Privacy policy

Effective from: 23.01.2024

Last updated: 17.06.2026

1. General Overview

www.avalon78.com values your integrity and privacy immensely and is committed to managing all your personal data in a transparent, fair and lawful manner. This privacy policy (together with the Terms & Conditions and the Cookie Policy) sets out the basis upon which www.avalon78.com collects, stores, and uses your personal data when you visit our website, as well as what your rights are, and how the law protects those rights according to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

This website is solely intended for persons over the age of 18, and we do not knowingly collect data relating to persons under such age. If it becomes apparent to us that we have collected personal data relating to persons under the age of 18, due to reasons relating to abuse of our website, we do our best to ensure that such data is handled in accordance with applicable law.

Furthermore, you bear the responsibility for ensuring that your participation on this platform aligns with the local laws of your jurisdiction, particularly those governing online gambling.

Revisions of the Privacy Policy: This Privacy Policy is subject to periodic updates. We encourage you to review this page regularly to stay informed of any changes.

2. About Us

The website www.avalon78.com ("Casino", "Website", “Company”, "We", "Us", "Our") is operated by N1 Interactive Ltd, a company incorporated under the laws of Malta with registration number C 81457 and registered address at 206, Wisely House, Old Bakery Street, Valletta VLT1451, Malta.

As a data controller, we have a legal obligation under gambling regulations to process personal data from players in order to allow them to participate in games and provide them with ancillary services.

When we mention “Company”, “Group”, “we”, “us” or “our” in this privacy notice, we are referring to the N1 Interactive Ltd.

We take your privacy seriously. For this reason we have appointed a data protection officer (“DPO”) whose responsibility is to oversee that the company is compliant with its legal obligations in respect of the processing of your personal data, and who is your contact point for any questions relating to this Privacy Policy. Should you have any queries about this policy, including any request to exercise your legal rights, and complaints about violation of your rights please contact our DPO using email [email protected].

Contact Us

If you need clarity on this Privacy Policy or wish to exercise any of your legal rights, you can reach out to us through the following channels:

• using email [email protected]
• using Live Chat available through our platform interface using the
• email of the data protection officer [email protected]

3. How We Process Your Personal Data

We collect and process your information to deliver our services, meet regulatory obligations, and maintain a secure gaming environment. "Personal data" refers to any information that can identify you directly or indirectly.

• Account registration and management

Legal Basis: Performance of a Contract

Data Origin: Submitted directly by you during account creation.

Collected Information: Full name, date of birth, username, email address, phone number, physical address, and login credentials.

• Age and identity verification

Legal Basis: Legal Obligation

Data Origin: Submitted directly by you and obtained through third-party verification services.

Collected Information: Full name, date of birth, copies of government-issued ID or passport, and proof of residency.

• Payment processing

Legal Basis: Performance of a Contract

Data Origin: Shared by you and generated via your platform activity.

Collected Information: Payment credentials, transaction history, and account balance details.

• Anti-Money Laundering (AML) compliance

Legal Basis: Legal Obligation

Data Origin: Shared by you and gathered from third-party compliance firms (e.g., payment processors and verification services).

Collected Information: Identity documents, source of wealth/funds documentation, transaction histories, and proof of residence.

• Know Your Customer (KYC) procedure Legal

Basis: Legal Obligation

Data Origin: Submitted directly by you and third-party verification agencies or databases that handle identity and compliance verifications.

Collected Information: Full name, date of birth, nationality, residential address, email, phone number, government-issued IDs, utility bills/bank statements, and financial source documentation.

• Game and service access

Legal Basis: Performance of a Contract

Data Origin: Generated automatically by internal systems during platform use.

Collected Information: Gameplay logs, session data, bonus utilization, and user preferences.

• Technical functionality and cyber security

Legal Basis: Legitimate Interest (Platform stability and security)

Data Origin: Gathered automatically through monitoring tools and cookies.

Collected Information: Device type, browser specifications, IP address, login attempts, and session logs.

• Abuse and fraud prevention

Legal Basis: Legitimate Interest (Platform and user protection)

Data Origin: Generated automatically and analyzed by system monitoring tools.

Collected Information: Transaction details, IP addresses, device information, multi-account flags, and gaming activity.

• Responsible gambling compliance

Legal Basis: Legal Obligation

Data Origin: Defined by your and tracked across your sessions.

Collected Information: Deposit limits, self-exclusion status, gaming activity, and time spent on the platform.

• Marketing and promotions

Legal Basis: Legitimate Interest (promoting our services) or Consent

Data Origin: Obtained during registration or modified within your profile settings.

Collected Information: Name, email address, phone number, and communication preferences.

• Customer support

Legal Basis: Performance of a Contract

Data Origin: Submitted by you via email, interactive forms, or live chat.

Collected Information: Contact details, support queries, account data, and transcripts of your chats or emails.

• AI-assisted customer communications

Legal Basis: Legitimate Interest (Operational efficiency and fast assistance)

Data Origin: Submitted by you via email, interactive forms, or live chat.

Collected Information: Contact details, support queries, account data, and transcripts of your chats or emails.

• Regulatory inquiries and legal claims

Legal Basis: Legal Obligation

Data Origin: Extracted from internal records or provided by regulatory bodies.

Collected Information: Any data relevant to a specific dispute or inquiry (icluding ID, financial transactions, communication logs).

• Platform optimization and analytics

Legal Basis: Legitimate Interest (Service refinement and analysis)

Data Origin: Automatically logged by analytical software and cookies.

Collected Information: Browsing habits, traffic data, page interactions, device details, and browser types.

For more details on the handling of cookies, review our separate Cookie Policy.

4. With Whom We Share Your Personal Data

To provide our services smoothly, we coordinate with various trusted third-party entities who process data under our instructions.

Service Providers and Partners:

• Game providers: sometimes our game providers (e.g. NetEnt) would require access to select data attributes (e.g. username and IP address), in order to provide us with the games you play on our website.
• Payment processors: payments providers receive the data required to securely process your deposits, withdrawals, and other transactions.
• Marketing partners: Subject to your consent, we may share your data with our marketing partners who take care of sending out all our marketing material to you.
• Communication platforms: we use a third-party software to help us communicate with you. This software enables us to send you emails and chat with you on live chat whenever you have queries.
• Conversational artificial intelligence (AI) service providers (Anthropic, Gemini, OpenAI): we use external conversational AI entities that operate as data processors on our behalf. These providers are given restricted access to data held in our customer communication platform, allowing them to help us streamline and improve our marketing initiatives and customer support operations.
• Professional advisors: lawyers, advisors, consultants who we may engage from time to time to manage risks, obtain professional advice, or to establish and defend our legal claims, whether in court or in an out-of-court procedure.

Compliance and Protection:

• Regulatory and government agencies: information is shared with official bodies to meet our legal duties, including strict AML oversight.
• Identity and fraud prevention systems: external security services review data to identify fraudulent behaviors and verify user identities.

5. Corporate Reorganization

Your information may be shared or transferred if our company undergoes a business transition, such as a partial or full acquisition, a merger, or the buyout of a new business. Should this occur, your data will likely be part of the transaction. We commit to sending you an email notification ahead of time to keep you fully informed before any such transfer occurs.

6. International Data Transfers (Outside the EEA)

To deliver our services, your personal information may occasionally be processed in locations outside the European Economic Area (EEA). We protect these international transfers by enforcing strict compliance with privacy regulations, relying on legally approved mechanisms like the European Commission’s Standard Contractual Clauses (SCCs).

7. Data Retention Period

We hold your personal data only for the timeframe required to achieve the purposes detailed in this policy. Following the closure of your player account, we are legally required to store your records for a minimum of five years to remain compliant with global AML laws and regulatory retention mandates.

8. Data Security

We deploy industry-standard technical and organizational safeguards to ensure your data remains confidential and secure. These defenses include robust encryption, strict internal access controls, and mandatory Multi-Factor Authentication (2FA) options to protect your account from unauthorized access.

9. Automated Profiling and Decisions

We do not typically utilize fully automated decision-making processes to establish or manage our business relationship with you. If an individual scenario requires the use of automated logic, we will notify you independently whenever required by law.

10. Your Legal Rights

Data protection law gives you, as a data subject, certain rights in certain circumstances. In accordance with law, you have a right to:

• Request access to your personal data: This means that you have a right to request, free of charge, a copy of the personal data we hold about you. Request the correction of your personal data: This means that if any personal data we hold about you is incomplete or incorrect, you have a right to have this corrected. Keep in mind, however, that we may need you to provide evidence and documentation (such as your ID documentation or proof of address) to support your request.
• Request the erasure of your personal data: This means that you may request the erasure of your personal data where we no longer have a legal basis to continue processing it or retaining it. Please be aware that this right is not absolute – meaning that we are not able to satisfy your request where we are obliged under a legal obligation to retain the data, or where we have reason that the retention of data is necessary for us to defend ourselves in a legal dispute.
• Object to the processing of your personal data where we rely on our legitimate interests (or those of a third party) to process your data and you feel that our processing of your data in such a manner impacts your fundamental rights and freedoms or challenge its use in direct marketing campaigns.
• Request the restriction of the processing of your personal data: You may ask us to temporarily suspend the processing of your personal data in one of the following scenarios: (a) where you want us to establish the accuracy of the data, (b) where our use of the data is unlawful but you do not wish for us to delete it, (c) where you need us to retain your data even when we no longer need it in order for you to establish, exercise, or defend legal claims, or (d) where you have objected the use of your data but we need to verify whether we have overriding legitimate grounds to use it.
• Request the transfer of your personal data (i.e. data portability): This means you may request us to provide you with certain data we process about you so you may transfer it to another controller. This right only applies to data acquired through automated means which you initially provided consent for us to use, or where we used the data to perform our obligations under a contract with you.
• Withdraw your consent at any time where we rely on your consent to process the data. You may withdraw your consent at any time through the account profile settings on the website.
• Lodge a complaint with a supervisory authority.