burger icon
Nalu Casino United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Famagousta B.V., as operator of Nalu Casino (Nalu Casino) available at nelucasino.com, collects, uses, discloses, and protects your personal data when you visit our website, create an account, play games, or otherwise interact with us. It applies to all visitors to nelucasino.com and to all registered players, including those located in the United Kingdom and other countries where our services are accessible. This Privacy Policy is primarily based on the UK General Data Protection Regulation ("UK GDPR") and the UK Data Protection Act 2018, with additional references to other applicable laws where relevant. By using our services, you acknowledge that you have read this Privacy Policy. Effective date: 1 January 2026.

Who We Are

Nalu Casino (Nalu Casino) is an online gambling service operated for users of nelucasino.com.

Data controller: The main data controller responsible for your personal data is:

  • Company name: Famagousta B.V.
  • Legal form: Private limited company (B.V.)
  • Registration number: 152449
  • Jurisdiction of incorporation: Curaçao
  • Licensing: Famagousta B.V. operates Nalu Casino under Antillephone N.V. online gambling sub-license number 8048/JAZ, issued in Curaçao. License validation may be checked via the Antillephone validator for nelucasino.com.

Famagousta B.V. is an offshore operator and does not hold a licence from the UK Gambling Commission. This affects your ability to escalate gambling-related disputes to the UK Gambling Commission or IBAS, but it does not limit your rights under UK data protection law, which we seek to respect for UK-based users.

Payment processing partner: For certain payment methods (including card payments, especially within the EU/EEA and UK), we may use the following group company or service provider:

  • Name: Fandonia Ltd
  • Jurisdiction: Cyprus
  • Role: Payment processor and, in some cases, joint controller for specific payment-related data. Your card statement may show transaction descriptors associated with such processors (for example, descriptors not obviously linked to "Nalu Casino"), to reduce payment blocks by banks. These descriptors still relate to your deposits to nelucasino.com.

Further details about the operator and its corporate structure may be provided in our Terms and Conditions and KYC policy pages on nelucasino.com.

Data Protection Officer / Data Protection Contact:

  • Email (primary contact for privacy matters): [email protected]
  • Alternative contact: support channels and contact form available via nelucasino.com (for example, "Contact Us" page or live chat).
  • Postal contact (data protection): Data Protection Officer, Famagousta B.V., Curaçao (current postal address as published from time to time on nelucasino.com and/or in our corporate documents). When you contact us in writing, please mark your correspondence "Data Protection - Nalu Casino".

What Personal Data We Collect

We collect and process different categories of personal data in order to operate Nalu Casino at nelucasino.com, provide gambling services, comply with legal obligations, and improve our products.

Identity and Contact Data

  • Full name, date of birth, and gender (where provided).
  • Residential address, country of residence, and proof of address (e.g., utility bill or bank statement) for KYC/AML verification.
  • Government-issued identification details, such as passport or national ID number, ID card scans, selfies or live photos used to verify that your identity documents are genuine and match you, as further described in our KYC policy on nelucasino.com.
  • Email address(es) used for account registration, communication, and marketing (if you opt-in).
  • Telephone number(s), including mobile numbers, used for account security, verification, and support.
  • Other contact or demographic details you voluntarily provide (such as preferred language or time zone).

Account and Behavioural Data

  • Username, account ID, and other profile details associated with your gaming account.
  • Login history, session identifiers, and security logs (successful and failed login attempts, password changes, and security questions, where applicable).
  • Gameplay information, including games played, bets placed, outcomes, bonuses claimed, bonus exclusions, wagering requirements, and game preferences.
  • Transaction history, including deposits, withdrawals, applied withdrawal limits (for example, limits such as €1,000 in a rolling 24-hour window), declined transactions, and chargeback history.
  • Behavioural patterns relevant to responsible gambling and anti-fraud (for example, unusually high bet frequencies, sudden changes in betting patterns, or patterns indicative of bonus abuse or money laundering risk).
  • Clickstream data and interaction with our site (pages visited, time and date of visits, navigation paths, buttons clicked, banners opened, and similar usage data).

Technical and Device Data

  • IP address, approximate location derived from IP (e.g., country or city-level), and related geolocation information.
  • Device information, such as device type, operating system, browser type and version, device identifiers, screen resolution, and language settings.
  • Log files and diagnostic data related to errors, crashes, and performance issues.
  • Information produced by security and anti-fraud tools, including device fingerprinting data and indicators of VPN/proxy usage.

Payment and Financial Data

  • Payment method details, such as card type and partially masked card number, expiry date, and payment token, where applicable. We typically do not store your full card number; this is handled by our payment processors.
  • Bank account or e-wallet identifiers where required to process withdrawals.
  • Payment transaction identifiers, authorisation codes, and transaction timestamps.
  • Billing and transactional data related to deposits, withdrawals, refunds, chargebacks, and disputes.
  • Information about how payments appear on your bank or card statements, including payment descriptors which may refer to linked service providers (for example, descriptors that differ from "Nalu Casino").

Communication Data

  • Records of your communications with us via email, live chat, contact forms, or telephone (including call recordings where permitted by law, with appropriate notice).
  • Content of complaints, queries, and feedback you submit, including attachments (e.g., screenshots, additional identity documents, or bank statements you choose to share).

Marketing and Preference Data

  • Marketing preferences, including your subscriptions to promotional emails, SMS, push notifications, and other marketing channels.
  • Information about your responses to marketing communications (for example, whether you opened an email, clicked a link, or opted out).
  • Data used to build segments or profiles for responsible marketing, always within the limits allowed by applicable law.

Cookies and Similar Technologies

  • Cookies (small text files stored on your device) used for essential site functionality, security, analytics, and advertising.
  • Similar technologies such as pixel tags, web beacons, SDKs, and local storage that help us recognise your browser or device, understand how you use our site, and deliver personalised content.

More information on cookies and how to manage them is set out in the "Cookies & Tracking Technologies" section below and may also be provided in a dedicated cookie notice or banner on nelucasino.com.

Legal Basis for Processing

We process your personal data only when we have a valid legal basis under applicable data protection laws, including the UK GDPR and, when relevant, the EU GDPR and Mexican data protection regulations. The main legal bases we rely on are:

Performance of a Contract

  • To create and manage your player account and provide access to Nalu Casino at nelucasino.com.
  • To process deposits, withdrawals, and other financial transactions related to your gambling activity.
  • To provide customer support, handle your requests, and communicate with you about your account, transactions, and game play.
  • To administer promotions and bonuses, including enforcing applicable bonus terms and exclusions as set out in our Terms and Conditions.

Compliance with Legal Obligations

  • To meet anti-money laundering (AML), counter-terrorist financing (CTF), sanctions, and "Know Your Customer" (KYC) requirements, including identity verification and ongoing monitoring of transactions.
  • To comply with applicable gambling, tax, corporate, and reporting obligations in Curaçao and any other jurisdictions that impose mandatory requirements on the operator or its processors.
  • To retain certain records for legally required periods (for example, AML-relevant records and transactional data for a specified number of years), even after account closure.
  • To respond to lawful requests from competent authorities, courts, regulators, or law enforcement agencies.

Legitimate Interests

We rely on our legitimate business interests, balanced against your privacy rights, for certain types of processing. These interests include:

  • Ensuring the integrity and security of our services, including preventing fraud, abuse, bonus misuse, and unauthorised account access.
  • Monitoring gameplay and transactional patterns to detect suspicious activity and protect both our business and other players.
  • Improving our products and services, including troubleshooting, testing, data analysis, and service optimisation.
  • Personalising content (e.g., game recommendations) and improving user experience based on aggregated or pseudonymised behavioural data.
  • Establishing, exercising, or defending legal claims, including in relation to disputes, chargebacks, and regulatory investigations.

Where we rely on legitimate interests, we perform a balancing test to ensure that our interests do not override your fundamental rights and freedoms. You may have the right to object to certain processing based on legitimate interests (see "Your Rights" below).

Consent

  • For sending direct marketing communications (email, SMS, push notifications) where consent is required under applicable law.
  • For using non-essential cookies and similar tracking technologies (especially for analytics and advertising) when required by UK privacy and electronic communications rules.
  • For any processing that cannot be justified on another legal basis or where the law specifically requires explicit consent (for example, certain categories of sensitive data, if collected).

You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. Withdrawal options are explained in the "Your Rights" and "Cookies & Tracking Technologies" sections.

Purpose of Processing

We use your personal data for clearly defined purposes, which we seek to explain in a transparent and understandable way.

  • Provision of gambling services: To operate Nalu Casino at nelucasino.com, including account creation, identity verification, processing of deposits and withdrawals, enabling game play, managing bonuses, and providing customer support.
  • Compliance and risk management: To comply with AML/KYC rules, gambling regulations applicable to our licence in Curaçao, and other laws; to monitor for fraud, abuse, and suspicious activity; and to maintain audit trails and compliance records.
  • Service improvement and analytics: To analyse how users interact with our site, games, and features so that we can improve usability, performance, security, and game offerings, usually using aggregated or pseudonymised data where possible.
  • Personalisation: To tailor content and offers (such as recommending games or presenting promotions) based on your preferences and behaviour, in line with applicable law and your marketing and cookie choices.
  • Marketing communications: To send you news, promotions, and special offers about Nalu Casino via email, SMS, push notifications, or other channels, where authorised by law and subject to your consent and preferences.
  • Security and integrity of the platform: To protect our systems and players against unauthorised access, bots, DDoS attacks, account takeover attempts, and other security threats.
  • Disputes and enforcement of terms: To handle disagreements, complaints, chargebacks, and any disputes arising from your use of our services; to enforce our Terms and Conditions and KYC policy, including investigation of possible breaches.
  • Business operations: To manage our business (e.g., financial reporting, internal controls, forecasting, and restructuring), including cooperation with payment processors and service providers.

Disclosure & Sharing

We do not sell your personal data to third parties. However, we may disclose or share your data with trusted recipients when necessary for the purposes described above, with appropriate safeguards in place.

Group Companies and Payment Processors

  • Fandonia Ltd and other affiliated entities involved in payment processing, chargeback handling, and transaction risk management.
  • Other group entities or successors in the context of a corporate restructuring, merger, acquisition, or transfer of business, always subject to data protection requirements.

Service Providers and Business Partners

  • IT hosting providers, cloud services, and data centres that host our systems and databases.
  • Game providers and platform partners who provide gaming content and related services, where necessary to deliver specific games and features.
  • Customer support vendors, communication platforms (e.g., email and SMS service providers), and live chat providers.
  • Fraud detection, AML/KYC, and identity verification providers (for example, providers that verify ID document authenticity or perform database checks to prevent fraud and money laundering).
  • Analytics and performance monitoring services that help us understand site usage and resolve technical issues, where permitted by applicable cookie and tracking rules.

Regulators, Authorities, and Dispute Bodies

  • Regulators and licensing bodies in Curaçao (e.g., Antillephone N.V.) as required by the terms of our licence 8048/JAZ and applicable regulation.
  • Tax, customs, anti-corruption, and law enforcement authorities, as required by law or by valid legal process.
  • Civil courts, arbitration bodies, or other dispute resolution entities if necessary to establish, exercise, or defend legal claims.

Advertising and Marketing Partners

  • Marketing agencies, affiliates, and advertising networks that help us promote Nalu Casino and measure campaign performance, subject to your marketing and cookie preferences.
  • Third-party platforms on which we advertise, to the extent permitted by applicable law and only with appropriate safeguards and, where required, your consent.

Other Situations

  • When you explicitly request or consent to data sharing with a specific third party (e.g., a payment method or responsible gambling support organisation).
  • When disclosure is necessary to protect your vital interests or those of another person (for example, in situations involving potential risk of serious harm).

Where we share personal data with third parties, we impose contractual obligations that require recipients to protect your data, use it only for specified purposes, and comply with applicable data protection laws.

International Transfers

Because Famagousta B.V. and some of our service providers are established outside the United Kingdom and the European Economic Area (EEA), your personal data may be transferred to, stored in, or otherwise processed in countries that may have different data protection standards from those in your home country.

These locations may include, in particular:

  • Curaçao: Where Famagousta B.V. is incorporated and where certain core gaming and compliance systems are hosted.
  • Cyprus and other EEA countries: Where our payment processors, financial partners, or certain IT and support services are based.
  • Other countries: Where technology providers, cloud hosting services, analytics platforms, or support vendors operate, including potentially outside the UK/EEA.

When we transfer personal data outside the UK or EEA, we implement appropriate safeguards to protect your data in line with UK GDPR and, where relevant, EU GDPR requirements. These safeguards may include:

  • Transfers to countries that the UK government and/or European Commission has recognised as providing an adequate level of data protection.
  • Standard contractual clauses (SCCs) approved by the European Commission, combined with the UK International Data Transfer Addendum or other UK-approved transfer mechanisms.
  • Robust contractual and technical measures (such as encryption and access controls) which help ensure that your data remains protected when processed overseas.

If you would like more information about the specific safeguards we apply to international transfers, you may contact us using the details in the "Complaints & Contacts" section.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected or to comply with legal, regulatory, or operational requirements. Retention periods vary depending on the type of data and the context of processing.

  • Account and identity data: As a general rule, we keep your core account information (such as name, contact details, and KYC documents) for the duration of your account and for up to 5 years after account closure, or longer where required by AML, gambling, or financial regulations.
  • Transactional and payment data: We retain transaction records (deposits, withdrawals, bets, and related financial information) for at least 5 years from the date of the relevant transaction, or longer if necessary for tax, accounting, AML, or dispute resolution purposes.
  • Gameplay and behavioural data: We typically retain gameplay logs and behavioural data for as long as your account is active and for a further period reasonably necessary for security, risk management, and dispute handling, generally aligned with the retention period for transactional data.
  • Communication and complaint records: Correspondence with customer support and complaint files are usually kept for up to 5 years after the issue has been resolved, or longer if needed for legal purposes.
  • Marketing and preference data: We store marketing preferences and consent records for as long as we send you marketing or retain your account, plus a period necessary to demonstrate compliance with consent and opt-out requests (typically up to 5 years after your last interaction with us).
  • Technical logs: Technical logs (such as access logs and error reports) are kept for shorter periods, typically from a few months to two years, unless longer retention is required for security investigations or legal obligations.

When data is no longer required, we will securely delete, anonymise, or aggregate it so that it can no longer be linked to you. In some cases, you may request earlier deletion of your personal data; see the "Your Rights" section for more details. However, we may need to retain certain data despite your request where we are legally obligated to do so or where retention is necessary for legal claims or regulatory requirements.

Your Rights

Depending on where you are located, you have a range of rights regarding your personal data. For UK-based users, these rights arise primarily from the UK GDPR and Data Protection Act 2018. For EU-based users, similar rights apply under the EU GDPR. For users in Mexico, additional rights apply under the Federal Law on Protection of Personal Data Held by Private Parties and related regulations. We aim to respect and facilitate these rights for all players where reasonably possible.

Core Data Protection Rights (UK/EU)

  • Right of access: You can ask us whether we process your personal data and request a copy of that data, along with information about how we use it.
  • Right to rectification: You can request correction of inaccurate or incomplete personal data. Where possible, you may update some information directly via your account.
  • Right to erasure ("right to be forgotten"): You can ask us to delete your personal data in certain situations, for example when it is no longer needed for the purpose for which it was collected or where you withdraw consent and there is no other legal basis to continue processing. This right is subject to important limitations, especially where we must retain data to comply with AML or other legal obligations.
  • Right to restriction of processing: You can ask us to restrict processing of your data (for example, while we verify accuracy or assess an objection), during which we will store the data but not use it for most purposes.
  • Right to object: You can object to certain processing based on legitimate interests, including profiling. We will stop processing unless we have compelling legitimate grounds that override your interests or processing is needed for legal claims. You can also always object to direct marketing, in which case we will stop sending marketing communications.
  • Right to data portability: You can request certain personal data in a structured, commonly used, machine-readable format and ask us to transmit it to another controller where technically feasible and legally required.
  • Right to withdraw consent: Where we rely on your consent (for example for marketing or cookies), you may withdraw that consent at any time without affecting processing that occurred before withdrawal.

ARCO Rights and Mexican Law

If you are located in Mexico, you additionally benefit from the ARCO rights under Mexican data protection law (Access, Rectification, Cancellation, and Opposition):

  • Access: You may request confirmation about whether we hold your personal data and obtain access to it.
  • Rectification: You may request updates or corrections to personal data that is inaccurate or incomplete.
  • Cancellation: Subject to legal limitations, you may request that we cancel or delete your personal data when you consider it is not required for the purposes described or is being processed unlawfully.
  • Opposition: You may object to the processing of your personal data for specific purposes, such as certain marketing or profiling activities.

Where Mexican law applies, we will handle ARCO requests in accordance with the relevant Mexican regulations, in addition to other applicable laws.

How to Exercise Your Rights

  • Submitting a request: You can submit rights requests by emailing [email protected] or by contacting us through the dedicated forms or support channels on nelucasino.com. Please clearly indicate that your request concerns data protection rights and specify which rights you want to exercise.
  • Verification: We may need to verify your identity before responding to your request, using reasonable measures (for example, by confirming access to your registered email or requesting additional verification information) to prevent unauthorised access to your data.
  • Response time: We will aim to respond to your request within 30 days of receipt and verification. In complex cases or where we receive multiple requests, this period may be extended in accordance with applicable law, but we will inform you about any extension and the reasons for it.
  • Cost: We handle rights requests free of charge. However, we may charge a reasonable fee or decline to act on requests that are manifestly unfounded or excessive, in line with applicable law.
  • Limitations: Some rights may be limited by our legal obligations (for example, AML and gambling regulations that require us to retain specific data) or by the need to protect the rights and freedoms of others. Where we cannot fully comply with your request, we will explain the reasons, unless legal restrictions prevent us from doing so.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies on nelucasino.com to ensure the proper functioning of our services, enhance user experience, perform analytics, and support marketing activities in compliance with applicable law (including UK rules on electronic communications and cookies).

Types of Cookies We Use

  • Strictly necessary (session) cookies: These cookies are essential for the operation of the website and your ability to log in, navigate, and use key features (such as accessing games, secure areas, and payment pages). Without these cookies, our services may not function properly.
  • Functional (persistent) cookies: These cookies remember your preferences (such as language, currency, and login preferences) to provide a more personalised and convenient experience across visits.
  • Analytics and performance cookies: These cookies help us understand how visitors use our site, which pages are most popular, how often errors occur, and how users navigate between pages. We use this information to improve site performance and usability.
  • Advertising and targeting cookies: These cookies are used to deliver relevant advertising about Nalu Casino, measure the effectiveness of our campaigns, and limit how often you see a particular ad. They may be set by us or by our advertising partners and affiliates.
  • Third-party cookies: Some cookies may be placed by third-party service providers (for example, analytics platforms or embedded content providers) to provide their services on our site.

Managing and Disabling Cookies

  • Cookie banner and settings: When you first visit nelucasino.com (and periodically thereafter), you may be presented with a cookie banner or preference centre allowing you to accept or reject non-essential cookies. You can adjust your choices at any time via the "Cookie Settings" link or a similar tool on our site, where available.
  • Browser settings: Most browsers allow you to manage cookies through their settings, including blocking or deleting cookies. Please note that blocking all cookies may significantly affect the functionality of the site and your ability to use some features.
  • Opt-out of advertising cookies: Some advertising partners may offer opt-out mechanisms on their own sites or through industry platforms. For more information, you may consult your browser's help section or relevant industry resources.

For more detailed information on specific cookies used on nelucasino.com and their lifetimes, please refer to any dedicated cookie notice or cookie list available on our website.

Data Security

We take the security of your personal data seriously and implement technical and organisational measures designed to protect it against unauthorised access, accidental loss, destruction, or damage.

Technical and Organisational Measures

  • Encryption in transit and at rest: We use up-to-date encryption technologies (such as TLS 1.2 or higher) to protect data transmitted between your browser and our servers. Where feasible, we also encrypt sensitive data at rest in our systems.
  • Access controls: Access to personal data is limited to authorised personnel and service providers who need to know the information for legitimate business purposes, and such access is governed by role-based permissions and authentication mechanisms.
  • Multi-factor authentication and security monitoring: We may deploy multi-factor authentication for internal systems and, where supported, for player accounts. Our security systems monitor for suspicious activity and potential threats.
  • Network and infrastructure security: We apply firewalls, intrusion detection and prevention systems, anti-malware tools, and other security technologies to protect our infrastructure.
  • Data minimisation and pseudonymisation: Where possible, we minimise the personal data we process and may pseudonymise or aggregate data to reduce privacy risks.

Governance, Training, and Compliance

  • Policies and procedures: We maintain internal policies for information security, data protection, incident response, and access management, which are periodically reviewed and updated.
  • Staff training: Employees and contractors with access to personal data receive training on data protection, information security, and confidentiality obligations.
  • Risk assessments and audits: We perform risk assessments and, where appropriate, security audits or reviews of our systems and service providers to evaluate and improve security controls.
  • Alignment with recognised standards: We strive to align our information security practices with recognised industry standards (such as ISO 27001 and SOC 2) to the extent appropriate for our operations, even if we may not hold formal certification for all systems.

Incident Response

  • If we become aware of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will assess the situation promptly and, where required by law, notify relevant supervisory authorities and affected individuals without undue delay.
  • We maintain incident response procedures to identify, contain, and remediate security incidents and to learn from them in order to reduce the likelihood of recurrence.

Despite our efforts, no system can be guaranteed 100% secure. You also play an important role in protecting your data by keeping your account credentials confidential, using strong passwords, and promptly informing us if you suspect any unauthorised access to your account.

Complaints & Contacts

We encourage you to contact us first if you have any questions or concerns about how we handle your personal data. We take privacy-related complaints seriously and aim to resolve them promptly and fairly.

How to Contact Us

  • Email (primary contact): [email protected]
  • Support and contact forms: You can also reach us through the support tools available on nelucasino.com (such as live chat or online contact forms). Please indicate that your message relates to data protection or privacy.
  • Postal contact: Data Protection Officer, Famagousta B.V., Curaçao (using the latest postal address indicated in our corporate information or Terms and Conditions on nelucasino.com). Clearly label your letter "Data Protection - Nalu Casino".

Internal Complaint Handling Procedure

  1. Step 1 - Initial contact: Contact our customer support or data protection contact ([email protected]) explaining your concern or complaint and providing any relevant details (such as account ID, dates, and supporting documents).
  2. Step 2 - Acknowledgment: We will acknowledge receipt of your complaint as soon as reasonably possible, usually within a few business days.
  3. Step 3 - Investigation: We will investigate your complaint, which may involve reviewing system logs, communications, and relevant internal records. We may contact you for further information if necessary.
  4. Step 4 - Response: We will aim to provide a substantive response within 30 days of receiving your complaint. If we need more time due to complexity or volume, we will inform you of the delay and the expected timeframe.
  5. Step 5 - Follow-up: If you are not satisfied with our response, you may request escalation to our Data Protection Officer or raise the matter with a competent supervisory authority as described below.

Escalation to Supervisory Authorities

If you believe that we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with a data protection authority. Your options may include:

  • United Kingdom: If you are in the UK, you can complain to the Information Commissioner's Office (ICO). Further details are available at www.ico.org.uk. The ICO can be contacted via their website, by phone, or by post using the contact details published on their site.
  • European Union: If you are in the EEA, you can contact your local Data Protection Authority (DPA) in the country where you live, work, or where you believe the infringement occurred. A list of DPAs is available on the European Data Protection Board's website.
  • Mexico: If you are in Mexico, you may lodge a complaint with the National Institute for Transparency, Access to Information and Personal Data Protection (INAI), in accordance with Mexican data protection law.

Please note that while Nalu Casino at nelucasino.com operates under a Curaçao licence and does not hold a UK Gambling Commission licence, this does not limit your right to bring data protection complaints to the ICO or other competent data protection authorities. However, gambling dispute mechanisms (such as IBAS or UKGC dispute processes) may not be available to you for non-privacy matters.

Updates

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data processing practices. When we do so, we will take reasonable steps to inform you of material changes and give you an opportunity to review them.

Notification of Changes

  • Website publication: The most current version of this Privacy Policy will always be available on nelucasino.com, replacing any earlier versions.
  • Email notifications: For significant changes, we may notify registered players by email using the address associated with their accounts.
  • On-site notices: We may display banners, pop-up messages, or account dashboard alerts drawing attention to important updates.

Effective Dates and Advance Notice

  • Last updated: 1 January 2026.
  • Effective date of material changes: For significant changes that materially affect your rights or the way we process your data (for example, new types of data processing or new categories of recipients), we will, where reasonably possible, provide notice at least 30 days before the changes take effect, especially for users with active accounts.
  • Your options: If you do not agree with material changes to this Privacy Policy, you may choose to close your account and stop using nelucasino.com. Where permitted by law, continued use of our services after the effective date of changes will be treated as acceptance of the updated Privacy Policy.

Change Log (Illustrative)

  • Clarification of roles of Famagousta B.V. and Fandonia Ltd as operator and payment processor for Nalu Casino at nelucasino.com.
  • Expanded explanation of AML/KYC data processing and retention, referencing our KYC policy and the strict photo requirements it describes.
  • Enhanced disclosure regarding international transfers and alignment with UK and EU data transfer mechanisms, as well as recognition of certain rights for Mexican residents.

We encourage you to review this Privacy Policy periodically to remain informed about how we protect your personal data when you use Nalu Casino (Nalu Casino) at nelucasino.com.