burger icon
Palms Bet United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Palms Bet, operating the website pelmsbet.com for the project Palms Bet, collects, uses, stores, and shares your personal data when you visit the site, create an account, place bets, or otherwise interact with our services. It applies to players, website visitors, and other individuals whose data we process in connection with pelmsbet.com. This Privacy Policy is designed to comply with the UK GDPR, the EU GDPR (where applicable), and other relevant laws and industry standards, and is effective from 1 January 2025.

Who We Are

Palms Bet is an online gambling brand operated for the project Palms Bet via the website pelmsbet.com. The service is ultimately owned by Telematic Interactive Bulgaria AD, a public company listed on the Bulgarian Stock Exchange (ticker: TIB), with its headquarters in Sofia, Bulgaria.

Telematic Interactive Bulgaria AD acts as the data controller for personal data processed in connection with pelmsbet.com, including UK users. The company is registered in the Bulgarian Commercial Register and holds Bulgarian National Revenue Agency (NRA) gambling licences for sports betting (No. 000030-1061) and casino games (No. 000030-5530), and a Kenyan BCLB licence (No. 0000508) for certain markets. These licences relate to gambling regulation and do not themselves govern privacy rights, which are primarily determined by data protection laws such as the UK GDPR.

Palms Bet currently does not hold a UK Gambling Commission (UKGC) licence. As a result, UK players using pelmsbet.com are not protected by UKGC regulatory schemes such as GamStop and are not covered by UK gambling-specific consumer protection or UK-recognised ADR bodies (for example, IBAS) in relation to gambling disputes. The Bulgarian NRA has explicitly stated that it does not handle disputes regarding unpaid winnings for British citizens. This does not affect your privacy and data protection rights under the UK GDPR, which are described in this Policy.

Data Protection Contact / DPO
If you have questions about this Privacy Policy or how we handle your personal data, you can contact our data protection contact point:

  • E-mail: privacy@pelmsbet.com (preferred channel)
  • Postal location: Telematic Interactive Bulgaria AD, Data Protection Officer, Sofia, Bulgaria (full registered address available in the Bulgarian Commercial Register)
  • Website: https://pelmsbet.com (you may also use any dedicated contact or feedback form provided on the site, where available)

What Personal Data We Collect

We collect and process personal data only to the extent necessary to operate pelmsbet.com, provide gambling services, meet regulatory obligations, and protect our legitimate interests and those of our users. The main categories are:

Identity and Contact Data

  • Basic identifiers: first name, last name, username, date of birth, nationality, and, where required by law, national identification or tax numbers (for example, Bulgarian EGN or other equivalent identifiers) and information about residency status.
  • Contact details: e-mail address, phone number, country of residence, language preferences, and communication preferences (such as marketing opt-ins).
  • Account information: account ID, registration date, verification status, security settings, and internal notes relevant to KYC/AML compliance.

KYC / AML and Regulatory Data

  • Verification documents: scans or photos of identity documents (passport, ID card, driving licence), proof of address (utility bills, bank statements), source of funds/source of wealth information, and any other documentation requested to satisfy KYC (Know Your Customer) and AML (Anti-Money Laundering) obligations.
  • Risk and compliance data: results of sanctions checks, politically exposed person (PEP) screening, adverse media checks, internal risk scores, manual review notes (for example, where accounts are flagged for residency or EGN-related issues), and decisions taken for compliance reasons.

Financial and Transaction Data

  • Payment details: partially masked card numbers, card type, cardholder name, expiry date, IBAN or other banking details (where applicable), e-wallet identifiers, and transaction tokens processed via our payment partners. Raw payment card data is handled in accordance with payment industry standards and may be stored only by PCI-compliant providers.
  • Transaction history: deposits, withdrawals, bets placed, wagers, wins and losses, bonuses credited and used, account balances, currency, timestamps, and any associated fees.

Usage and Behavioural Data

  • Gameplay and betting behaviour: betting history, stakes, game preferences, session duration, frequency and pattern of play, clicks and navigation paths, responsible gambling indicators (for example, self-exclusion, time-outs, or deposit limits where available).
  • Log and interaction data: log-in and log-out times, account changes, security events, chat and communication history with customer support, complaint records, and internal notes documenting our handling of requests.

Technical and Device Data

  • Device information: IP address(es), approximate geolocation derived from IP, device identifiers, browser type and version, operating system, language settings, and information about the referring URL.
  • Technical logs: server logs of requests to pelmsbet.com, error logs, performance monitoring data, and security event logs (for example, failed log-ins, suspected bot activity, or fraud attempts).

Cookies and Similar Technologies

  • Cookies: session cookies, persistent cookies, and cookies set by third parties (such as analytics or advertising partners) used to maintain sessions, remember choices, perform analytics, and, where permitted, deliver personalised content or marketing.
  • Similar technologies: web beacons, pixels, SDKs, and device identifiers used for fraud prevention, analytics, and marketing where allowed by law and your preferences.

Legal Basis for Processing

We process personal data in accordance with the UK GDPR, the EU GDPR (where applicable), and other relevant laws. Depending on the specific processing activity, we rely on the following legal bases:

  • Performance of a contract: We process your data when it is necessary to enter into and fulfil our contract with you, including:
    • creating and managing your Palms Bet account on pelmsbet.com;
    • processing deposits, bets, winnings, and withdrawals;
    • providing customer support and resolving account-related issues; and
    • ensuring the technical operation and security of your account.
  • Compliance with legal obligations: We are legally required to collect and retain certain data, particularly for:
    • identity verification, KYC and AML checks, and prevention of fraud and money laundering;
    • meeting obligations under Bulgarian, EU, Kenyan, and other applicable financial and gambling regulations;
    • record-keeping, regulatory reporting, and responding to lawful requests from competent authorities; and
    • protecting minors and vulnerable persons from gambling-related harm, where applicable.
  • Legitimate interests: We process certain data where it is necessary for our legitimate interests (or those of a third party) and where your interests and fundamental rights do not override those interests, including:
    • ensuring network and information security, detecting and preventing fraud or abuse;
    • improving our services, user experience, and website performance;
    • maintaining internal records, statistics, and analytics about the use of pelmsbet.com; and
    • defending and exercising legal claims in disputes, including those involving cross-border elements.
  • Consent: In specific situations, we rely on your freely given, informed consent, for example:
    • sending you direct electronic marketing communications (e-mail/SMS/push) not based on soft opt-in rules;
    • using non-essential cookies or similar technologies for personalised advertising; and
    • processing certain optional information you choose to provide in surveys or promotions.
    You may withdraw your consent at any time (see "Your Rights" below), without affecting the lawfulness of processing based on consent before its withdrawal.
  • Vital interests and public interest (rare cases): In exceptional circumstances, we may process data to protect your vital interests or those of another person, or where required in the public interest (for example, in serious security incidents or in response to legal orders related to criminal investigations).

Purpose of Processing

We use your personal data only for specific, explicit, and legitimate purposes. These can be grouped as follows:

  • Provision of services: To register and manage your Palms Bet account, authenticate you when you log in, enable deposits and withdrawals, settle bets and games, credit bonuses, and provide customer support.
  • Compliance and risk management: To carry out identity verification, KYC and AML checks, monitor transactions and gameplay for unusual or suspicious activity, apply internal risk rules (including those related to residency and local eligibility), and comply with applicable laws and regulatory requirements in Bulgaria, the UK, Kenya, the EU, and other relevant jurisdictions.
  • Improvement of our services: To analyse how pelmsbet.com is used, diagnose technical issues, improve performance and usability, develop new features, and enhance responsible gambling tools and measures.
  • Marketing and personalisation: To send you service messages and, where you have consented or it is otherwise lawful, to send marketing communications about our products, promotions, and offers; to personalise content, recommendations, and offers based on your account profile and behaviour; and to measure the effectiveness of our campaigns.
  • Security and fraud prevention: To protect the integrity of pelmsbet.com, detect and prevent fraud, abuse, bonus misuse, account takeovers, bots, and technical attacks; to enforce our terms and conditions and other policies; and to investigate and respond to suspicious or harmful behaviour.
  • Legal claims and business operations: To establish, exercise, or defend legal claims; to manage business operations and internal administration; to conduct audits and compliance reviews; and in the context of corporate transactions (for example, mergers, acquisitions, restructurings) where permitted by law.

Disclosure & Sharing

We do not sell your personal data. We share it only with trusted recipients and only when necessary and lawful. The main categories of recipients are:

  • Group companies and affiliates: Other entities within the Telematic Interactive Bulgaria AD group and Palms Bet operation may access your data for centralised administration, risk management, compliance, and technical support, subject to appropriate safeguards.
  • Payment service providers and financial institutions: Banks, card schemes, e-wallets, payment processors, and anti-fraud providers that process deposits, withdrawals, and payments, or help us detect fraudulent transactions and chargebacks.
  • Technology and service providers: Companies providing hosting, cloud infrastructure, IT support, data analytics, security services, communications platforms (e-mail/SMS), customer support tools, and identity verification services. These providers act primarily as data processors under written contracts that limit their use of your data.
  • Regulators and public authorities: Gambling regulators (including the Bulgarian National Revenue Agency (NRA) and the Kenyan BCLB), financial intelligence units, tax authorities, law enforcement and courts, and other competent authorities, when required by applicable law or valid legal requests. Please note that, for British citizens, the Bulgarian NRA has confirmed that it does not handle disputes over unpaid winnings; however, it may still receive data for regulatory oversight and AML purposes.
  • Advertising and analytics partners: Subject to your consent and cookie preferences, we may share limited pseudonymised or aggregated data with partners providing analytics, marketing, retargeting, or affiliate tracking services in connection with pelmsbet.com.
  • Professional advisers: Lawyers, auditors, accountants, and consultants who assist us in managing our business, complying with legal obligations, and defending legal claims, under confidentiality obligations.
  • Corporate transactions: In the event of a merger, acquisition, reorganisation, or sale of assets involving Palms Bet or Telematic Interactive Bulgaria AD, your data may be disclosed to prospective or actual purchasers and their advisers, subject to appropriate confidentiality and data protection safeguards.

International Transfers

As an operator headquartered in Bulgaria and active in multiple markets (including Bulgaria, Kenya, and the UK), we may transfer your personal data across borders, including to countries outside the UK and the European Economic Area (EEA).

  • Intra-group transfers: Your data may be transferred between entities within the Telematic Interactive Bulgaria AD group, including to and from Bulgaria and Kenya, for operational, compliance, and support purposes.
  • Third-country service providers: Some of our service providers (for example, cloud hosting, analytics, payments, or anti-fraud providers) may be located in or process data in countries outside the UK and EEA, including the United States or other jurisdictions.
  • Legal safeguards: Where we transfer personal data to countries that are not recognised as providing an adequate level of data protection by the UK or EU authorities, we implement appropriate safeguards, such as:
    • standard contractual clauses (SCCs) approved by the European Commission;
    • the UK International Data Transfer Agreement (IDTA) or the UK addendum to the EU SCCs; and
    • technical and organisational measures such as encryption, access controls, and data minimisation.
  • Supplementary measures: We assess transfer risks and, where necessary, implement additional safeguards to ensure that your rights remain effectively protected. We do not rely on the former EU - US Privacy Shield as a legal basis for transfers.

You can contact us at privacy@pelmsbet.com for more information about the specific safeguards used for international transfers relevant to your data.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, to comply with legal obligations, and to protect our legitimate interests. Retention periods may differ between jurisdictions (for example, Bulgaria, the UK, Kenya, and the EU). In general:

  • Account and identity data: We keep core account records (identity, contact details, KYC information) for the duration of your active relationship with us and normally for up to 5 years after account closure, unless a longer period is required by applicable AML, gambling, tax, or accounting laws (which may require retention for up to 10 years in certain cases).
  • Transaction and betting data: We retain transaction, gameplay, and financial records for the period necessary to meet legal retention requirements, resolve disputes, and comply with regulatory obligations, typically at least 5 years from the relevant transaction or account closure, whichever is later.
  • Technical logs and security data: Security logs and technical records are typically kept for shorter periods, usually from a few months up to 2 years, depending on their relevance for security, fraud investigations, and regulatory compliance.
  • Marketing data: Data used for marketing is retained until you withdraw your consent or object to marketing, or until it is no longer necessary for that purpose, after which it may be anonymised or deleted.
  • Complaint and dispute records: Correspondence and documentation relating to complaints, disputes, and legal claims may be retained for the duration of the matter and for an additional period necessary to comply with limitation periods and legal requirements, which may extend beyond 5 years where justified.

When data is no longer needed, we will delete it or irreversibly anonymise it. If deletion is not immediately possible (for example, in backups), we will securely store the data and isolate it from further processing until deletion is feasible.

Your Rights

As a user of pelmsbet.com, you have a range of rights in relation to your personal data under the UK GDPR and, where applicable, the EU GDPR. Where Mexican data protection law (such as the Federal Law on Protection of Personal Data Held by Private Parties) applies - for example, if you are a user in Mexico and use our services from there - your rights are broadly similar. These rights include:

  • Right of access: You can request confirmation as to whether we process your personal data and obtain a copy of your data and information about how we process it.
  • Right to rectification: You can ask us to correct inaccurate or incomplete personal data.
  • Right to erasure: You can ask us to delete your personal data in certain cases, for example where it is no longer necessary for the purposes for which it was collected, you have withdrawn consent (where processing was based on consent), or you have successfully objected to processing. We may not be able to delete data that we are legally required to keep (for example, for AML or regulatory reasons).
  • Right to restriction: You can request that we restrict the processing of your data - for example, while we verify its accuracy or where you have objected to our legitimate-interest processing.
  • Right to object: You can object at any time to processing based on our legitimate interests, on grounds relating to your particular situation. You also have the absolute right to object to the processing of your data for direct marketing, including profiling for marketing purposes.
  • Right to data portability: You can receive certain data you have provided to us in a structured, commonly used, machine-readable format and request that we transmit it to another controller where technically feasible.
  • Right to withdraw consent: Where processing is based on your consent (for example, marketing communications or certain cookies), you may withdraw that consent at any time, without affecting the lawfulness of processing prior to withdrawal.

How to exercise your rights: You can submit a request by contacting us at privacy@pelmsbet.com or via any dedicated user rights or privacy form on pelmsbet.com. For security and regulatory reasons, we may ask you to verify your identity and provide information enabling us to locate your data. We aim to respond within one month (30 days) of receiving a valid request. This period may be extended by up to two further months for complex or multiple requests; if so, we will notify you. In general, requests are handled free of charge, but we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded or excessive, in line with applicable law.

Cookies & Tracking Technologies

pelmsbet.com uses cookies and similar tracking technologies to ensure the site functions correctly, to improve performance, and, where permitted, to provide personalised content and marketing. Cookies are small text files stored on your device when you visit our site.

Types of Cookies We Use

  • Strictly necessary / functional cookies (session and persistent): These are required for the operation of pelmsbet.com and the Palms Bet services, for example to keep you logged in, maintain your session, manage security features, and remember basic settings. Without them, the site may not function properly.
  • Performance and analytics cookies: These help us understand how visitors use our site, which pages are most popular, and how our systems perform. We typically use third-party analytics providers that set their own cookies, but only with appropriate contractual safeguards and, where required, on the basis of your consent or applicable cookie rules.
  • Advertising and targeting cookies: Where permitted by law and subject to your preferences, we and our partners may use cookies or similar technologies to deliver relevant adverts, measure campaign effectiveness, and build pseudonymised profiles based on your interaction with pelmsbet.com.
  • Preference cookies: These remember your choices (such as language, region, or cookie settings) to provide a more personalised experience.

Managing Cookies

  • Cookie banner / management tool: On your first visit and periodically thereafter, we present a cookie banner or management panel where you can accept or reject non-essential cookies and adjust your preferences.
  • Browser settings: Most browsers allow you to block or delete cookies through their settings. If you block all cookies, certain features of pelmsbet.com may not work correctly.
  • Withdrawal of consent: If you have consented to non-essential cookies, you may withdraw your consent at any time via the cookie settings on pelmsbet.com or by adjusting your browser settings. This will not affect cookies that are strictly necessary for the operation of the site.

More detailed information about the specific cookies used on pelmsbet.com, including their names, providers, and lifetimes, may be available in a separate cookie notice linked from our cookie banner or website footer.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or damage. While no system can guarantee absolute security, we strive to follow industry best practices and security standards.

  • Encryption: Data transmitted between your browser and pelmsbet.com is protected using TLS (Transport Layer Security) version 1.2 or higher. Sensitive data stored within our systems is protected by encryption at rest or other suitable safeguards, particularly for passwords (stored using strong one-way hashing) and security-sensitive information.
  • Access controls: Access to personal data is restricted to authorised personnel and service providers who need it for legitimate business purposes. We apply role-based access controls, strong authentication methods, and, where appropriate, multi-factor authentication (MFA) for administrative access.
  • Infrastructure and application security: Our servers and applications are hardened and regularly updated. We implement firewalls, intrusion detection and prevention systems, and other security controls to monitor and protect our infrastructure.
  • Security testing and audits: We conduct regular security assessments, vulnerability scanning, and, where appropriate, independent audits to test the effectiveness of our controls. Our security framework is designed to align with recognised industry standards such as ISO 27001 and SOC 2, although we do not claim formal certification unless explicitly stated elsewhere on pelmsbet.com.
  • Staff training and policies: Employees and contractors who handle personal data receive training on data protection and security obligations and are bound by confidentiality and acceptable-use policies.
  • Incident response: We maintain incident response procedures to detect, investigate, and respond to security incidents. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required, inform affected individuals, in accordance with legal requirements.

Complaints & Contacts

If you have concerns about how your personal data is processed in connection with pelmsbet.com and the Palms Bet project, we encourage you to contact us first so we can try to resolve the issue. You also have the right to lodge a complaint with a supervisory authority, as described below.

How to Contact Us

  • Data protection contact / DPO: privacy@pelmsbet.com
  • Postal location: Telematic Interactive Bulgaria AD, Data Protection Officer, Sofia, Bulgaria (full registered address available in the Bulgarian Commercial Register)
  • Website: https://pelmsbet.com

Internal Complaint Procedure

  1. Step 1 - Contact customer support: If your concern relates to your account, transactions, or general service issues, please first contact our customer support team via the channels provided on pelmsbet.com. They will attempt to resolve your issue informally.
  2. Step 2 - Escalation to privacy team / DPO: If your concern specifically involves privacy or data protection, or if you are not satisfied with the initial response, please write to privacy@pelmsbet.com with a clear description of your concern. We will acknowledge receipt and investigate. We aim to provide a substantive response within 30 days, subject to any statutory timeframes.
  3. Step 3 - Further escalation: If we cannot resolve your complaint to your satisfaction, or you prefer not to contact us first, you have the right to contact a relevant data protection authority.

Supervisory Authorities

  • United Kingdom: If you are in the UK, your primary supervisory authority is the Information Commissioner's Office (ICO). You can find contact details and lodge a complaint via https://ico.org.uk.
  • European Union / Bulgaria: As our headquarters are in Bulgaria, the Bulgarian Commission for Personal Data Protection (CPDP) is our main EU supervisory authority for GDPR matters. Contact details and procedures are available at its official website (search for "CPDP Bulgaria").
  • Mexico: Where Mexican data protection law applies, you may contact the Mexican data protection authority, the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI). Information on how to lodge a complaint is available on INAI's official website.

Please note that gambling-related consumer or winnings disputes are handled differently from privacy complaints. As noted earlier, Palms Bet is not licensed by the UK Gambling Commission, and there is currently no UK-recognised ADR (such as IBAS) appointed for this operator. The Bulgarian NRA does not handle unpaid winnings disputes for British citizens, but the absence of such ADR mechanisms does not limit your rights to complain to data protection authorities about privacy issues.

Updates

We may update this Privacy Policy from time to time to reflect changes in law, regulatory guidance, industry practices, or our services on pelmsbet.com. When we make material changes, we will take appropriate steps to inform you in advance.

  • Notification methods: We may notify you of updates by:
    • e-mailing you at the address associated with your account;
    • displaying a prominent notice or banner on pelmsbet.com; and/or
    • providing alerts or messages in your account dashboard (where available).
  • Advance notice: For significant changes that materially affect your rights or the way we process your data, we will, where practicable, provide at least 30 days' notice before the changes take effect. Minor or clarificatory updates may take effect immediately, subject to applicable legal requirements.
  • User choices: If you do not agree with the updated Privacy Policy, you may choose to close your account and stop using pelmsbet.com. You may also exercise your data protection rights as described in the "Your Rights" section. Continued use of pelmsbet.com after the effective date of an updated policy will be treated as acknowledgement of the changes, to the extent permitted by law.
  • Version control: We will indicate the date of the latest update at the end of this Policy. Earlier versions may be retained for accountability and reference purposes.

Last updated: November 2025