Privacy Policy

This Privacy Policy explains how red-shores-casino, operated via red-shores-casino-ca.com, collects, uses, and protects personal information of players and website visitors. This policy applies to all users of red-shores-casino-ca.com and its related services, effective as of November 6, 2025.

Who We Are

OBSERVE: Analysis of operator identity, legal address, and contact points is required for full regulatory transparency.

EXPAND: As a Crown Corporation, red-shores-casino operates under the Atlantic Lottery Corporation structure, with authorization from the Prince Edward Island Lotteries Commission. Integration of all official addresses and DPO contact information is essential for lawful processing.

REFLECT: This section provides corporate identity, jurisdiction, and contact channels for all privacy matters.

• Legal Operator: red-shores-casino, a division of Atlantic Lottery Corporation, a Crown Corporation established under Canadian law.
• Headquarters & Legal Address: 58 Kensington Road, Charlottetown, PE C1A 9S8, Canada
• Regional Office: 55 Greenwood Drive, Summerside, PE C1N 6E4, Canada
• Game License: Government gaming authorization under the Lotteries Commission Act and Gaming Centers Control Regulations, issued by Prince Edward Island Lotteries Commission (valid through December 31, 2025)
• Responsible Person (Data Protection Officer): Avery MacDonald, DPO, reachable at info@red-shores-casino-ca.com or by phone at +1-902-620-4222
• General Contact: info@red-shores-casino-ca.com, Contact Form

What Personal Data We Collect

OBSERVE: CA law and industry standards require explicit disclosure of all categories of collected data.

EXPAND: Data collection encompasses personal, transactional, technical, and behavioral information as part of regulated casino operations.

REFLECT: The following categories of personal data are collected by red-shores-casino solely for lawful purposes:

• Personal Identification Data: Full name, date of birth, mailing address, e-mail address, phone number
• Account and Transaction Data: Account credentials, payment card and bank details (as required for deposits/withdrawals), betting and gaming history, transaction records
• Technical Data: IP address, device information (model, OS, browser), session logs, timestamps, geo-location (where permitted)
• Behavioral Data: Navigation patterns, clickstream data, game preferences, play duration, responsible gambling interactions
• Cookies and Tracking Technologies: Session and persistent cookies, third-party analytics and advertising cookies, pixel tags
• Communications Data: Records of correspondence via e-mail, contact forms, live chat, or phone

Legal Basis for Processing

OBSERVE: CA privacy law and Prince Edward Island gambling regulation demand clear articulation of legal bases for all data processing.

EXPAND: Legal grounds are multi-faceted, covering user consent, contract necessity, legal compliance, and legitimate business interests.

REFLECT: red-shores-casino processes personal data only when permitted by law, based on:

• User Consent: For marketing communications, cookies, and optional features, explicit user consent is obtained prior to processing.
• Contract Fulfillment: Data is processed to create and manage user accounts, verify identity, facilitate deposits/withdrawals, and provide gaming services as per the Terms and Conditions.
• Legal Obligations: Compliance with Know Your Customer (KYC), Anti-Money Laundering (AML), tax reporting, and regulatory requirements under the Lotteries Commission Act and local laws.
• Legitimate Interests: Operation of a secure and fair gaming environment, fraud detection and prevention, analytics, and service improvement, provided such interests do not override user rights.

Protective Clause: Where consent is withdrawn or processing is objected to, red-shores-casino will cease processing unless required by law or for legitimate business needs as defined by CA regulations.

Purpose of Processing

OBSERVE: Disclosure of all intended uses of personal data is mandated for lawful transparency.

EXPAND: Purposes extend to the full spectrum of casino operations, compliance, marketing, and safety.

REFLECT: Personal data is used for the following legitimate purposes:

• Provision of Casino Services: Account management, game participation, payment processing, customer support
• Regulatory Compliance: Satisfying obligations under licensing, KYC, AML, anti-fraud, and responsible gambling regulations
• Service Improvement: Monitoring performance, fixing errors, enhancing user experience through analytics and feedback
• Marketing and Promotions: Providing information about new features, promotions, or events with user consent (opt-out available at any time)
• Analytics and Research: Aggregated data analysis for business insights, risk management, and service innovation
• Fraud Prevention and Security: Detecting, investigating, and preventing fraudulent or unlawful activities

Disclosure & Sharing

OBSERVE: CA regulations require full transparency regarding recipients and disclosure conditions.

EXPAND: Data sharing is strictly controlled and occurs only as necessary for operations, legal compliance, or with user consent.

REFLECT: red-shores-casino may disclose personal data in the following scenarios:

• Payment Processors and Banking Partners: For verifying and completing financial transactions on behalf of users
• Authorized Service Providers: IT support, software vendors, analytics providers, hosting services bound by strict confidentiality agreements
• Regulatory Authorities: Prince Edward Island Lotteries Commission, government auditors, tax agencies, and law enforcement as required by law
• Affiliates and Parent Company: Atlantic Lottery Corporation, for operational and regulatory alignment, subject to legal safeguards
• Advertising Networks: Third-party advertisers only with explicit user consent (opt-in and opt-out options always available)

Protective Clause: All third parties are contractually obligated to process data securely and lawfully, in accordance with CA privacy standards.

International Transfers

OBSERVE: CA privacy law restricts cross-border data transfers and requires appropriate protection measures.

EXPAND: Data may be processed outside Canada only if necessary for operations or by authorized vendors, subject to binding legal safeguards.

REFLECT: In cases where personal data is transferred internationally (e.g., cloud hosting, technical support):

• Transfer Destinations: Data may be transferred to countries with adequate data protection, or where red-shores-casino has implemented legal safeguards (e.g., United States, EU member states).
• Protection Guarantees: Standard Contractual Clauses (SCCs), binding corporate rules, or other recognized legal instruments are used to ensure equivalent protection.
• User Rights: Users will be notified of significant transfers affecting their data rights, and may request further information about cross-border transfers at any time.

Regional Compliance Note: International transfers are performed in strict adherence to CA privacy law, including Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial regulations.

Data Retention

OBSERVE: Data minimization and defined retention periods are required by law and industry standards.

EXPAND: Retention schedules are tailored to data category, legal requirements, and operational necessity.

REFLECT: red-shores-casino retains personal data as follows:

• Account Data: Retained for the duration of the active account and up to 5 years after account closure to comply with regulatory record-keeping (e.g., anti-fraud, KYC, AML obligations)
• Payment and Transaction Records: Maintained for at least 5 years post-transaction to fulfill legal and audit requirements
• Marketing Data: Retained until consent is withdrawn or no longer necessary for intended purposes
• Cookies and Technical Data: Retention varies by cookie type, but does not exceed 2 years for persistent cookies; session cookies expire upon closure of the browser
• Deletion Criteria: Data is deleted or anonymized when no longer needed, upon user request (where applicable), or when statutory retention periods expire

Protective Clause: Data deletion requests will be honored unless retention is required by law or legitimate business needs under CA regulations.

Your Rights

OBSERVE: CA users are entitled to a comprehensive set of data protection rights, aligned with GDPR best practices.

EXPAND: red-shores-casino recognizes and upholds all user rights under PIPEDA, relevant provincial statutes, and EU-aligned standards.

REFLECT: Users of red-shores-casino-ca.com have the following rights:

1. Access: Request a copy of all personal data held, including details of processing purposes, recipients, and retention periods.
2. Rectification: Request correction of inaccurate or incomplete personal information.
3. Erasure ("Right to be Forgotten"): Request deletion of personal data where processing is no longer necessary, or consent is withdrawn, subject to legal retention obligations.
4. Restriction of Processing: Request limitation of processing activities in certain circumstances (e.g., dispute resolution, accuracy challenges).
5. Objection: Object to processing based on legitimate interests, direct marketing, or automated decision-making.
6. Data Portability: Obtain and reuse personal data in a structured, commonly used electronic format, and request transfer to another provider where technically feasible.
7. Withdrawal of Consent: Withdraw consent for marketing or optional data uses at any time, without affecting lawfulness of prior processing.
8. Complaint: File a complaint with red-shores-casino's DPO or escalate to relevant supervisory authorities.

• How to Exercise Rights: Submit requests via e-mail at info@red-shores-casino-ca.com, by phone (+1-902-620-4222), or through the online contact form.
• Response Time: All requests will be addressed within 30 days, free of charge, unless manifestly unfounded or excessive.
• Regulatory Reference: All practices are aligned with the Personal Information Protection and Electronic Documents Act (PIPEDA), Prince Edward Island Freedom of Information and Protection of Privacy Act (FOIPP), and international standards such as the GDPR.

Cookies & Tracking Technologies

OBSERVE: Full disclosure on cookie use and user management options is required for compliance and user trust.

EXPAND: Both first-party and third-party cookies are employed for essential, analytics, and advertising purposes.

REFLECT: red-shores-casino uses the following cookie types:

• Session Cookies: Temporary cookies essential for secure login, game play, and basic site navigation; deleted when browser is closed.
• Persistent Cookies: Remain on user devices for up to 2 years to remember preferences, login status, and enhance experience.
• Third-Party Cookies: Deployed by analytics (e.g., Google Analytics), advertising partners, and social media integrations, subject to explicit user consent.

Cookie Purposes: Ensuring site functionality, gathering usage statistics, providing personalized content, and delivering relevant advertisements (with consent).

• Cookie Management: Users can manage or disable cookies via browser settings or through the site's internal privacy panel. Detailed cookie policy and opt-out options are provided at https://red-shores-casino-ca.com/cookies.

Data Security

OBSERVE: CA regulations and industry standards demand robust, documented security measures for all personal data.

EXPAND: Security protocols must address both technical and organizational aspects, with ongoing monitoring and staff training.

REFLECT: red-shores-casino implements a comprehensive information security program, including:

• Encryption: All data in transit is protected by TLS 1.2+ encryption; sensitive data at rest is encrypted using industry-standard algorithms.
• Access Controls: Role-based permissions, multi-factor authentication, and least-privilege principles for all staff and service providers.
• Regular Security Audits: Independent vulnerability assessments and penetration testing conducted at least annually.
• Incident Response: Documented procedures for detecting, reporting, and mitigating data breaches, with prompt user notification when required by law.
• Staff Training: Ongoing privacy and security training for all employees involved in data processing.
• International Standards Compliance: Adherence to ISO 27001 and World Lottery Association Responsible Gaming Framework Level 4 where applicable.

Protective Clause: While red-shores-casino takes all reasonable measures to protect data, users acknowledge that no method of electronic transmission is completely secure.

Complaints & Contacts

OBSERVE: CA law requires clear, accessible channels for privacy complaints and escalation procedures.

EXPAND: Multiple contact methods and stepwise escalation to regulators must be provided.

REFLECT: Users with privacy concerns may:

1. Contact the Data Protection Officer (DPO):
   • E-mail: info@red-shores-casino-ca.com
   • Phone: +1-902-620-4222 (Charlottetown office)
   • Mail: 58 Kensington Road, Charlottetown, PE C1A 9S8, Canada
   • Online: Feedback Form
2. Procedure: Submit a detailed description of your concern. The DPO will acknowledge receipt within 5 business days and provide a substantive response within 30 days.
3. Escalation: If unsatisfied with the response, users may contact the Office of the Privacy Commissioner of Canada:
   • Website: https://www.priv.gc.ca/en/
   • Phone: 1-800-282-1376
   • Mail: 30 Victoria Street, Gatineau, QC K1A 1H3, Canada

Protective Clause: Users in other jurisdictions may also escalate to their national or provincial data protection authorities if applicable.

Updates

OBSERVE: Policy update mechanisms and user notification are critical for ongoing compliance.

EXPAND: Users must be informed in advance of material policy changes and given a chance to respond.

REFLECT: red-shores-casino may update this Privacy Policy to reflect legal, operational, or technological changes. Notification procedures include:

• E-mail notifications to registered users
• Website banners and account dashboard alerts
• Advance notice of at least 30 days for material changes
• Option for users to object or close their accounts if they do not accept new terms

Version Control: Last updated: November 6, 2025

• Changelog: Clarified international data transfers; updated DPO contact information; extended regulatory references to 2025.

Continued use of red-shores-casino-ca.com after policy updates constitutes acceptance of revised terms.