Tower Casino TOWER
Overview Bonuses Banking Mobile App Sign-Up Guide Who We Are Safer Play
Legal

Privacy Notice

Short version: we collect what the law and your account require, protect it properly, sell none of it, and delete it when retention law allows. The long version follows. Effective July 15, 2026.

Updated July 15, 2026

1 · Controller & Contact

Tower Casino operates tower-casino.ca and is responsible for personal information processed through it. Privacy questions and requests: [email protected] — answered within 30 days as PIPEDA requires.

2 · What We Collect & Why

Data categories and purposes
CategoryExamplesWhy
IdentityName, date of birth, addressAccount operation, age verification, KYC
ContactEmail, phoneService messages, security alerts, optional marketing
VerificationID documents, proof of addressLegal AML obligations, one-time check
TransactionsDeposits, withdrawals, wagersWallet operation, fraud prevention, statutory records
TechnicalIP, device, session logsSecurity, jurisdiction checks, debugging
UsageGames played, preferencesLobby personalisation, responsible-gambling monitoring

We do not sell personal information. Automated risk systems may flag activity for human review; no account is closed by an algorithm alone.

3 · Cookies

Essential cookies run sessions, security and the consent banner itself — always on. Preference cookies remember language and display choices. Analytics cookies produce anonymous usage statistics, and marketing cookies handle campaign and affiliate attribution — both optional and controllable from the banner or your browser settings.

4 · Sharing & International Transfers

Data reaches only the providers needed to run the Tower — payment processors, identity-verification services, game studios (anonymised play data), hosting and analytics — each bound by contract. Regulators and law enforcement receive data where the law requires. Transfers outside Canada carry contractual safeguards consistent with PIPEDA.

5 · Retention & Security

Account and transaction records are retained for the statutory anti-money-laundering period (typically five years after closure), then deleted or irreversibly anonymised. Everything is encrypted in transit and at rest; verification documents live in segregated encrypted storage with role-restricted, logged access.

6 · Your Rights

Under PIPEDA you can request access to your data, correction of errors, withdrawal of marketing consent (one click in any email), and deletion where no retention law applies. Write to [email protected]; unresolved concerns can go to the Office of the Privacy Commissioner of Canada.

Self-excluded players' core identifiers are retained for the exclusion term — deleting them would break the protection you asked for.