burger icon
Wpt Global United Kingdom
Log In

Privacy Policy

This privacy notice explains how personal data is collected, used, stored, and shared when you visit and interact with the WPT Global project on wptgloball.com, whether you are a website visitor, a prospective player, or an existing account holder located in the United Kingdom or elsewhere. It is designed to help you understand what we OBSERVE (the data we collect), how we EXPAND its use (purposes and legal bases), and how we REFLECT your rights and protections under applicable data protection laws.

This privacy notice applies to your use of wptgloball.com and related content, including links and references to WPT Global products and services. It does not change the fact that United Kingdom residents are treated as part of Excluded Territories for gambling services, and it does not grant any protection under UK gambling law or UK dispute resolution schemes beyond what is required for privacy compliance.

Effective date: 6 November 2025

Who We Are

For the purposes of applicable data protection laws, the primary entity responsible for processing your personal data in connection with the WPT Global services promoted on wptgloball.com is:

  • Operator / Controller: Gaming Services Provider N.V., operating the WPT Global online platform under Curaçao Master Licence 365/JAZ and sublicense GLH-OCCHKTW0701202022.
  • Jurisdiction: Curaçao (offshore operating and licensing entity for the WPT Global platform).
  • Corporate structure: Offshore entities involved in operations, management, development, and payment processing include Gaming Services Provider N.V., Seventip N.V., Ace King I.T. Limited, Kaishen Ltd (Cyprus payment processor), and Kashxa Limited (alternative Cyprus payment processor).
  • Payment processing partners: For certain transactions, payments may be processed by Kaishen Ltd or Kashxa Limited in Cyprus or other disclosed processors.

The precise registered address and corporate registration numbers of these entities are as set out in the Terms & Conditions or legal notices on wptgloball.com and may change from time to time. We OBSERVE these details from the official corporate records, EXPAND them into the contractual relationship with you, and REFLECT them here at a high level without duplicating every registration entry in this notice.

Given that the WPT Global gambling services are not licensed by the UK Gambling Commission and that the United Kingdom is explicitly listed as an Excluded Territory, no UKGC or Ombudsman protection applies to UK users in relation to gambling outcomes or financial disputes. This privacy notice therefore focuses strictly on data protection and privacy rights.

Data Protection Contact

We do not publicly designate a named Data Protection Officer (DPO) in the information available, but we maintain a dedicated data protection function. You can contact our data protection team using:

  • Email: [email protected] (please state "Data Protection" or "Privacy" in the subject line)
  • Online support: Live chat via wptgloball.com (bot first, with human agents generally available within 5 minutes during Asian business hours, approximately 08:00-22:00 UTC)

These channels serve as the primary points of contact for exercising your privacy rights, submitting inquiries, or raising complaints regarding how we process your personal data.

What Personal Data We Collect

We OBSERVE several categories of personal data when you use WPT Global on wptgloball.com. We EXPAND the scope of this collection to what is necessary for providing offshore gambling-related services, compliance with Curaçao AML rules, and protecting our platform. We then REFLECT these categories here so you can understand the impact on your privacy.

Identity and Contact Data

  • Basic identity data: Full name, date of birth, nationality, gender (where provided), username and player ID.
  • Contact details: Email address, telephone number, country of residence, postal address (where provided), and preferred language.
  • KYC/verification data: Copies and details of passports, ID cards, driving licences, residence permits, selfies or video verification, proof of address (e.g., utility bill), and Source of Wealth / Source of Funds documents (especially for deposits above USD 2,000 or equivalent, in line with Curaçao AML requirements).

Account, Gameplay and Behavioural Data

  • Account data: Registration details, account status, self-exclusion or cooling-off settings, communication preferences, and account limits.
  • Gameplay and betting data: Game sessions, betting history, tournament entries, rake contributions, wins and losses, bonuses and promotions used, and in-game behaviour (such as timing and frequency patterns) used for risk and responsible gambling monitoring.
  • Behavioural and interaction data: Clicks, page views, navigation paths, interaction with banners and offers, customer support chats and emails, and responses to surveys or feedback forms.

Technical and Device Data

  • Technical identifiers: IP address, device identifiers, browser type and version, operating system, time zone, language settings, and approximate location derived from IP address.
  • Session data: Login timestamps, session duration, pages visited, referral URLs, error logs, and security logs (for example, repeated failed login attempts).
  • Device and network data: Information about the device model, hardware settings, and network characteristics required for troubleshooting and protecting against fraud or abuse.

Payment and Financial Data

  • Transaction data: Deposit and withdrawal amounts, currencies, payment dates, balances, bonus credits, and transactional history.
  • Payment method data: Limited card or wallet information (such as masked card numbers or tokenised payment IDs) as processed by payment processors like Kaishen Ltd and Kashxa Limited or other disclosed payment partners. We generally do not store full card details ourselves; these are handled securely by payment service providers.
  • AML and fraud data: Records of AML checks, Source of Wealth documentation (for deposits exceeding the USD 2,000 threshold or equivalent), risk scores, sanctions screening results, and other compliance-related information.

Cookies and Similar Technologies

  • Cookies: Small text files placed on your device, including strictly necessary, functional, analytics, and advertising cookies.
  • Tracking technologies: Web beacons, pixels, SDKs and similar tools used for measuring performance, preventing fraud, and personalising content where allowed by law.

Details of specific cookies and how they function are outlined in the "Cookies & Tracking Technologies" section of this notice.

Legal Basis for Processing

We EXPAND the legal grounds for processing your personal data under the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where relevant, EU GDPR or other regional laws. For users located in Mexico, aspects of the Federal Law on Protection of Personal Data Held by Private Parties may also apply. We REFLECT these bases below so you can understand how our legitimate interests and legal obligations interact with your rights.

Performance of a Contract

  • Account creation and management: Processing your identity, contact and account data is necessary to register you, verify age and eligibility, maintain your account, and provide access to WPT Global services accessible via wptgloball.com.
  • Provision of services: Using your gameplay, transaction and behavioural data to enable you to enter tournaments, place wagers, receive payouts, and use platform features.
  • Customer support: Handling your inquiries, providing technical assistance, resolving issues with deposits or withdrawals, and managing complaints.

Compliance with Legal and Regulatory Obligations

  • AML and KYC laws: Compliance with Curaçao AML requirements, including collecting and retaining identification documents, Source of Wealth information for deposits above USD 2,000, and records of suspicious or reportable activities.
  • Record-keeping and tax obligations: Maintaining transaction records, accounting information and logs for periods required by applicable laws.
  • Sanctions and risk screening: Screening your data against sanctions and risk lists to comply with relevant regulations and prevent prohibited use of the platform.
  • Data protection requirements: Meeting obligations such as responding to access requests, maintaining security measures, and documenting decisions affecting your data.

Legitimate Interests

  • Platform security and fraud prevention: Monitoring behaviour, device information and transaction patterns to detect and prevent fraud, collusion, money laundering, bonus abuse, and other prohibited activities.
  • Service improvement and analytics: Analysing aggregated usage data to improve site performance, optimise tournaments, enhance game offerings, and refine our user interface.
  • Brand and business protection: Protecting our legal rights, managing disputes, enforcing Terms & Conditions, and defending against claims.

Where we rely on legitimate interests, we balance these against your fundamental rights and freedoms through documented assessments and apply safeguards such as pseudonymisation, access controls, and data minimisation.

Consent

  • Marketing communications: Sending promotional emails, SMS, or push notifications about WPT Global offers, tournaments, and bonuses as presented on wptgloball.com, where you have given your consent or where soft opt-in rules apply.
  • Optional cookies and tracking: Using non-essential analytics and advertising cookies or similar technologies, based on the choices you make in our cookie banner or account settings.
  • Special categories of data (where applicable): If we exceptionally process any special categories of personal data (for example in responsible gambling assessments or where required for legal claims), we will do so only under a specific legal basis permitted by law and, where required, your explicit consent.

You can withdraw your consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

Purpose of Processing

We OBSERVE how you use wptgloball.com, EXPAND that information into specific processing operations needed for offshore gambling services and compliance, and REFLECT these purposes clearly in this section.

Providing and Managing Our Services

  • Account registration and verification: Creating and maintaining your account, confirming your age and identity, and ensuring you are not in an Excluded Territory contrary to our Terms & Conditions (including the United Kingdom for active gambling services).
  • Game play and tournaments: Enabling you to enter cash games, tournaments, and promotions, tracking bets, calculating rake and winnings, and providing game history and records.
  • Payments and withdrawals: Processing deposits, withdrawals and refunds via payment processors such as Kaishen Ltd, Kashxa Limited and other partners, and keeping accurate financial records.

Compliance and Risk Management

  • AML/KYC compliance: Collecting and verifying identification documents, Source of Wealth data, and other records required under Curaçao AML laws and similar regulations.
  • Responsible gambling: Monitoring behaviour for signs of problem gambling, honouring self-exclusion requests, and applying limits or interventions where appropriate.
  • Security and integrity: Preventing fraud, collusion, account takeover, bonus abuse and misuse of bots or scripts, and protecting the integrity of tournaments.

Service Improvement, Analytics and Personalisation

  • Analytics and performance: Using aggregated and pseudonymised data to understand how users interact with wptgloball.com, improve site performance, and fix bugs.
  • Personalisation: Tailoring certain aspects of your experience, such as language settings, default views, or recommended tournaments where allowed by law and your settings.
  • Product development: Evaluating new features, games and promotions, and testing changes to our platform.

Marketing and Communication

  • Direct marketing: Sending offers, tournament information and promotional content relating to WPT Global as presented on wptgloball.com, in line with your preferences and applicable law.
  • Service messages: Informing you about important changes to Terms & Conditions, privacy notices, platform updates, security alerts, or account-related information.

Legal, Regulatory and Business Purposes

  • Dispute resolution and enforcement: Using relevant data to investigate complaints, defend legal claims, and enforce our contractual rights.
  • Corporate governance: Supporting audits, risk assessments, reporting to license holders and regulators in Curaçao, and maintaining internal records.

Disclosure & Sharing

We OBSERVE that data sharing is essential to operate an international online platform, EXPAND such sharing only to what is necessary, and REFLECT it transparently. We do not sell your personal data, but we share it with the following categories of recipients under appropriate safeguards.

Group and Operational Entities

  • Operating and management entities: Gaming Services Provider N.V., Seventip N.V. and other affiliated entities involved in operating and managing the WPT Global platform.
  • Development and technology partners: Entities such as Ace King I.T. Limited and other software providers supporting the platform, including hosting, maintenance and security services.

Payment and Financial Service Providers

  • Payment processors: Kaishen Ltd, Kashxa Limited and other third-party payment providers, banks, card schemes and e-wallet providers that process your deposits and withdrawals and perform fraud and AML checks.
  • Financial institutions: Banks and financial intermediaries required to complete transactions and comply with financial regulations.

Service Providers and Contractors

  • IT and security providers: Cloud hosting, content delivery networks, security monitoring tools, and technical support partners.
  • Analytics and marketing partners: Providers of analytics tools, customer relationship management platforms, and marketing services, including advertising networks where you have consented to the use of relevant cookies or marketing channels.
  • Customer support partners: Outsourced support agents who may access your account and interaction data to respond to your queries.

Regulators, Authorities and Dispute Bodies

  • Regulatory authorities: Curaçao licensing authorities (for example, in relation to licence 365/JAZ), financial intelligence units, tax authorities, and law enforcement bodies where legally required.
  • Supervisory data protection authorities: Data protection regulators in the UK, EU or other relevant jurisdictions when handling complaints or investigations.

Other Disclosures

  • Corporate transactions: In the event of a reorganisation, merger, acquisition, asset sale or restructuring involving entities associated with WPT Global or Element Partners, your personal data may be transferred to the relevant third parties subject to confidentiality and data protection safeguards.
  • Legal claims: Where necessary to establish, exercise, or defend legal claims, or to protect our rights, users, or others.

Where required by law, we will obtain your consent before sharing data with certain advertising partners or affiliates, and you can withdraw such consent at any time.

International Transfers

The WPT Global platform, as presented on wptgloball.com, relies on an international infrastructure. We OBSERVE that data may move across borders, EXPAND protections through contracts and technical measures, and REFLECT these safeguards for your understanding.

Where Your Data May Be Transferred

  • Curaçao: To Gaming Services Provider N.V. and related entities operating the platform under licence 365/JAZ and sublicence GLH-OCCHKTW0701202022.
  • Cyprus: To payment processors such as Kaishen Ltd and Kashxa Limited for processing payments and performing related AML and fraud checks.
  • European Economic Area (EEA) and other locations: To hosting providers, technology partners and support teams located in the EEA or other jurisdictions, as disclosed from time to time.
  • Other third countries: To additional service providers located outside the UK and EEA (for example, where specialised IT or support services are provided from other regions).

Legal Mechanisms for Transfers

  • UK and EU adequacy decisions: Transfers from the UK to the EEA (including Cyprus) typically rely on UK adequacy regulations recognising the EEA as providing an adequate level of protection.
  • Standard Contractual Clauses (SCCs): For transfers from the UK or EEA to countries that are not recognised as providing an adequate level of protection (for example, Curaçao or certain third countries), we generally use appropriate contractual safeguards such as the UK-approved International Data Transfer Addendum and/or EU Standard Contractual Clauses, combined with risk assessments and supplementary technical measures.
  • Other safeguards: Where appropriate, we use additional safeguards such as encryption, access controls, and data minimisation to reduce transfer-related risks.

Details of the specific transfer mechanisms relevant to your data can be requested using the contact details set out in the "Complaints & Contacts" section, subject to redaction of confidential information.

Data Retention

We OBSERVE how long data remains useful, EXPAND retention where required for legal or regulatory reasons, and REFLECT clear timeframes and criteria for deletion or anonymisation.

General Principles

  • Necessity: We keep personal data only for as long as reasonably necessary to fulfil the purposes described in this privacy notice and to meet legal, regulatory, tax and accounting requirements.
  • Legal obligations: Certain records must be kept for minimum periods under AML, financial and corporate laws (for example, retaining key AML and transaction records for several years after the end of the relationship).
  • Anonymisation: Where possible, we anonymise data so that it no longer identifies you and may be used for analytics and business planning without further notice to you.

Indicative Retention Periods

  • Account and profile data: Generally retained for the duration of your account and up to five (5) years after account closure, unless a longer period is required by law or necessary to manage ongoing disputes.
  • AML and KYC records: Identity documents, Source of Wealth information and related compliance records are usually kept for up to five (5) to seven (7) years after the end of the business relationship or the date of the last transaction, in line with AML obligations.
  • Transaction data: Financial and transactional records are typically retained for at least seven (7) years to comply with accounting and tax requirements.
  • Technical logs and security data: Security logs and technical data (such as IP logs) are generally kept for one (1) to two (2) years, unless needed longer for incident investigations or legal claims.
  • Marketing data: Data used for marketing is retained until you withdraw consent or object to such processing, following which it is either deleted or placed on a suppression list to honour your preferences.
  • Cookies: Cookie lifetimes vary by type; session cookies expire when you close your browser, while persistent cookies may last from a few days up to around two (2) years, as described in our cookie tools.

When retention periods expire, we will securely delete or anonymise personal data, unless it must be kept longer for legal, regulatory or legitimate interest reasons (for example, an ongoing dispute).

Your Rights

We OBSERVE your legal rights under UK and other applicable data protection laws, EXPAND them into operational procedures, and REFLECT them below in a structured way. Rights may differ slightly depending on where you are located, but we aim to provide a clear and consistent approach, particularly for users in the United Kingdom and, where relevant, Mexico.

Rights Under UK GDPR / EU GDPR

  • Right of access: You can request confirmation of whether we process your personal data and receive a copy of that data, along with information about how it is used.
  • Right to rectification: You can ask us to correct inaccurate or incomplete personal data we hold about you.
  • Right to erasure: You can request deletion of your personal data in certain circumstances (for example, where it is no longer needed for the original purposes or you withdraw consent and there is no other legal basis), subject to legal and regulatory retention obligations (such as AML requirements).
  • Right to restriction: You can request that we restrict the processing of your personal data in specified situations, for example while we verify accuracy or assess an objection.
  • Right to object: You can object to processing based on our legitimate interests, including profiling, and we will stop processing unless we demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or where processing is needed for legal claims.
  • Right to object to marketing: You can object at any time to the use of your personal data for direct marketing, including profiling related to direct marketing, and we will stop such processing.
  • Right to data portability: You can request certain personal data in a structured, commonly used and machine-readable format and ask us to transfer it to another controller, where technically feasible and where processing is based on consent or contract and carried out by automated means.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time, without affecting the lawfulness of processing prior to withdrawal.

Rights Under Mexican Data Protection Law (Where Applicable)

For users located in Mexico, additional rights may apply under the Federal Law on Protection of Personal Data Held by Private Parties, often referred to as ARCO rights:

  • Access: Obtain information about whether we hold your personal data and the conditions of its processing.
  • Rectification: Request corrections to inaccurate or incomplete data.
  • Cancellation: Request that we cancel (delete) your personal data when you consider it is not necessary for the purposes stated or is being used inappropriately, subject to legal retention obligations.
  • Opposition: Object to the processing of your personal data for specific purposes, in accordance with applicable law.

How to Exercise Your Rights

  1. Submit a request: Contact us at [email protected] with "Data Rights Request" in the subject line, or use the live chat on wptgloball.com and clearly state your request (for example, access, rectification, erasure, restriction, objection, portability, or ARCO rights).
  2. Verification: We may ask for information or documentation to verify your identity and, where relevant, your location (for example, whether you are in the UK, EEA or Mexico) before acting on your request.
  3. Response time: We aim to respond within one (1) month of receiving a valid request. For complex or multiple requests, this period may be extended by up to a further two (2) months, in which case we will inform you of the extension and reasons.
  4. Fees: Requests are generally handled free of charge. We may charge a reasonable fee or refuse to act on requests that are manifestly unfounded or excessive, particularly if repetitive.

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority as described in the "Complaints & Contacts" section.

Cookies & Tracking Technologies

We OBSERVE how cookies and similar technologies interact with your browsing, EXPAND their use for functionality, analytics and marketing, and REFLECT your choices and controls.

Types of Cookies We Use

  • Strictly necessary cookies: Essential for the operation of wptgloball.com, such as those enabling login, account management, security features and transaction processing. These are usually set in response to actions you take and cannot be switched off via our cookie tools, though you may block them in your browser (which may affect functionality).
  • Functional cookies: Enable enhanced functionality and personalisation, such as remembering your language preferences or display settings.
  • Analytics/performance cookies: Help us understand how visitors use our site, which pages are most frequently visited, and how users interact with content, allowing us to improve performance and usability.
  • Advertising and targeting cookies: Used (where permitted by law and your choices) to deliver more relevant ads about WPT Global offerings, measure campaign performance, and build pseudonymised audience segments.

Third-Party Cookies and Tracking

  • Third-party providers: Some cookies and similar technologies are set by third parties such as analytics providers, advertising networks and social media platforms.
  • Cross-site tracking: Where you consent, these third parties may use information about your visits to wptgloball.com and other sites to show you relevant advertising or to measure effectiveness of campaigns.

Managing Cookies and Choices

  • Cookie banner and preferences: When you first visit wptgloball.com, you may be presented with a cookie banner allowing you to accept, reject or customise non-essential cookies. You can revisit your choices using available site tools (for example, "Cookie Settings" links).
  • Browser settings: Most browsers allow you to block or delete cookies via settings or preferences. Doing so may impact certain functions of the site.
  • Opt-out mechanisms: For some third-party analytics and advertising services, additional opt-out options may be available on their own websites or via industry tools.

Data Security

We OBSERVE the sensitivity of the data we handle, EXPAND our security measures to protect it in transit and at rest, and REFLECT those measures so you understand our approach. While no system is completely risk-free, we implement a combination of technical and organisational safeguards appropriate to the risks of operating an offshore online gambling platform.

Technical Measures

  • Encryption: Use of TLS 1.2 or higher or equivalent for data transmitted between your browser or app and our servers, and industry-standard encryption for sensitive data at rest where appropriate.
  • Access control: Role-based access controls and authentication mechanisms to ensure that only authorised personnel and systems can access personal data, based on a need-to-know principle.
  • Network and application security: Firewalls, intrusion detection and prevention systems, anti-malware solutions, secure coding practices, and regular patching and vulnerability management.

Organisational Measures

  • Policies and training: Internal policies on data protection, information security and acceptable use, combined with staff training and awareness programmes for employees and contractors who may handle your personal data.
  • Vendor management: Due diligence and contractual safeguards for third-party service providers, including security obligations, confidentiality and data protection commitments.
  • Access logging and monitoring: Logging of access to systems and data, with monitoring for suspicious or unauthorised activity.

Incident Response

  • Detection and response: Procedures to detect, assess and respond to suspected data breaches or security incidents.
  • Notification: Where required by law, we will notify relevant supervisory authorities and affected individuals without undue delay following the discovery of a personal data breach.

We design our controls with reference to recognised international security standards (such as ISO 27001 or SOC 2) and adapt them as threats and regulatory expectations evolve, without implying formal certification unless explicitly stated elsewhere on wptgloball.com.

Complaints & Contacts

We OBSERVE that disputes and concerns can arise, EXPAND clear procedures for handling them, and REFLECT your right to escalate to supervisory authorities.

Contact Channels

  • Email (primary): [email protected]
  • Live chat: Accessible via wptgloball.com, typically with bot assistance at first and human support generally available within 5 minutes during Asian business hours (approximately 08:00-22:00 UTC).
  • Postal address: The applicable legal or mailing address of Gaming Services Provider N.V. or related entities is as stated in the Terms & Conditions or legal notices on wptgloball.com and may be used for written correspondence.

Internal Complaint Procedure

  1. Step 1 - Submit your concern: Send us a detailed explanation of your privacy concern or complaint using email or live chat, including relevant dates, account details and supporting information.
  2. Step 2 - Acknowledgement: We aim to acknowledge receipt of your complaint within seven (7) days.
  3. Step 3 - Investigation: We will investigate your concern, which may involve reviewing logs, speaking with relevant teams and requesting additional information from you where necessary.
  4. Step 4 - Response: We aim to provide a substantive response within one (1) month from receiving a complete complaint. Complex cases may require more time, in which case we will inform you of any extension and expected timelines.

Please note that this process concerns privacy and data protection issues only. As an offshore operator licensed in Curaçao, we are not subject to UKGC dispute resolution mechanisms, and no binding gambling arbitration is available to UK residents.

Escalation to Supervisory Authorities

If you are not satisfied with our response or believe that your data protection rights have been infringed, you have the right to lodge a complaint with a supervisory authority.

  • United Kingdom (UK users): Information Commissioner's Office (ICO)
    Website: www.ico.org.uk
  • European Union / EEA: You can contact your local data protection authority. A list of supervisory authorities is available from the European Data Protection Board (EDPB) website at edpb.europa.eu.
  • Mexico (where Mexican law applies): National Institute for Transparency, Access to Information and Personal Data Protection (INAI)
    Website: www.inai.org.mx

We encourage you to contact us first so we can attempt to resolve your concern directly, but you are not required to do so before contacting a supervisory authority.

Updates

We OBSERVE changes in our operations and the law, EXPAND this into regular reviews of our privacy documentation, and REFLECT those updates transparently for you.

How and When We Update This Notice

  • Review cycle: We review this privacy notice periodically and whenever there are significant changes to our processing activities, technology stack, regulatory environment or corporate structure.
  • Versioning and date: Each version of this notice is identified by a "Last updated" date so you can see when it was most recently revised.
  • Material changes: Where we make material changes that significantly affect how we process your personal data, we will provide more prominent notice (for example, via email, account notifications, or banners on wptgloball.com) and, where required, seek your consent for new processing activities.

Notification Methods and Advance Notice

  • Email and in-account messages: We may notify registered users by email or in-account message about important updates.
  • Website banners and notices: We may display banners or notices on wptgloball.com highlighting key changes.
  • Advance notice for significant changes: For significant updates that materially affect your rights or the way we use your data, we will, where reasonably practicable, provide at least thirty (30) days' advance notice before the changes take effect. If you do not agree to the updated terms, you may close your account and stop using the services before the effective date.

Last updated: November 2025

This version of the privacy notice has been prepared specifically for the WPT Global project on wptgloball.com, reflecting its offshore licensing under Curaçao 365/JAZ and related structures, as well as data protection obligations applicable to users in the United Kingdom and other relevant regions.