burger icon
Super Game United Kingdom
Log In

Privacy Policy

This privacy policy explains how the Super Game service operated via suprgames.com ("we", "us", "our") collects, uses, stores, and protects personal data of players and website visitors in the United Kingdom and other relevant jurisdictions. It applies to all individuals who visit suprgames.com, create an account, use our online gambling services, contact us, or otherwise interact with us. By using suprgames.com, you acknowledge that your personal data will be processed in accordance with this policy and applicable data protection laws. Effective date: 1 January 2026.

Who We Are

The controller responsible for processing your personal data in connection with the Super Game service on suprgames.com is:

Tonalty Amusement N.V.
Antwerpsesteenweg 107
2350 Vosselaar
Belgium

Tonalty Amusement N.V. is a public limited company (N.V.) incorporated under the laws of Belgium. The company holds a Belgian gaming licence (category B+) with licence number B+3971, issued by the Belgian Gaming Commission (Kansspelcommissie). The official regulator's website is available at https://gamingcommission.be. Our corporate site for the purposes of this privacy notice is https://suprgames.com.

As of the date of this policy, Tonalty Amusement N.V. does not hold a licence issued by the UK Gambling Commission. You can verify licence status on the official public register at https://gamblingcommission.gov.uk/public-register. This privacy policy is nevertheless tailored to the requirements of UK data protection law for users accessing suprgames.com from the UK.

Some corporate details, such as the Belgian company registration number and tax identification number, are not specified in this document. These details, where required, can be requested via the contact channels below.

Data Protection Officer (DPO) / Data Protection Contact

We have designated a contact point for privacy matters (the "DPO"):

  • Email: dpo@suprgames.com
  • Postal: Data Protection Officer, Tonalty Amusement N.V., Antwerpsesteenweg 107, 2350 Vosselaar, Belgium

Where required under UK data protection law, we maintain an appropriate representative or contact mechanism for UK-based users; you can reach this contact via the DPO email address above. Internal documentation supporting this policy has been compiled and is maintained under the responsibility of our data author, Emily Clarke.

What Personal Data We Collect

We collect and process different categories of personal data depending on how you interact with the Super Game service on suprgames.com:

  • Identification and contact data: full name, username, date of birth, nationality, residential address, email address, telephone number (if provided), copies of identity documents and proof of address used to satisfy age verification, KYC (Know Your Customer), and anti-money laundering requirements.
  • Account and transactional data: account ID, registration date, login history, language and currency preferences, deposit and withdrawal history, selected payment methods, bonuses claimed, loyalty or VIP status, and communication preferences.
  • Payment and financial data: partial payment card details (in tokenised form where applicable), bank account information, e-wallet details, transaction identifiers, chargeback records, and related billing information processed through our payment partners.
  • Technical and device data: IP address, device identifiers, operating system, browser type and version, screen resolution, time zone, log files, and information about how your device interacts with suprgames.com.
  • Behavioural and usage data: betting history, game preferences, time spent on site, clicks, page views, navigation paths, responsible gambling settings (such as deposit limits, time-outs, and self-exclusions), and communication logs (for example, live chat transcripts and customer support tickets).
  • Verification and compliance data: results of identity checks, sanctions and politically exposed person (PEP) screening where legally required, risk assessments, internal flags for fraud prevention, and records maintained for regulatory reporting.
  • Marketing and communication data: your consents and preferences regarding email, SMS or push notifications, records of marketing communications sent, interactions with those communications, and opt-out or objection records.
  • Cookies and similar technologies: information stored or read from your browser or device via cookies, web beacons, pixels, SDKs and similar tools, including session identifiers and analytics identifiers as explained in the "Cookies & Tracking Technologies" section below.

We do not intentionally collect special categories of personal data (such as health data) unless you voluntarily provide such information, for example in the context of responsible gambling interactions. Where this occurs, we will handle such data with additional care in line with applicable law.

Legal Basis for Processing

We process your personal data only when we have a valid legal basis under applicable data protection laws, in particular the UK General Data Protection Regulation ("UK GDPR"), the EU GDPR where relevant, the Belgian Data Protection Act, and, for certain users, Mexican privacy legislation such as the Federal Law on Protection of Personal Data Held by Private Parties. The main legal bases are:

  • Performance of a contract: We process data that is necessary to create and manage your account, verify your age and identity, enable deposits and withdrawals, process bets and game outcomes, credit bonuses, handle customer support, and otherwise fulfil the terms and conditions you accept when you use the Super Game service on suprgames.com.
  • Compliance with legal obligations: We are required by law and regulation (including gambling and anti-money laundering rules) to carry out identity verification, affordability assessments where applicable, transaction monitoring, record keeping, and reporting to competent authorities such as the Belgian Gaming Commission or other regulatory and law-enforcement bodies. These obligations may require us to retain certain data for defined periods even after account closure.
  • Legitimate interests: We process personal data for our legitimate business purposes, balanced against your rights and freedoms. These purposes include operating and optimising suprgames.com, preventing fraud and abuse, ensuring system security, performing analytics and statistics, improving our products and services, protecting our legal rights, and defending against legal claims. Where required, we document these balancing tests.
  • Consent: In specific situations, we rely on your freely given, informed, and unambiguous consent - for example, for certain categories of cookies, for non-essential analytics and advertising technologies, and for sending direct marketing communications by email or SMS where consent is required. You can withdraw your consent at any time as described in the "Your Rights" and "Cookies & Tracking Technologies" sections.
  • Vital interests and other legal bases: In rare cases, we may need to process data to protect your vital interests or those of another person (for example, in situations involving serious threats to health or life), or when a specific legal basis under applicable national law justifies additional processing in the public interest.

Where the laws of Mexico or other jurisdictions provide comparable or additional legal bases for processing (for example, consent or contractual necessity under Mexican data protection regulations), we align our practices with those requirements for affected users.

Purpose of Processing

We use your personal data strictly for specified, explicit, and legitimate purposes. These include:

  • Providing and operating our gambling services: to register and manage user accounts for Super Game on suprgames.com, verify age and identity, process deposits, bets, game outcomes, withdrawals, bonuses, and loyalty schemes, and provide technical and customer support.
  • Regulatory, KYC, and AML compliance: to meet obligations under gambling, anti-money laundering, counter-terrorist financing, fraud prevention, and sanctions laws, including monitoring gameplay and transactions, carrying out due diligence checks, reporting suspicious activity, and keeping adequate records.
  • Ensuring responsible gambling: to offer and manage tools such as deposit limits, loss and session limits, reality checks, time-outs, and self-exclusion, and to analyse behavioural patterns to identify potential gambling-related harm, in line with guidance from bodies such as BeGambleAware.org.
  • Improving our products and services: to monitor and analyse the performance and usage of suprgames.com, diagnose technical issues, perform statistical analysis, enhance game features, improve user experience, and develop new services.
  • Marketing and personalisation: to send permitted marketing communications, tailor offers and bonuses to your profile and preferences, conduct customer surveys and promotions, and measure the effectiveness of our campaigns, subject to your choices regarding marketing and cookies.
  • Security and fraud prevention: to secure our systems and infrastructure, detect and prevent fraud, cheating, abuse of bonuses, and misuse of our services, investigate suspicious behaviour, and protect against cyberattacks or other threats.
  • Legal and business purposes: to establish, exercise, or defend legal claims, manage disputes, conduct audits, and support business operations such as risk management, reporting, and corporate governance.

We do not use your personal data for purposes that are incompatible with those described in this policy, and we periodically review our processing activities to ensure continued alignment with these purposes.

Disclosure & Sharing

We treat your personal data as confidential and share it only where necessary and lawful. We may disclose data to the following categories of recipients:

  • Payment service providers and financial institutions: banks, card schemes, e-wallet providers, and other payment partners that process deposits and withdrawals, perform fraud checks, handle chargebacks, and ensure secure payment processing in connection with suprgames.com.
  • IT, hosting, and technical service providers: companies that provide data hosting, cloud infrastructure, game servers, content delivery networks, security services, communication tools, and IT support that enable the operation of Super Game on suprgames.com.
  • Analytics and marketing partners: third-party analytics providers and, where permitted, advertising networks that help us understand how suprgames.com is used, measure marketing effectiveness, and present relevant content or offers. Where required, we obtain your consent before using such technologies.
  • Identity verification, AML, and fraud-prevention providers: specialised service providers that assist with identity verification, sanctions and PEP screening, fraud detection, transaction monitoring, and risk analysis for regulatory compliance.
  • Regulators and public authorities: regulatory bodies and law-enforcement authorities in Belgium, the UK, and other relevant jurisdictions, including the Belgian Gaming Commission and, where necessary, the UK Gambling Commission or other competent agencies, to comply with reporting, licensing, anti-money laundering, and other legal obligations.
  • Professional advisers: lawyers, auditors, accountants, and consultants who provide professional services to us and are subject to confidentiality obligations.
  • Corporate transactions: in the context of a merger, acquisition, restructuring, or sale of all or part of our business, your data may be shared with potential or actual purchasers and their advisers, subject to appropriate safeguards.
  • Other third parties with your consent: where you explicitly request or authorise sharing, or where we inform you of a specific disclosure and you choose to proceed.

Independent dispute resolution services such as the UK's Independent Betting Adjudication Service (https://ibas-uk.com) do not currently apply to the Super Game service, and we do not share your data with them for dispute resolution in relation to suprgames.com. We do not sell your personal data to third parties.

International Transfers

Because Tonalty Amusement N.V. is established in Belgium and provides the Super Game service via suprgames.com to users in multiple jurisdictions, your personal data may be transferred internationally. This may include:

  • Transfers within the UK and European Economic Area (EEA): Data may be processed on servers or by service providers located in the UK or EEA. The UK and EEA currently recognise each other's data protection frameworks as providing adequate protection, so such transfers are generally permitted.
  • Transfers from the UK/EEA to other countries: Some of our service providers may be located outside the UK and EEA, in countries that may not provide the same level of data protection. In these cases, we implement appropriate safeguards, such as:
    • standard contractual clauses approved by the European Commission and/or the UK Information Commissioner's Office, including the UK International Data Transfer Addendum where required;
    • reliance on adequacy regulations or decisions where applicable; and
    • other recognised transfer mechanisms, such as participation in the EU - US Data Privacy Framework and its UK extension, where relevant and lawfully relied upon.
  • Transfers related to regulatory and legal obligations: Where required by gambling or financial regulation, your data may be shared with regulatory authorities or law-enforcement bodies located outside your country of residence, including regulators in Belgium and, where applicable, the UK.

We assess the level of protection in destination countries and implement supplementary measures where necessary to ensure that your rights remain protected in line with UK GDPR and other applicable regulations.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, to comply with legal and regulatory obligations, and to protect our legitimate interests. Retention periods vary depending on the category of data and the context of processing, but we apply the following general principles:

  • Account and identification data: Typically retained for the duration of your active account and, after closure, for a period usually not exceeding five (5) years, unless a longer retention period is required by law or necessary for the establishment, exercise, or defence of legal claims (for example, to comply with anti-money laundering regulations which may require up to seven years).
  • Transaction and gaming data: Records of bets, deposits, withdrawals, and game outcomes are kept for periods necessary to comply with regulatory record-keeping requirements and to resolve disputes, generally aligned with the retention applied to account data.
  • Compliance and AML data: Documentation related to KYC checks, risk assessments, and suspicious activity reports may be retained for statutory periods determined by applicable AML and gambling regulations.
  • Marketing and communication data: Retained for as long as you remain subscribed to marketing communications or as long as necessary to document compliance with marketing consent requirements. We keep records of your consent or objection for a longer period to demonstrate compliance with applicable laws.
  • Technical logs and security data: System logs, access records, and security event data are generally retained for a shorter period (usually from a few months up to two years), unless needed for ongoing investigations or litigation.
  • Customer support records: Communications with customer service are retained as long as needed to manage your requests and to document our service quality, typically up to six years where necessary to address complaints or disputes.

When data is no longer required, we will either securely delete it or irreversibly anonymise it. We may also store aggregated or anonymised data indefinitely for statistical and analytical purposes, provided it can no longer be linked to an identified or identifiable individual.

Your Rights

You have a number of rights regarding your personal data under the UK GDPR, the EU GDPR where applicable, and other relevant laws. For users located in Mexico, we also align with the rights recognised under Mexican privacy law, including the Federal Law on Protection of Personal Data Held by Private Parties (ARCO rights). Subject to legal limitations and verification of your identity, you may exercise the following rights:

  • Right to information and transparency: to receive clear information about how we process your data, including this privacy policy and any additional notices or explanations we provide at the point of data collection.
  • Right of access: to obtain confirmation of whether we process your personal data and, if so, to receive a copy of your data along with details about the processing.
  • Right to rectification (correction): to request correction of inaccurate or incomplete personal data. In Mexican terminology, this aligns with the "Rectification" element of ARCO rights.
  • Right to erasure ("right to be forgotten") / cancellation: to request deletion of your personal data where there is no legal basis for us to continue processing it, for example where you have withdrawn consent, where data is no longer necessary for the original purpose, or where processing is unlawful. Under Mexican law, this corresponds to the "Cancellation" element of ARCO rights.
  • Right to restriction of processing: to request that we temporarily limit the processing of your data, for example while we verify its accuracy or consider an objection.
  • Right to data portability: to receive certain personal data you provided to us in a structured, commonly used, machine-readable format and to transmit it to another controller, where technically feasible.
  • Right to object / opposition: to object at any time to processing based on our legitimate interests, including profiling, and to object to the use of your data for direct marketing. Under Mexican law, this corresponds to the "Opposition" element of ARCO rights.
  • Right to withdraw consent: where we rely on your consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.
  • Rights related to automated decision-making: to request human intervention, to express your point of view, and to contest decisions that are based solely on automated processing, including profiling, which produce legal effects or similarly significant impacts on you.

How to exercise your rights

  • Submission: You can submit a request by emailing dpo@suprgames.com or, where available, by using the contact form provided on suprgames.com.
  • Verification: To protect your data, we may ask you to provide information necessary to verify your identity (for example, confirming account details or using secure account login).
  • Response time: We aim to respond to all valid requests within one (1) month of receipt. In complex cases or where we receive multiple requests, this period may be extended by up to an additional two months, in which case we will inform you of the extension and the reasons.
  • Fees: Requests are generally handled free of charge. If a request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act, as permitted by law.

In some cases, we may not be able to fully comply with your request, for example where legal obligations require us to continue processing or retaining certain data (such as KYC and transaction records). In such cases, we will clearly explain the reasons for our decision.

Cookies & Tracking Technologies

We use cookies and similar technologies on suprgames.com to ensure the proper functioning of the site, enhance user experience, perform analytics, and, where permitted, support marketing activities.

  • Session cookies: temporary cookies that are stored on your device during your browsing session and deleted when you close your browser. They are used, for example, to keep you logged in, remember items in your gaming session, and balance server load.
  • Persistent cookies: cookies that remain on your device for a longer period or until you delete them. They help us remember your preferences (such as language and region), improve our services, and recognise you when you return to suprgames.com.
  • First-party cookies: cookies set directly by suprgames.com to provide core functionality, security, and basic analytics.
  • Third-party cookies: cookies set by third-party service providers, for example analytics providers and, where applicable, advertising networks that collect information about your use of suprgames.com over time.

Purposes of cookies

  • Strictly necessary / functional: required for suprgames.com to function properly, including account log-in, security features, and enabling access to core services. These cookies cannot be switched off in our systems, although you can set your browser to block them (which may cause parts of the site to stop working correctly).
  • Analytics and performance: used to understand how visitors use suprgames.com, measure performance, and help us improve the site and our services.
  • Advertising and personalisation: used, where permitted, to deliver relevant offers and promotions, limit the number of times you see an advertisement, and measure the effectiveness of our marketing campaigns.

Managing cookies

  • You can manage or disable cookies through your browser settings. The "Help" function in most browsers explains how to modify cookie settings or delete existing cookies.
  • Where we provide an internal cookie management panel on suprgames.com, you can use it to adjust your preferences for non-essential cookies at any time.
  • Disabling certain cookies may affect your ability to use some features of suprgames.com or the Super Game service.

Data Security

We take the security of your personal data very seriously and implement technical and organisational measures designed to protect it against unauthorised access, accidental loss, destruction, or damage.

  • Encryption in transit and at rest: data transmitted between your device and suprgames.com is protected using modern transport-layer security protocols (TLS 1.2 or higher). Where appropriate, we also encrypt data at rest on our servers and backup systems.
  • Access controls and authentication: access to personal data is restricted to authorised personnel and service providers who need it for legitimate business purposes, and who are bound by confidentiality obligations. We implement strong authentication mechanisms, role-based permissions, and regular access reviews.
  • Secure infrastructure: our systems and networks are protected with firewalls, intrusion detection and prevention systems, and other security technologies. We monitor for unusual activity and apply security patches in a timely manner.
  • Operational security and training: we maintain policies and procedures for data protection, information security, and incident management. Staff members with access to personal data receive appropriate training and guidance on handling data securely.
  • Vendor due diligence: we carefully select service providers that process personal data on our behalf, ensuring that they implement security measures that are at least equivalent to our own and are subject to contractual obligations regarding data protection.
  • Incident response: we maintain processes to detect, investigate, and respond to potential data breaches. Where required by law, we notify the relevant supervisory authorities and, where appropriate, affected individuals without undue delay.

We aim to align our security practices with recognised industry standards and good practices (such as frameworks similar to ISO 27001 and SOC 2) where proportionate to the risks, while not claiming formal certification unless explicitly stated elsewhere.

Complaints & Contacts

If you have questions, concerns, or complaints about how we handle your personal data in connection with the Super Game service on suprgames.com, you can contact us or the relevant supervisory authorities as described below.

Contacting us

  • Email (primary privacy contact): dpo@suprgames.com
  • Postal address: Data Protection Officer, Tonalty Amusement N.V., Antwerpsesteenweg 107, 2350 Vosselaar, Belgium
  • Online contact: where available, via the contact or feedback form on suprgames.com

Internal complaint handling procedure

  1. Submission: Send us your complaint, clearly describing your concerns and, if applicable, indicating which data protection right you wish to exercise.
  2. Acknowledgement: We will confirm receipt of your complaint and provide an initial reference number, usually within a few working days.
  3. Review and investigation: Our privacy or compliance team will review your complaint, gather relevant information, and may contact you for additional details if necessary.
  4. Response: We aim to provide a substantive response within one (1) month from receipt of your complaint. For complex issues or multiple complaints, this period may be extended as permitted by law, in which case we will inform you of the extension and expected timeline.
  5. Follow-up: If you are not satisfied with our response, you may request further clarification or escalate the matter to the appropriate supervisory authority.

Supervisory authorities and external escalation

  • United Kingdom: If you are located in the UK, you have the right to lodge a complaint with the Information Commissioner's Office (ICO). Further information on how to do so is available at https://ico.org.uk.
  • European Union (Belgium): As Tonalty Amusement N.V. is established in Belgium, you may also contact the Belgian Data Protection Authority. Details are available at https://www.dataprotectionauthority.be.
  • Mexico: For users whose data is governed by Mexican privacy law, you may lodge a complaint with the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI). Information on how to contact INAI is available at https://www.inai.org.mx.

Please note that independent gambling adjudication schemes such as IBAS are not applicable to the Super Game service on suprgames.com. For support and information on gambling responsibly, you may visit https://begambleaware.org.

Updates

We may update this privacy policy from time to time to reflect changes in our processing activities, legal requirements, regulatory guidance, or technical developments.

  • Notification of changes: We will publish the updated policy on suprgames.com with a new "Last updated" date. For material changes, we will take additional steps to inform you, such as sending email notifications, displaying banners on suprgames.com, or posting alerts in your account dashboard.
  • Advance notice for significant changes: Where changes significantly affect your rights or the way we process your data, we will, where reasonably practicable, provide at least 30 days' advance notice before the changes take effect, unless immediate implementation is required by law or to protect users or our services.
  • Your options: If you do not agree with a material change to this policy, you may choose to close your account and stop using suprgames.com. In such cases, we will continue to process your personal data only as necessary for legitimate and lawful purposes, such as fulfilling legal retention obligations.
  • Version control and history: We maintain internal records of previous versions of this policy and, where appropriate, a summary of material changes. You can request further information about past versions by contacting us at dpo@suprgames.com.

Last updated: January 2026