burger icon
Casino Maxi United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Realm Entertainment Limited, operating the Casino Maxi brand at the website maksi.casino for the localized service "Casino Maxi" (the "Service"), collects, uses, discloses, and protects your personal data. It applies to registered players, prospective players, and all visitors to maksi.casino, whether they access the Service from the United Kingdom or any other location. Please read it carefully before using the Service.

This Privacy Policy is intended to comply with applicable data protection laws, including the UK General Data Protection Regulation ("UK GDPR") and the UK Data Protection Act 2018, and is further aligned with relevant European Union and Mexican privacy principles as described below. By creating an account, using the Service, or interacting with maksi.casino, you acknowledge that your personal data will be processed in accordance with this Privacy Policy.

The effective date and "Last updated" date of this Privacy Policy is 6 November 2025.

Who We Are

The Service available at maksi.casino under the Casino Maxi brand (including the localized project Casino Maxi) is operated by:

Realm Entertainment Limited
Legal form: Limited company registered in Malta
Company registration number: C51126
Registered legal address: Suite 1, The Penthouse, WestSide Business Centre, L-Imsida, MSD 9026, Malta

Realm Entertainment Limited is licensed and regulated by the Malta Gaming Authority ("MGA") under licence number MGA/B2C/172/2009 for the provision of certain online gaming services. The status and scope of this licence can be verified on the public register of the Malta Gaming Authority. Realm Entertainment Limited does not hold a remote gambling licence from the UK Gambling Commission, and nothing in this Privacy Policy should be interpreted as authorising the use of the Service from any jurisdiction where such use would be unlawful.

For the purposes of the UK GDPR and other applicable data protection laws, Realm Entertainment Limited acts as the "data controller" in relation to personal data collected via maksi.casino.

Data protection contact
Realm Entertainment Limited has appointed a data protection contact (and, where required, a Data Protection Officer) responsible for overseeing questions in relation to this Privacy Policy and our data protection practices. You may contact our data protection team using the dedicated privacy contact channels indicated in the "Contact" or "Help" section of maksi.casino, or by writing to our registered address marked "Data Protection Officer". When you contact us, please clearly indicate that your query relates to "Privacy" or "Data Protection".

What Personal Data We Collect

We collect and process different categories of personal data depending on how you use maksi.casino and the Casino Maxi services. This may include:

  • Identity and verification data: full name, date of birth, nationality, username, password, security questions and answers, copies of identification documents (such as passport, national ID card, driving licence), proof of address (such as utility bill or bank statement), and information obtained from sanctions, politically exposed person (PEP), and adverse media checks for KYC/AML purposes.
  • Contact data: email address, postal address, country of residence, preferred language, and any other contact details you choose to provide to us through account registration, support communications, or feedback forms.
  • Account and gameplay data: account ID, registration date, login history, game selections, bet amounts, wins and losses, jackpots, bonuses claimed, wagering requirements, loyalty and VIP status, bonuses and promotions history, responsible gambling limits and self-exclusion status, and other in-game or transactional logs generated when you use the Service.
  • Payment and financial data: limited payment details such as payment method type, masked card numbers or wallet identifiers, payment account identifiers, transaction timestamps, deposit and withdrawal amounts, currency, attempted and completed transactions, and associated transaction identifiers. Full payment credentials are generally handled by our payment service providers and not stored in full by us.
  • Technical and device data: IP address, approximate geographic location derived from IP, device identifiers, browser type and version, operating system and platform, language settings, access times, referrer URL, and diagnostic logs about how your device interacts with our servers and applications.
  • Behavioural and usage data: clickstream and navigation paths, pages viewed, banners and links clicked, time spent on pages, interactions with games and features, marketing campaign identifiers, response to bonuses and offers, and aggregated analytics derived from your use of maksi.casino.
  • Communications data: records of emails, chat transcripts, telephone call notes (where applicable), complaints, support tickets, and copies of any information you submit through forms or surveys.
  • Cookies and similar technologies: data collected through cookies, web beacons, SDKs, pixels, and similar tracking technologies placed on your device when you visit maksi.casino. This includes unique cookie identifiers, session identifiers, and information about your interaction with our content and third-party content. More details are provided in the "Cookies & Tracking Technologies" section.
  • Risk and compliance data: internal risk scores, fraud indicators, responsible gambling risk indicators, device reputation data, chargeback history, and information derived from third-party fraud prevention and AML providers.

Legal Basis for Processing

We process your personal data only where we have a valid legal basis to do so under applicable data protection laws, including the UK GDPR. Depending on the context, we may rely on one or more of the following legal grounds:

  • Performance of a contract: We process personal data that is necessary to enter into or perform our contract with you, including:
    • creating and managing your maksi.casino player account;
    • verifying your identity and eligibility to use the Service;
    • processing deposits, wagers, and withdrawals;
    • providing customer support and communicating with you about your account and transactions; and
    • delivering the games and associated services you request.
  • Compliance with legal obligations: We process personal data where this is necessary to comply with legal and regulatory requirements, in particular:
    • anti-money laundering (AML) and counter-terrorist financing (CTF) obligations, including customer due diligence and transaction monitoring;
    • responsible gambling and player protection requirements under applicable gambling and consumer laws;
    • record-keeping, tax, accounting, and reporting obligations; and
    • responses to orders, requests, or investigations by competent authorities, regulators (including the Malta Gaming Authority and relevant data protection authorities), or law enforcement.
  • Legitimate interests: We may process your personal data where this is necessary for our legitimate interests or those of a third party, and where these interests are not overridden by your rights and freedoms. Our legitimate interests include:
    • maintaining the security and integrity of maksi.casino, our systems, and your account, including fraud prevention and detection;
    • preventing abuse or misuse of the Service and enforcing our Terms and Conditions;
    • carrying out analytics, reporting, and service improvement, including development and testing of new features;
    • personalising content, offers, and recommendations (subject to your marketing and cookie preferences); and
    • establishing, exercising, or defending legal claims.
  • Consent: In certain situations, we rely on your explicit consent, for example:
    • sending you electronic direct marketing communications (where required by law) about Casino Maxi offers, promotions, and news;
    • using non-essential cookies and similar technologies for analytics and advertising; and
    • processing certain special categories of data, where such data is voluntarily provided by you and we are legally permitted to rely on consent.
    You may withdraw your consent at any time as described in the "Your Rights" and "Cookies & Tracking Technologies" sections. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

Where we rely on legitimate interests or consent, we carefully balance those interests against your privacy expectations and implement appropriate safeguards.

Purpose of Processing

We process your personal data for clearly defined and lawful purposes. These purposes include:

  • Provision of the Service: to register and manage your maksi.casino account, verify your identity, provide you with access to Casino Maxi games and functionalities, process your deposits, wagers, withdrawals, and account balance, and provide technical and customer support.
  • Compliance and risk management: to perform KYC/AML checks, monitor transactions and gameplay for suspicious activity, manage fraud and chargebacks, enforce our Terms and Conditions, apply responsible gambling measures (such as limits and self-exclusion), and meet our regulatory and record-keeping obligations.
  • Service improvement and analytics: to understand how players and visitors use maksi.casino, diagnose technical issues, optimise performance, analyse trends, develop new games or features, and improve user experience using aggregated and, where possible, anonymised data.
  • Personalisation and marketing: to tailor content, recommendations, bonuses, and promotions to your interests; to keep you informed (subject to your preferences and applicable law) about relevant offers from Casino Maxi; and to measure the effectiveness of our marketing campaigns and affiliate relationships.
  • Security and abuse prevention: to protect maksi.casino, our players, our partners, and the public from fraudulent or malicious activities, unauthorised access, DDoS attacks, account takeovers, and other security threats, through monitoring, logging, and technical safeguards.
  • Legal and business purposes: to handle disputes, enforce or defend legal claims, respond to investigations or lawful requests from authorities, support audits, manage corporate transactions, and keep appropriate business and financial records.

Where we intend to process personal data for a purpose materially different from those described above, we will provide you with additional information and, where required, obtain your consent before such further processing.

Disclosure & Sharing

We do not sell your personal data. However, in order to operate maksi.casino and provide the Casino Maxi services, we may disclose your personal data to carefully selected third parties under appropriate contractual safeguards and only where permitted by law. These recipients may include:

  • Group companies and operational partners: other entities within the Realm Entertainment Limited group and trusted partners who help us operate the Casino Maxi brand and related services, subject to intra-group data protection agreements.
  • Payment service providers and banks: providers that process deposits, withdrawals, and other payment transactions, including card processors, e-wallet providers, and banking institutions. These providers receive only the information necessary to process your payment and comply with their own legal obligations.
  • KYC/AML and fraud prevention providers: identity verification services, credit reference agencies, sanctions and PEP screening providers, device reputation and fraud management services that assist us in verifying your identity, detecting and preventing fraud, and fulfilling AML/CTF obligations.
  • Technology and infrastructure providers: hosting, cloud computing, content delivery networks, IT support, security, analytics, and other technology providers who help us operate and secure maksi.casino. These providers may process technical and usage data on our behalf.
  • Marketing, analytics, and affiliate partners: subject to your marketing and cookie preferences, we may share limited data with marketing agencies, advertising networks, affiliate programs, and analytics providers to deliver, measure, and optimise our campaigns. Where required, such sharing takes place only on the basis of your consent to relevant cookies and tracking technologies.
  • Regulators and public authorities: gaming regulators (such as the Malta Gaming Authority), data protection authorities, tax authorities, law enforcement agencies, courts, and other public bodies when we are legally required or permitted to do so, or when disclosure is necessary to protect our rights, your vital interests, or the rights of others.
  • Professional advisers: lawyers, auditors, consultants, and other professional advisers who provide services to us under duties of confidentiality and only where necessary for the provision of their services.
  • Corporate transactions: in connection with any actual or proposed merger, acquisition, sale of assets, restructuring, or similar corporate transaction involving Realm Entertainment Limited or the Casino Maxi business, your personal data may be disclosed to prospective or actual purchasers and their advisers, subject to appropriate confidentiality obligations.

Whenever we share your personal data with third parties acting as our processors, they are bound by contractual obligations to implement appropriate technical and organisational measures and to process the data only on our documented instructions.

International Transfers

Because Realm Entertainment Limited is established in Malta and uses service providers in multiple jurisdictions, your personal data may be transferred to and processed in countries outside the United Kingdom, including within the European Economic Area ("EEA") and in other countries that may not provide the same level of data protection as the UK.

  • Transfers within the EEA and to Malta: Malta is an EU Member State and forms part of the EEA. Transfers between the UK and the EEA, including Malta, are generally permitted under adequacy arrangements or equivalent mechanisms in force at the relevant time.
  • Transfers to other third countries: Some of our technology, payment, analytics, or support providers may be located outside the UK and EEA (for example, in jurisdictions such as the United States or other third countries). Where this is the case and no adequacy decision applies, we implement appropriate safeguards, such as:
    • standard contractual clauses approved under the UK GDPR and/or EU GDPR;
    • the UK International Data Transfer Agreement (IDTA) or Addendum, where applicable; and
    • additional technical and organisational measures, such as encryption and strict access controls, to protect your data.
  • Transparency and information: You may contact us using the details in the "Who We Are" or "Complaints & Contacts" sections to obtain further information about the safeguards we apply to international data transfers relevant to your personal data.

We take reasonable steps to ensure that any international transfers comply with applicable data protection laws and that your personal data remains protected to standards substantially equivalent to those in the UK.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, and reporting requirements, and to resolve disputes. Retention periods may vary depending on the type of data and applicable law, but we generally apply the following principles:

  • Account and identification data: data collected to create and verify your account, including identity and KYC/AML documentation, is typically retained for the duration of your relationship with us and, after account closure, for a period of at least five (5) years and up to ten (10) years where required by anti-money laundering, counter-terrorist financing, and other regulatory obligations.
  • Transactional and gameplay data: records of deposits, withdrawals, bets, wins and losses, and gameplay logs are retained for the life of your account and normally for at least five (5) years after account closure or the relevant transaction, in order to comply with regulatory and tax requirements, resolve disputes, and maintain accurate financial records.
  • Marketing and communication data: data used for marketing purposes is retained for as long as you remain subscribed to marketing communications and for a short period thereafter to document your preferences and demonstrate compliance with marketing rules. If you unsubscribe, we will keep a record of your opt-out to ensure that you are not contacted again for marketing purposes.
  • Technical and security logs: technical logs, device information, and security-related data used for fraud prevention and system integrity are retained for periods proportionate to their purpose, typically between six (6) months and five (5) years, depending on risk and legal requirements.
  • Customer support and complaints: correspondence with customer support and records of complaints or disputes are generally retained for up to five (5) years from closure of the matter, or longer if necessary in connection with ongoing legal claims.
  • Aggregated and anonymised data: data that has been irreversibly anonymised so that it can no longer be linked to an identifiable individual may be retained for a longer period for statistical, research, or analytical purposes.

When personal data is no longer required for the purposes for which it was collected and no longer needs to be retained to comply with legal or regulatory obligations, we will securely delete it or irreversibly anonymise it. In some cases, we may be unable to fully honour a deletion request where we are legally required to retain certain records; details are provided in the "Your Rights" section.

Your Rights

Under the UK GDPR, the UK Data Protection Act 2018, and, where relevant, comparable principles in other jurisdictions (including the Mexican Federal Law on Protection of Personal Data Held by Private Parties), you have various rights in relation to your personal data. These include:

  • Right to be informed: to receive clear, transparent information about how we use your personal data, which this Privacy Policy aims to provide.
  • Right of access: to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of that data and related information about our processing.
  • Right to rectification: to have inaccurate or incomplete personal data corrected or completed.
  • Right to erasure ("right to be forgotten" / "cancellation"): to request deletion of your personal data in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected or where you have withdrawn consent and there is no other legal basis for processing. This right may be restricted where we must retain data to comply with legal obligations (e.g., AML/CTF rules).
  • Right to restriction of processing: to request that we limit the processing of your personal data in certain situations, such as where you contest its accuracy or object to its processing.
  • Right to object: to object, on grounds relating to your particular situation, to processing based on our legitimate interests, and to object at any time to processing for direct marketing purposes (including profiling related to such marketing).
  • Right to data portability: to receive certain personal data in a structured, commonly used, machine-readable format and to have that data transmitted to another controller where technically feasible.
  • Rights in relation to automated decision-making: where we make decisions based solely on automated processing that have legal or similarly significant effects on you (for example, certain fraud or risk decisions), you may have the right to obtain human intervention, express your point of view, and contest the decision.
  • Rights aligned with Mexican "ARCO" principles: where relevant and without limiting your UK rights, we also endeavour to respect the Mexican ARCO rights of Access, Rectification, Cancellation, and Opposition. This means you may request access to your data, correction of inaccuracies, cancellation/erasure where permitted by law, and opposition to certain forms of processing, subject to applicable legal exceptions.

How to exercise your rights: You can exercise your rights by contacting us using the data protection contact details provided in the "Who We Are" or "Complaints & Contacts" sections, clearly indicating the right you wish to exercise and providing sufficient information for us to verify your identity and locate your data. We may request additional information to confirm your identity where necessary to protect your account and personal data.

We aim to respond to all valid requests within one (1) month (30 days) from receipt. In complex or numerous cases, this period may be extended by up to a further two (2) months, in which case we will inform you of the extension and reasons. In principle, you will not have to pay a fee to exercise your rights. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded or excessive, in line with applicable law.

In addition to contacting us directly, you also have the right to lodge a complaint with a data protection authority, as explained in the "Complaints & Contacts" section.

Cookies & Tracking Technologies

maksi.casino uses cookies and similar tracking technologies to provide, protect, and improve the Service. Cookies are small text files placed on your device when you visit our website. They allow us and certain third parties to recognise your device and store information about your preferences or past actions.

Types of cookies we use

  • Strictly necessary cookies: these cookies are essential for the operation of maksi.casino and for enabling core features such as page navigation, secure login, and access to protected areas of the site. Without these cookies, the Service cannot function properly. They are typically set in response to actions you take, such as logging in or setting privacy preferences.
  • Functional cookies: these cookies allow the website to remember choices you make (such as language or region) and provide enhanced, more personalised features. They may also be used to provide certain services you request, such as remembering your login details where you choose "remember me".
  • Analytics and performance cookies: these cookies collect information about how visitors use maksi.casino, such as which pages are visited most often and whether error messages are encountered. We use this information, often in aggregate form, to improve the performance and design of the Service. These cookies may be set by us or by third-party analytics providers acting on our behalf.
  • Advertising and targeting cookies: subject to your consent where required, these cookies may be used by us and our marketing partners to build a profile of your interests, show you relevant Casino Maxi adverts on our site or on third-party sites, measure the effectiveness of campaigns, and limit how often you see a particular advertisement.

Managing cookies

  • Cookie banner and preferences: when you first visit maksi.casino (and periodically thereafter), you may be presented with a cookie banner or preference centre allowing you to accept or reject different categories of non-essential cookies. You can change your cookie choices at any time via the cookie settings tools made available on the site, where implemented.
  • Browser settings: you can also configure your browser to refuse all or some cookies, or to alert you when websites set or access cookies. The method for doing so varies by browser; please consult your browser's help menu for instructions. If you disable or reject certain cookies, some parts of maksi.casino may not function properly, and your experience may be less tailored.
  • Third-party technologies: some cookies and tracking technologies may be set by third parties (such as analytics providers or advertising networks). Their use is governed by the privacy policies of those third parties. We endeavour to work only with reputable providers and to limit such technologies to what is necessary and consistent with your preferences.

For more detailed information about the specific cookies in use and their durations, please refer to any dedicated Cookie Policy or cookie list provided on maksi.casino, where available.

Data Security

We take the security of your personal data very seriously and implement appropriate technical and organisational measures designed to protect it against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. While no system can be guaranteed to be 100% secure, we aim to maintain a level of security appropriate to the risks associated with online gaming services and financial transactions.

  • Encryption and transmission security: data transmitted between your device and maksi.casino is protected using industry-standard Transport Layer Security (TLS) protocols (TLS 1.2 or higher), helping to ensure confidentiality and integrity during transmission. Sensitive data is encrypted or tokenised where appropriate, both in transit and at rest.
  • Access control and authentication: access to systems processing personal data is restricted to authorised personnel who require such access for their role and is governed by role-based access controls, strong authentication mechanisms, and regular review of access rights. We encourage strong passwords and may provide or require additional account security features where available.
  • Infrastructure and application security: our infrastructure providers employ physical, technical, and administrative safeguards to protect data centres and cloud environments. We use firewalls, intrusion detection and prevention systems, anti-malware tools, and secure development practices to reduce vulnerabilities and monitor for suspicious activity.
  • Monitoring, testing, and audits: we undertake regular monitoring of our systems, conduct internal assessments, and may engage independent experts to perform security testing or audits. Our security controls are informed by recognised industry standards and frameworks (such as ISO/IEC 27001 and SOC 2) to the extent applicable to our operations, although we do not claim formal certification unless expressly stated on maksi.casino.
  • Staff awareness and confidentiality: employees and contractors with access to personal data are subject to confidentiality obligations and receive training on data protection, information security, and responsible handling of customer information.
  • Incident response: we maintain procedures to detect, assess, and respond to data security incidents. Where a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where legally required, inform affected individuals without undue delay, providing information about the breach and recommended protective steps.

Despite these measures, the security of information transmitted via the internet cannot be guaranteed. You are responsible for keeping your login credentials confidential and for ensuring that access to your account is appropriately protected.

Complaints & Contacts

If you have questions, concerns, or complaints about how we handle your personal data, or if you wish to exercise any of your rights, you should contact us in the first instance so that we can seek to resolve the issue directly.

Contacting us

  • Data protection contact / DPO: you can reach our data protection team (and, where appointed, our Data Protection Officer) using the privacy contact details made available in the "Contact" or "Help" section of maksi.casino, or by writing to:
    Data Protection Officer
    Realm Entertainment Limited
    Suite 1, The Penthouse, WestSide Business Centre
    L-Imsida, MSD 9026
    Malta

When contacting us, please include your name, contact details, and a clear description of your request or complaint. For security reasons, we may need to verify your identity before acting on your request.

Complaint handling procedure

  • Step 1 - Initial enquiry: contact our customer support or data protection team using the channels provided on maksi.casino. We aim to acknowledge receipt of your enquiry or complaint within seven (7) days.
  • Step 2 - Investigation and response: we will investigate your complaint and seek to provide a substantive response within one (1) month (30 days) of receipt. For complex matters or multiple concurrent complaints, this period may be extended in accordance with applicable law, and we will inform you if an extension is required.
  • Step 3 - Escalation: if you are not satisfied with our response, you may request that your complaint be escalated internally (for example, to the Data Protection Officer or a senior manager). We will review any escalated complaint and respond in line with our internal procedures.

Supervisory authorities

If you remain dissatisfied, or if you prefer not to contact us first, you have the right to lodge a complaint with a competent data protection authority. Depending on your location and the circumstances, this may include:

  • United Kingdom - Information Commissioner's Office (ICO):
    Information Commissioner's Office
    Wycliffe House, Water Lane
    Wilmslow, Cheshire SK9 5AF, United Kingdom
    Website: https://ico.org.uk
  • Malta - Information and Data Protection Commissioner (IDPC):
    Information and Data Protection Commissioner
    Level 2, Airways House, High Street
    Sliema SLM 1549, Malta
    Website: https://idpc.org.mt
  • Mexico - Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI):
    Website: https://www.inai.org.mx
    INAI is the Mexican data protection authority responsible for enforcing the Federal Law on Protection of Personal Data Held by Private Parties.
  • European Union authorities: if you are in the European Union, you may lodge a complaint with the data protection authority in your Member State of residence, place of work, or place of the alleged infringement. A list of EU supervisory authorities is available via the European Data Protection Board (EDPB) at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

We encourage you to contact us first so that we can attempt to address your concerns promptly and effectively, but you are not required to do so before contacting a supervisory authority.

Updates

We may update this Privacy Policy from time to time to reflect changes in our services, technology, legal or regulatory requirements, or our internal practices. When we make changes, we will revise the "Last updated" date at the beginning of this Privacy Policy and, where appropriate, provide additional notice.

  • Notification of changes: material changes to this Privacy Policy may be communicated through one or more of the following methods:
    • prominent notices or banners on maksi.casino;
    • notifications within your account dashboard or message centre;
    • email or other direct communication to the contact details associated with your account, where appropriate.
  • Advance notice: where we make significant changes that materially affect how we process your personal data or your rights (for example, changes to purposes or legal bases of processing), we will, where reasonably practicable, provide at least thirty (30) days' advance notice before the changes take effect in 2025 or subsequent years, so that you have an opportunity to review the updated terms.
  • Your options: if you do not agree with the updated Privacy Policy, you may choose to stop using the Service and, where applicable, request closure of your account and exercise your rights (such as withdrawal of consent or deletion of data, subject to legal retention obligations). Continued use of maksi.casino after the effective date of the updated Privacy Policy will signify your acceptance of those changes.
  • Version control: we may maintain internal records of previous versions of this Privacy Policy and the dates on which they applied. On request, we may provide you with information about key historical changes that materially affected our processing of your personal data.

Last updated: 6 November 2025.