burger icon
Brango Casino Canada
Log In

Privacy Policy

This Privacy Policy explains how Brango Casino, operating for Canadian players via brango-ca.com ("Brango Casino", "we", "us", "our"), collects, uses, discloses, and protects personal information of players and visitors. It applies to all users who access or use our website, register an account, participate in gambling activities, or otherwise interact with our services from Canada (excluding jurisdictions where our services are not permitted). By using our services, you acknowledge that you have read and understood this Privacy Policy. This Privacy Policy is effective as of January 1, 2026 and remains in force until updated or replaced.

Who We Are

OBSERVE: Brango Casino is operated under an international online gambling structure with a licensed gaming operator and an associated payment processor. Canadian players access the service through brango-ca.com.

EXPAND: To meet transparency and accountability requirements under Canadian privacy laws (including the Personal Information Protection and Electronic Documents Act - PIPEDA - and substantially similar provincial laws where applicable), we identify the operating entities and provide contact points for privacy matters.

REFLECT: The following information describes the legal entities responsible for processing personal data and how to contact us regarding privacy and data protection.

Operator and Corporate Structure

  • Gaming Operator: The online casino services available at https://brango-ca.com are operated by Anden Online N.V., a public limited company (N.V.) incorporated under the laws of Curaçao.
  • Registration Details: Anden Online N.V. is registered in Curaçao under company registration number 140039 and operates under the Master License of Gaming Services Provider 1668/JAZ, issued by the Government of Curaçao / Curaçao eGaming.
  • Payment Processing: Certain fiat payment-processing services for Canadian players may be handled by our affiliated company LyncPay Ltd, a limited liability company incorporated in Cyprus, registration number HE 398271.
  • Registered Addresses: The specific postal addresses of Anden Online N.V. in Curaçao and LyncPay Ltd in Cyprus are not specified in this policy. They may be updated from time to time in accordance with corporate registration records and, where necessary, will be made available upon written request for legitimate legal or regulatory purposes.

Data Protection Contact

  • Primary Privacy / Data Protection Contact:
    • Email: [email protected] (primary escalation email for privacy inquiries, exercise of rights, and formal complaints related to personal information).
  • Additional Responsible Gaming & Account Measures Contact:
    • Email: [email protected] (used mainly for responsible gaming and certain account-related manual interventions, which may involve processing of personal data).
  • Website: https://brango-ca.com
  • We maintain internal data protection and security functions. While we may not formally designate a Data Protection Officer under non-EU laws, the above contacts act as the primary point of contact for privacy matters.

What Personal Data We Collect

OBSERVE: To provide online gambling services, we must collect various categories of information: identification data, account details, technical logs, payment records, and behavioral data.

EXPAND: Canadian privacy law requires that collection be limited to what is necessary, clearly identified, and used for specified purposes. Gambling-specific obligations (e.g., KYC/AML, fraud prevention, responsible gaming) further determine which data are required.

REFLECT: Below we describe the main categories of information we collect when you visit brango-ca.com, create an account, deposit or withdraw funds, or use our games and services.

Identity and Contact Data

  • Account Registration Data: Full name, date of birth, country and province/territory of residence, address (where required), username, password or authentication credentials.
  • Contact Details: Email address, telephone number (mobile and/or landline), preferred language of communication.
  • Verification (KYC) Data: Government-issued identification (e.g., passport, national ID card, driver's licence), proof of address documents (e.g., utility bill, bank statement), and any additional documents required to verify identity, age, or source of funds.

Technical and Usage Data

  • Technical Identifiers: IP address, device identifiers, browser type and version, operating system, screen resolution, language settings, and approximate geolocation derived from IP (for compliance, security, and localization).
  • Log and Session Data: Login and logout timestamps, session duration, pages viewed, clicks, navigation paths, crash logs, and error reports.
  • Security and Monitoring Data: Information generated by security systems and fraud-detection tools, such as unusual login patterns, multiple accounts from same device, or suspected automated activity.

Payment and Financial Data

  • Transaction Data: Deposits, wagers, wins, losses, bonuses, withdrawals, payment method used, currency, and timestamps for each transaction.
  • Payment Method Details: Partial card information (e.g., masked card number, card type, expiry date), e-wallet identifiers, bank account references, and related transaction references. Full card data, where applicable, are handled by our authorized payment processors according to PCI-DSS or equivalent standards and are not retained in a readable form by us.
  • AML/KYC Financial Information: Where required by anti-money laundering regulations, we may collect additional information on your source of funds or wealth, such as employment information or banking documents.

Behavioral and Gaming Data

  • Gaming Activity: Game preferences, game sessions, bets placed, bet sizes, game outcomes, return-to-player behavior, frequency and duration of play, bonus usage, and tournament participation.
  • Interaction Data: Communications with our support team via email or online chat, responsible gaming requests and limits, complaints and dispute records, and survey or feedback responses.
  • Marketing and Engagement Data: Email open and click rates, responses to promotions, referral information, and campaign attribution identifiers.

Cookies and Similar Technologies

  • Cookies: Small text files stored on your device when you visit brango-ca.com, including session cookies, persistent cookies, and cookies placed by third parties (e.g., analytics or advertising partners).
  • Tracking Technologies: Web beacons, pixels, tags, SDKs, and similar tools used to measure traffic, analyze performance, and in some cases support tailored marketing (subject to consent, where required).
  • Details on cookie categories, purposes, and control options are provided in the "Cookies & Tracking Technologies" section below.

Legal Basis for Processing

OBSERVE: Canadian privacy law focuses on consent, purpose limitation, and reasonableness. As an internationally oriented operator, we also align our practices with principles comparable to GDPR (lawfulness, fairness, transparency, and legitimate interests) even though GDPR does not directly govern our operations in Canada.

EXPAND: Given the nature of online gambling, some processing is strictly necessary to perform the contract and comply with regulatory obligations, while other processing relies on your consent or our legitimate interests (e.g., security, basic analytics).

REFLECT: We only process personal information where we have a valid legal basis. These are described below, together with practical examples.

Consent

  • We rely on your express or implied consent when:
    • You register an account and provide your personal information to use our services.
    • You agree to receive marketing communications (e.g., newsletters, promotions, SMS offers).
    • Non-essential cookies and similar technologies are used for advertising or advanced analytics, when required by applicable law.
  • You may withdraw your consent at any time for non-essential processing (e.g., marketing) as described in the "Your Rights" section; withdrawal does not affect processing already carried out.

Contract Fulfillment

  • We process personal information to enter into and perform our contract with you, including:
    • Creating and managing your player account.
    • Providing access to games and related services.
    • Processing deposits, wagers, bonuses, and withdrawals.
    • Providing customer support and resolving technical issues.
  • Without this processing, we cannot provide you with the requested gambling services.

Compliance with Legal and Regulatory Obligations

  • We process data where necessary to comply with:
    • Anti - money laundering (AML) and counter-terrorist financing (CTF) rules applicable to our licensed operations in Curaçao and to payment processing in other jurisdictions.
    • Know Your Customer (KYC) requirements, including age verification and prevention of underage gambling.
    • Record-keeping obligations imposed by gaming and financial regulators.
    • Tax, accounting, and reporting obligations, where applicable.
    • Law enforcement and regulatory information requests, court orders, or other legal processes.

Legitimate Interests

  • We may rely on legitimate interests (applied in line with privacy principles similar to GDPR and assessed for reasonableness under Canadian law) to:
    • Protect our platform, users, and business from fraud, abuse, and security threats.
    • Detect, investigate, and prevent collusion, money laundering, bonus abuse, or other prohibited behavior.
    • Analyze and improve website performance, usability, and game offerings.
    • Perform basic statistical analysis and anonymized or aggregated reporting.
  • Where we rely on legitimate interests, we implement safeguards and consider your reasonable expectations, ensuring that your privacy rights are not overridden.

Purpose of Processing

OBSERVE: Each category of personal information we collect is linked to one or more clearly defined purposes.

EXPAND: Online casino operations involve service provision, regulatory compliance, safeguarding of players, and commercial activities such as marketing and analytics.

REFLECT: Below are the primary purposes for which we use your personal data, in line with Canadian privacy principles of identified purposes and limited use.

Service Provision and Account Management

  • To register, verify, and manage your player account.
  • To deliver our gambling services, including casino games, promotions, loyalty programs, and tournaments.
  • To process deposits, withdrawals, and internal transfers.
  • To provide customer support and answer questions submitted to [email protected] or via other communication channels.

Compliance, Security, and Fraud Prevention

  • To conduct KYC checks and age verification.
  • To comply with AML/CTF regulations and gaming license conditions.
  • To monitor transactions and gameplay for signs of fraud, collusion, or abuse.
  • To maintain the security and integrity of our systems, including intrusion detection, access controls, and incident response.

Improvement, Analytics, and Personalization

  • To better understand how players use brango-ca.com, which games are popular, and which features require improvement.
  • To develop new features, optimize our user interface, and improve game performance and stability.
  • To personalize parts of the website, such as recommended games or language preferences, based on your previous activity and device settings.

Marketing and Communications

  • To send service-related messages, such as transaction confirmations, policy updates, and security alerts.
  • To send marketing communications (email, SMS, push notifications, or on-site messages), including promotions and bonus offers, where permitted by law and based on your communication preferences.
  • To measure the effectiveness of our marketing campaigns, including affiliate marketing, banner advertising, and email campaigns.

Dispute Resolution and Legal Claims

  • To record and investigate complaints, disputes, and chargebacks.
  • To establish, exercise, or defend legal claims relating to our services or operations.
  • To cooperate with regulators, including Curaçao eGaming via https://validator.curacao-egaming.com, and any other competent authorities that may have jurisdiction over specific activities or transactions.

Disclosure & Sharing

OBSERVE: In order to run an online casino and comply with regulatory requirements, we need to share data with specific categories of recipients.

EXPAND: Canadian privacy law and international standards require that disclosures be limited, proportionate, and secure, with appropriate contractual safeguards.

REFLECT: We do not sell your personal information. We share it only as described below, for legitimate business and legal purposes.

Group Companies and Operators

  • Anden Online N.V. and LyncPay Ltd: Personal data may be shared between the licensed operator and the payment-processing entity to process transactions, perform KYC/AML checks, manage risk, and maintain accurate records.

Payment Partners and Financial Institutions

  • Authorized payment processors, banks, card schemes, and e-wallet providers involved in handling deposits, withdrawals, and associated financial transactions.
  • These partners process your payment information in accordance with their own regulatory obligations and privacy frameworks and are contractually required to protect your data.

Service Providers and Technical Partners

  • IT infrastructure providers (hosting, cloud services, content delivery networks).
  • Game software providers (e.g., RNG slot and table game providers) to enable game delivery, ensure fairness, and monitor performance.
  • Security, fraud-detection, anti-bot, and AML screening tools.
  • Customer support platforms, email service providers, and analytics partners that help us manage communications and website metrics.
  • These recipients act as processors or service providers and are bound by confidentiality and data protection obligations.

Affiliates and Marketing Partners

  • Affiliates and advertising networks that promote Brango Casino may receive limited data (such as anonymized identifiers or aggregated performance metrics) to track campaign performance and calculate commissions.
  • Where personalized advertising or certain tracking technologies are used, this will be done in compliance with applicable consent requirements and with appropriate opt-out options.

Regulators, Law Enforcement, and Other Authorities

  • Gaming and regulatory authorities, such as Curaçao eGaming, for license compliance, inspections, or investigations.
  • Law enforcement agencies, courts, and governmental authorities, when we are legally required to do so or where disclosure is necessary to prevent or investigate crime or fraud, or to protect our rights or the rights of others.

Business Transfers

  • In the event of a merger, acquisition, reorganization, or sale of some or all of our assets, personal data may be transferred to the acquiring entity, subject to continued protection consistent with this Privacy Policy and applicable laws.

International Transfers

OBSERVE: Brango Casino serves Canadian players but is operated by entities based outside Canada, including Curaçao and Cyprus, and may use service providers located in other jurisdictions.

EXPAND: This necessarily involves cross-border transfers of personal information, which must be protected by appropriate safeguards and risk assessments, and disclosed transparently to users.

REFLECT: We implement appropriate measures to ensure that your personal information remains protected when transferred internationally, in line with Canadian expectations and industry standards.

Locations of Processing

  • Your personal information may be stored and processed in:
    • Curaçao - where Anden Online N.V. is established and where primary gaming operations and regulatory oversight occur.
    • Cyprus - where LyncPay Ltd provides payment processing and related back-office functions.
    • Other countries - where our hosting providers, IT infrastructure, or specialized service providers are located (which may include members of the European Economic Area, the United States, and other regions).

Protection Measures for International Transfers

  • We ensure that cross-border transfers are:
    • Made only to jurisdictions or entities that provide a reasonable level of protection, assessed against Canadian privacy standards.
    • Governed by contractual safeguards, such as data protection agreements, including standard or model contractual clauses where applicable in line with international best practices.
    • Subject to internal risk assessments and security reviews, including encryption in transit, access controls, and data minimization.
  • Regardless of where your information is processed, we apply the protections described in this Privacy Policy.

Data Retention

OBSERVE: Legal, regulatory, and operational considerations require that some records be kept for defined periods.

EXPAND: Gambling laws, AML/CTF rules, and dispute resolution needs influence how long we keep different categories of data.

REFLECT: We retain personal information only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Retention periods below are indicative and may be adjusted based on legal changes or specific case requirements.

General Retention Principles

  • We limit retention to what is necessary and reasonable for:
    • Providing services and managing your account.
    • Meeting regulatory and legal obligations (including AML/CTF, gaming regulations, tax, and accounting).
    • Handling disputes, chargebacks, and legal claims.
  • When information is no longer required, we securely delete, anonymize, or aggregate it.

Indicative Retention Periods

  • Account and Identification Data: Typically retained for the duration of your account and for up to 5 - 7 years after account closure, depending on applicable AML/CTF and gaming regulations.
  • Transaction and Payment Data: Retained for at least 5 - 7 years after the relevant transaction, in line with accounting and AML record-keeping requirements.
  • Gaming and Behavioral Data: Retained for as long as necessary to fulfill responsible gaming, risk management, and dispute resolution purposes, generally no longer than 5 years after account closure, unless a longer period is legally required.
  • Marketing Data: Retained while you have an active account and/or until you withdraw your consent or opt out of marketing, after which it may be kept in a suppression list to respect your preferences.
  • Support and Complaint Records: Retained for the duration of the issue and for at least 3 - 5 years thereafter, depending on limitation periods for legal claims.

Deletion Criteria

  • Data are deleted or anonymized when:
    • The retention period expires and no overriding legal or regulatory duty to retain applies.
    • We no longer need the information for any legitimate purpose.
    • You successfully exercise your right to erasure, in circumstances where erasure is not restricted by legal or regulatory requirements.

Your Rights

OBSERVE: Canadian privacy laws grant individuals rights regarding their personal information, including access, correction, and withdrawal of consent, subject to specific limitations.

EXPAND: Although we primarily apply Canadian and Curaçao requirements, we also align our practices with principles seen in GDPR-style frameworks (rights to access, rectification, erasure, restriction, data portability, and objection) to provide a high standard of protection.

REFLECT: Below is an overview of your key rights and how to exercise them in relation to Brango Casino, together with procedural aspects and timeframes.

Right of Access

  • You have the right to request confirmation as to whether we hold personal information about you and to receive a copy of such information, subject to reasonable limitations and applicable law.
  • We will provide access in a structured and comprehensible format, explaining the types of information held, the purposes of processing, and the categories of recipients.

Right to Correction (Rectification)

  • You may request that inaccurate, incomplete, or outdated personal information be corrected or updated.
  • In many cases you can correct basic profile data directly in your account; for certain fields (e.g., name, date of birth) we may require supporting documentation to prevent fraud or identity misrepresentation.

Right to Deletion (Erasure)

  • You may request deletion of your personal information when:
    • The data are no longer necessary for the purposes for which they were collected.
    • You withdraw consent for processing that is based solely on consent and there is no other legal ground to continue.
    • Processing is unlawful or must be deleted to comply with a legal obligation.
  • We may not be able to delete certain data where retention is legally required (e.g., AML, financial records). In such cases, we will explain the reasons and, where possible, restrict processing.

Right to Restriction of Processing

  • You may request that we restrict processing in specific situations, for example:
    • While we verify the accuracy of data you dispute.
    • Where processing is unlawful and you prefer restriction instead of deletion.
    • Where we no longer need the data but you require it to establish, exercise, or defend legal claims.

Right to Object

  • You can object at any time to the use of your personal data for direct marketing. Upon objection, we will stop using your personal data for this purpose.
  • Where we rely on legitimate interests for certain processing, you may object, and we will consider your request, balancing our interests against your rights and freedoms.

Right to Data Portability

  • Where technically feasible and applicable, you may request a copy of certain personal data in a structured, commonly used, and machine-readable format, so that you can reuse it or transmit it to another service provider.

Right to Withdraw Consent

  • Where processing is based on your consent (for example, marketing communications or certain types of cookies), you may withdraw that consent at any time.
  • Withdrawal of consent does not affect the lawfulness of processing prior to withdrawal, and certain services may become unavailable if the data are essential.

Procedures, Timeframes, and Costs

  • How to Submit a Request:
    • Email: [email protected] with "Privacy Request" in the subject line.
    • Include your full name, username, registered email address, and a clear description of your request.
  • Verification: We may request additional information to verify your identity and protect your account and data from unauthorized access.
  • Response Time: We aim to respond within 30 days of receiving a complete request. If more time is needed due to complexity or volume, we will inform you and may extend the period in accordance with applicable law.
  • Fees: Requests are handled free of charge, unless they are manifestly unfounded or excessive, in which case a reasonable fee may be charged or the request may be refused with justification.

Cookies & Tracking Technologies

OBSERVE: Cookies and similar technologies are used on brango-ca.com to operate the website, enhance user experience, and support analytics and advertising.

EXPAND: Canadian privacy principles require transparency about how these technologies are used, what types of data they collect, and how users can control them.

REFLECT: This section explains the main categories of cookies we use and your options for managing them.

Types of Cookies

  • Session Cookies: Temporary cookies that exist only while your browser is open and are deleted when you close it. They are used for essential functionalities such as keeping you logged in during a session and maintaining your selections.
  • Persistent Cookies: Cookies stored on your device for a longer period, used to remember your preferences (e.g., language, region, display settings) and to recognize you when you return.
  • First-Party Cookies: Set directly by brango-ca.com to support core platform functionality and security.
  • Third-Party Cookies: Set by external service providers, such as analytics or advertising partners, to measure traffic, detect fraud, or deliver personalized content, in compliance with applicable rules.

Purposes of Cookies

  • Strictly Necessary / Functional: Required for the proper operation of the site and the provision of services you request (e.g., authentication, maintaining sessions, security features, load balancing).
  • Analytics and Performance: Help us understand how visitors use the site, which pages are visited most often, and how users interact with features, so that we can improve usability and performance.
  • Advertising and Marketing: Used in some cases to tailor promotions and advertising to your interests, measure the effectiveness of campaigns, and prevent showing repetitive or irrelevant ads, subject to applicable consent requirements.

Managing and Disabling Cookies

  • Browser Settings: Most web browsers allow you to:
    • View which cookies are stored.
    • Delete cookies.
    • Block cookies from all or specific websites.
    However, blocking essential cookies may affect your ability to log in or use certain features.
  • Internal Settings: Where available, we may offer in-account or on-site settings to manage certain cookie and tracking preferences (e.g., analytics or marketing preferences).
  • Third-Party Tools: Some advertising and analytics providers offer independent opt-out mechanisms; these may vary by region and service.

Data Security

OBSERVE: Online casinos handle sensitive information, including identification and financial data, requiring robust security.

EXPAND: Canadian privacy requirements and international best practices (such as ISO 27001 and SOC 2 frameworks) emphasize confidentiality, integrity, and availability.

REFLECT: We apply a combination of technical, organizational, and physical measures designed to protect your personal data against unauthorized access, loss, or misuse.

Technical Security Measures

  • Encryption in Transit: Communications between your browser and brango-ca.com are protected using industry-standard TLS (Transport Layer Security) protocols, TLS 1.2 or higher, to safeguard data in transit.
  • Encryption at Rest: Sensitive data fields and key systems are protected using encryption technologies at rest, with controlled key management practices.
  • Access Controls: User and administrator access is managed through role-based permissions, strong authentication controls, and logging of privileged activities. Where appropriate, multi-factor authentication (MFA) is implemented for administrative systems.
  • Network and System Protection: Firewalls, intrusion detection/prevention systems, anti-malware tools, and regular patching are used to mitigate security threats.

Organizational and Procedural Measures

  • Security Policies: We maintain internal information security policies covering data handling, access, incident response, and business continuity.
  • Staff Training: Employees and contractors with access to personal data receive training on privacy, data protection, and security best practices, and are bound by confidentiality obligations.
  • Vendor Management: Service providers that process personal data on our behalf are vetted for security capabilities and must comply with contractual data protection and security requirements.
  • Audits and Testing: We regularly review security controls and may conduct audits, vulnerability assessments, and penetration tests to identify and remediate potential weaknesses.

Incident Response

  • We maintain procedures for identifying, assessing, and responding to actual or suspected data security incidents.
  • In the event of a breach affecting your personal information, we will take appropriate steps to mitigate the impact and, where required by law, notify affected individuals and relevant authorities as soon as reasonably practicable.

Complaints & Contacts

OBSERVE: Users need clear channels to raise concerns and escalate unresolved issues.

EXPAND: Canadian frameworks expect accessible complaint mechanisms and, where applicable, routes to supervisory authorities or regulators.

REFLECT: The following describes how to contact us, how we handle complaints, and where you can escalate if you remain dissatisfied.

Contacting Us

Complaint Procedure

  1. Step 1 - Initial Contact:

    Send a detailed description of your issue or complaint to [email protected], providing your name, username, registered email address, and any relevant supporting information. Indicate that the complaint concerns privacy and data protection, if applicable.

  2. Step 2 - Acknowledgment:

    We will acknowledge receipt of your complaint as soon as reasonably possible, typically within 5 business days.

  3. Step 3 - Investigation:

    We will investigate the matter, which may involve reviewing account records, system logs, and communications. During this period, we may contact you for additional details or clarification.

  4. Step 4 - Response:

    We aim to provide a substantive response or resolution within 30 days of receiving a complete complaint. If more time is required due to complexity, we will inform you of the delay and expected timeline.

  5. Step 5 - Escalation:

    If you are not satisfied with our response in relation to privacy and data protection, you may be entitled to raise your concerns with the relevant privacy or data protection authority in your jurisdiction. For Canadian residents, this may include the Office of the Privacy Commissioner of Canada (OPC) or, where applicable, the privacy commissioner of your province or territory.

Regulatory and Supervisory Authorities

  • Canadian Federal Privacy Authority:
    • Office of the Privacy Commissioner of Canada (OPC)
    • Website: https://www.priv.gc.ca
    • Instructions for filing a complaint and contact details are available on the OPC website.
  • Gaming Regulator (License Jurisdiction):
    • Curaçao eGaming - for issues specifically related to licensed gaming operations.
    • License verification portal: https://validator.curacao-egaming.com

Updates

OBSERVE: Laws and business practices evolve, requiring us to review and update this Privacy Policy.

EXPAND: Transparency best practices recommend notifying users of significant changes, allowing them to review updates and, where necessary, adjust their preferences or close accounts.

REFLECT: This section explains how we will inform you about changes and how they affect your continued use of brango-ca.com.

Policy Changes and Version Control

  • This Privacy Policy may be updated from time to time to reflect:
    • Changes in legal or regulatory requirements affecting our operations.
    • Adjustments to our services, technologies, or business processes.
    • Feedback from users, regulators, or industry developments.
  • Each version will be identified by a "Last updated" date at the end of the document.
  • Last updated: January 1, 2026.

Notification of Material Changes

  • When we make material changes that significantly affect how we collect, use, or disclose your personal information, we will:
    • Post a prominent notice on brango-ca.com (e.g., banner or pop-up); and/or
    • Send an email notification to the address associated with your account; and/or
    • Display an alert in your account dashboard after login.
  • Where required or appropriate, we will provide at least 30 days' advance notice before material changes take effect, unless immediate changes are necessary to comply with legal obligations or to address security or operational issues.

Your Options Following Updates

  • If you continue to use brango-ca.com after the effective date of an updated Privacy Policy, this will constitute your acknowledgment of the updated terms.
  • If you do not agree with the updated Privacy Policy:
    • You may discontinue using our services.
    • You may request account closure and exercise your rights under the "Your Rights" section, including access, correction, or deletion where applicable.