Privacy Policy
This Privacy Policy explains what personal information JeetCity Casino (operating at the domain kaizen360.co.uk) collects from visitors, why we collect it, how we use it, who we share it with, how long we keep it, and what rights you have over it. We have written this document in plain English on purpose. Privacy notices are easier to ignore when they are dense, and we want yours to be readable.
JeetCity Casino is an independent online casino review site. We do not operate gambling services, hold deposits, or process bets. The personal information we handle is limited to what is needed to run a content website: contact-form messages, server logs, analytics data and tracking for affiliate links. If at any point you have questions about how your data is handled, write to us at [email protected] and we will respond inside 30 days, sooner where the law requires it.
1. Who we are and how to contact us
JeetCity Casino is the publisher of the website at kaizen360.co.uk. For privacy-related queries, requests to exercise your rights, or any concern about how your data has been handled, contact our privacy team directly at [email protected]. For general or editorial enquiries, see the Contact Us page, which lists separate addresses for partnerships, press and editorial matters.
This site is an information resource about online casinos. We are not a casino, do not accept deposits, and do not run any form of real-money gaming. If you are looking for the privacy policy of a casino we have reviewed, you will find it on the operator's own website; our policy applies only to your interaction with kaizen360.co.uk.
2. The legal frameworks we operate under
Because our audience is primarily Australian and our operations are based in the European Economic Area, we comply with two parallel privacy frameworks.
For Australian visitors, our processing is governed by the Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APPs) issued by the Office of the Australian Information Commissioner (OAIC). The APPs cover collection, use, disclosure, accuracy, security, access and correction of personal information. Where this policy refers to your rights, those rights are grounded in APP 12 (access) and APP 13 (correction) for Australian users.
For visitors based in the European Union, the United Kingdom and the European Economic Area, our processing is governed by the General Data Protection Regulation (Regulation (EU) 2016/679, the GDPR) and the UK GDPR. Where this policy mentions specific GDPR articles, those references apply to your rights as an EU/UK data subject. The legal basis for each processing activity is set out in section 5 below.
Where the two frameworks differ, we apply the higher standard. In practice that means most users get GDPR-level protections regardless of where they are based.
3. What personal information we collect
We deliberately collect as little as possible. The categories below are exhaustive: if a category is not listed, we do not collect it.
3.1 Information you give us directly
If you fill in the contact form on the Contact Us page or email us at any of our published addresses, we receive whatever you choose to provide. The contact form asks for your name, email address, the subject of your message, and the message body. Nothing else is required, and we do not retain anything beyond what you submit.
We do not run user accounts on this site. There is no registration, no profile, and no personal area. We do not collect payment information, government IDs, casino account details, passwords, or financial information of any kind. If a casino we have reviewed asks for that data on its own platform, that interaction is between you and the operator, governed by their privacy policy, not ours.
3.2 Information we collect automatically
When you visit kaizen360.co.uk, our servers and our analytics provider record technical information about the visit. This is standard practice for any website and is needed for the site to function and stay secure.
The technical data we record consists of your IP address (used for geographic country detection, security and rate limiting), the type and version of your browser (User-Agent string, used to deliver the right version of the site), your operating system and device type (used for responsive layout), the pages you visit and the time you spend on each (used for analytics), the URL of the page that referred you to our site (used to understand traffic sources), the language preference of your browser (used to show language-appropriate content where applicable), and your screen resolution (used by the responsive design to render the layout properly).
We do not log keystrokes, mouse movements, or content you type into the contact form before you submit it. We do not record your screen, attempt to identify you across devices, or build a behavioural profile of you for advertising purposes.
3.3 Cookies and similar technologies
We use a small number of cookies to make the site work and to understand which content is useful to readers. The full list of every cookie we set, what it does, who provides it, and how long it persists is documented separately in our Cookie Policy. The most important categories are: strictly necessary cookies (session and security), analytics cookies (Google Analytics), and affiliate tracking cookies (set by partner networks when you click through to a casino).
4. Why we collect this information
Each piece of data has a specific purpose. We do not collect anything just in case it might be useful later.
Operating and improving the site. We use aggregated analytics data, in anonymised form, to understand which reviews and articles get read, where readers come from, what devices they use, and what content needs improving. We use Google Analytics 4 with IP anonymisation enabled, which means individual visitors cannot be identified from the data we receive.
Tracking affiliate referrals. When you click a link to a casino from our site, the partner network sets a cookie that records the click came from JeetCity Casino. This is what allows us to be paid commission if you go on to register at the operator. The cookie identifies the click source, not you. The mechanism is set out in detail in our Affiliate Disclosure.
Site security. Server logs containing IP addresses and request patterns are retained for a short window so we can detect attacks, abuse and fraud. This is the standard mechanism every website uses to defend itself.
Responding to your messages. If you write to us, we read the message and reply. The contact-form data you submit is used only for this purpose and is not added to any marketing database.
Legal compliance. Where we are obliged to retain data for a defined period under tax law, advertising standards, or court orders, we do so for the minimum necessary period.
5. Legal basis for processing (GDPR users)
If you are based in the European Union, the United Kingdom or the EEA, the GDPR requires us to identify a specific legal basis for each kind of processing we carry out. The relevant bases for our activities are as follows.
Consent (GDPR Art. 6(1)(a)) applies to non-essential cookies, including analytics and affiliate-tracking cookies. You give consent through the cookie banner shown on your first visit, and you can withdraw it at any time through the same banner or your browser settings.
Legitimate interests (GDPR Art. 6(1)(f)) applies to security logging, fraud prevention, and the basic technical operation of the site. Our legitimate interest is in keeping the site secure and functional; that interest does not override your fundamental rights, given the low-sensitivity nature of the data involved.
Performance of a contract (GDPR Art. 6(1)(b)) applies to processing your contact-form submissions: when you write to us, you are asking us to respond, and the processing is necessary to fulfil that request.
Legal obligation (GDPR Art. 6(1)(c)) applies to any retention of data we are required to keep under applicable law.
You have the right to withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
6. Who we share data with
We do not sell personal information to anyone. We do not share it with advertisers for behavioural targeting. We do not pass it on to data brokers. The list below is the complete set of third parties who receive any data from your visit, and what they receive.
Google LLC (Google Analytics 4 and Google Search Console). Receives anonymised analytics data including approximate location (country level), device and browser information, pages visited and time spent. IP anonymisation is enabled. Data transfer to the United States is covered by the EU-US Data Privacy Framework and standard contractual clauses approved by the European Commission. Google's privacy policy: policies.google.com/privacy.
Cloudflare Inc. Provides our content delivery network and DDoS protection. Cloudflare sees IP addresses and request metadata as part of routing and security but does not retain content or build user profiles for our use. Privacy policy: cloudflare.com/privacypolicy.
Affiliate networks. When you click a partner link to a casino, the affiliate network for that operator (commonly Income Access, NetRefer or the casino's in-house affiliate platform) sets a tracking cookie identifying the referral source. The cookie contains a click ID, not your personal details. The network does not receive your name, email or any other identifier from us.
Hosting provider. Our infrastructure runs on commercial cloud hosting. The provider sees server logs in the normal course of operating the platform but does not access them for any purpose beyond infrastructure maintenance.
We do not pass data directly to the casinos we review. If you register at a casino after clicking through from our site, the relationship from that point onward is between you and the operator, and their privacy policy governs how they handle your data.
7. International data transfers
Some of our service providers (notably Google) operate from servers in the United States. Where personal data is transferred outside the European Economic Area or Australia, we ensure that appropriate safeguards are in place. For US transfers under the GDPR, we rely on the EU-US Data Privacy Framework where applicable and, in addition, on standard contractual clauses approved by the European Commission.
For Australian users, the Australian Privacy Principles permit cross-border disclosure provided we take reasonable steps to ensure the recipient handles the information in line with the APPs, which is the case for the providers listed in section 6.
If you would like a copy of the safeguards in place for any specific transfer, write to [email protected] and we will share the relevant documentation.
8. How long we keep data
Retention periods are kept short by default. Specifically:
Contact-form submissions and email correspondence are retained for 12 months from the last interaction, then deleted. If a thread spans multiple messages, the clock resets at each new message. Server logs are retained for 90 days, which is long enough to investigate security incidents and short enough to limit residual data exposure. Google Analytics data is retained for 14 months under our default configuration, the minimum permitted for meaningful year-on-year reporting. Cookie lifetimes vary by cookie type and are documented per cookie in the Cookie Policy; the longest persistent cookie we set lasts two years (Google Analytics _ga). Affiliate tracking cookies are set by third parties and typically last 30 to 90 days depending on the network.
Data we are required to retain under specific legal obligations (tax records, for example) is kept for the period prescribed by the relevant law and no longer.
9. Your rights
Both Australian and European data protection law give you significant rights over your personal information. The list below covers the full set, with the legal source noted in brackets.
Access (GDPR Art. 15 / APP 12). You can ask us for a copy of any personal information we hold about you. We will respond within 30 days. The response is free; we may charge a reasonable fee only for excessive or repetitive requests, in line with the law.
Correction (GDPR Art. 16 / APP 13). If anything we hold about you is inaccurate or incomplete, you can ask us to correct it.
Erasure, also known as the right to be forgotten (GDPR Art. 17). You can ask us to delete your personal information. We will do so unless there is an overriding legal reason to retain it (for example, an active dispute or a tax-record obligation), in which case we will explain.
Restriction of processing (GDPR Art. 18). You can ask us to pause processing of your data while a query is being resolved.
Data portability (GDPR Art. 20). Where processing is based on consent or a contract and is carried out by automated means, you can ask for your data in a structured, machine-readable format (we provide JSON).
Objection (GDPR Art. 21). You can object to processing based on legitimate interests, including for analytics and security purposes. We will assess the objection and either stop the processing or explain why our legitimate interest overrides it.
Withdrawal of consent. Where processing relies on consent (cookies, primarily), you can withdraw it at any time without affecting prior lawful processing.
Complaint to a supervisory authority. Australian users can complain to the Office of the Australian Information Commissioner at oaic.gov.au. EU/UK users can complain to their national data protection authority, listed at edpb.europa.eu for EU and the Information Commissioner's Office (ICO) for the UK.
To exercise any of these rights, email [email protected] with enough detail for us to identify the request. We will acknowledge within 72 hours and complete processing within 30 days. We may need to verify your identity before acting on a request, particularly for access and erasure, and we will tell you what we need to confirm before going further.
10. How we secure data
The site runs over HTTPS with TLS 1.3 encryption for every connection between your browser and our servers. The certificate is issued by a recognised certification authority and renewed automatically before expiry. Server-side, we apply the standard set of protections: regular software patching, restricted administrative access, two-factor authentication on every administrative account, encrypted backups, and network-level filtering through Cloudflare against the most common attack patterns.
Access to the small amount of personal data we hold (mainly contact-form messages) is restricted to the editorial team members who actually need it to respond. We log administrative access to that data and review the logs periodically.
No internet system is fully invulnerable, and we cannot promise zero risk. What we can promise is that we apply the controls a content website of our size reasonably should, and that we will tell you within 72 hours if a breach affects your data, in line with GDPR Art. 33-34 and the Australian Notifiable Data Breaches scheme.
11. Children's data
This site is intended for adults of legal gambling age in their jurisdiction (18 or older in Australia). We do not target children, do not knowingly collect data from anyone under 18, and would never accept a contact-form submission identifiable as coming from a minor. If you become aware that a child has contacted us, please write to [email protected] so we can delete the data immediately.
For broader guidance on protecting young people from gambling content, see the relevant section of our Responsible Gambling page, which lists parental control software and practical steps for households where a young person uses shared devices.
12. Changes to this policy
We update this policy when our practices change or when applicable law changes. The effective date and last-updated date at the top of the page tell you when the current version came into force. Significant changes (anything that affects your rights or the way your data is handled) will be highlighted with a notice on the site for at least 30 days. Continuing to use the site after a change indicates acceptance of the updated policy; if you do not agree, you should stop using the site and request deletion of any data we hold about you.
13. Linked policies
This Privacy Policy works together with several other documents on the site. The Cookie Policy details every cookie we set. The Terms and Conditions govern your overall use of the site. The Affiliate Disclosure sets out our funding model. If anything written here contradicts another document, the policy with the most specific applicable provision takes precedence; in case of any conflict that affects your rights, the higher standard of protection applies.