burger icon
Casino Rewards Canada
Log In

Privacy Policy

This Privacy Policy explains how Casino Rewards, operated via the website rewards-ca.com (the "Site"), collects, uses, discloses, and protects your personal information. It applies to all players, prospective players, and visitors who access or use the Site and related services in Canada. By using the Site, you acknowledge that you have read and understood this Privacy Policy.

This Privacy Policy is effective as of 01 January 2026 and remains in force until replaced or updated as described in the "Updates to This Policy" section.

Who We Are

Observe: The Casino Rewards network operates in Canada through different licensed entities depending on player location (Ontario / rest of Canada) and underlying regulatory framework.

Expand: For privacy purposes, it is important to identify who is responsible for your data, what licenses they hold that influence retention, reporting and security obligations, and how you can contact them.

Reflect: The following clarifies the data controller role and contact points for Canadian users of Casino Rewards on rewards-ca.com.

Operator and Legal Entities

  • Brand: Casino Rewards, operated for Canadian players via the domain rewards-ca.com, including the Casino Rewards offering.
  • Non-Ontario Canada: For players located in Canadian provinces and territories other than Ontario, the service is operated by Fresh Horizons Ltd, licensed by the Kahnawake Gaming Commission (KGC). Specific company registration number and registered office address are not publicly specified in the available data and may be updated from time to time on the Site or upon request.
  • Ontario: For players located in Ontario, the service is operated by Apollo Entertainment Limited, licensed and registered with:
    • Alcohol and Gaming Commission of Ontario (AGCO) and iGaming Ontario (iGO) - registration number: OPIG1237534.
    • Apollo Entertainment Limited also holds licenses MGA/B2C/164/2008 (Malta Gaming Authority) and Account 38620 (UK Gambling Commission), which primarily govern operations outside Canada and do not change Canadian privacy protections but may affect cross-border processing arrangements.

For the purposes of Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and substantially similar provincial laws where applicable, the "data controller" (or "organization" under Canadian law) will be either Fresh Horizons Ltd or Apollo Entertainment Limited depending on where you reside and/or where you access the services.

Contact Details and Data Protection Responsibility

  • Primary contact for privacy matters (Data Protection contact):
    • Email: [email protected] (subject line: "Privacy / Data Protection")
    • Website: https://rewards-ca.com
    • Telephone: not specified - you may request a call-back via email or available support channels.
    • Postal / Legal address: not specified in this document; you may request the current registered office details of the relevant operator (Fresh Horizons Ltd or Apollo Entertainment Limited) from our support team at any time.
  • Data Protection Officer or Privacy Department: We maintain a dedicated privacy function (DPO-equivalent) within our compliance department. All privacy-related inquiries sent to the above email address are automatically routed to the appropriate privacy professional.

We may update specific corporate details (such as legal addresses or contact persons) over time. Any material changes will be reflected in this Policy or through the communication channels described below.

What Personal Data We Collect

Observe: Operating an online casino requires identification, payments, technical operation, fraud prevention, and regulatory reporting, all of which rely on specific categories of personal information.

Expand: We collect data directly from you, automatically via your device and browser, and from certain third parties (for example, payment providers and verification services). Some data is mandatory for legal compliance (KYC/AML), and other data is optional or collected with your consent.

Reflect: The categories below explain what information we collect and typical examples, without limiting the scope of information reasonably required to provide and secure the services.

Identity and Contact Data

  • Personal identification details: full name, date of birth, gender, nationality, country and province/territory of residence.
  • Contact information: email address, telephone number(s), mailing address, preferred language of communication.
  • Account credentials: username, encrypted password, security questions/answers, authentication tokens (for example, multi-factor authentication).
  • Verification data (KYC/age/identity checks): copies or data extracted from government-issued ID documents (passport, driver's licence, national ID), proof of address (utility bills, bank statements), selfies or live video images for biometric comparison where such methods are used, and any other information you or third-party verification providers supply to verify your identity or eligibility.

Technical and Usage Data

  • Device and connection data: IP address, approximate geolocation (for example, country, province, city), device type, operating system, browser type and version, screen resolution, language settings, and unique device identifiers.
  • Log data: access dates and times, pages and resources accessed, clicks, navigation paths, session duration, error logs, and similar usage metadata.
  • Security and integrity data: login attempts, password change requests, account lockouts, suspicious activity flags, and information gathered through anti-fraud tools.

Payment and Financial Data

  • Transaction data: deposits, wagers, wins, losses, withdrawals, bonuses, loyalty rewards, chargebacks, refunds, and associated timestamps, currencies, payment methods, and transactional references.
  • Payment instrument data: limited card details (for example, card type, truncated card number), e-wallet account identifiers, bank account identifiers (where applicable), and details necessary to process payments. We typically rely on secure third-party payment processors and do not store full card numbers or CVV codes on our own systems.
  • Anti-money laundering (AML) and financial due diligence data: information required to meet AML and counter-terrorist financing obligations, including source-of-funds or source-of-wealth information, occupation data, and records of monitoring and reporting actions.

Behavioral, Gameplay and Profile Data

  • Gameplay history: games played, stakes, outcomes, session length, betting patterns, RTP experience, bonuses used and progress within loyalty or VIP programs.
  • Preference and profile data: preferred games or categories, communication and marketing preferences, language, time zone, responsible gambling settings (deposit limits, loss limits, time-outs, self-exclusion).
  • Interaction data: records of communications with customer support (email, chat transcripts, complaint records), survey responses, feedback, contest entries, and participation in promotions.

Cookies and Similar Technologies

  • Cookies: small text files stored on your device to remember your preferences, maintain sessions, secure your account, and perform analytics and marketing as detailed in the "Cookies & Tracking Technologies" section.
  • Tracking technologies: web beacons, pixels, SDKs, local storage and similar tools used by us and selected partners for fraud detection, analytics and (where permitted) advertising.

Data from Third Parties

  • Verification and compliance partners: identity, age and sanction-screening providers, credit reference agencies where permitted, and AML/KYC service providers.
  • Payment providers: confirmation of payment status, limited card or account details, and information about suspected fraudulent transactions or chargebacks.
  • Affiliates and marketing partners: referral information and campaign identifiers to track and attribute traffic and conversions, in accordance with applicable consent and marketing laws.

Legal Basis for Processing

Observe: Under Canadian privacy law (PIPEDA and substantially similar provincial statutes), organizations must identify the purposes for collecting personal information and obtain appropriate consent, while also being allowed to process data without consent in certain limited circumstances (for example, legal or security reasons). Where we interact with residents of other jurisdictions (for example, EU or UK visitors), additional legal bases under laws like the GDPR may apply.

Expand: Our processing of your information is grounded in a combination of consent, contractual necessity, legal obligations and legitimate business interests, all interpreted in light of Canadian expectations for meaningful consent, transparency and proportionality.

Reflect: The main legal bases are summarized below.

Consent

  • We rely on your express or implied consent for many core activities, including:
    • Creating and managing your account on Casino Rewards at rewards-ca.com.
    • Storing and using cookies or similar technologies that are not strictly necessary for site operation.
    • Sending you promotional or marketing communications (email, SMS, push notifications) where required by law.
    • Participating in surveys, contests, or optional features (for example, personalized recommendations).
  • You can withdraw your consent at any time where our processing is based on consent, as described under "Your Rights". This will not affect the lawfulness of processing carried out before withdrawal.

Contractual Necessity

  • We process your personal information when it is necessary to perform a contract with you or to take steps at your request before entering into such a contract, including:
    • Setting up and maintaining your player account.
    • Processing deposits, bets, winnings and withdrawals.
    • Providing customer support, dispute resolution and other core services.
    • Operating loyalty and rewards programs associated with Casino Rewards.

Compliance with Legal and Regulatory Obligations

  • As a licensed gambling operator, we are legally required to collect, retain and in some cases disclose certain information, including:
    • Verifying your age and identity (KYC requirements).
    • Monitoring and reporting suspicious transactions and activities pursuant to AML and counter-terrorist financing legislation and regulator-imposed standards (for example, Kahnawake Gaming Commission, AGCO/iGO rules).
    • Keeping transaction and gameplay records for prescribed time periods for audit, tax, and regulatory review.
    • Complying with court orders, lawful requests from regulatory or law enforcement authorities and other legal processes.

Legitimate Interests / Reasonable Purposes

  • We may process your data for legitimate interests (also called "reasonable purposes" under some Canadian guidance) where these are not overridden by your rights and expectations, including:
    • Maintaining the security and integrity of the Site, including fraud detection, cybersecurity monitoring, troubleshooting and incident response.
    • Improving our services, user experience, and product development through aggregated analytics and performance measurement.
    • Preventing bonus abuse, collusion, money laundering, and other prohibited conduct.
    • Enforcing our terms and conditions and protecting our legal rights.
    • Conducting limited profiling to tailor content and offers, to the extent permitted by law and your consent preferences.

Purpose of Processing

Observe: Each category of personal information is collected to fulfil specific operational, legal and customer-focused objectives.

Expand: Clarifying the purposes helps you understand why data is needed and how it affects your rights and our obligations under Canadian privacy law and applicable gaming regulations.

Reflect: We use your personal information for the following purposes:

Providing and Managing Casino Services

  • Creating, verifying and administering your Casino Rewards account.
  • Facilitating deposits, wagers, game play, loyalty rewards, promotions and withdrawals.
  • Operating our loyalty and rewards programs, including cross-brand benefits within the Casino Rewards network to the extent allowed by law.
  • Ensuring that games operate fairly and as certified (for example, eCOGRA RNG and payout certification for Games Global / Microgaming content).

Regulatory Compliance and Risk Management

  • Ensuring compliance with KGC, AGCO/iGO and other applicable regulatory requirements.
  • Carrying out KYC checks, ongoing due diligence and source-of-funds reviews.
  • Monitoring activities for AML, fraud and other financial crimes, and making required reports to competent authorities.
  • Maintaining audit trails and records for regulators, tax authorities and independent auditors such as eCOGRA.

Service Improvement and Analytics

  • Analysing user behaviour and preferences (in aggregate or pseudonymous form where possible) to improve game selection, site navigation, performance and customer support.
  • Testing and deploying new features, interfaces, and user experience enhancements.
  • Producing internal statistics, key performance indicators and risk analysis models.

Marketing, Personalization and Communications

  • Sending service-related communications (for example, changes to terms, policy updates, account notices, security alerts).
  • With your consent or as permitted by law, sending marketing communications about promotions, bonuses, tournaments and new products available on rewards-ca.com.
  • Customizing parts of the Site, lobby or communications based on your preferences, activity and responsible gambling settings.

Fraud Prevention, Security and Enforcement

  • Detecting and preventing fraud, account takeovers, collusion, bonus abuse and other prohibited or unlawful activities.
  • Securing our systems and data through monitoring, logging, access controls, incident investigations and remediation.
  • Enforcing our terms and conditions, including investigating breaches and pursuing remedies.

Disclosure & Sharing

Observe: Delivering online casino services involves multiple third parties (payment processors, software suppliers, regulators, auditors) who may receive or access certain personal information.

Expand: We disclose data only as necessary, subject to appropriate safeguards, contractual obligations and legal requirements. We do not sell your personal information to third parties.

Reflect: The main categories of recipients and the circumstances of disclosure are as follows:

Group Companies and Operational Partners

  • Operator entities: Fresh Horizons Ltd and Apollo Entertainment Limited may share player and operational data between them where necessary to:
    • Determine your jurisdiction and appropriate licensee.
    • Fulfil contractual obligations and ensure regulatory compliance in Canada.
    • Operate shared loyalty and rewards features within the Casino Rewards network.
  • Software providers: casino platform and game suppliers (for example, Games Global / Microgaming and others), who may process gameplay data, technical logs and device identifiers to operate, maintain and certify games.

Payment Service Providers and Financial Institutions

  • Third-party payment processors, banks, card schemes, e-wallet providers and similar financial intermediaries involved in processing your deposits, withdrawals and other transactions.
  • These entities receive only the information required to process payments, verify transactions, prevent fraud and comply with their own regulatory and legal obligations.

Service Providers and Professional Advisors

  • IT, hosting and infrastructure providers: data centre operators, cloud service providers, content delivery networks and security vendors supporting the operation and security of rewards-ca.com.
  • Verification and compliance partners: identity verification providers, sanction and PEP-screening services, AML risk engines and similar compliance tools.
  • Analytics and performance tools: providers of web analytics, A/B testing, error monitoring and performance optimization, typically using pseudonymized or aggregated data where possible.
  • Professional advisors: lawyers, auditors (including eCOGRA for RNG/payout audits), accountants and consultants engaged to support our legal, regulatory, financial and strategic obligations, subject to confidentiality duties.

Regulators, Authorities and Dispute Resolution Bodies

  • Gaming regulators: Kahnawake Gaming Commission, Alcohol and Gaming Commission of Ontario, iGaming Ontario and any other competent regulatory authority, in connection with licensing, reporting, audits, investigations or enforcement actions.
  • Law enforcement and other authorities: where required by applicable law or in response to valid legal processes (warrants, summonses, court orders), or where disclosure is necessary to protect our rights, the rights of players or the safety of others.
  • Alternative dispute resolution (ADR) and independent bodies: such as eCOGRA dispute resolution, when you escalate a dispute through such channels and authorize or imply consent for us to share relevant information.

Affiliates and Advertising Partners

  • Affiliate partners: we may share limited data (for example, anonymized or aggregated conversion metrics, referral IDs) to measure the performance of affiliate campaigns. Personally identifiable information is only shared where strictly necessary and subject to appropriate legal bases and agreements.
  • Advertising networks and marketing partners: where you have provided appropriate consent and where permitted by Canadian law, we may use cookies and similar technologies with advertising or retargeting partners to show you relevant offers related to rewards-ca.com.

Business Transfers

  • In the event of a merger, acquisition, reorganization, sale of assets, or insolvency involving Fresh Horizons Ltd, Apollo Entertainment Limited, or other related entities, your personal information may be transferred as part of the business transaction, subject to applicable privacy laws and, where required, additional notices or consents.

International Transfers

Observe: Casino Rewards operates and is supported by entities and vendors in multiple jurisdictions (including Canada, Malta, the United Kingdom and other locations), which may involve cross-border data transfers.

Expand: Canadian data protection laws require that personal information transferred to another jurisdiction remain adequately protected, and that individuals be informed that data may be accessible to foreign courts, law enforcement or national security authorities.

Reflect: We implement technical, contractual and organizational safeguards for international transfers, while acknowledging the inherent legal frameworks of destination countries.

Where Your Data May Be Processed

  • Canada: Primary operational and regulatory environment, including Kahnawake and Ontario-specific infrastructures.
  • European Union / European Economic Area (EEA) and the United Kingdom: Certain parts of our infrastructure, software vendors, payment processors and corporate functions (for example, entities licensed by the Malta Gaming Authority and UK Gambling Commission) may process your data within or from the EU/EEA or UK.
  • Other countries: Select cloud, security and support service providers may operate from or route data through additional jurisdictions, provided that they offer adequate data protection and contractual safeguards consistent with Canadian expectations.

Safeguards for Cross-Border Transfers

  • We use a combination of:
    • Contractual protections: data processing agreements and, where relevant, standard contractual clauses or equivalent instruments to ensure a comparable level of protection to that available in Canada.
    • Technical measures: strong encryption, access controls, minimization and pseudonymization where feasible.
    • Organizational measures: policies, training and oversight to restrict access to personal information on a need-to-know basis.
  • Personal information stored or processed in other countries may be subject to access by courts, law enforcement and national security authorities in those jurisdictions, in accordance with their laws.

Data Retention

Observe: Gambling, financial and regulatory obligations require us to retain certain records for minimum periods, while privacy principles require that information not be kept longer than necessary for identified purposes.

Expand: Retention periods vary by category of data, legal requirements, dispute limitation periods and security considerations. After these periods, information is securely deleted, anonymized or aggregated where possible.

Reflect: The following outlines typical retention practices between now and at least 2026, subject to changes in law and regulatory guidance.

General Retention Principles

  • We retain personal information only as long as necessary to:
    • Provide services and maintain your account.
    • Meet legal, regulatory, tax, accounting and reporting obligations.
    • Resolve disputes, enforce our terms and protect our rights.
  • When data is no longer required, we will securely delete it or anonymize it so that it can no longer be associated with an identifiable individual.

Indicative Retention Periods

  • Account and identification data: typically retained for the duration of your active account plus a period of approximately 5 to 7 years after account closure or last activity, to meet regulatory and audit obligations.
  • Transaction and gameplay records: maintained for at least 5 years from the date of the relevant transaction or gaming activity, or longer where required by gaming, AML or tax laws.
  • AML/KYC and due diligence records: retained for a minimum of 5 years after the end of the business relationship or the date of the last transaction, in line with applicable AML requirements.
  • Marketing preferences and communications: kept while you remain subscribed or until you withdraw consent or object. Evidence of your consent and opt-out actions may be retained for a reasonable period to demonstrate compliance.
  • Customer support and complaint records: generally retained for 5 years following resolution, or longer where related to regulatory inquiries, potential litigation or dispute resolution (including eCOGRA processes).
  • Cookies and analytics data: retained according to the type of cookie (session or persistent) and typical industry practices, usually between a single session and up to 24 months, unless a longer period is strictly necessary and proportionate.

Deletion and Anonymization Criteria

  • Data will be deleted or anonymized when:
    • The retention period has expired and no legal obligation or legitimate interest requires further storage.
    • You successfully exercise your right to erasure in circumstances where we are not required to retain data by law.
    • Data is no longer needed for the purposes for which it was collected or any compatible purpose.
  • Where complete deletion is not possible (for example, data stored in backups), we will isolate and protect such data from further processing and apply standard lifecycle management to ensure ultimate removal.

Your Rights

Observe: Canadian privacy laws grant individuals rights to access and correct their personal information and to challenge compliance. Many of these rights align with those found in the EU's GDPR and other modern privacy regimes.

Expand: While you are located in Canada and Canadian law primarily applies, we endeavour to offer rights that are substantially consistent with leading international standards (such as GDPR-style access, rectification, portability and objection) where feasible and not inconsistent with regulatory obligations for gambling operations.

Reflect: The rights listed below are subject to legal limitations and may be restricted in certain cases (for example, to protect investigations, other individuals' privacy, or legal privilege).

Right of Access

  • You may request confirmation of whether we hold personal information about you and, where we do, receive access to such information in a generally understandable form.
  • Access will usually be provided free of charge within 30 days of receiving a complete request, subject to permitted extensions for complex or voluminous requests. Where allowed by law, we may charge a reasonable fee for excessive or repetitive requests.

Right to Correction (Rectification)

  • You may request correction of inaccurate, incomplete or outdated personal information that we hold about you.
  • Where appropriate, we will update the record or, where disagreement exists, record a note of the disagreement in accordance with Canadian law.

Right to Deletion (Erasure)

  • You may request deletion of your personal information where:
    • The information is no longer necessary for the purposes for which it was collected.
    • You have withdrawn consent (where consent was the sole legal basis) and there is no other legal basis to retain it.
    • The information has been unlawfully processed.
  • We may need to retain certain information despite your request, for example to:
    • Comply with gaming, AML and financial laws that mandate retention.
    • Defend or establish legal claims.
    • Meet regulatory reporting or audit requirements.

Right to Restriction and Objection

  • Restriction: You may ask us to temporarily limit processing where:
    • You contest the accuracy of the data (until we verify it).
    • The processing appears unlawful but you oppose deletion.
    • We no longer need the data but you require it for legal claims.
  • Objection: You may object to:
    • Processing based on our legitimate interests, where your particular situation justifies it and there are no compelling legitimate grounds for us to continue.
    • The use of your data for direct marketing at any time; if you object, we will stop using your data for this purpose.

Right to Data Portability

  • Where technically feasible and legally appropriate, you may request a copy of certain personal information you have provided to us in a structured, commonly used and machine-readable format, and request that we transmit it directly to another organization, where this is technically possible.

Right to Withdraw Consent

  • Where we rely on your consent for specific processing (for example, marketing emails, some cookies), you may withdraw that consent at any time by:
    • Using the unsubscribe link in marketing emails.
    • Changing your preferences in your account settings (where available).
    • Contacting us at [email protected].
  • Withdrawal of consent does not affect processing we carried out before withdrawal and does not affect processing based on other lawful grounds (such as legal obligations).

How to Exercise Your Rights

  1. Submit your request: Contact us via email at [email protected] with sufficient details to identify yourself and the information you are requesting or the right you wish to exercise.
  2. Verify your identity: To protect your privacy and security, we may require additional information to verify your identity before acting on your request (for example, providing proof of ID or verifying certain account details).
  3. Our response: We will respond within 30 days of receiving a complete request. If we cannot meet this deadline, we will notify you of the reason and any permitted extension.
  4. Costs: Requests are typically handled free of charge. In rare cases of excessive, repetitive or manifestly unfounded requests, we may charge a reasonable fee or decline the request, in accordance with applicable law.

Cookies & Tracking Technologies

Observe: Cookies and similar technologies are essential to run an online casino, maintain secure sessions, and optimize performance, but they also raise privacy considerations.

Expand: We use different categories of cookies (strictly necessary, functional, analytics, advertising) with varying lifespans and sources (first-party vs. third-party).

Reflect: By understanding these tools and how to control them, you can make informed choices about your online experience.

Types of Cookies We Use

  • Session cookies: Temporary cookies that exist only while your browser is open. They enable core functionality such as login sessions, betting slips and secure navigation. They are automatically deleted when you close your browser.
  • Persistent cookies: Cookies stored on your device for a defined period, used to remember your preferences (for example, language, region, login preferences) and help us recognize you when you return.
  • First-party cookies: Set by rewards-ca.com to support site functionality, security, analytics and customization.
  • Third-party cookies: Set by authorized service providers (for example, analytics providers, fraud prevention tools, and where permitted, advertising networks) to help us understand usage, detect abuse and, where lawful, deliver more relevant marketing.

Purposes of Cookies

  • Strictly necessary / security cookies: Required for the Site to function properly (for example, maintaining your session, processing transactions, enforcing security and preventing fraud). These cannot be switched off in our systems.
  • Functional cookies: Allow us to remember your choices and tailor the Site to your preferences, such as language, display settings and stored preferences.
  • Analytics and performance cookies: Help us measure traffic and usage patterns, understand which features are used, troubleshoot technical issues and improve overall performance.
  • Advertising and marketing cookies: Where permitted and subject to your consent, these cookies help us deliver more relevant offers and measure the effectiveness of our marketing campaigns, including through selected partners and affiliates.

Managing Cookies

  • Browser settings: Most browsers allow you to:
    • Block all cookies or specific categories of cookies.
    • Delete cookies that have already been placed on your device.
    • Receive notifications when a website attempts to set a cookie.
  • On-site controls: Where available, we provide cookie preference tools or settings within your account or via a banner/pop-up, allowing you to manage non-essential cookies.
  • Impact of disabling cookies: If you disable or reject cookies, some features of rewards-ca.com, including Casino Rewards games and account functions, may not operate properly or may be unavailable.

Data Security

Observe: Operating an online casino involves processing sensitive personal and financial data that must be protected against unauthorized access, loss or misuse.

Expand: We deploy layered, risk-based security measures, consistent with industry best practices and the expectations of gaming regulators and independent auditors.

Reflect: While no system is completely immune from risk, we are committed to maintaining robust information security and continually enhancing our defences.

Technical Measures

  • Encryption in transit: Data transmitted between your device and our servers is protected using TLS 1.2+ or stronger protocols to reduce the risk of interception or tampering.
  • Encryption at rest: Sensitive data, including key financial and authentication information, is stored using strong encryption and key management practices.
  • Access controls: Role-based access control ensures that only authorized personnel with a legitimate business need can access specific systems or data. Access is logged and regularly reviewed.
  • Network and infrastructure security: Firewalls, intrusion detection/prevention systems, anti-malware, vulnerability management and hardened configurations protect our infrastructure.

Organizational and Procedural Measures

  • Security governance: Formal security policies and procedures are maintained, regularly reviewed and overseen by senior management and compliance teams.
  • Staff training: Employees with access to personal information receive periodic training on data protection, privacy obligations, secure handling of data and incident reporting protocols.
  • Vendor management: We assess and contractually require our service providers to implement appropriate security measures and to process personal information only as instructed.
  • Incident response: We maintain incident detection, escalation and response procedures to address potential security breaches. Where a breach poses a real risk of significant harm to you, we will notify you and relevant authorities as required by law.
  • Audits and certifications: Our gaming systems and Random Number Generator (RNG) are independently tested and certified by eCOGRA. We align our practices with recognized security standards such as ISO/IEC 27001 and SOC 2 principles where applicable, and are subject to regulatory reviews by authorities including KGC and AGCO/iGO.

Complaints & Contacts

Observe: Players must have clear channels to raise questions or concerns about privacy, and a structured escalation path if they are not satisfied with our response.

Expand: This includes internal complaint processes and the ability to contact relevant regulators or privacy commissioners.

Reflect: The steps below explain how you can contact us and escalate any unresolved privacy concerns.

Contacting Us

  • Email (preferred for privacy matters): [email protected]
  • Website: https://rewards-ca.com - check for any available contact forms or live support options.
  • Postal address: The current registered office or mailing address for Fresh Horizons Ltd or Apollo Entertainment Limited (as applicable) may be requested via email and will be provided in a timely manner.

Internal Complaint Procedure

  1. Submit your complaint: Send a detailed description of your concern, including relevant dates, account identifiers and supporting documentation, to [email protected] with the subject "Privacy Complaint".
  2. Acknowledgment: We will acknowledge receipt of your complaint within 5 business days where possible.
  3. Investigation: Our privacy and compliance team will investigate your complaint, which may involve contacting you for additional information.
  4. Response: We aim to provide a substantive written response within 30 days from receipt of a complete complaint. If more time is required due to complexity, we will inform you of the delay and expected completion date.
  5. Further steps: If you are not satisfied with our response, you may escalate the matter to the relevant privacy or gaming authority as set out below.

Escalation to Supervisory and Regulatory Authorities

Depending on where you live and which operator is responsible for your account:

  • Canadian privacy regulators: You may contact:
    • The Office of the Privacy Commissioner of Canada (OPC) or, where applicable, your provincial privacy commissioner (for example, Alberta, British Columbia, Quebec) to file a complaint about our handling of your personal information.
  • Gaming regulators: For issues that combine privacy and gaming conduct:
    • Kahnawake Gaming Commission (KGC) for players under the Kahnawake jurisdiction.
    • Alcohol and Gaming Commission of Ontario (AGCO) and iGaming Ontario (iGO) for players in Ontario (see https://agco.ca/igaming and https://agco.ca).
  • Alternative Dispute Resolution (ADR): For certain disputes, you may also refer to eCOGRA's dispute resolution service, which may require us to share relevant information with eCOGRA to assess your case.

Contact details and procedures for privacy commissioners and regulators may change over time; we encourage you to consult their official websites for the most up-to-date information.

Updates

Observe: Privacy laws, regulatory requirements and our own operations evolve, requiring periodic updates to this Privacy Policy.

Expand: We maintain version control, provide notice of material changes and indicate when the Policy was last updated.

Reflect: By continuing to use Casino Rewards at rewards-ca.com after changes take effect, you acknowledge the updated Policy, subject to any legal requirements for renewed consent.

How We Notify You of Changes

  • Policy version and date: This Privacy Policy is labelled as "Last updated: January 2026". We will update this date whenever we make material changes.
  • Notification methods: For significant changes, we may:
    • Send an email notice to the primary email address registered to your account.
    • Display a prominent banner or pop-up message on rewards-ca.com.
    • Provide an in-account notification or dashboard alert when you next log in.

Advance Notice and Your Options

  • Advance notice: Where required by law or where a change materially affects your rights or how we use your data, we will provide notice at least 30 days before the changes take effect, unless immediate implementation is required by law or regulator direction.
  • Your choices:
    • If you do not agree with the updated Policy, you may close your account and request deletion or restriction of your data subject to our legal and regulatory obligations.
    • Continued use of Casino Rewards on rewards-ca.com after the effective date of an updated Policy will constitute your acceptance of the revised terms to the extent permitted by law.

Last updated: January 2026