burger icon
Amerio United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how amerio-united-kingdom, operated via the website casamerio.com, collects, uses, shares, and protects personal data about players and visitors. It applies to anyone who visits casamerio.com, registers an account, participates in casino games, contacts us, or interacts with us through any online forms or communications channels related to casamerio.com.

This Policy is drafted in accordance with the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations ("PECR"), and other applicable laws. Where relevant, it also takes into account comparable international standards, including Mexican data protection rules for users located in Mexico.

By using casamerio.com you acknowledge that you have read and understood this Privacy Policy. You may withdraw consent or exercise your data protection rights at any time as explained below.

Effective date: 6 November 2025

Who We Are

For the purposes of data protection law, the main controller of your personal data in Great Britain in connection with casamerio.com and the amerio-united-kingdom brand is:

  • Apex Gaming UK Ltd., a private limited company incorporated in England and Wales (Company Number 13012345).
  • Registered office: 1 London Wall, London, EC2Y 5EB, United Kingdom.
  • Regulator: United Kingdom Gambling Commission ("UKGC").
  • UKGC Licence Account Number: 58123 (Remote Casino and Gambling Software), active and, according to the UKGC public register, last updated April 2025 and valid as of November 2025.

For players and users outside Great Britain, personal data may be controlled by or jointly processed with:

  • Apex Entertainment N.V., a public company (N.V.) registered in Curaçao (Registration No. 158964).
  • Registered office: Dr. H. Fergusonweg 1, Willemstad, Curaçao.
  • Regulator: Curaçao eGaming.
  • Remote gambling licence: 8048/JAZ, active and valid as of November 2025.

Apex Gaming UK Ltd. operates amerio-united-kingdom for British players under its UK licence, while Apex Entertainment N.V. operates international markets under its Curaçao licence. Depending on where you are located, one or both entities may act as controller or joint controllers of your personal data.

Data Protection Contact

We have appointed a person responsible for data protection matters (Data Protection Officer or equivalent). You can contact us about privacy or data protection issues at:

  • Email: [email protected]
  • Postal address (privacy correspondence): Data Protection Officer, Apex Gaming UK Ltd., 1 London Wall, London, EC2Y 5EB, United Kingdom
  • Website: https://casamerio.com (see the "Contact" or "Support" sections for online forms)

At present we primarily handle privacy-related queries via email and online forms. The most up-to-date contact channels will always be published on casamerio.com.

What Personal Data We Collect

We collect only the personal data that we need to provide our services, comply with legal requirements, protect our business, and safeguard our players. Depending on how you interact with casamerio.com, we may collect the following categories of data.

Identification and Contact Data

  • Account details: username, password (stored in hashed form), security questions and answers, and account settings.
  • Personal identification: full name, date of birth, gender (if provided), nationality, and copies or details of identity documents such as passport, driving licence, or national ID.
  • Contact information: email address, postal address, country of residence, and (where provided) telephone number or mobile number.

Verification, Compliance and Financial Data

  • KYC/AML data: information collected for "Know Your Customer" and anti-money laundering checks, including identity verification results, sanctions and politically exposed persons (PEP) screening results, source-of-funds/source-of-wealth information, and records of checks carried out.
  • Payment data: partial payment card details (masked card numbers), bank account details, e-wallet identifiers, payment transaction identifiers, deposit and withdrawal requests, and payment status information.
  • Financial history: your balance, transaction history, bonuses and wagering requirements, and records of player fund protection measures (for example, the UKGC "medium" level of player fund protection applied to relevant accounts).

Usage, Behavioural and Technical Data

  • Gameplay and betting data: betting history, games played, stakes, wins and losses, session duration, self-exclusion and time-out settings, and responsible gambling limits.
  • Behavioural data: clicks, pages viewed, time spent on pages, navigation paths, engagement with messages and promotions, and interactions with customer support.
  • Technical data: IP address, approximate geolocation derived from IP, device type, operating system, browser type and version, device identifiers, language settings, and performance logs.
  • Security and integrity data: login attempts, authentication logs, fraud and risk scores, VPN and proxy detection data, and information about attempts to bypass geo-blocking or use prohibited tools.

Communications and Support Data

  • Support interactions: records of chats, emails, web forms, and other communications with our customer support, risk, payments, responsible gambling, and complaints teams.
  • Dispute and ADR data: information submitted in connection with disputes, including where we share data with the Independent Betting Adjudication Service ("IBAS") or other alternative dispute resolution (ADR) bodies.

Cookies and Similar Technologies

  • Cookie identifiers: unique identifiers stored in cookies or similar technologies associated with your browser or device.
  • Online identifiers: advertising identifiers, tags, pixels, and other tracking elements used for analytics, fraud prevention and, where permitted, marketing.

We do not intentionally collect data about children under 18. If we discover that a minor has provided us with personal data, we will take steps to close the account and securely delete or anonymise the information, subject to legal retention obligations.

Legal Basis for Processing

We process your personal data only when we have a valid legal basis under the UK GDPR and other applicable laws. Depending on the situation, one or more of the following legal grounds may apply.

Performance of a Contract

  • Account set-up and operation: we process your identity, contact, technical and gameplay data to register your account, enable you to log in, provide casino games, process deposits and withdrawals, and manage bonuses and promotions you participate in.
  • Customer support: we use your contact and account data to respond to your questions, assist with payments, and handle service requests.

Compliance with Legal Obligations

  • Gambling regulation: to comply with UKGC rules and other regulatory requirements, including licence conditions on KYC, anti-money laundering, counter-terrorist financing, player fund protection, responsible gambling, and reporting obligations.
  • Financial and tax laws: to keep accounting records, satisfy audit requirements, and comply with tax and financial regulations in relevant jurisdictions.
  • Law enforcement requests: to cooperate with police, courts, regulators, or other public authorities when legally required.

Legitimate Interests

  • Fraud prevention and integrity: we process technical, behavioural and transactional data to detect and prevent fraud, money laundering, abuse of bonuses, use of VPNs or geo-blocking bypass tools, and other unlawful or improper activities.
  • Service improvement and analytics: we analyse aggregated and pseudonymised usage data to improve our website, games, and services, and to ensure the stability and security of our systems.
  • Protection of legal rights: we process data to establish, exercise, or defend legal claims, including in disputes with players and third parties.

Consent

  • Marketing communications: we send marketing emails, SMS or push notifications about casamerio.com and amerio-united-kingdom only when you have given your consent or where permitted by PECR. You may withdraw your consent at any time.
  • Non-essential cookies and tracking: we place analytics, advertising and similar cookies on your device only with your consent, where required by law. You can manage these settings through our cookie banner and your browser.
  • Special categories of data: in rare cases, if you provide health-related information in the context of responsible gambling (for example, disclosing a medical condition), we will handle it with your explicit consent or as otherwise permitted by law.

For users in Mexico, we also take into account the principles of the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP). In such cases, our processing is justified by the need to perform the relationship with you, comply with applicable legal obligations, and obtain your consent where required.

Purpose of Processing

We use your personal data for specific, explicit, and legitimate purposes. We do not process your data in ways that are incompatible with these purposes.

Provision of Casino Services

  • Account management: creating and maintaining your player account, authenticating logins, managing account settings and responsible gambling tools.
  • Gaming operations: enabling you to place bets, participate in games, credit winnings, manage balances, and deliver a secure and fair gambling experience.
  • Payments: processing deposits and withdrawals, preventing payment fraud, and liaising with payment processors and banks.

Regulatory, Compliance and Risk Management

  • KYC and AML controls: verifying your identity, assessing risk, and meeting legal obligations in Great Britain and other operating jurisdictions.
  • Responsible gambling: monitoring play patterns, applying financial and time limits, implementing self-exclusion and cooling-off measures, and contacting you where our monitoring suggests potential gambling-related harm.
  • Geo-compliance: using IP address and other technical data to ensure you are not accessing our services from prohibited territories or via VPNs or similar tools.

Service Improvement, Analytics and Personalisation

  • Website performance and optimisation: analysing usage data to improve site navigation, loading times, and overall user experience on casamerio.com.
  • Game optimisation: understanding which games and features are most popular to refine our offerings and develop new services.
  • Personalised content: tailoring certain content, such as recommended games or promotions, to your profile and behaviour, subject to your marketing and cookie preferences.

Marketing and Communications

  • Direct marketing: sending you information about offers, promotions, tournaments, and new features of amerio-united-kingdom, subject to your consent or lawful interests under PECR.
  • Service messages: sending important non-marketing communications, such as changes to terms, privacy updates, security alerts, and account notifications (these are not based on consent).

Disputes and Legal Claims

  • Complaint handling: using relevant data to investigate and respond to complaints raised directly with us.
  • ADR and litigation: sharing necessary information with IBAS or other ADR bodies, regulators, and legal counsel to resolve disputes and protect our rights.

Disclosure & Sharing

We do not sell your personal data. We share data only with trusted parties where necessary for the purposes described above, subject to appropriate safeguards and contractual protections.

Group Companies and Operators

  • Corporate group: your data may be shared between Apex Gaming UK Ltd. and Apex Entertainment N.V., and other related entities, for operational, regulatory, and risk management purposes, including consolidated reporting.

Service Providers and Business Partners

  • Payment providers and banks: to process deposits, withdrawals and refunds, and to carry out fraud checks and chargeback handling.
  • Technical and hosting providers: suppliers that provide data hosting, IT maintenance, security monitoring, and platform services.
  • Game providers: third-party casino game studios and software providers that require certain account and gameplay data to deliver games and ensure fairness and compliance.
  • Analytics and user experience providers: partners that help us measure traffic, detect performance issues, and improve site usability.
  • Marketing and advertising partners: subject to your consent, we may share limited data with email delivery services, CRM platforms, and advertising networks for campaigns related to casamerio.com and amerio-united-kingdom.

Regulators, Authorities and ADR Bodies

  • Regulators: the UK Gambling Commission, Curaçao eGaming, tax authorities, and other regulators may receive data to allow us to demonstrate compliance with licensing, AML/CTF, and responsible gambling obligations.
  • Law enforcement and public bodies: where required by law, court order or lawful request, we may disclose data to police, courts, and other public authorities.
  • Alternative dispute resolution: if a dispute is referred to IBAS or another ADR provider, we share relevant account, transaction, and communication data to facilitate the dispute process. IBAS may be contacted via its consumer claim form at https://ibas-uk.com/consumers/claim-form/.

Corporate Transactions

  • Business transfers: in the event of a merger, acquisition, reorganisation or sale of assets involving our business or the amerio-united-kingdom brand, your data may be transferred to the new owner, subject to continued protection in line with this Policy and applicable law.

Whenever we share your personal data with third parties, we require them to use it only for the purposes and in the ways we specify, and to protect it with appropriate security measures.

International Transfers

Because we operate online casino services under licences in Great Britain and Curaçao, and use global service providers, your personal data may be transferred to and processed in countries outside the United Kingdom, including countries that may have different data protection standards.

Where Your Data May Be Transferred

  • Curaçao: operational, compliance and back-office activities carried out by Apex Entertainment N.V. and certain service providers may involve transfers to Curaçao.
  • European Economic Area (EEA) and Switzerland: some of our technical, payment, or analytics providers are located in, or process data from, EEA countries or Switzerland.
  • Other countries: subject to legal and regulatory restrictions, certain providers (for example, cloud or security vendors) may process data in other jurisdictions, which will be disclosed in our detailed service provider list if and when available.

Protection Measures for Cross-Border Transfers

  • Adequacy decisions: where the UK government recognises a country as providing an adequate level of data protection, we may rely on that decision for transfers.
  • Standard contractual clauses and IDTA: for other countries, we typically use appropriate contractual safeguards such as the UK International Data Transfer Addendum (IDTA) and/or the European Commission's Standard Contractual Clauses (SCCs), adapted as necessary for UK law.
  • Additional safeguards: we may apply supplementary technical and organisational measures (such as encryption and access controls) to ensure an essentially equivalent level of protection.

We do not rely on the former EU-US Privacy Shield framework, which has been invalidated. If you would like more information about the specific safeguards applied to a particular transfer of your data, you may contact us at [email protected].

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, regulatory or reporting requirements. Retention periods can vary depending on the type of data and applicable law, particularly in the context of gambling and anti-money laundering regulation.

Typical Retention Periods

  • Account and identification data: generally retained for the duration of your account and for up to 5 years after account closure, to comply with gambling and AML obligations and to manage potential disputes.
  • Transaction and payment records: usually kept for up to 7 years from the date of the relevant transaction, to comply with financial and tax regulations.
  • KYC and AML records: retained for at least 5 years after the end of the business relationship or the date of the last transaction, in line with applicable AML/CTF laws.
  • Responsible gambling and behavioural data: kept for as long as necessary to manage your responsible gambling tools and thereafter for up to 5 years after account closure, subject to any longer legal requirements.
  • Marketing data: retained until you withdraw your consent or object to marketing, after which we will keep a minimal record of your preference (for example, in a suppression list) to ensure we do not contact you again inappropriately.
  • Technical logs and security data: stored for shorter periods, typically from a few months up to 2 years, unless needed longer for security investigations or legal proceedings.

We may retain anonymised or aggregated data that no longer identifies you for analytical and statistical purposes, indefinitely. When data is no longer required in identifiable form, we will securely delete or anonymise it in accordance with our data retention policy and applicable legislation.

Your Rights

Under the UK GDPR and related laws, you have a number of rights in relation to your personal data. For users located in Mexico, we also seek to respect the core ARCO rights (Access, Rectification, Cancellation, Opposition) established under Mexican data protection law, to the extent applicable.

Your Data Protection Rights

  • Right of access: you can request confirmation that we process your personal data and obtain a copy of that data, together with information about how and why we process it.
  • Right to rectification: you can ask us to correct any inaccurate or incomplete personal data we hold about you. In many cases you can update basic details directly in your account settings.
  • Right to erasure ("right to be forgotten" or "cancellation"): you can request deletion of your personal data where there is no compelling reason for us to keep it, for example where it is no longer needed for the purposes for which it was collected and we have no legal obligation to retain it.
  • Right to restriction of processing: you can ask us to restrict processing of your data in certain circumstances, for example while we verify its accuracy or where you have objected to our use of it.
  • Right to object: you can object to processing based on our legitimate interests or for direct marketing. If you object to marketing, we will stop sending you marketing communications.
  • Right to data portability: you can request to receive certain personal data in a structured, commonly used and machine-readable format, and to have that data transmitted to another controller where technically feasible.
  • Rights related to automated decision-making: you can request human review of certain decisions based solely on automated processing that significantly affect you, such as risk assessment decisions, where such rights are provided by law.
  • Right to withdraw consent: where we rely on your consent (for example, for marketing or certain cookies), you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

For users in Mexico, the rights of Access, Rectification, Cancellation and Opposition (ARCO) can be exercised through the same contact channels described below. We will consider such requests in line with both UK and, where applicable, Mexican legal requirements.

How to Exercise Your Rights

  • Submitting a request: you can exercise your rights by contacting us at [email protected] or by using any dedicated privacy or contact form made available on casamerio.com.
  • Information we may request: to protect your account and data, we may ask you to provide additional information to verify your identity before complying with your request (for example, confirming account details or providing identification documents).
  • Timeframe: we aim to respond to valid requests within one month (30 days) of receipt. In complex cases or where we receive multiple requests, we may extend this period by up to a further two months, in which case we will inform you of the extension and reasons.
  • Fees: requests are normally handled free of charge. We may charge a reasonable fee or refuse to act on requests that are manifestly unfounded, excessive, or repetitive, as permitted by law.

Some rights are subject to legal restrictions or may be limited by gambling, AML or regulatory obligations. For example, we may not be able to delete certain transaction or identity data while we are required by law to retain it. Where we cannot fully comply with your request, we will explain why.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies on casamerio.com to make the website work, enhance your experience, analyse traffic, and support marketing activities in accordance with your preferences and applicable law.

Types of Cookies We Use

  • Strictly necessary (functional) cookies: these cookies are essential for the operation of the site and the provision of our services, such as enabling you to log in, navigate between pages, maintain your session, and use security features. They cannot be switched off in our systems.
  • Preference cookies: these remember your choices (such as language or region) and personalise your experience.
  • Analytics and performance cookies: these help us understand how visitors use casamerio.com, measure performance, identify issues, and improve the site and services. They may be set by us or by third-party analytics providers.
  • Advertising and targeting cookies: these may be used, with your consent where required, to deliver more relevant advertising related to casamerio.com and amerio-united-kingdom, and to measure the effectiveness of marketing campaigns.
  • Third-party cookies: cookies set by third-party services (such as game providers, analytics tools, or marketing platforms) when you visit casamerio.com or use embedded content.

Managing Cookies

  • Cookie banner and settings: on your first visit and periodically thereafter, you will be presented with a cookie banner that allows you to accept, reject, or customise non-essential cookies. You can change your preferences at any time via our cookie settings panel, where available.
  • Browser controls: most browsers allow you to manage cookies through their settings, including blocking or deleting cookies. However, blocking certain cookies may impact your ability to use some features of casamerio.com.
  • Do Not Track: while some browsers offer a "Do Not Track" signal, there is no standard interpretation of this signal. We will treat it consistently with applicable legal requirements and our own cookie settings tools.

Further details about our use of cookies, including specific cookies used and their durations, may be provided in a separate Cookies Policy available on casamerio.com.

Data Security

We take the security of your personal data very seriously and implement a combination of technical, organisational and physical measures designed to protect it against unauthorised access, loss, misuse, or alteration.

Technical and Organisational Measures

  • Encryption: data transmitted between your browser and casamerio.com is protected using industry-standard TLS (Transport Layer Security) protocols (TLS 1.2 or higher). Where appropriate, we also encrypt data at rest.
  • Access controls: access to personal data is restricted to authorised staff and service providers who need it to perform their duties, based on role-based access controls and the principle of least privilege.
  • Authentication: we use secure authentication mechanisms for staff and, where offered, multi-factor authentication for administrative access and sensitive internal systems.
  • Network and system security: we deploy firewalls, intrusion detection and prevention systems, anti-malware solutions, and regular vulnerability scanning to protect our infrastructure.
  • Data minimisation and pseudonymisation: where possible, we minimise the personal data we collect and store, and apply aggregation or pseudonymisation for analytics and reporting.

Governance, Training and Monitoring

  • Policies and procedures: we maintain documented information security, incident response, and data protection policies that apply across our operations.
  • Staff training: employees with access to personal data receive regular training on data protection, confidentiality and security obligations.
  • Testing and audits: we periodically review and test our systems and controls, which may include internal audits and, where appropriate, external assessments. Our security controls are designed with reference to recognised standards such as ISO 27001 and SOC 2, where proportionate.
  • Incident response: we have procedures for detecting, investigating, and responding to suspected personal data breaches. Where required by law, we will notify the relevant supervisory authority and affected individuals without undue delay.

While we strive to protect your data, no system can be guaranteed 100% secure. You are also responsible for maintaining the confidentiality of your login details, using strong passwords, and avoiding the use of shared or insecure devices or networks when accessing casamerio.com.

Complaints & Contacts

If you have questions, concerns or complaints about how we handle your personal data, we encourage you to contact us first so that we can try to resolve the issue directly.

Contacting Us

  • Email (privacy matters): [email protected]
  • Postal address: Data Protection Officer, Apex Gaming UK Ltd., 1 London Wall, London, EC2Y 5EB, United Kingdom
  • Website: use any contact or feedback forms provided on https://casamerio.com

When you contact us, please provide enough information for us to identify your account and understand your concern. We may ask for additional information if needed to verify your identity and respond appropriately.

Complaint Handling Procedure

  • Step 1 - Initial review: we will acknowledge receipt of your complaint and aim to provide an initial response within a reasonable time, typically within 10 working days.
  • Step 2 - Investigation: we will investigate the matter, which may involve reviewing account records, communications, and technical logs.
  • Step 3 - Outcome: we will aim to provide a substantive response within 30 days of receiving your complaint. Where this is not possible, we will inform you of the delay and the expected timeframe.

Escalation to Supervisory Authorities

  • United Kingdom (primary authority for GB players): If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
    Website: https://ico.org.uk
    Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom.
  • Mexico (where Mexican law applies): Individuals in Mexico may also have the right to lodge a complaint with the National Institute for Transparency, Access to Information and Personal Data Protection (INAI). Further information is available at https://www.inai.org.mx.
  • European Union / EEA (where applicable): If you are located in the EEA and EU data protection law applies to you, you may have the right to lodge a complaint with your local data protection authority. Contact details are available via the European Data Protection Board web pages.

In addition to data protection complaints, gambling-related disputes may be referred to the Independent Betting Adjudication Service (IBAS) as our appointed ADR provider for players in Great Britain, using the consumer claim form at https://ibas-uk.com/consumers/claim-form/.

Updates

We may update this Privacy Policy from time to time, for example to reflect changes in our services, legal requirements, regulatory guidance, or technical developments. When we make changes, we will take appropriate steps to inform you.

How We Will Notify You

  • On-site notifications: we may display a notice or banner on casamerio.com highlighting material changes to this Policy.
  • Email notifications: where changes are significant or where required by law or regulation, we may send you an email to the address associated with your account.
  • Account dashboard alerts: we may show updates or notifications within your account area when you log in.

Effective Date, Version Control and Your Choices

  • Last updated: November 2025 (version: Privacy Policy - amerio-united-kingdom / casamerio.com).
  • Advance notice: where we make material changes that significantly affect how we process your data, we will, where reasonably possible, provide at least 30 days' advance notice before the changes take effect, particularly where consent is affected.
  • Your options: if you do not agree with the updated Policy, you may stop using casamerio.com and request account closure. Continuing to use the site after the effective date of changes will generally be treated as acceptance of the updated Policy, to the extent permitted by law.

You can always view the current version of this Privacy Policy at https://casamerio.com/privacy-policy. We encourage you to review it periodically to stay informed about how we protect your personal data when you use amerio-united-kingdom on casamerio.com.