burger icon
Legendz United Kingdom
Log In

Privacy Policy

This privacy policy explains how the Legendz version of the Legendz services available at legendz.bet ("Legendz", "we", "us", "our") collects, uses, discloses and protects your personal data when you visit our website, create an account, participate in our social casino or social sportsbook (sweepstakes model), or otherwise interact with us. It applies to players, website visitors and any other individuals whose data we process in connection with Legendz. This policy is prepared in line with the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018 and, where relevant, comparable international standards including Mexican privacy law. It is effective and up to date as of November 2025.

Who We Are

The Legendz experience on legendz.bet is part of the "Legendz" social casino and social sportsbook platform, which operates under a sweepstakes promotional model and does not hold a UK Gambling Commission licence. This means you do not benefit from UKGC gambling protections, but your personal data is still handled in line with UK data protection law.

The Legendz platform is operated by Platinum Panther LLC, a limited liability company ("LLC") and parent company of Legendz, which may also use "Platinum FYI" as an alternative trading name. Platinum Panther LLC is incorporated in the United States. Certain corporate details (such as registered office address, company registration number and tax identification number) are not publicly listed in this policy; these details can be provided to you on request where required by applicable law.

Data Protection Responsibility

  • Data controller: For users in the United Kingdom and other relevant jurisdictions, Platinum Panther LLC is the data controller for personal data processed in connection with Legendz on legendz.bet.
  • Data protection contact: We maintain a dedicated data protection function (which may include a Data Protection Officer or equivalent responsible person) overseeing our compliance with the UK GDPR and comparable standards.

You can contact our data protection team about any privacy or data protection issue using the contact details provided in your Legendz account, within any in-product help or support centre, or via the contact information published on legendz.bet (clearly marked for privacy or "data protection" queries). Where we provide a specific privacy or DPO email address or postal address in your account area, you should use those details for the fastest response.

What Personal Data We Collect

We collect and process different categories of personal data depending on how you use Legendz and the wider Legendz platform.

Identity and Contact Data

  • Basic identification: Full name, date of birth, nationality and, where legally required, gender or similar identifiers to verify eligibility to use our services.
  • Contact details: Email address, telephone number(s), country of residence and correspondence language, plus any postal or billing addresses you provide.
  • Account details: Username, password (stored in hashed form), security questions or other credentials used to access your Legendz account.

KYC and Verification Data

  • Government ID: Copies or details of passports, national ID cards, driving licences or equivalent documents, collected through third-party verification providers for "Know Your Customer" (KYC) and anti-fraud checks.
  • Proof of address: Utility bills, bank statements or similar documents (typically dated within the last three months) confirming your residential address.
  • Verification outcomes: Results of KYC, sanctions screening, age or eligibility checks and any risk scores produced by our verification partners.

Technical and Device Data

  • Device details: IP address, device type, operating system, browser type and version, device identifiers, language settings and time zone.
  • Usage logs: Login timestamps, session duration, pages viewed, clicks, referral URLs and technical interaction logs (including error logs and performance data).
  • Security data: Information used to detect and prevent fraud or misuse, such as failed login attempts, device fingerprints and network diagnostic data.

Payment, Wallet and Sweepstakes Data

  • Transaction-related data: Records of purchases of virtual credits or entries, sweepstakes participation, prize redemptions and any real-money settlements where applicable to your jurisdiction.
  • Limited payment data: We typically receive only partial payment information from payment processors (such as tokenised card references or bank identifiers), not your full card number. Detailed payment credentials are usually stored and processed by our third-party payment partners.
  • Wallet and credit balances: Information about your in-platform wallet balances, including virtual credits and sweepstakes entries; note that these are not UKGC-regulated player funds.

Behavioural and Marketing Data

  • Gameplay and betting behaviour: Game selections, social sportsbook positions, stakes or virtual amounts, outcomes, session length and interaction patterns with our products.
  • Preferences and profiling: Data about your preferred games, promotions, communication preferences, and inferred interests used to tailor your experience where lawful.
  • Marketing interactions: Records of email opens, link clicks, unsubscribe actions, participation in promotions, surveys or competitions, and responses to marketing campaigns.

Communication and Support Data

  • Support interactions: Content of messages, emails or in-platform chats with customer support, including any additional documents or screenshots you share.
  • Call records: Where permitted by law and clearly notified, recordings or transcripts of calls with support or compliance teams.

Cookies and Similar Technologies

  • Cookies: Small text files stored on your device to remember your preferences, keep you logged in and understand how you use legendz.bet.
  • Other identifiers: Web beacons, pixels, SDKs, local storage and similar technologies that help us measure performance, prevent fraud and deliver or limit marketing.

We may combine information from different sources (for example, technical data from your device with account and KYC data) where necessary and lawful, for instance to secure your account or personalise your experience.

Legal Basis for Processing

We process personal data associated with Legendz on legendz.bet under the legal bases set out in the UK GDPR, and we align these with comparable principles in other applicable laws (including Mexican privacy law where relevant). Depending on the specific processing activity, we rely on one or more of the following grounds:

Performance of a Contract

  • Service provision: To create and manage your Legendz account, operate the social casino and social sportsbook features, issue and manage virtual credits and sweepstakes entries, validate your eligibility and provide customer support.
  • Prize fulfilment: To process sweepstakes outcomes, arrange prize redemptions and manage any associated logistics or communications.

Compliance with Legal Obligations

  • KYC and AML requirements: To comply with applicable KYC, anti-money laundering, anti-fraud and other regulatory obligations or best-practice expectations in relevant jurisdictions, including verifying identity and preventing prohibited use of our services.
  • Record-keeping and reporting: To maintain business records, respond to lawful requests from authorities, and comply with tax, accounting or other statutory obligations.

Legitimate Interests

  • Security and integrity: To protect our platform, users and business from fraud, abuse, cyberattacks and other security threats, and to enforce our terms of use.
  • Service improvement and analytics: To analyse usage, measure performance, improve existing features, develop new offerings and better understand user preferences, using aggregated or pseudonymised data where possible.
  • Legal defence and risk management: To establish, exercise or defend legal claims, manage disputes (including arbitration in the United States where contractually agreed) and maintain appropriate business safeguards.

Consent

  • Marketing communications: To send you email or other electronic marketing messages, where required by law, based on your explicit opt-in consent, which you may withdraw at any time.
  • Cookies and tracking: To use non-essential cookies and similar technologies for analytics, personalisation and advertising, where local law requires consent.
  • Optional data: For processing additional information that is not strictly necessary for the core service (for example, certain survey responses or promotional participation data), where we ask for and obtain your consent.

Where we rely on consent, you are free to withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal. Where we rely on legitimate interests, we balance those interests against your rights and expectations, and we will stop or adjust processing if that balance is not appropriate.

Purpose of Processing

We collect and use personal data related to Legendz for clearly defined purposes that are compatible with the operation of the Legendz platform and our legal obligations.

Provision and Management of Services

  • Account operation: To register and maintain your Legendz account, authenticate logins, manage your settings and preferences and keep your account secure.
  • Platform functionality: To provide access to social casino and social sportsbook content, process in-platform activity, allocate virtual credits and manage sweepstakes participation.
  • Customer support: To answer questions, investigate complaints, troubleshoot technical issues and provide day-to-day assistance.

Compliance, Security and Fraud Prevention

  • Regulatory safeguards: To perform KYC/AML checks where appropriate, monitor for suspicious behaviour and comply with applicable laws and industry expectations, even though we do not hold a UKGC licence.
  • Platform protection: To detect and prevent fraud, abuse, cheating, bonus misuse, unauthorised access or other violations of our terms.
  • Incident management: To investigate, mitigate and remediate actual or suspected security incidents, and to notify you and regulators where legally required.

Personalisation, Analytics and Improvement

  • User experience optimisation: To tailor content, recommendations and promotions based on your activity, interests and preferences, subject to your choices and applicable law.
  • Analytics and research: To measure performance, understand how players use our services, run A/B tests and improve features, often using aggregated or pseudonymised data.

Marketing and Communication

  • Direct marketing: To send promotional messages, offers and updates about Legendz products or features, in accordance with your marketing preferences and applicable consent requirements.
  • Service communications: To send transactional or service messages (for example, account notices, changes to this privacy policy or our terms, security alerts and important platform updates).

Legal and Business Purposes

  • Legal obligations and claims: To comply with legal obligations, respond to lawful requests from authorities and manage or defend legal claims, including those handled through arbitration in the United States.
  • Business operations: To support internal functions such as auditing, compliance, reporting, governance and potential business restructuring (for example, merger or acquisition scenarios).

Disclosure & Sharing

We do not sell your personal data as a stand-alone product. However, we do share personal data associated with Legendz with selected third parties where necessary, proportionate and lawful.

Service Providers and Partners

  • Payment and banking partners: Third-party payment processors and financial institutions handling transactions related to virtual credits or prize redemptions, who receive only the information needed to process payments and comply with legal obligations.
  • KYC, AML and fraud-prevention providers: Specialist vendors (for example, identity verification platforms that process your ID documents and proof of address) that help us verify identity, detect fraud and comply with regulatory expectations.
  • Technology and hosting providers: Cloud infrastructure, content delivery networks, security services and other IT providers that host and support the Legendz platform.
  • Analytics and marketing tools: Providers of analytics, attribution, email delivery and similar services that help us understand platform performance and communicate with you, subject to applicable consent requirements.

Corporate and Professional Recipients

  • Group entities and affiliates: Other entities within the broader Platinum Panther LLC group or related businesses that support the operation, management or improvement of Legendz.
  • Advisers and auditors: Lawyers, auditors, consultants and other professional advisers who require access to certain data to provide their services under confidentiality obligations.

Regulators, Authorities and Dispute Resolution

  • Public authorities: Law enforcement agencies, regulators, courts and other public authorities when we are legally required to share information or where sharing is necessary to protect our rights, your safety or the safety of others.
  • Dispute resolution bodies: Arbitration institutions or similar bodies, primarily in the United States (including in states such as Delaware or New York where applicable), involved in resolving disputes under our terms, without limiting your right to contact data protection authorities.

Business Transfers

  • Corporate transactions: In connection with any merger, acquisition, asset sale, restructuring or similar corporate transaction, your data may be transferred to the relevant third party, subject to continued protection consistent with this policy.

Whenever we share your personal data, we require recipients to handle it securely, use it only for the specified purposes and comply with applicable data protection laws and contractual safeguards.

International Transfers

Legendz is operated by Platinum Panther LLC in the United States and uses global service providers. This means your personal data associated with Legendz may be transferred to and processed in countries outside the United Kingdom, including the United States and other jurisdictions that may have different data protection standards.

Transfers Outside the UK and EEA

  • United States: Many core platform operations, including hosting, support, risk management and dispute resolution (including arbitration where applicable), are carried out from or involve entities in the US.
  • Other countries: Some of our service providers (for example, KYC vendors, cloud hosts or analytics tools) may process data from locations within the European Economic Area (EEA), Latin America (including Mexico) or other regions.

Transfer Safeguards

  • Legal mechanisms: Where UK data protection law requires additional safeguards, we use appropriate transfer tools such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses (SCCs), and we assess the laws of destination countries where necessary.
  • Additional measures: We implement technical and organisational measures (including encryption, strict access controls and minimisation) to reduce risks associated with international transfers.
  • Legacy frameworks: We do not rely on invalidated frameworks such as the former EU-US Privacy Shield for UK GDPR compliance, although service providers may adhere to newer recognised programmes where applicable.

You can contact us using the channels described in this policy if you would like more information about the safeguards we use for international transfers, or to request a copy of relevant contractual protections (subject to redactions for commercial confidentiality).

Data Retention

We keep personal data in identifiable form only for as long as necessary to fulfil the purposes for which it was collected, including meeting legal, accounting, anti-fraud and reporting requirements. When deciding how long to retain data, we consider the type of data, the risk associated with its use, applicable legal requirements and our legitimate business needs.

Typical Retention Periods

  • Account and identity data: Core account information (such as your name, contact details and account history) is generally retained for the duration of your relationship with Legendz, and for up to five (5) years after account closure or last meaningful activity, to manage disputes, comply with record-keeping obligations and enforce our terms.
  • KYC and verification records: Documents and verification outcomes used for identity checks and regulatory purposes are typically stored for up to five (5) years after your relationship with us ends, unless a longer period is required by law or justified in connection with investigations or legal claims.
  • Transaction and sweepstakes data: Logs of sweepstakes entries, prize redemptions and related records may be kept for up to six (6) years to comply with accounting standards and limitation periods for legal claims.
  • Technical logs and security data: Security logs, device information and other technical records used to protect the platform are typically retained for between six (6) months and two (2) years, depending on the nature of the data and the security purpose.
  • Marketing data: Information about marketing preferences and interactions is retained while you remain opted in to marketing and for a reasonable period (for example, up to two (2) years) after you opt out, to document your choice and maintain suppression lists.

Deletion and Anonymisation

  • Deletion or anonymisation: When personal data is no longer required for the purposes stated in this policy or any applicable legal obligation, we either securely delete it or irreversibly anonymise it so that it can no longer be associated with you.
  • Legal exceptions: In some cases, we may need to retain certain data for longer to comply with mandatory laws, respond to legal claims, cooperate with investigations or enforce our agreements, in which case access is strictly limited.

If you request deletion of your data, we will assess your request against these retention principles and explain any information that we are unable to delete due to legal or legitimate business requirements.

Your Rights

Depending on your place of residence and the laws that apply to you, you may have various rights over your personal data. For users in the United Kingdom, these rights arise primarily under the UK GDPR and the Data Protection Act 2018. For users in Mexico, we seek to align with the Federal Law on Protection of Personal Data Held by Private Parties and related regulations, which provide similar "ARCO" rights (access, rectification, cancellation and opposition).

Rights Under UK and EU-Style Data Protection Laws

  • Right of access: You can request confirmation of whether we process your personal data and obtain a copy of that data, together with information about how we use it.
  • Right to rectification: You can ask us to correct inaccurate data or complete incomplete data relating to you.
  • Right to erasure: You can request deletion of your personal data in certain circumstances, for example where it is no longer needed for the purposes for which it was collected, you have withdrawn consent (where relevant) or you have successfully objected to processing.
  • Right to restriction: You can ask us to restrict the processing of your data in specific situations, such as while we verify its accuracy or assess an objection.
  • Right to object: You can object at any time to processing based on our legitimate interests, including profiling, and we will stop unless we have compelling legitimate grounds that override your interests or the processing is needed for legal claims. You can always object to direct marketing.
  • Right to data portability: You can request certain personal data in a structured, commonly used and machine-readable format, and have it transmitted to another controller where technically feasible.
  • Right to withdraw consent: Where we rely on your consent (for example, for marketing or certain cookies), you may withdraw that consent at any time via the tools provided (such as account settings or unsubscribe links).

Additional Rights for Users in Mexico (ARCO Rights)

  • Access and rectification: You may request access to your personal data and ask us to correct inaccurate or incomplete information.
  • Cancellation: Subject to legal and legitimate retention requirements, you may request that we cancel (delete) your personal data when you consider it is not being processed in accordance with applicable law.
  • Opposition: You may oppose certain processing of your personal data, including for specific marketing or profiling activities, where permitted under Mexican law.
  • Revocation of consent and limitation of use: Where we process data based on consent under Mexican law, you may revoke that consent and request that we limit the use or disclosure of your personal data.

How to Exercise Your Rights

  • Submitting a request: You can exercise your rights by contacting us through the privacy or data protection contact channels indicated in your Legendz account or on legendz.bet, clearly stating which right you wish to exercise and providing enough information to identify you and your account.
  • Verification: We may ask for additional information or documentation (including KYC-type information where necessary) to verify your identity before we respond, especially for sensitive requests such as access or deletion.
  • Timeframe: We aim to respond to all valid requests within one (1) month (30 days) of receipt in 2025, and may extend this period by up to a further two months for complex or numerous requests, in which case we will inform you of the extension and reasons.
  • Cost: We do not charge a fee for handling your request, unless it is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act, as permitted by law.

In some situations we may not be able to fully comply with your request, for example where doing so would infringe the rights of others, prevent us from complying with legal obligations, or affect ongoing investigations or dispute resolution. In such cases we will explain our decision and your options, including your right to lodge a complaint with a supervisory authority.

Cookies & Tracking Technologies

Legendz uses cookies and similar technologies on legendz.bet to operate the platform, remember your preferences, secure your account, perform analytics and, where permitted, deliver marketing. Cookies are small text files placed on your device; similar technologies include pixels, web beacons, SDKs and local storage.

Types of Cookies We Use

  • Strictly necessary cookies: Essential for the operation of the site and services, for example to enable you to log in, manage sessions, load pages correctly and perform security functions. These cookies are usually set in response to actions you take and cannot be switched off in our systems.
  • Functional cookies: Enable the site to provide enhanced functionality and personalisation, such as remembering your language, region or preferences. If you disable these, some features may not work as intended.
  • Performance and analytics cookies: Help us understand how players use legendz.bet, which pages are visited most, and how our campaigns perform, so we can improve the platform. The information is generally aggregated, but may occasionally be associated with your account where necessary for troubleshooting.
  • Advertising and marketing cookies: Used to deliver more relevant marketing messages, measure campaign effectiveness and limit how often you see certain promotions, where such activities are permitted by law and subject to your consent where required.
  • Social media and third-party cookies: Set by third-party services that appear on our pages (for example, embedded content or social sharing tools), which may track your browser across other sites.

Managing Cookies

  • Browser settings: Most web browsers allow you to block, delete or disable cookies through their settings. You can usually find these settings in the "Options" or "Preferences" menu of your browser.
  • In-product controls: Where available, we may present cookie banners or preference centres that let you manage non-essential cookies and similar technologies on legendz.bet.
  • Impact of disabling cookies: If you disable or reject cookies, some parts of the site may not function correctly, and your ability to use certain features or remain logged in may be affected.

For more detailed and current information about the specific cookies we use (including names, providers and lifetimes), we may provide a separate cookie notice or cookie management interface on legendz.bet, which should be read together with this privacy policy.

Data Security

We take the security of personal data associated with Legendz very seriously and implement technical and organisational measures designed to protect it against unauthorised access, loss, misuse, alteration or disclosure. While no system can be guaranteed completely secure, we work continuously to maintain a robust security posture aligned with industry best practices.

Technical Measures

  • Encryption in transit: Data transmitted between your device and legendz.bet is protected using modern Transport Layer Security (TLS), including TLS 1.3 as implemented on our platform, to reduce the risk of interception.
  • Encryption at rest: Where appropriate, we encrypt personal data stored on our systems or in our service providers' environments, alongside other safeguards such as tokenisation and data minimisation.
  • Access controls: Personal data is accessible only to authorised staff and service providers who need access for legitimate business purposes, using role-based access controls, strong authentication and, where appropriate, multi-factor authentication (MFA).
  • Segregation and logging: We separate production and test environments, maintain audit logs of key administrative actions and monitor systems for unusual or suspicious activity.

Organisational Measures

  • Policies and training: We maintain internal security and privacy policies and provide staff with training on data protection, security awareness and the proper handling of personal data.
  • Vendor management: We select service providers carefully and require them to implement appropriate security and confidentiality measures through contracts and risk assessments.
  • Testing and review: We periodically review our security controls, including through internal checks and, where appropriate, third-party assessments or audits aligned with recognised standards such as ISO 27001 and SOC 2, even if we are not formally certified under those standards.
  • Incident response: We maintain procedures for identifying, responding to and mitigating security incidents. Where a breach of personal data occurs that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities in line with applicable legal requirements.

Although Legendz operates as a social gaming platform without UKGC-mandated funds protection, we treat the security of your personal data as a core obligation and continually refine our controls to address evolving threats.

Complaints & Contacts

If you have any questions, concerns or complaints about how we handle your personal data in connection with Legendz on legendz.bet, we encourage you to contact us first so we can attempt to resolve the issue directly.

How to Contact Us

  • Data protection contact: You can reach our data protection team (or Data Protection Officer, where appointed) using the privacy or data protection contact details indicated in your Legendz account or on legendz.bet. Please clearly mark your communication as a "Privacy" or "Data Protection" request or complaint.
  • Information to include: Provide your account details (if applicable), a clear description of your concern or request, the jurisdiction you are contacting from (for example, UK or Mexico) and any relevant supporting information.

Complaint Handling Procedure

  • Acknowledgement: We aim to acknowledge your complaint or request promptly and, in any event, within a reasonable period after receipt.
  • Assessment and response: We will investigate your concern, consult relevant teams as needed and provide a substantive response, usually within one (1) month (30 days), subject to any extensions permitted under applicable law for complex matters.
  • Escalation: If you are not satisfied with our response, you may request further review within Legendz. Our aim is to provide clear explanations of the decisions we make and the options available to you.

Your Right to Contact Supervisory Authorities

  • United Kingdom: If you are in the UK and remain dissatisfied with our handling of your personal data or complaint, you have the right to contact the Information Commissioner's Office (ICO), which is the UK data protection supervisory authority. Further information is available at ico.org.uk.
  • European Union/EEA: If you are located in the EU/EEA, you may lodge a complaint with your local data protection authority or with the authority in the Member State where you live, work or consider that a violation occurred.
  • Mexico: If you are in Mexico and consider that your data protection rights under Mexican law have been infringed, you may contact the National Institute for Transparency, Access to Information and Personal Data Protection (INAI). Information on how to do this is available at inai.org.mx.

Any contractual dispute resolution mechanisms that may apply to your use of legendz.bet, including arbitration in the United States (such as in Delaware or New York), do not limit your ability to lodge complaints with data protection authorities or to exercise your privacy rights under applicable law.

Updates

We may update this privacy policy from time to time, for example to reflect changes in our services, our data processing practices or applicable legal requirements. When we make material changes, we will take appropriate steps to inform you.

How We Notify You of Changes

  • In-product and email notices: For significant updates, we may notify you via email (where we hold your email address), through notices in your account area, or via prominent banners or pop-ups on legendz.bet.
  • Advance notice: Where practicable and where changes are material, we will aim to provide at least thirty (30) days' advance notice before the new version takes effect, especially where changes could materially affect your rights or how your data is used.
  • Versioning: We will indicate the effective date of the latest version and may keep prior versions or a record of key historical changes available on request.

Your Choices When the Policy Changes

  • Continued use: If you continue to use Legendz on legendz.bet after a revised privacy policy takes effect, this will normally indicate that you have read and understood the updated terms.
  • Objection and account closure: If you do not agree with material changes to this policy, you may choose to stop using our services and, where applicable, close your account. Closing your account does not automatically erase all personal data, but we will handle your information in line with the "Data Retention" section and any applicable rights you exercise.

Last updated: November 2025.