burger icon
Bet Rino United Kingdom
Log In

Privacy Policy

Introduction (OBSERVE -> EXPAND -> REFLECT): This Privacy Policy explains how Bet Rino on https://betrinor.com collects, uses, shares, and protects personal data. It is necessary to meet UK data-protection requirements, to set transparent expectations for players and website visitors, and to document how we meet legal, regulatory, and security obligations associated with licensed online gambling. It applies to (i) visitors to betrinor.com, (ii) registered account holders, and (iii) individuals who contact us or interact with our services (including via marketing where permitted). Effective date: 6 November 2025.

Who We Are

OBSERVE: Bet Rino is operated under the brand Bet Rino via betrinor.com. The provided corporate data identifies the controller and UK establishment details.

EXPAND: Under the UK GDPR and the Data Protection Act 2018, we must clearly identify the data controller and provide contact routes for privacy enquiries (including a DPO or privacy function). We also note the UK regulatory context (UKGC) relevant to gambling-specific recordkeeping and verification.

REFLECT: The following entity is responsible for determining how and why your personal data is processed (the "data controller"):

  • Data Controller / Operator (legal name): Rhino Gaming Group Ltd. (private limited company).
  • Registered address: 123, Rhino Tower, Sliema, SLM 1540, Malta.
  • Company registration: C 12345 (Malta).
  • UK registered establishment: 15 Finsbury Circus, London, EC2M 7EB, United Kingdom (Branch No. BR09876).
  • Gambling regulation (UK players): Licensed/regulated for Great Britain under UK Gambling Commission account number 55321 (status: active).
  • Non-UK regulation reference: Malta Gaming Authority licence MGA/B2C/987/2022 (for non-UK markets; availability varies by country).

Data Protection Contact (DPO / Privacy function): We maintain a dedicated data protection function for privacy requests and complaints. As specific email/phone details are not listed in the provided profile, you may contact us via our privacy enquiry channel within your betrinor.com account or by post to the UK establishment address above, marked "Data Protection Department - Bet Rino (betrinor.com)". If you require an email address for written requests, use the contact workflow on betrinor.com and request an email route for data-protection correspondence.

What Personal Data We Collect

OBSERVE: Bet Rino necessarily processes identification, contact, gameplay, payment, device, and compliance data to provide gambling services and to meet UKGC/KYC obligations.

EXPAND: UK GDPR requires data minimisation and transparency. Gambling operators commonly collect additional evidence to prevent fraud, protect customers, and comply with age verification, AML, and safer-gambling controls. Cookie technologies also require transparency and (where applicable) consent under UK PECR.

REFLECT: Depending on how you use betrinor.com, we may collect the following categories:

Data you provide to us

  • Identity & contact data: Full name, date of birth, username, email address, telephone number (if provided), residential address, nationality and/or country of residence.
  • Verification (KYC/age/AML) data: Copies/records of identity documents, proof of address, source-of-funds/source-of-wealth information (where required), results of electronic identity/age checks, and verification status notes.
  • Support communications: Messages you send to customer support, complaint correspondence, and records of interactions.

Data generated when you use our services

  • Account & gameplay data: Deposits/withdrawals, transaction history, betting and gaming history, wins/losses, bonuses used, session times, and responsible-gambling tool usage where enabled.
  • Behavioural/interaction data: Clickstream, pages viewed, feature usage, preference settings, and inferred interests (e.g., preferred games) for service improvement and, where permitted, marketing personalisation.

Technical, device, and log data

  • Technical identifiers: IP address, device identifiers, browser type/version, operating system, device characteristics, and time zone/locale.
  • Security and access logs: Login timestamps, authentication events (including multi-factor events where enabled), fraud-prevention signals, and diagnostic logs.

Payment and financial data

  • Payment instrument data: Limited card details (typically tokenised via payment partners), bank/wallet identifiers, and payment method metadata. We do not intentionally store full card magnetic-stripe data or CVV.
  • Financial risk data: Chargeback markers, deposit limits, failed payment attempts, and screening outcomes (where necessary to prevent fraud and comply with AML obligations).

Cookies and similar technologies

  • Cookie data: Cookie IDs, preferences, and tracking/analytics events, including where third-party tools are used (subject to your consent settings where required by UK PECR).

Legal Basis for Processing

OBSERVE: UK GDPR requires a valid lawful basis for each processing purpose; gambling operations also involve legal obligations (UKGC, AML) and strong fraud-prevention needs.

EXPAND: We must also distinguish consent-based processing (e.g., certain marketing and non-essential cookies) from contractual necessity and legal obligations. Legitimate interests must be balanced against your rights, and special-category data should be avoided unless strictly necessary and lawfully handled.

REFLECT: Bet Rino (betrinor.com) relies on the following lawful bases under UK GDPR (and where applicable, EU GDPR for certain cross-border contexts):

  • Contract performance: To create and administer your account, provide gaming services, process deposits/withdrawals, apply bonuses, provide customer support, and manage your relationship with us.
  • Legal obligation: To meet obligations related to age verification, KYC/AML controls, safer-gambling requirements, recordkeeping, regulatory reporting, tax or accounting rules, and responding to lawful requests from competent authorities (including the UK Gambling Commission where applicable).
  • Legitimate interests: To prevent fraud and account abuse, secure our systems, conduct internal analytics and service improvement, ensure network and information security, and defend or pursue legal claims. Where we rely on legitimate interests, we consider necessity and conduct a balancing assessment against your rights.
  • Consent: For non-essential cookies and similar technologies where required by UK PECR, and for certain direct marketing communications where consent is the appropriate basis. You may withdraw consent at any time without affecting prior lawful processing.

Purpose of Processing

OBSERVE: The service requires data to operate accounts, process payments, and comply with regulated-gambling safeguards.

EXPAND: Purposes must be specific, explicit, and legitimate; secondary use must remain compatible or require a new lawful basis/notice. Marketing and analytics should be separated and controlled via preferences and consent tools.

REFLECT: We use your personal data for the following purposes:

  • Service delivery: Account registration and management, eligibility checks, gameplay and feature delivery, bonus administration, and customer support.
  • Payments and financial operations: Processing deposits/withdrawals, payment verification, chargeback handling, and financial reconciliation.
  • Compliance and player protection: Age/KYC verification, AML screening and monitoring, responsible gambling controls, and UKGC-related recordkeeping and reporting where applicable.
  • Security and fraud prevention: Detecting suspicious activity, preventing cheating/collusion, account takeovers, and maintaining platform integrity.
  • Analytics and service improvement: Measuring performance, diagnosing errors, improving usability, and developing new features.
  • Marketing (where permitted): Sending promotional communications, personalised offers, and affiliate-related promotions, subject to applicable law and your preferences/consent.
  • Legal and dispute management: Handling complaints, resolving disputes, establishing or defending legal claims, and maintaining audit trails.

Disclosure & Sharing

OBSERVE: Bet Rino uses third parties (e.g., payments, verification, hosting) and may need to disclose data to regulators and authorities.

EXPAND: UK GDPR requires processor contracts, confidentiality, and ensuring third parties only receive data necessary for their function. Marketing/advertising sharing must be consent-controlled where required, and disclosures to authorities must be lawful and proportionate.

REFLECT: We may share personal data in the following circumstances:

  • Payment partners and financial service providers: To process deposits/withdrawals, perform payment authentication, and manage fraud/chargeback risk.
  • Identity, KYC/AML, and fraud-prevention providers: To verify identity and age, conduct screening, and detect suspicious or prohibited activity.
  • Technology and operational service providers (processors): Hosting, content delivery networks, analytics providers, customer support tooling, email delivery services, and security monitoring-acting under contract and instructions.
  • Regulators and competent authorities: Including (where applicable) disclosures related to the UK Gambling Commission account 55321, law enforcement, courts/tribunals, or other authorities where required or permitted by law.
  • Corporate group and governance: Rhino Gaming Group Ltd. may share data within its corporate structure (including with a parent entity identified as "Rhino Holdings International" in internal records) strictly as necessary for compliance, security, auditing, and operational management, subject to appropriate safeguards.
  • Affiliates and advertising networks: Only where applicable and, where required by law (e.g., for non-essential cookies/advertising identifiers), based on your consent and preferences. You can change your settings via cookie controls and marketing preferences on betrinor.com.

Regional Compliance Note (UK): We do not sell personal data as a standalone activity. Any sharing for advertising/measurement is controlled through UK PECR-compliant cookie consent mechanisms where required.

International Transfers

OBSERVE: The controller is registered in Malta and operates a UK establishment; services may involve international vendors and cross-border support operations.

EXPAND: Transfers from the UK must comply with UK GDPR international transfer rules (e.g., adequacy regulations, UK IDTA/UK Addendum to EU SCCs). Transfers from the EEA use EU SCCs and adequacy decisions. The document must acknowledge that vendor locations can vary and describe safeguards.

REFLECT: Your personal data may be processed in the United Kingdom, Malta, and in other countries where Rhino Gaming Group Ltd. or its service providers operate infrastructure or support functions. Where data is transferred internationally, we apply appropriate safeguards, which may include:

  • Adequacy arrangements: Transfers to territories recognised as providing an adequate level of protection under applicable UK or EU adequacy regulations (where relevant).
  • Contractual safeguards: Use of the UK International Data Transfer Agreement (UK IDTA) and/or the UK Addendum to the EU Standard Contractual Clauses, and (for EEA contexts) the EU SCCs.
  • Security and governance measures: Data minimisation, encryption, access controls, vendor due diligence, and audit rights where appropriate.

Note: References to "Privacy Shield" are not relied upon as a primary mechanism for UK/EU transfers in 2025; we instead use UK/EU-recognised transfer tools and safeguards.

Data Retention

OBSERVE: Regulated gambling and AML frameworks require retention of certain records beyond account closure; user privacy also requires limiting retention to what is necessary.

EXPAND: We should provide clear, category-based periods and explain that some retention is mandatory. The request asks for "no more than 5 years after account closure" as an example; we will align to that ceiling for core account data, while allowing longer where law requires (with clarity).

REFLECT: We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Typical retention periods (from the latest effective date in 2025) are:

  • Account profile and core customer records: Kept during the active relationship and generally up to 5 years after account closure, unless extended to meet legal/regulatory requirements or to handle disputes.
  • KYC/AML and verification records: Typically retained for at least 5 years after the end of the customer relationship or completion of the relevant checks (or longer where required by applicable AML/recordkeeping laws).
  • Transaction and payment records: Generally retained for 5 years for accounting, audit, AML, and dispute/chargeback handling, subject to legal obligations.
  • Gameplay, safer-gambling, and risk management logs: Retained for a period necessary to demonstrate compliance and protect customers/platform integrity, typically aligned with core retention periods (often up to 5 years post-closure), unless longer retention is required by law.
  • Customer support communications and complaints: Generally retained for up to 5 years after resolution, to evidence outcomes and manage follow-up queries.
  • Cookies and analytics identifiers: Retained according to cookie type and settings (see "Cookies & Tracking Technologies"); you can delete cookies at any time via browser controls.

Deletion criteria: We will delete, anonymise, or securely archive personal data when (i) the retention period expires, (ii) the processing purpose is satisfied and no longer applies, and/or (iii) you validly request erasure and no legal basis requires continued retention.

Your Rights

OBSERVE: Users in the UK have UK GDPR rights; the prompt also requires "GDPR and Mexican privacy law alignment" and references Mexican regulations. The site is UK-focused, but users may be located elsewhere; we must not misrepresent jurisdiction while still offering aligned procedures.

EXPAND: Provide a rights list, procedures, identity verification, 30-day response, free-of-charge principle, and carve-outs for legal obligations (AML/UKGC). For Mexico: reference the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP) and ARCO rights, and indicate how non-UK users can exercise comparable rights.

REFLECT: Subject to eligibility and applicable law, you have the following rights. For UK users, these are provided under the UK GDPR and the Data Protection Act 2018. If you are located in Mexico, comparable rights may apply under the LFPDPPP (including ARCO rights: Access, Rectification, Cancellation, Opposition).

Rights you may exercise

  • Right of access: Request confirmation of whether we process your personal data and obtain a copy of relevant data, plus required explanatory information.
  • Right to rectification: Ask us to correct inaccurate or incomplete personal data.
  • Right to erasure / cancellation: Request deletion where processing is no longer necessary, consent is withdrawn (where consent is the basis), or processing is unlawful. Important: We may need to retain certain data to meet UKGC/AML/legal obligations or to establish/defend legal claims.
  • Right to restriction: Ask us to limit processing in certain situations (e.g., while accuracy is contested).
  • Right to object: Object to processing based on legitimate interests, and object at any time to direct marketing (including profiling for marketing).
  • Right to data portability: Receive certain data you provided to us in a structured, commonly used, machine-readable format, and/or request transmission to another controller where technically feasible.
  • Right to withdraw consent: If we rely on consent (e.g., non-essential cookies or certain marketing), you can withdraw it at any time. Withdrawal does not affect processing already carried out.

How to submit a rights request (procedure)

  1. Prepare your request: Identify the right you want to exercise and provide sufficient detail (account email/username, relevant timeframe, and what data/activity you are referring to).
  2. Submit via betrinor.com: Use the privacy/contact workflow available on betrinor.com (account area where available) or write to our UK establishment address: 15 Finsbury Circus, London, EC2M 7EB, marked "Data Protection Department - Rights Request".
  3. Identity verification: We may request additional information to verify your identity and protect your account (particularly for access, portability, and deletion requests).
  4. Response timelines: We aim to respond within 30 days of receipt (and of verifying identity where required). If a request is complex or numerous, we may extend the time as permitted by law and will inform you of the reason and expected timeline.
  5. Fees: Requests are generally handled free of charge. We may charge a reasonable fee or refuse requests that are manifestly unfounded or excessive, as allowed by law.

Regional Compliance Note (Mexico alignment): If you are in Mexico and wish to exercise ARCO rights under the LFPDPPP, you may use the same submission channels above; we will process the request using a materially equivalent standard and timelines where feasible, while applying any mandatory UK/EU legal retention obligations relevant to regulated gambling.

Cookies & Tracking Technologies

OBSERVE: betrinor.com uses cookies and similar technologies to run the site, secure accounts, and measure performance. UK PECR requires consent for non-essential cookies.

EXPAND: We must categorise cookies, describe purposes, and provide clear management controls (cookie banner/preferences, browser settings). Third-party cookies and advertising identifiers should be consent-gated where required.

REFLECT: We use the following categories of cookies and similar technologies on betrinor.com:

Types of cookies we use

  • Strictly necessary (functional/session): Required for core site functions such as login, account security, session continuity, and fraud prevention. These are typically session cookies and may not require consent where strictly necessary.
  • Preferences (persistent): Remember settings such as language, display preferences, and cookie choices.
  • Analytics/performance (persistent and/or third-party): Help us understand how users navigate the site, which pages/features are used, and where errors occur, so we can improve services.
  • Advertising/marketing (third-party where applicable): Used to measure campaign effectiveness and deliver relevant promotions, including via affiliate or advertising networks, where you have provided consent as required.

How to manage cookies

  • Cookie banner / preferences tool: When available, you can set or withdraw consent for non-essential cookies via the cookie consent banner or settings panel on betrinor.com.
  • Browser controls: You can delete or block cookies through your browser settings. Blocking strictly necessary cookies may affect site functionality (e.g., login or payments).
  • Third-party controls: Some third-party analytics/advertising providers offer opt-out mechanisms; where used, we aim to provide links or controls within our cookie preferences interface.

Data Security

OBSERVE: The service processes financial and regulated-gambling data; strong security controls are required to reduce risks of unauthorised access, fraud, and data loss.

EXPAND: UK GDPR requires appropriate technical and organisational measures; industry standards commonly include encryption, access control, secure development, monitoring, and incident response. The prompt requires TLS 1.2+, encryption at rest and in transit, MFA, audits, training, and incident procedures, with ISO 27001/SOC 2 references where applicable.

REFLECT: Bet Rino (betrinor.com) applies layered security controls designed to protect confidentiality, integrity, and availability of personal data, including:

  • Encryption in transit: We use TLS 1.2 or higher to protect data transmitted between your device and our systems.
  • Encryption at rest: Sensitive data is protected using encryption and/or strong cryptographic controls at rest where appropriate, with key-management practices designed to reduce unauthorised disclosure.
  • Access controls: Role-based access control (least privilege), segregation of duties, logging/monitoring of administrative access, and periodic access reviews.
  • Multi-factor authentication (MFA): MFA is used for privileged access and may be offered to users for additional account security where available.
  • Secure operations: Network security controls, vulnerability management, patching, and continuous monitoring to detect suspicious behaviour.
  • Audits and assurance: Regular security reviews and testing. Where applicable across our vendor ecosystem, we may require evidence of alignment with recognised frameworks such as ISO/IEC 27001 and/or SOC 2 reporting (or equivalent), depending on the service and risk profile.
  • Staff training: Ongoing security and privacy training, confidentiality obligations, and incident-handling procedures for relevant staff.
  • Incident response: Documented processes to identify, contain, investigate, remediate, and notify relevant parties. Where a personal data breach is likely to result in risk to individuals' rights and freedoms, we will assess notification obligations and notify competent supervisory authorities and affected individuals as required by law.

Important: No method of transmission or storage is completely secure. You are responsible for keeping your login credentials confidential and for using appropriate security on your devices.

Complaints & Contacts

OBSERVE: Users must have clear complaint routes, response times, and escalation to supervisory authorities. The prompt requires DPO contact details (email/phone), online feedback forms, postal address, plus escalation to Mexican and EU authorities with direct contact info.

EXPAND: The profile lacks specific phone/email, so we must be transparent and provide workable channels (web form/account route + postal). For authorities: UK ICO is the main supervisory authority for UK GDPR; the prompt also asks for Mexico (INAI) and EU authorities "where applicable" (we can direct to local EEA authority list). Also note gambling ADR (IBAS) exists but is not a data authority; we should keep focus on privacy complaints while allowing general service complaints to customer support.

REFLECT: If you have questions, concerns, or complaints about how Bet Rino (betrinor.com) handles personal data, you can contact us and escalate as follows:

Contact our Data Protection Department

  • Online: Submit a privacy enquiry/complaint using the contact or help workflow on https://betrinor.com (account area where available).
  • Post (UK establishment): Data Protection Department, Rhino Gaming Group Ltd. (UK Establishment), 15 Finsbury Circus, London, EC2M 7EB, United Kingdom (Branch No. BR09876).
  • Phone / Email: Not specified in the provided operator profile as of November 2025. If you require an email or telephone channel, submit an online request via betrinor.com and ask for the appropriate privacy contact route for your jurisdiction.

Complaint handling steps and timelines

  1. Step 1 - Submit complaint: Provide your account identifier (username/email), a description of the issue, relevant dates, and what resolution you seek.
  2. Step 2 - Acknowledgement: We aim to acknowledge receipt within a reasonable time (typically a few business days) and may request information to verify identity.
  3. Step 3 - Investigation: We review logs, policies, and vendor involvement where applicable, and assess whether a correction, restriction, or other action is required.
  4. Step 4 - Outcome: We aim to provide a substantive response within 30 days, unless the matter is complex (in which case we will inform you of any lawful extension and expected completion date).

Escalation to supervisory authorities

  • United Kingdom (ICO): Information Commissioner's Office (ICO). Website: https://ico.org.uk | Make a complaint: https://ico.org.uk/make-a-complaint/ | Phone: 0303 123 1113 (UK).
  • Mexico (INAI): Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI). Website: https://www.inai.org.mx.
  • EU/EEA (where applicable): You may contact your local Data Protection Authority. A directory is available via the European Data Protection Board (EDPB): https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Note: For disputes about gambling services (not privacy), Bet Rino may also reference an ADR provider (IBAS) in its terms; privacy complaints should be directed to the channels above and/or the relevant data protection authority.

Updates

OBSERVE: The prompt requires update notification procedures, "Last updated: ", version control, changelog of material changes, and at least 30 days' notice for significant changes with options to object or close accounts. We have last_updated=2025-11-06.

EXPAND: UK GDPR expects transparency; material changes should be highlighted. We must not add new sections, but can include a short changelog inside this section. Also ensure users understand continued use and account options.

REFLECT: We may update this Privacy Policy to reflect changes in law, regulation, our practices, or technology used by Bet Rino on betrinor.com.

  • Notification methods: For material changes, we may notify you by (i) email to the address registered on your betrinor.com account, (ii) a prominent website banner/notice, and/or (iii) an alert within your account dashboard.
  • Advance notice for significant changes: Where required or appropriate, we will provide at least 30 days' advance notice before significant changes take effect.
  • Your options: If you object to significant changes, you may (i) adjust privacy/cookie preferences where available, (ii) exercise your rights described above, and/or (iii) close your account (subject to any legal/regulatory retention obligations).

Version control: Last updated: November 2025 (Effective date: 6 November 2025).

Changelog (material changes)

  • November 2025: Policy issued/updated for Bet Rino operations on betrinor.com, including clearer explanations of lawful bases, international transfers (UK IDTA/UK Addendum), and complaint escalation routes (ICO/INAI/EDPB directory).