burger icon
Ice Casino Canada
Log In

Privacy Policy

This Privacy Policy explains how Ice Casino, operating via the website https://ice-ca.com, collects, uses, discloses, stores, and protects personal information of players and visitors from Canada who access or use our services. It applies to all users of our website, account holders, potential players, and any individual whose data is processed in connection with our online gambling services. By using our website or services, you acknowledge that you have read and understood this Privacy Policy. This Policy is effective as of 1 January 2026 and replaces all prior versions for Canadian users.

Who We Are

OBSERVE: Users must know the legal entities behind Ice Casino, where they are located, and how to contact them about privacy issues.

EXPAND: The platform involves a corporate service and license structure using Brivio Limited and Invicta Networks N.V. We clarify roles and provide a dedicated privacy contact.

REFLECT: This section establishes accountability and contact channels for privacy-related queries and complaints.

Operator and Corporate Structure

The online gambling services provided under the brand name Ice Casino to Canadian players via https://ice-ca.com ("Ice Casino", "we", "us", "our") are operated within the following corporate structure:

  • Front-end operator and EU payment processor: Brivio Limited, a private company incorporated in the Republic of Cyprus, registration number HE315596, with its principal place of business and legal address at Office 102, 12A Lekorpouzier, Limassol, Cyprus.
  • License holder and gambling services provider: Invicta Networks N.V., a company incorporated in Curaçao, holding online gambling licence number 8048/JAZ2012-009, issued by Antillephone N.V. and authorized by the Government of Curaçao. Licence validity is currently extended to 31 December 2026.

Data Protection Responsibility and Contacts

Brivio Limited and Invicta Networks N.V. act as joint data controllers for personal information processed through ice-ca.com in connection with Ice Casino.

For all privacy and data protection matters, you may contact our dedicated data protection function (Data Protection Officer / Privacy Team):

  • E-mail (primary privacy contact): [email protected]
  • E-mail (complaints and dispute resolution): [email protected]
  • Website: https://ice-ca.com (24/7 live chat support available via the website interface)
  • Postal address for privacy correspondence: Data Protection Officer, Brivio Limited, Office 102, 12A Lekorpouzier, Limassol, Cyprus

If needed for licence validation or regulatory escalation relating to Curaçao, information can be verified via https://validator.antillephone.com.

What Personal Data We Collect

OBSERVE: Operation of an online casino requires identification, transaction, technical, and behavioural data.

EXPAND: We distinguish categories of data, sources, and technologies (including cookies) to support transparency obligations under modern privacy standards (including PIPEDA-style principles and GDPR-aligned practices).

REFLECT: This enables players to understand what is collected and why certain types of information are necessary or optional.

Identification and Contact Data

  • Full name, date of birth, and gender (where provided).
  • Residential address and country of residence.
  • E-mail address and phone number(s).
  • Identity documentation for verification (e.g., passport, ID card, driver's licence), including numbers, expiry dates, photos, and proof of address (e.g., utility bills, bank statements).

Account and Usage Data

  • Username, account ID, passwords (stored in hashed/encrypted form), security questions, and preferences.
  • Account registration details, verification status, and communication preferences.
  • Customer support interactions (e-mails, live chat transcripts, call notes, complaint history).

Technical and Log Data

  • IP address, approximate geolocation based on IP, and device identifiers.
  • Browser type and version, operating system, language settings, time zone, and device type.
  • Server logs, including timestamps of visits, pages viewed, referral URLs, and in-game technical events.
  • Security-related logs (login attempts, password changes, account lockouts, suspicious activity flags).

Payment and Financial Data

  • Payment method details (e.g., partially masked card numbers, card issuer, expiry dates) as provided to and tokenized by payment service providers.
  • Deposit and withdrawal history, including amounts, currencies, timestamps, payment channel, and status.
  • Verification data for anti-money laundering (AML) and source-of-funds checks (e.g., bank statements, employment or income information where legally required).

Behavioural and Gaming Data

  • Betting and gaming history, including games played, session durations, wagers, wins and losses, bonuses used, and game preferences.
  • Responsible gambling data (self-exclusion settings, deposit limits, reality checks, time-outs, and interactions relating to safer gambling).
  • Clickstream data, navigation paths, interactions with specific features, and responses to promotional offers.

Marketing and Communication Data

  • Subscriptions to newsletters and promotional communications (e-mail, SMS, in-site notifications).
  • Records of marketing consents, opt-ins, opt-outs, and communication preferences.
  • Responses to surveys, feedback forms, or promotional campaigns.

Cookies and Similar Technologies

  • Cookie identifiers, browser storage objects, and similar technologies used to remember your preferences, maintain sessions, perform analytics, and personalize content.
  • Information about your interaction with our website and advertisements, including frequency and timing of visits, click behaviour, and conversion metrics.

For detailed information about our use of cookies and tracking technologies, see the section "Cookies & Tracking Technologies" below.

Legal Basis for Processing

OBSERVE: While Ice Casino targets Canadian players, we operate within an international regulatory and corporate environment and apply GDPR-aligned legal bases, along with Canadian privacy expectations.

EXPAND: We explain each primary legal ground and map it to typical processing activities such as account operation, AML/KYC, fraud prevention, and marketing.

REFLECT: This enables users to understand when consent is required and when processing is based on other obligations or legitimate interests.

Consent

  • Scope: We rely on your explicit consent for:
    • Receiving marketing communications (e-mail, SMS, push notifications) about our services and offers.
    • Use of non-essential cookies and similar technologies for advertising and advanced analytics.
    • Processing of certain optional information you choose to provide (e.g., survey responses).
  • Characteristics: You may withdraw consent at any time, without affecting the lawfulness of processing prior to withdrawal. Withdrawal options are provided in each marketing message and within your account settings, or by contacting us.

Contractual Necessity

  • Scope: We process personal information when it is necessary to enter into or perform our contract with you, including:
    • Creating and managing your player account.
    • Providing access to games, promotions, and related services.
    • Processing deposits, bets, wins, withdrawals, and bonuses.
    • Providing customer support and resolving operational issues.
  • Note: Without this information, we cannot provide you with our gambling services.

Compliance with Legal and Regulatory Obligations

  • Scope: We must comply with laws and regulations applicable to licensed remote gambling, AML/CTF requirements, and financial reporting rules in Curaçao, the Republic of Cyprus, and other relevant jurisdictions. This includes:
    • Identity verification (KYC) and age verification.
    • Monitoring and reporting suspicious transactions.
    • Record-keeping of transactions and verification documents for legally mandated periods.
    • Responding to lawful requests from courts, regulators, and law enforcement agencies.
  • Regional compliance note: For Canadian players, we apply comparable standards to those required by Canadian privacy laws (e.g., PIPEDA principles) even though we operate as an offshore entity.

Legitimate Interests

  • Scope: We process personal information based on our legitimate interests, carefully balanced against your rights and freedoms, including:
    • Ensuring the security and integrity of our platform and preventing fraud, abuse, collusion, or money laundering.
    • Conducting analytics and statistics to improve the performance, usability, and offerings of our website.
    • Protecting our legal rights, defending against claims, and enforcing our Terms and Conditions and bonus rules.
    • Personalizing aspects of your experience (e.g., recommended games) in a way that does not materially affect your privacy.
  • Safeguards: Where we rely on legitimate interests, we apply technical and organisational safeguards and, where appropriate, offer opt-out mechanisms.

Purpose of Processing

OBSERVE: Each category of data is tied to one or more purposes.

EXPAND: We specify and delimit the purposes to satisfy transparency and purpose-limitation principles.

REFLECT: This enables you to see how your information supports our gambling services and related operations.

Provision and Management of Gambling Services

  • To register your account and verify your eligibility (including age and residency checks).
  • To provide access to games, tournaments, bonuses, and other gambling products.
  • To process deposits, bets, wins, and withdrawals, and to manage your account balance.
  • To administer promotions, loyalty schemes, and bonus offers in accordance with our bonus terms.

Customer Support and Relationship Management

  • To respond to your queries, requests, and complaints via e-mail, live chat, or other channels.
  • To maintain records of support interactions for quality assurance and dispute resolution.
  • To send important service messages (e.g., changes to terms, account notifications, security alerts).

Legal, Regulatory, and Risk Management

  • To comply with KYC/AML, counter-terrorist financing, sanctions, and other regulatory requirements.
  • To detect, investigate, and prevent fraud, money laundering, game manipulation, chargebacks, bonus abuse, and similar risks.
  • To manage legal claims and proceedings and respond to lawful requests from authorities.

Improvement, Analytics, and Service Optimization

  • To analyse website usage, game performance, and player behaviour in aggregate and pseudonymized form.
  • To test, develop, and optimize our platform, user interface, game portfolio, and responsible gambling tools.
  • To compile anonymous or aggregated statistics that no longer identify individual players.

Marketing and Personalization (With Consent Where Required)

  • To send promotional communications about our products, bonuses, tournaments, and special offers, subject to your marketing preferences and applicable consent requirements.
  • To tailor the content of our communications and on-site recommendations to your profile and previous activity.
  • To measure the performance of our marketing campaigns (e.g., conversion tracking, A/B testing).

Responsible Gambling

  • To support safer gambling by monitoring behaviour for indications of problem gambling in line with our responsible gaming commitments.
  • To implement and enforce self-exclusion, deposit limits, loss limits, and other protective measures requested or required.
  • To maintain records of responsible gambling interactions and interventions.

Disclosure & Sharing

OBSERVE: Operation of Ice Casino relies on several third-party providers and regulatory interfaces.

EXPAND: We identify categories of recipients and conditions for disclosure, including cross-border aspects and advertising networks.

REFLECT: This allows users to understand when their information leaves our direct control and under what safeguards.

Group Companies and Operational Partners

  • Group entities: Brivio Limited and Invicta Networks N.V., as well as other entities within the same corporate group or platform infrastructure (e.g., sister brands such as Vulkan Vegas) where data sharing is strictly limited to necessary operational, risk, and compliance purposes.
  • Payment service providers: Banks, card schemes, e-wallet providers, and other payment processors who handle deposits and withdrawals. We share only the information required to execute the transaction, verify your identity, and prevent fraud.

Service Providers (Processors)

  • IT hosting providers, cloud infrastructure services, and content delivery networks.
  • Customer support tools (e.g., live chat platforms, ticketing systems).
  • Analytics providers, business intelligence tools, and anti-fraud / risk management platforms.
  • Identity verification, KYC, and AML screening providers.

These service providers process personal information on our behalf and under our instructions, subject to contractual obligations of confidentiality, data security, and limited purpose use.

Regulators, Authorities, and Dispute Bodies

  • Gambling regulators, including Antillephone N.V. in Curaçao, and other competent authorities, where required by licence conditions or applicable law.
  • Law enforcement agencies, courts, and governmental bodies where disclosure is necessary to comply with a legal obligation or to establish, exercise, or defend legal claims.
  • Alternative dispute resolution (ADR) bodies or similar entities, which may include [email protected], when you escalate a complaint and data disclosure is needed to handle the dispute.

Marketing and Affiliate Partners

  • Affiliate partners and marketing networks that refer players to Ice Casino. We may share limited data necessary for attribution, fraud prevention, and commission calculations, typically in pseudonymized or aggregated form.
  • Advertising and retargeting networks, where allowed by applicable law and subject to your consent for advertising cookies and similar technologies.

Business Transfers

  • In the event of a merger, acquisition, corporate restructuring, or sale of assets, your personal information may be transferred to the relevant third parties as part of the transaction, subject to confidentiality obligations and, where required, further safeguards or notifications.

No Sale of Personal Information

We do not "sell" your personal information for monetary consideration as that term is typically understood in modern data protection frameworks. Any disclosures to third parties are limited to the purposes described in this Policy.

International Transfers

OBSERVE: Data of Canadian players is processed and stored using an infrastructure involving Cyprus, Curaçao, and other locations.

EXPAND: We clarify destinations, typical safeguards, and contractual arrangements, adopting GDPR-aligned concepts such as Standard Contractual Clauses (SCCs), even though our primary users are Canadian.

REFLECT: This supports informed decision-making about cross-border risks and protections.

Locations of Processing

  • Your personal information may be processed and stored in:
    • The Republic of Cyprus (corporate management, payments, customer support, risk management).
    • Curaçao (licence compliance, certain operational and regulatory functions).
    • Other countries within the European Economic Area (EEA) where our service providers are located.
    • In limited cases, other jurisdictions (e.g., cloud hosting regions) where our technical infrastructure or specific vendors operate.

Safeguards for International Transfers

  • We use appropriate safeguards for data transfers, which may include:
    • Standard Contractual Clauses (SCCs) approved by the European Commission or equivalent contractual protections.
    • Contractual data protection obligations requiring service providers to apply adequate security and confidentiality measures.
    • Technical safeguards such as encryption, access control, and pseudonymization to reduce risks associated with cross-border transfers.
  • Where local laws in a destination country may offer a lower level of protection, we strive to ensure that processing remains consistent with the principles of this Policy and applicable privacy standards.

Data Retention

OBSERVE: Gambling operators must retain certain records for regulatory and AML purposes, while not keeping data longer than necessary for other uses.

EXPAND: We describe typical retention periods by category and specify criteria for deletion, anonymization, or archiving.

REFLECT: This balances regulatory requirements with data minimization and storage limitation principles.

General Retention Principles

  • We retain personal information for as long as necessary to fulfil the purposes described in this Policy, including:
    • Operating your account and providing services.
    • Complying with legal and regulatory obligations.
    • Resolving disputes and enforcing our agreements.
  • Where possible, we anonymize or aggregate data so that it no longer identifies you personally, and retain such data for longer periods for analytics and reporting.

Indicative Retention Periods

  • Account and identification data: Generally retained for the period of your active account and for up to 5 - 7 years after account closure, in line with typical AML and gambling regulatory requirements applicable to our licence.
  • Transaction and payment data: Retained for at least 5 - 7 years from the date of the relevant transaction, to comply with financial and AML record-keeping obligations.
  • Customer support and complaint records: Retained for the lifetime of the account and typically for up to 5 years after closure, or longer if necessary in connection with disputes or regulatory investigations.
  • Marketing data: Retained for as long as you remain subscribed to marketing communications, and for a limited period (usually up to 2 years) after you unsubscribe, solely to document your preferences and demonstrate compliance.
  • Technical logs and security data: Retained for a period appropriate to security and operational needs, generally between 6 months and 5 years, depending on the type of log and associated risks.

Deletion and Anonymization

  • When personal information is no longer required for the purposes for which it was collected and there is no legal obligation requiring retention, we will:
    • Securely delete it, or
    • Irreversibly anonymize it so that you are no longer identifiable.
  • We may retain minimal information (e.g., identifiers, contact details, and notes) to honour self-exclusion, block re-registration in cases of fraud or abuse, or maintain suppression lists for marketing opt-outs.

Your Rights

OBSERVE: Players should be able to understand and exercise rights over their personal information.

EXPAND: Although Canadian players are primarily governed by Canadian laws (such as PIPEDA concepts) and our offshore regulatory framework, we adopt a rights model broadly aligned with GDPR standards. The prompt also references Mexican law; we therefore align with modern international standards of transparency, access, and control without asserting direct application of Mexican regulations.

REFLECT: This section sets out practical procedures, deadlines, and limitations, ensuring transparency and realistic expectations.

Overview of Available Rights

  • Right of access: You can request confirmation whether we process your personal information and obtain a copy of your data, along with information about how we process it.
  • Right to rectification: You can request correction of inaccurate or incomplete personal information.
  • Right to erasure ("right to be forgotten"): You can request deletion of your personal information where:
    • It is no longer needed for the purposes for which it was collected, or
    • You have withdrawn consent (where processing was based on consent), or
    • You have successfully objected to processing and there is no overriding legitimate ground.

    We may not be able to delete certain data where we must retain it for legal, regulatory, or contractual reasons, especially in relation to AML, gambling regulations, or dispute handling.

  • Right to restriction of processing: You can request that we limit processing of your data (other than storage) when:
    • Its accuracy is contested, for the period necessary to verify it.
    • Processing is unlawful and you prefer restriction instead of deletion.
    • We no longer need the data, but you require it for legal claims.
  • Right to object: You may object at any time to:
    • Processing based on our legitimate interests, on grounds relating to your particular situation.
    • Processing for direct marketing, in which case we will stop such processing immediately.
  • Right to data portability: In certain circumstances, you can request that we provide you with personal information you have provided to us in a structured, commonly used, and machine-readable format, and request that we transmit it to another controller where technically feasible.
  • Right to withdraw consent: Where processing is based on your consent (e.g., marketing communications, non-essential cookies), you may withdraw consent at any time through your account settings or by using the opt-out links in communications.

How to Exercise Your Rights

  1. Submit your request: You may submit a request by:
    • Sending an e-mail to [email protected], or
    • Using the "Contact" or live chat function on https://ice-ca.com, or
    • Writing to: Data Protection Officer, Brivio Limited, Office 102, 12A Lekorpouzier, Limassol, Cyprus.
  2. Provide necessary information: For security and fraud prevention, we may ask you to confirm certain account details or provide identification to verify your identity before acting on your request.
  3. Response times: We aim to respond to all valid requests within 30 days of receipt. If your request is complex or numerous, we may extend this period by a further 30 days, in which case we will inform you of the extension and reasons.
  4. Fees: We generally handle your requests free of charge. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded, excessive, or repetitive, in line with international best practices.

Limitations and Jurisdictional Considerations

  • Your rights may be subject to limitations where:
    • We must retain data to comply with AML or gambling regulations.
    • Disclosure would adversely affect the rights and freedoms of other individuals.
    • Requests conflict with legal privilege or ongoing investigations.
  • For Canadian players, we also align with core principles similar to those in Canadian federal privacy legislation (e.g., openness, access, accuracy, and safeguards), while operating under the laws applicable to our jurisdictions of establishment and licensing.
  • Where Mexican or EU data protection concepts are relevant (for example, where our processing infrastructure is located in the EU), we adopt comparable standards, but this does not imply that Mexican or EU law directly governs all aspects of your relationship with us.

Cookies & Tracking Technologies

OBSERVE: Cookies are essential for functionality, security, analytics, and marketing.

EXPAND: We distinguish types and purposes, and offer practical management options, consistent with international best practices.

REFLECT: This supports informed choices about tracking while preserving essential site operations.

Types of Cookies Used

  • Strictly necessary (session) cookies: These are required for the operation of the website and core functions, such as logging in, maintaining your session, managing your bet slips, and processing payments. They are usually session-based and expire when you close your browser.
  • Functional (persistent) cookies: These remember your preferences (e.g., language, region, login details with your consent) to provide a more convenient experience. They may remain on your device for a defined period or until you delete them.
  • Analytics and performance cookies: These help us understand how visitors use our website (e.g., which pages are visited most, error messages received). We use them to improve website performance and usability. Data is typically aggregated or pseudonymized.
  • Advertising and targeting cookies: These cookies, which may be set by us or third-party advertising partners, are used to deliver relevant advertisements, limit the number of times you see an ad, and measure the effectiveness of campaigns. Their use is subject to your consent, where required by applicable law.

Other Tracking Technologies

  • We may use web beacons, pixels, and similar technologies in combination with cookies to collect information about your interaction with our site and marketing communications.
  • These tools assist with fraud detection, analytics, and measuring the success of promotional campaigns.

Managing and Disabling Cookies

  • Browser settings: Most browsers allow you to:
    • Review which cookies are stored.
    • Delete cookies individually or in bulk.
    • Block cookies from specific sites or all sites.
    • Set notifications before a cookie is stored.
  • On-site tools: Where available, our website may provide an internal cookie or privacy settings panel enabling you to:
    • Accept or reject different categories of non-essential cookies.
    • Change your cookie preferences at any time.
  • Impact of disabling: If you choose to block or delete strictly necessary or functional cookies, you may not be able to access some parts of the website or use certain features, including logging in or placing bets.

Data Security

OBSERVE: Online gambling involves sensitive financial and identity information that must be protected against various threats.

EXPAND: We describe our layered security measures, staff training, and incident response, referencing recognized standards where appropriate.

REFLECT: This provides assurance that we treat information security as a core obligation.

Technical and Organizational Security Measures

  • Encryption in transit and at rest: Data transferred between your browser and our servers is protected using TLS 1.2+ or higher. Sensitive data is encrypted at rest or stored in securely managed environments.
  • Access controls: Access to personal information is restricted to authorised personnel and service providers on a need-to-know basis, using role-based access controls and authentication mechanisms. Multi-factor authentication is implemented for critical internal systems where feasible.
  • Network and infrastructure security: Firewalls, intrusion detection and prevention systems, anti-malware tools, and regular patch management are implemented to protect against unauthorized access and cyber threats.
  • Secure development and testing: Our platform is developed and maintained following secure coding practices, with testing for vulnerabilities and regular code reviews.

Governance, Training, and Audits

  • Policies and procedures: We maintain internal data protection and information security policies, including incident response and access management procedures.
  • Staff training: Employees with access to personal information receive training on data protection, confidentiality obligations, and secure handling of information.
  • Audits and certifications: Our gaming platform is subject to independent testing and certification, including eCOGRA reviews for RNG and payout integrity (aggregate payout percentage: 96.15%, status active). We endeavour to align our security practices with recognised international standards such as ISO 27001 and SOC 2 principles, although we may not hold formal certification in every area.

Incident Response

  • We maintain procedures to detect, assess, and respond to suspected personal data breaches or security incidents.
  • Where required by applicable laws, we will notify relevant authorities and affected individuals without undue delay, describing the nature of the breach, likely consequences, and measures taken or proposed to mitigate its effects.

Complaints & Contacts

OBSERVE: Users need clear channels to raise concerns or complaints about privacy and data use.

EXPAND: We outline internal escalation paths and external supervisory options relevant to our licensing and operational environment, noting that Canadian players contract with offshore entities.

REFLECT: This ensures transparency and a structured process for resolving disputes.

How to Contact Us

  • Primary support and privacy contact: [email protected]
  • Complaints and dispute resolution (internal): [email protected]
  • Website and live chat: Visit https://ice-ca.com and use the 24/7 live chat feature or contact form.
  • Postal address: Data Protection Officer, Brivio Limited, Office 102, 12A Lekorpouzier, Limassol, Cyprus.

Internal Complaint Procedure

  1. Step 1 - Contact support: Raise your concern via live chat or by e-mailing [email protected]. Many issues can be resolved quickly at this level.
  2. Step 2 - Formal complaint: If you are not satisfied with the initial response, you may file a formal complaint by writing to [email protected], providing:
    • Your full name, username, and contact details.
    • A clear description of your complaint and any supporting evidence.
    • The outcome you are seeking.
  3. Step 3 - Investigation and response: We will investigate your complaint and aim to provide a substantive response within 30 days. For complex matters, we may extend this period, informing you of the extension and reasons.
  4. Step 4 - Further escalation: If you remain dissatisfied, you may request additional review or escalate the matter externally where applicable.

External Escalation Options

  • Licensing-related complaints: You may contact the relevant Curaçao licensing body via:
  • Data protection authorities: Depending on your location and the place of processing, you may have the right to lodge a complaint with a competent data protection authority. For example:
    • Your local privacy oversight body in Canada (e.g., Office of the Privacy Commissioner of Canada or relevant provincial commissioner), or
    • An EU supervisory authority where our data processing operations are established (e.g., in Cyprus).

We encourage you to contact us first so that we can try to resolve your concerns directly.

Updates

OBSERVE: Privacy practices evolve with legal, technical, and business developments.

EXPAND: We commit to notifying users of material changes and offering choices in case of significant amendments.

REFLECT: This provides predictability and transparency about how future changes will be communicated and applied.

Changes to This Privacy Policy

  • We may update this Privacy Policy from time to time to reflect:
    • Changes in our services, operations, or corporate structure.
    • Modifications in applicable laws, regulatory guidance, or industry standards.
    • Enhancements to our privacy and security practices.
  • Each version of the Policy will be identified by the "Last updated" date stated below.

Notification of Material Changes

  • For significant changes that materially affect how we process your personal information, we will:
    • Provide notice via e-mail (where feasible) to your registered address, and/or
    • Display a prominent notice or banner on https://ice-ca.com, and/or
    • Notify you through your account dashboard or in-site messaging.
  • Where required or appropriate, we will provide at least 30 days' advance notice before the effective date of material changes, allowing you to review the updates.
  • If you do not agree with the revised Policy, you may choose to stop using our services and request account closure before the changes take effect.

Version Control and Changelog

  • Last updated: January 2026.
  • Key recent changes:
    • Clarified corporate structure (Brivio Limited and Invicta Networks N.V.) and licensing details valid through 2026.
    • Expanded information on international data transfers and retention periods.
    • Enhanced description of user rights and complaint procedures aligned with modern international privacy standards.