PlayOJO (operated by Skill On Net Limited) is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, who we share it with, and what rights you have under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
By using PlayOJO, you acknowledge that you have read and understood this policy. If you have questions about how we handle your data, contact our Data Protection Officer at [email protected].
What Information PlayOJO Collects
We collect personal data that you provide during registration (name, email, date of birth, address), financial data related to deposits and withdrawals (payment method details, transaction history), and technical data generated during your use of the platform (IP address, device information, browser type, pages visited).
We may also collect KYC documentation (copies of ID, proof of address) as required by our UKGC licence for identity verification and anti-money laundering compliance. Communication records (live chat transcripts, emails) are retained for quality assurance and dispute resolution.
What We Do with Your Data
We process your data for the following purposes: operating your account and providing our services (contractual necessity), complying with legal and regulatory obligations (UKGC, MGA, anti-money laundering laws), protecting against fraud and ensuring platform security (legitimate interest), and — where you have given consent — sending marketing communications about promotions and offers.
We use aggregated, anonymised data for analytical purposes including improving our services, understanding player behaviour, and optimising our game offering. This data cannot identify individual users.
Our Data Sharing Partners
We share data with: payment processors (to facilitate transactions), identity verification providers (for KYC compliance), regulatory authorities (UKGC, MGA — upon lawful request), game providers (limited technical data for game operation), and professional advisers (legal, audit) where required.
We do not sell your personal data to third parties. Marketing data is shared with advertising partners only with your explicit consent, which you can withdraw at any time through your account settings or by contacting support.
Your Data Protection Rights
Under UK GDPR, you have the right to: access your personal data (Subject Access Request), rectify inaccurate data, erase your data (right to be forgotten, subject to legal retention requirements), restrict processing, object to processing based on legitimate interest, and data portability.
To exercise any of these rights, contact [email protected] with your request. We will respond within 30 days. In certain cases — particularly where regulatory obligations require data retention — we may not be able to fully erase your records but will explain the reasons clearly.
Keeping Your Data Safe
We retain personal data for as long as your account is active and for a minimum period afterwards as required by regulatory obligations. UKGC anti-money laundering regulations require us to retain certain records for at least five years after account closure.
All personal data is stored on servers within jurisdictions that meet GDPR requirements. We employ 256-bit SSL encryption for data in transit, AES encryption for data at rest, and role-based access controls that restrict internal access to personal data to authorised personnel only.
