Privacy Policy
Last updated: 26 March 2026
1. Introduction
Dublin Poker Club & Casino (“the Club,” “we,” “us,” or “our”) is committed to protecting your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Data Protection Acts 1988–2018, and all applicable Irish and European data protection legislation.
This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the Dublin Poker Club & Casino mobile application (“the App”), visit our premises, or interact with our services.
2. Data Controller
The data controller responsible for your personal data is:
Dublin Poker Club & Casino
3 Fairview Strand, Fairview, Dublin 3, D03 AY94, Ireland
Email: info@dublinpokerclub.com
Phone: 089-4900187
Data Protection Officer (DPO): dpo@dublinpokerclub.com
If you have any questions or concerns about how we handle your data, please contact our DPO at the address above.
3. What Personal Data We Collect
We collect the following categories of personal data:
3.1 Registration & Membership Data
- Full name
- Date of birth
- Email address
- Phone number
- Residential address
- Nationality
3.2 Identity Verification Data
- Government-issued photographic ID (passport, driving licence, or national ID card)
- Selfie photograph (for biometric identity matching)
- Proof of address (utility bill, bank statement, or government correspondence dated within 3 months)
3.3 Financial Data
- Digital wallet transaction history (deposits and withdrawals)
- Payment card details (processed securely by Stripe; we do not store full card numbers)
- Bank account details (for withdrawal processing)
3.4 Gaming Activity Data
- Tournament registrations and results
- Gaming session history
- Responsible gaming preferences and self-exclusion records
3.5 Technical & Device Data
- Device type, operating system, and App version
- IP address
- App usage analytics and crash reports
- Push notification tokens
3.6 Communications
- Customer support enquiries and correspondence
- Feedback and complaints
3.7 CCTV & Premises Data
CCTV footage captured at the Club premises for security and regulatory purposes.
4. Why We Collect Your Data (Legal Bases)
We process your personal data for the following purposes and under the following legal bases:
| Purpose | Legal Basis |
|---|---|
| Membership registration and management | Performance of a contract (Article 6(1)(b)) |
| Identity verification and KYC checks | Legal obligation — AML legislation (Article 6(1)(c)) |
| Processing deposits and withdrawals | Performance of a contract (Article 6(1)(b)) |
| Anti-money laundering compliance | Legal obligation (Article 6(1)(c)) |
| Responsible gaming tools and self-exclusion | Legal obligation and legitimate interests (Article 6(1)(c) and (f)) |
| Sending service-related communications | Performance of a contract (Article 6(1)(b)) |
| Marketing communications (promotions, events) | Consent (Article 6(1)(a)) |
| App analytics and performance improvement | Legitimate interests (Article 6(1)(f)) |
| Security, fraud prevention, and CCTV | Legitimate interests (Article 6(1)(f)) |
| Compliance with legal and regulatory requests | Legal obligation (Article 6(1)(c)) |
5. How We Store & Protect Your Data
5.1 Infrastructure
Your personal data is stored on secure cloud infrastructure provided by Google Cloud Platform and Firebase (a Google service). All data is hosted within the European Economic Area (EEA).
5.2 Security Measures
We implement appropriate technical and organisational measures, including:
- Encryption in transit (TLS 1.2+) and at rest (AES-256)
- Access controls and role-based permissions
- Regular security audits and vulnerability assessments
- Secure development practices
- Staff training on data protection
- Incident response procedures
5.3 Payment Security
Credit and debit card payments are processed by Stripe, a PCI DSS Level 1 certified payment processor. We do not store, process, or have access to your full card numbers.
6. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:
| Data Category | Retention Period |
|---|---|
| Membership and account data | Duration of membership + 6 years |
| Identity verification documents | 5 years after the end of the business relationship (per AML regulations) |
| Financial transaction records | 6 years (per Irish tax and AML legislation) |
| Gaming activity records | 6 years |
| Marketing consent records | Until consent is withdrawn + 1 year |
| CCTV footage | 30 days (unless required for an investigation) |
| Customer support correspondence | 3 years |
| App analytics data | 26 months (anonymised thereafter) |
After the applicable retention period, data is securely deleted or anonymised.
7. Your Rights Under GDPR
As a data subject, you have the following rights:
7.1 Right of Access (Article 15)
You have the right to obtain confirmation of whether we process your personal data and to request a copy of that data.
7.2 Right to Rectification (Article 16)
You have the right to request correction of inaccurate personal data or completion of incomplete data.
7.3 Right to Erasure (Article 17)
You have the right to request deletion of your personal data where there is no compelling reason for its continued processing. Note: We may be legally required to retain certain data (e.g., AML records) even after a deletion request.
7.4 Right to Restriction of Processing (Article 18)
You have the right to request that we restrict the processing of your data in certain circumstances.
7.5 Right to Data Portability (Article 20)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
7.6 Right to Object (Article 21)
You have the right to object to processing based on legitimate interests or for direct marketing purposes. Where you object to direct marketing, we will cease processing immediately.
7.7 Right to Withdraw Consent
Where processing is based on your consent, you may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
7.8 Right to Lodge a Complaint
You have the right to lodge a complaint with the Data Protection Commission (DPC):
Data Protection Commission
21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
Website: www.dataprotection.ie
Phone: +353 (0)1 765 0100 / 1800 437 737
Exercising Your Rights
To exercise any of these rights, please contact our Data Protection Officer at dpo@dublinpokerclub.com. We will respond within one calendar month of receiving your request. In complex cases, this may be extended by a further two months, and we will inform you of any such extension.
8. Cookies & Analytics in the App
The App uses the following tracking technologies:
8.1 Essential Functionality
- Authentication tokens (required for login)
- Session management data
8.2 Analytics
- Firebase Analytics — to understand how members use the App, improve features, and identify technical issues. This data is aggregated and pseudonymised.
- Crashlytics — to detect and fix App crashes and performance issues.
8.3 Push Notifications
With your consent, we send push notifications for tournament reminders, promotions, and account updates. You can manage notification preferences in the App settings or your device settings at any time.
8.4 Opting Out
You can disable analytics collection in the App settings under Privacy Preferences. Note that essential functionality data cannot be disabled as it is required for the App to function.
9. Third-Party Processors
We share personal data with the following categories of third-party processors, all of whom are bound by data processing agreements:
| Processor | Purpose | Location |
|---|---|---|
| Google / Firebase | Cloud hosting, analytics, authentication | EEA |
| Stripe | Payment processing | EEA / US (with adequate safeguards) |
| Identity verification provider | KYC / document verification | EEA |
| Email service provider | Transactional and marketing emails | EEA |
| Customer support platform | Support ticket management | EEA |
We do not sell your personal data to third parties. Data is shared only as necessary to provide our services and comply with legal obligations.
10. International Transfers
Where personal data is transferred outside the EEA (e.g., to Stripe’s US infrastructure), we ensure appropriate safeguards are in place, including:
- EU Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
- Binding Corporate Rules where applicable
11. Children’s Data
Our services are strictly for individuals aged 18 and over. We do not knowingly collect personal data from anyone under 18. If we become aware that we have collected data from a minor, we will delete it immediately.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be communicated through the App and/or by email. The “Last Updated” date at the top of this policy will be revised accordingly. We encourage you to review this policy periodically.
13. Contact Us
For any data protection queries or to exercise your rights:
Data Protection Officer
Dublin Poker Club & Casino
3 Fairview Strand, Fairview, Dublin 3, D03 AY94, Ireland
Email: dpo@dublinpokerclub.com
Phone: 089-4900187
Dublin Poker Club & Casino is committed to transparency and the protection of your personal data in full compliance with GDPR and Irish data protection law.