: Alcohol and Gaming Commission of Ontario (AGCO), with internet gaming conducted in partnership with iGaming Ontario (iGO)
  • Ontario License Number: OPIG1233813 (active and deemed valid through at least 2026)
  • Ontario Operating Entity: A LeoVegas group company licensed by AGCO/iGO (exact corporate name may differ from LeoVegas Gaming plc and may be updated from time to time in the AGCO/iGO registers)

Data Protection and Privacy Contact

  • Data Protection Contact / DPO function (for Canada): Data Protection Officer, LeoVegas Group
  • Email (primary contact for privacy and support in Canada): [email protected]
  • Postal contact for privacy matters: Data Protection Officer, LeoVegas Gaming plc, Level 7, The Plaza Business Centre, Bisazza Street, Sliema SLM1640, Malta

When you contact us regarding privacy, please clearly state that your request concerns Leovegas and the website leovegasbet-ca.com, and indicate whether you are located in Ontario or in another Canadian province or territory.

What Personal Data We Collect

OBSERVE: List all relevant data categories arising from gambling operations and website use.

EXPAND: Include both directly provided data and data generated or inferred through usage, including cookies and logs.

REFLECT: Organise categories so users understand what is collected, when and why.

Account and Identification Data

  • Basic identity data: Full name, date of birth, gender (where provided), nationality and residence jurisdiction.
  • Contact details: Email address, telephone number, postal address and preferred communication language.
  • Verification and KYC/AML data: Copies or details of identification documents (e.g. passport, driver's licence, national ID), utility bills or bank statements, occupation information, source-of-funds/source-of-wealth information, and any other documents or declarations requested to comply with anti-money laundering (AML), counter-terrorist financing (CTF) and know-your-customer (KYC) obligations.

Technical and Device Data

  • Technical identifiers: IP address, device identifiers, browser type and version, operating system, language settings, time zone, and server log information.
  • Usage and session data: Login timestamps, session duration, clicks, page views, navigation paths, response times and download errors.
  • Geolocation data: Approximate location derived from IP address and, where required for regulatory geo-fencing (particularly for Ontario), more precise technical location signals permitted by your device and browser settings.

Gaming, Transaction and Behavioural Data

  • Gaming activity: Game selections, stakes, wins and losses, bet history, duration of play, bonus usage, participation in tournaments and promotions.
  • Transaction and payment data: Deposits, withdrawals, payment method type (e.g. card, e-wallet, bank transfer), partial card numbers or IBAN where processed, transaction timestamps, status and currencies.
  • Responsible gambling and behavioural data: Self-exclusion settings, limits (deposit, loss, session, wager), time-outs, reality checks, interactions concerning problematic play, communications with responsible gambling advisors, and behavioural patterns relevant to risk monitoring.

Communications and Support Data

  • Customer support interactions: Records of live chat sessions, emails, complaint forms, and call metadata (time, duration, outcome; we may also maintain call recordings where allowed by applicable law and with appropriate notice).
  • Marketing preferences: Opt-ins and opt-outs for email, SMS, push notifications, in-account messaging and telephone marketing.

Cookies and Similar Technologies

  • Cookies: Small text files placed on your device to support core site functionality, remember preferences, perform analytics and present tailored marketing.
  • Similar technologies: Web beacons, pixels, tags, SDKs and local storage used in conjunction with cookies to track interactions with our website, emails and third-party advertising.

For further detail on cookies and tracking, see the "Cookies & Tracking Technologies" section below.

Legal Basis for Processing

OBSERVE: Identify the main legal grounds relied upon for processing personal data of Canadian players in a gambling context.

EXPAND: Distinguish between contract, legal obligations, legitimate interests and consent, and relate each to concrete operations.

REFLECT: Provide a clear, legally defensible explanation of why processing is necessary and permissible.

Contractual Necessity

  • Purpose: To enter into and perform the user agreement between you and the operator for the provision of gambling and related services via leovegasbet-ca.com.
  • Scope: This includes:
    • Creating and managing your player account.
    • Processing deposits, bets, game participation and withdrawals.
    • Providing customer support and resolving routine queries.
    • Applying bonuses and promotions in accordance with applicable terms.
  • Consequence of non-provision: If you do not provide the personal information required for contractual purposes, we may be unable to open or maintain your account or provide some or all services.

Compliance with Legal and Regulatory Obligations

  • Gambling regulation: We process data to comply with requirements imposed by the Malta Gaming Authority, the Alcohol and Gaming Commission of Ontario, iGaming Ontario and other applicable regulators.
  • KYC/AML/CTF obligations: We collect and verify identity and financial information to prevent money laundering, terrorist financing, fraud and other financial crimes, and to conduct sanctions and politically exposed persons (PEP) screening where required.
  • Record-keeping and reporting: We maintain transaction and account records for legally mandated periods and may report suspicious activities or regulatory breaches to appropriate authorities.
  • Consumer and privacy laws: We process data to respect data protection, consumer protection and responsible gambling laws applicable in Canada and, where relevant, in Malta and the EU.

Legitimate Interests

  • Service improvement and analytics: We analyse usage patterns, game performance and technical data to improve the quality, security, performance and user experience of our services.
  • Fraud prevention and security: We monitor accounts and transactions to detect and prevent fraud, account takeover, abuse of promotions, bonus misuse, collusion and other prohibited behaviours.
  • Business operations: We use personal data to manage internal reporting, audits, quality assurance, training and risk management within the LeoVegas group.
  • Balancing test: Where we rely on legitimate interests, we assess and balance our interests against your rights and freedoms and implement safeguards (such as access controls, minimisation and opt-out mechanisms where appropriate).

Consent

  • Marketing communications: We rely on your consent, where required by applicable law, to send promotional emails, SMS messages, push notifications or targeted offers not strictly necessary for the service.
  • Non-essential cookies and tracking: We obtain your consent, where required, before placing or reading non-essential cookies or similar technologies on your device.
  • Withdrawal of consent: You may withdraw your consent at any time, as explained in the "Your Rights" and "Cookies & Tracking Technologies" sections. Withdrawal does not affect processing that occurred before withdrawal.

Purpose of Processing

OBSERVE: Identify the primary objectives for which personal data are used in this gambling environment.

EXPAND: Connect data uses to specific service features (gaming, payments, marketing, risk controls).

REFLECT: Present purposes clearly and categorise them for user transparency and regulatory scrutiny.

Provision and Management of Casino Services

  • Creating, verifying and maintaining your Leovegas player account on leovegasbet-ca.com.
  • Enabling deposits, wagers, game participation, bonuses, tournaments and withdrawals.
  • Calculating balances, processing winnings and generating account statements and transaction histories.
  • Providing multi-channel customer support, including via email and live chat.

Regulatory Compliance, Risk Management and Responsible Gambling

  • Performing identity checks, age verification and ongoing KYC/AML screening.
  • Meeting obligations under gambling, AML/CTF and financial regulations applicable in Malta, Ontario and other Canadian provinces and territories.
  • Monitoring gameplay and transactional behaviour for signs of fraud, money laundering or other illegal or prohibited conduct.
  • Implementing and managing responsible gambling tools (limits, time-outs, self-exclusions) and interacting with you where behaviour indicates potential gambling-related harm.

Service Improvement, Analytics and Personalisation

  • Analysing aggregated and pseudonymised data to understand how our website and games are used, and to optimise performance, layout and content.
  • Testing new features and functionalities and evaluating their impact on user experience.
  • Personalising content, game recommendations and on-site messaging based on your preferences, activity and risk profile, subject to applicable law.

Marketing and Promotions

  • Sending you promotional communications about games, bonuses, tournaments and offers from Leovegas, when permitted by law and in accordance with your preferences.
  • Conducting loyalty and VIP programs, competitions and prize draws, and publishing anonymised or consent-based winner information where appropriate.
  • Measuring the effectiveness of our marketing campaigns, including third-party advertising on external platforms.

Legal Claims and Business Administration

  • Handling complaints, disputes and chargebacks, including via external Alternative Dispute Resolution (ADR) mechanisms such as eCOGRA for MGA-licensed operations.
  • Establishing, exercising or defending legal claims, including in court or before regulators.
  • Conducting internal audits, regulatory reporting, financial and tax reporting, and corporate governance functions within the LeoVegas group and its parent company MGM Resorts International.

Disclosure & Sharing

OBSERVE: Identify categories of third parties that may receive personal data in the course of operations.

EXPAND: Explain conditions and safeguards for sharing, including regulatory and group-level disclosures.

REFLECT: Offer a transparent view of information flows while maintaining legal and commercial confidentiality.

Service Providers and Business Partners

  • Payment processors and financial institutions: Banks, card schemes, e-wallet providers, payment gateways and other financial intermediaries that execute deposits, withdrawals and related financial operations.
  • Technical and hosting providers: IT infrastructure providers, cloud hosting services, platform providers, game studios and software vendors that support the operation of our website, games and back-office systems.
  • Customer support and communication tools: Providers of live chat, email delivery, ticketing, call recording and CRM platforms used to manage player relationships.
  • Analytics and anti-fraud tools: Third parties providing risk-scoring, fraud-detection, geolocation, device fingerprinting, behavioural analytics and security services.

Regulators, Authorities and ADR Bodies

  • Gaming regulators: The Malta Gaming Authority (MGA), the Alcohol and Gaming Commission of Ontario (AGCO), iGaming Ontario (iGO) and any other competent gambling authority which oversees our operations.
  • Financial intelligence and law enforcement authorities: Where required by law, we may share personal data and suspicious activity reports with financial intelligence units, police or other enforcement bodies.
  • Alternative Dispute Resolution (ADR): For Rest of Canada players under the MGA licence, unresolved disputes may be escalated to eCOGRA via the official ADR form at https://ecogra.org/forms/adr-dispute-step-1. To facilitate such ADR, we may share relevant account and transaction data with eCOGRA.

Group Companies and Corporate Transactions

  • LeoVegas group entities: Personal data may be shared within the LeoVegas group (including subsidiaries and affiliates) for centralised risk management, compliance, IT, support, analytics and reporting purposes.
  • Parent company: Certain aggregated or limited personal data may be shared with MGM Resorts International for consolidated reporting, compliance and corporate governance, subject to appropriate safeguards.
  • Corporate restructuring: In the event of a merger, acquisition, sale of assets, reorganisation or similar transaction involving Leovegas operations, personal data may be transferred to the acquiring or successor entity, subject to continued protection consistent with this Privacy Policy.

Affiliates, Marketing and Advertising Partners

  • Affiliates and marketing networks: We may share limited information, such as anonymised identifiers and conversion data, with affiliate partners and advertising networks to track performance of marketing campaigns and to attribute referrals.
  • Third-party advertising platforms: Where you have consented to marketing cookies or targeted advertising, we may permit third-party platforms to collect or receive information from our services for interest-based advertising.

Other Disclosures

  • We may disclose personal data where we reasonably believe it is necessary to:
    • Protect the rights, property or safety of our users, the public, LeoVegas, MGM Resorts International or third parties.
    • Enforce our terms and conditions or other agreements.
    • Respond to legal processes such as subpoenas, court orders or lawful information requests.

We do not sell your personal information to third parties in exchange for monetary consideration. Any sharing for marketing or analytics purposes is subject to your legal rights and, where required, your prior consent.

International Transfers

OBSERVE: Identify cross-border transfers of data outside the user's province and outside Canada or the EEA.

EXPAND: Describe transfer mechanisms and safeguards (e.g. contractual clauses, organisational measures).

REFLECT: Ensure users understand where their data may go and how it remains protected.

Because Leovegas operates within an international group and uses global service providers, your personal information may be transferred to, stored in, or accessed from countries outside your province, territory or country of residence. These may include:

  • Malta and other European Economic Area (EEA) countries, where LeoVegas Gaming plc and some of our technical providers are located or host data.
  • The United States and other non-EEA jurisdictions, where certain cloud hosting, analytics, communication and security providers are based.
  • Other countries in which MGM Resorts International or LeoVegas group entities operate, to the extent necessary for group-level functions described in this Policy.

Whenever personal data is transferred internationally, we implement appropriate safeguards designed to protect your information in accordance with applicable data protection laws, which may include:

  • Contractual protections: Standard Contractual Clauses or equivalent contractual terms approved or recognised under applicable data protection frameworks, imposing data protection obligations on recipients.
  • Organisational and technical safeguards: Access restrictions, encryption, pseudonymisation, regular audits and strict internal policies governing international data flows.
  • Due diligence and risk assessment: Careful assessment of the legal and security environment of recipient countries and service providers, and implementation of supplementary safeguards where required.

By using leovegasbet-ca.com, you acknowledge that your data may be processed in countries that may have different data protection standards than those in your home jurisdiction. In all cases, we will take steps to ensure that your personal information enjoys a level of protection that is materially consistent with this Privacy Policy and applicable law.

Data Retention

OBSERVE: Determine how long different categories of data must be kept under gambling, AML and general legal requirements.

EXPAND: Balance regulatory retention with minimisation and user rights, and specify deletion or anonymisation criteria.

REFLECT: Provide clear, category-based timeframes and explain factors influencing retention.

We retain personal information only for as long as necessary to fulfil the purposes described in this Privacy Policy, including to satisfy legal, regulatory, accounting and reporting obligations, and to resolve disputes. Retention periods may vary depending on your province/territory and on the applicable regulatory regime (MGA, AGCO/iGO and other authorities). In general, the following principles apply:

  • Account and identification data: Typically retained for the duration of your active account and for a period of up to 5 to 7 years after account closure, to comply with gambling, AML/CTF and financial record-keeping requirements and to manage potential legal claims.
  • Transaction and gaming data: Retained for at least 5 to 7 years from the date of the relevant transaction or activity, in line with regulatory, tax, accounting and AML/CTF obligations.
  • Customer support and complaint records: Retained for the life of the account and for up to 5 years after the final resolution of the relevant matter, in order to address follow-up queries, audits and disputes.
  • Marketing data and preferences: Retained for as long as you maintain an active marketing relationship with us, or until you withdraw consent or object to processing for marketing purposes, after which we may retain limited records of your preference to ensure it is respected.
  • Technical and analytics data: Retained for shorter periods, typically from a few days up to 24 months, unless a longer retention period is required for security, fraud investigation, regulatory or legal reasons. Data may then be aggregated or anonymised.

When personal information is no longer required for the purposes for which it was collected, and when retention is no longer required or justified under applicable law, we will either:

  • Securely delete or destroy the data; or
  • Irreversibly anonymise it so that it no longer qualifies as personal information.

Retention periods may be extended where necessary for the establishment, exercise or defence of legal claims, or where recommended or required by regulators. Where different legal regimes apply concurrently, the longer mandated or permitted retention period may prevail, subject to data minimisation principles.

Your Rights

OBSERVE: Identify data subject rights comparable to GDPR-style protections and relevant Canadian privacy principles.

EXPAND: Explain each right, outline procedures, timeframes and conditions, and incorporate free-of-charge guarantees.

REFLECT: Provide a practical guide for users on how to exercise their rights in relation to leovegasbet-ca.com.

Depending on your place of residence and the specific laws applicable to our processing of your personal information, you may have some or all of the following rights. These rights are broadly aligned with international standards such as the EU General Data Protection Regulation (GDPR) and are interpreted consistently with Canadian privacy principles and any other applicable frameworks.

Right of Access

  • You may request confirmation as to whether we process personal information about you and, if so, receive a copy of such information together with relevant details (e.g. purposes, categories, recipients, retention periods, and safeguards for international transfers).

Right to Rectification

  • You may request correction of inaccurate personal information about you and completion of incomplete data. Where possible, you can update certain details directly via your account settings.

Right to Erasure ("Right to be Forgotten")

  • You may request deletion of your personal information in certain circumstances, for example where the data are no longer necessary for the purposes for which they were collected, or where processing is based solely on consent and you withdraw that consent.
  • We may not be able to delete data that must be retained under gambling, AML/CTF, tax, accounting or other legal obligations, or where retention is reasonably necessary for legal claims or regulatory requirements. In such cases, we will restrict processing to the minimum necessary.

Right to Restrict Processing

  • You may request that we limit the processing of your personal information in specific situations, for example while we verify its accuracy or our legitimate grounds for processing.

Right to Object

  • You may object at any time to the processing of your personal information for direct marketing purposes, in which case we will cease such processing.
  • You may also object to processing based on our legitimate interests, on grounds relating to your particular situation. We will assess the request and cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or where processing is necessary for legal claims.

Right to Data Portability

  • Where technically feasible and where required by applicable law, you may request to receive certain personal information that you have provided to us in a structured, commonly used and machine-readable format, and to have it transmitted to another controller, provided that the processing is based on consent or on a contract and is carried out by automated means.

Right to Withdraw Consent

  • Where processing is based on your consent (for example, certain marketing or non-essential cookies), you have the right to withdraw that consent at any time via your account settings, communication preference tools, browser settings or by contacting us.
  • Withdrawal of consent does not affect the lawfulness of processing carried out before such withdrawal.

Procedures, Timeframes and Cost

  • How to exercise your rights: You can submit privacy-related requests by contacting our Data Protection contact at [email protected] or by using any designated privacy tools available within your account (where implemented).
  • Verification: To protect your account and privacy, we may need to verify your identity before acting on your request, which may involve asking you to log into your account or provide additional information.
  • Timeframe: We aim to respond to all valid requests within 30 days of receipt. Where requests are complex or numerous, we may extend this period in accordance with applicable law, informing you of any delay and the reasons for it.
  • Fees: We will not charge a fee for handling your request unless it is manifestly unfounded or excessive (for example, repetitive requests). In such cases, we may charge a reasonable fee or decline to act, where permitted by law.

Your rights may be subject to limitations and exceptions under applicable laws, including Canadian privacy and gambling laws, EU/EEA data protection rules applicable to LeoVegas Gaming plc, and any other relevant regimes. We will explain any refusal or limitation, where permitted, when responding to your request.

Cookies & Tracking Technologies

OBSERVE: Identify cookie types and their roles in the website's functionality and marketing.

EXPAND: Describe control options, both browser-based and service-level, and explain any impact on functionality.

REFLECT: Offer a balanced and clear explanation allowing informed consent and management of preferences.

Types of Cookies We Use

  • Strictly necessary (functional) cookies: Session and persistent cookies essential for operating leovegasbet-ca.com, including enabling login, maintaining secure sessions, processing transactions, preventing fraud and remembering essential preferences. These cookies are usually set in response to actions you take and cannot be switched off in our systems without affecting service functionality.
  • Performance and analytics cookies: Cookies (often persistent) that help us understand how visitors use our website, which pages are visited most, and how users interact with games and features. Data collected are generally aggregated and used to improve performance, user experience and content.
  • Functionality cookies: Cookies that remember your preferences (such as language, region or display settings) and provide enhanced, personalised features. If you disable these cookies, some preferences may not be retained.
  • Advertising and targeting cookies: First-party or third-party cookies and similar technologies used to deliver relevant advertising and promotions on our site or on third-party platforms, to measure marketing effectiveness, and to limit how often you see a particular ad. These may involve creation of pseudonymous profiles based on your browsing behaviour.

Third-Party Cookies and Technologies

  • We may use third-party service providers (e.g. analytics providers, advertising networks, social media platforms) that set their own cookies or similar technologies on your device when you visit leovegasbet-ca.com or interact with our content.
  • These third parties may collect information about your online activities over time and across different websites and services, subject to their own privacy policies and applicable law.

Managing and Disabling Cookies

  • Browser settings: Most web browsers allow you to manage cookies through their settings, including blocking or deleting cookies. Please refer to your browser's help section for detailed instructions.
  • In-site preferences: Where available, we provide internal tools or banners on leovegasbet-ca.com that allow you to manage your cookie preferences, including opting out of non-essential cookies.
  • Impact of disabling cookies: If you disable or block certain cookies, parts of the website may not function properly, and your ability to use some features, games or services may be limited.

We may update our cookie practices from time to time in line with technological and regulatory developments. Material changes will be reflected in this Privacy Policy or in a separate cookie notice, where applicable.

Data Security

OBSERVE: Identify the key technical and organisational measures necessary to protect gambling-related personal data.

EXPAND: Address encryption, access control, audits, training and incident response in alignment with recognised industry standards.

REFLECT: Provide a structured overview that reassures users while remaining accurate and non-misleading.

Technical Measures

  • Encryption in transit: Data transmitted between your device and leovegasbet-ca.com is protected using industry-standard Transport Layer Security (TLS) protocols (TLS 1.2 or higher), helping to prevent interception and tampering.
  • Encryption at rest: Sensitive information is stored in encrypted form or otherwise logically segregated to reduce exposure in the event of unauthorised access.
  • Access controls and authentication: Systems are protected by layered access controls, including unique user IDs, role-based access permissions, strong password requirements and, where appropriate, multi-factor authentication for administrative access.
  • Network and application security: We employ firewalls, intrusion detection and prevention systems, anti-malware tools, secure development practices and regular vulnerability scanning and patching.

Organisational Measures

  • Policies and governance: Data protection, information security, acceptable use and incident management policies govern how personal data is handled within the LeoVegas group.
  • Staff training: Employees and contractors with access to personal data receive training on confidentiality, data protection obligations and secure handling practices.
  • Access limitation: Personal information is accessed only by staff and service providers who require it to perform their duties, under appropriate confidentiality commitments.
  • Audits and assessments: We conduct regular internal and, where applicable, external audits and assessments of our security controls and compliance posture, taking into account recognised standards (such as ISO 27001 or comparable frameworks) where relevant to our operations.

Incident Detection and Response

  • We maintain procedures for detecting, investigating and responding to suspected or actual security incidents involving personal information.
  • In the event of a data breach that is likely to result in a real risk of significant harm to affected individuals or where otherwise required by law, we will notify the relevant authorities and affected individuals without undue delay and in accordance with applicable legal requirements.

No method of transmission over the internet or electronic storage is completely secure; however, we continuously work to protect your personal information using safeguards appropriate to the sensitivity of the data and the risks involved in our operations.

Complaints & Contacts

OBSERVE: Identify channels for questions and complaints about privacy and data protection.

EXPAND: Describe the internal complaint process, response times and escalation paths to supervisory or regulatory authorities.

REFLECT: Provide a clear, step-by-step structure that empowers users to seek redress.

Contacting Us

  • Email (primary contact): [email protected]
  • Postal address: Data Protection Officer, LeoVegas Gaming plc, Level 7, The Plaza Business Centre, Bisazza Street, Sliema SLM1640, Malta
  • Customer support tools: You may also reach our support team via the 24/7 live chat accessible through the leovegasbet-ca.com interface, which can direct your query to the appropriate privacy contact where necessary.

Internal Complaint Procedure

  1. Submission: Send your question, concern or complaint regarding privacy to [email protected], providing:
    • Your full name and registered email address.
    • Your account username or ID (if applicable).
    • A clear description of your concern or request, including relevant dates and supporting documentation if available.
  2. Acknowledgement: We aim to acknowledge receipt of your complaint within a reasonable time, typically within 5 business days.
  3. Investigation: Your complaint will be reviewed by appropriate staff, including our Data Protection contact where necessary. We may contact you for additional information.
  4. Response timeframe: We seek to provide a substantive reply, including our findings and any proposed resolution, within 30 days of receiving a complete complaint. If we require more time due to complexity, we will inform you of the extension and reasons.

Escalation to Supervisory or Regulatory Authorities

If you are not satisfied with our response or believe that we are not handling your personal information in compliance with applicable law, you may have the right to bring your complaint to a relevant privacy or gaming regulator. Depending on your location and the nature of the processing, potential avenues may include:

  • Provincial or federal privacy authorities in Canada: For example, the Office of the Privacy Commissioner of Canada (OPC) or applicable provincial privacy commissioners, in accordance with their jurisdiction and complaint procedures.
  • Gaming regulators:
    • For Rest of Canada players under the MGA licence: The Malta Gaming Authority (MGA), which can be contacted via its official portal: https://authorisations.mga.org.mt.
    • For Ontario players: The Alcohol and Gaming Commission of Ontario (AGCO) and iGaming Ontario (iGO), with information available at https://agco.ca and https://igamingontario.ca.
  • Alternative Dispute Resolution (ADR) for MGA-licensed operations: As noted, MGA players may escalate disputes to eCOGRA via the ADR form at https://ecogra.org/forms/adr-dispute-step-1, which can cover certain aspects of the handling of your personal information in the context of a gaming dispute.

We encourage you to first seek resolution directly with us, but you are not required to do so where applicable law gives you a direct right to complain to a regulator.

Updates

OBSERVE: Recognise the need to adjust the Privacy Policy over time as laws, technology and services evolve.

EXPAND: Define how users will be notified, what constitutes a material change, and how versioning and notice periods are handled.

REFLECT: Provide clear expectations on how and when changes apply, including user options.

Policy Changes and Version Control

  • We may update or revise this Privacy Policy from time to time to reflect changes in our services, technologies, legal requirements or business practices.
  • Each version of the Privacy Policy will be identified by a "Last updated" date, and we may maintain a summary of material changes (changelog) accessible from the Policy page.

Last updated: November 2025 (valid and intended to remain in effect through at least 31 December 2026, subject to subsequent updates).

Notification of Material Changes

  • Advance notice: For material changes that significantly affect your rights or the way we use your personal information (for example, new categories of data collected, new purposes or new sharing practices), we will provide prior notice, typically at least 30 days before the revised Policy becomes effective, unless a shorter period is required or permitted by law.
  • Notification channels: We may notify you via:
    • Email sent to the address registered on your account.
    • Prominent notices or banners on leovegasbet-ca.com.
    • In-account messages or alerts in your player dashboard.

Your Options in Case of Changes

  • If you do not agree with the updated Privacy Policy, you may:
    • Adjust your privacy or marketing preferences where possible; and/or
    • Request closure of your account and, where appropriate, request deletion or restriction of your personal information, subject to our legal obligations to retain certain data.
  • Your continued use of leovegasbet-ca.com after the effective date of an updated Policy will constitute your acknowledgement and, where legally required, your consent to the updated terms.

We encourage you to review this Privacy Policy periodically to stay informed about how Leovegas, via leovegasbet-ca.com, protects and uses your personal information.