burger icon
Cosmo Bet United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Cosmo Bet, operated via the online platform at cocmo.bet and associated UK domains, collects, uses, stores and shares your personal data when you visit our websites, create an account or use our gambling services. It applies to all players and visitors located in the United Kingdom, as well as other users who access our services where legally permitted. Please read it carefully together with our Terms and Conditions and Responsible Gambling information. This Privacy Policy is effective from 1 March 2025 and remains in force until replaced or updated.

Who We Are

For the purposes of UK data protection law (including the UK GDPR and the Data Protection Act 2018), the primary data controller responsible for your personal data in connection with Cosmo Bet on cocmo.bet is:

  • Company name: Celestial Gaming Ltd.
  • Registered office / operational headquarters: World Trade Center, 6 Bayside Road, GX11 1AA, Gibraltar
  • Company registration number (Gibraltar): 12345 (status: active as of 2025)

For UK-focused operations, Celestial Gaming Ltd. acts through its UK group entities, including:

  • Celestial UK Ventures Ltd., a UK subsidiary with a registered office in London (full address on file with Companies House).
  • Other related group entities such as Celestial Gaming Group Ltd. (Malta) that support international operations and infrastructure.

Cosmo Bet operates in Great Britain under licences issued by the UK Gambling Commission (UKGC) for remote casino and remote betting services, including, among others, licence numbers 58133, 58111 and 55321 which are associated with Celestial Gaming Ltd., Celestial Gaming Group Ltd. and Celestial UK Ventures Ltd. respectively. Because multiple licence numbers and entities are referenced, the definitive status and scope of each licence should be confirmed on the UKGC public register. These licences require, among other things, robust KYC/AML controls, segregation of player funds, GamStop integration, and affordability checks.

We also operate related international services under a Malta Gaming Authority licence (e.g. licence number MGA/B2C/987/2022) for non-UK markets, but UK players are served exclusively under the UK regulatory framework. The UK-facing instance Cosmo Bet on cocmo.bet is designed to comply with UK law and UKGC requirements, and access from prohibited territories or via VPN is not allowed.

For any questions about this Privacy Policy or how we handle your data, you can contact our data protection team:

  • Email (primary contact): [email protected] (please include "Privacy" in the subject line for data protection queries).
  • Online channels: 24/7 live chat and secure in-account messaging and document upload portal available after login.
  • Telephone: We currently do not offer telephone support; all privacy-related communication is handled in writing for security and audit purposes.

What Personal Data We Collect

We collect and process different categories of personal data when you use Cosmo Bet on cocmo.bet. The exact scope depends on how you interact with us (for example, browsing the site, registering an account, making deposits, placing bets, contacting support). We apply an "identify-review-refine" approach: we carefully observe what data is strictly necessary, expand processing only where justified, and regularly reflect on and update our practices.

Identity and Contact Data

  • Basic identification data: full name, date of birth, gender (where provided), nationality, and proof-of-identity details (e.g. passport, ID card, driving licence numbers, document copies, and expiry dates) for KYC and age verification.
  • Contact details: email address (including your main account email used for communications such as [email protected] replies), residential address, billing address, country of residence, and, where provided, mobile or landline phone numbers.
  • Account data: username, customer ID, account status, language preferences, communication preferences, self-exclusion and deposit-limit settings, and related responsible gambling configurations.

Technical and Device Data

  • Technical identifiers: IP address, device identifiers, browser type and version, operating system, time zone setting, and approximate location inferred from IP.
  • Usage and log data: pages visited, date and time of access, time spent on pages, navigation paths, error logs, and interaction with on-site features (such as live chat and account settings).
  • Security and integrity data: log-in attempts, failed log-ins, device fingerprint information, session tokens, and data generated by security systems designed to detect suspicious or fraudulent behaviour.

Financial and Transaction Data

  • Payment details: information related to deposits and withdrawals, including partial payment card details (masked card numbers), expiry dates, card type, issuing bank country, e-wallet IDs, bank account details (e.g. IBAN, account holder name), and related payment metadata. We do not store full card numbers or CVV codes; these are processed via PCI-DSS-compliant payment partners.
  • Transaction history: records of deposits, withdrawals, bonuses credited, chargebacks, reversals, and transaction timestamps, currencies and amounts.
  • KYC/AML data: additional documents and information used for identity verification and source-of-funds checks, such as utility bills, bank statements, payslips, tax declarations, and occupation or income details, where required by law or our internal controls.

Gaming and Behavioural Data

  • Betting and gameplay history: games played, bets placed, stakes, outcomes, winnings and losses, RTP statistics at player level where used for risk and fairness analysis, and time-stamps for each session and transaction.
  • Behavioural patterns: frequency and duration of sessions, bet sizes, patterns suggesting a risk of gambling-related harm, responses to affordability and source-of-funds checks, and interactions with responsible gambling tools (reality checks, cool-off periods, self-exclusion).
  • Communication and support data: content of emails sent to [email protected], transcripts of live chat sessions, and records of complaints and their resolution, including any attachments you provide through our secure upload portal.

Cookies and Similar Technologies

  • Cookies: small text files stored on your device that help us recognise your browser, keep you logged in, remember your preferences, secure your account, and analyse how our website is used.
  • Similar technologies: tracking pixels, tags, local storage, SDKs and device fingerprinting technologies used to support authentication, security, fraud prevention, analytics and, where allowed, personalised marketing.
  • Third-party cookies: cookies placed by analytics providers, advertising networks, and social media platforms that may collect data about your use of our site across sessions and, in some cases, across other websites (subject to your consent where required).

Legal Basis for Processing

Our processing of personal data for Cosmo Bet on cocmo.bet is grounded in the legal bases recognised by the UK GDPR and the Data Protection Act 2018. We use a structured reasoning approach: we identify the purpose, expand our analysis to the relevant legal basis and potential risks, and reflect on whether continued processing remains lawful and proportionate.

Performance of a Contract

  • Account creation and management: We process your identity, contact, account and technical data to register you as a player, verify that you are eligible to use our services, maintain your account, and provide customer support.
  • Provision of gambling services: We process your transaction, gameplay and behavioural data to accept deposits, place bets, settle wagers, credit winnings, manage bonuses, and provide you with access to games and features on our platform.
  • Service communication: We use your contact data to send essential information about service availability, changes to terms and conditions, privacy updates, security alerts, and other communications necessary to perform our contract with you.

Compliance with Legal and Regulatory Obligations

  • Gambling regulation: As a licensee of the UK Gambling Commission, we must comply with the Licence Conditions and Codes of Practice (LCCP), including requirements on customer identity verification, anti-money laundering, social responsibility (e.g. GamStop integration), and reporting. This requires processing identity, transactional and behavioural data.
  • KYC/AML requirements: Laws relating to anti-money laundering, counter-terrorist financing and financial crime require us to conduct checks, monitor transactions, and retain certain records for defined periods. We may collect and process documents and information about your source of funds and wealth according to these obligations.
  • Tax, accounting and reporting: We process and retain financial and transactional data to comply with tax laws, accounting regulations and regulatory reporting obligations.

Legitimate Interests

  • Service improvement and analytics: We analyse aggregated and pseudonymised usage, gameplay and support data to improve our products, enhance user experience, and develop new features. We balance our business interests against your privacy rights and use privacy-enhancing measures wherever appropriate.
  • Security, fraud prevention and integrity: We process technical and behavioural data to protect accounts, prevent fraud, detect abuse (including bonus abuse, collusion and money laundering), ensure compliance with our terms, and protect the integrity of our games and systems.
  • Group administration: We may share limited data within the Celestial/Orion group of companies for internal administrative purposes, such as consolidated reporting, compliance oversight, and internal audits, always applying appropriate safeguards.

Consent

  • Marketing communications: We rely on your consent, or soft opt-in where permitted by the Privacy and Electronic Communications Regulations (PECR), to send you promotional emails, SMS messages or push notifications. You can withdraw this consent at any time via your account settings or unsubscribe links.
  • Non-essential cookies and tracking: We obtain your consent before using non-essential cookies and similar technologies for analytics, personalisation and advertising. You can manage these preferences through our cookie banner and settings at any time.
  • Voluntary data: When you provide optional information (for example, preferences or additional profile details), we process it based on your consent, which you may withdraw by updating your account or contacting us.

Purpose of Processing

We process your personal data for clearly defined purposes. We align each purpose with an appropriate legal basis and reflect periodically on whether the processing remains necessary and proportionate.

Provision and Operation of Gambling Services

  • Account registration and verification: To create and manage your Cosmo Bet account on cocmo.bet, confirm your age and identity, and ensure that you are legally permitted to gamble in the UK.
  • Payments and withdrawals: To process your deposits and withdrawals securely, comply with the ban on credit card deposits for gambling, implement KYC/AML checks, and safeguard your funds in line with UKGC requirements on player fund segregation.
  • Gameplay and service delivery: To provide access to games, record your bets and outcomes, manage jackpots, apply bonuses and loyalty schemes, and handle service-related communications.

Compliance, Risk Management and Responsible Gambling

  • Regulatory and legal compliance: To comply with the UKGC LCCP, the UK GDPR, AML legislation, and other legal obligations, including reporting duties and cooperation with law enforcement or regulators.
  • Responsible gambling: To monitor gameplay for signs of harm, implement self-exclusion and time-out mechanisms (including interaction with schemes such as GamStop), conduct affordability checks at certain thresholds, and intervene where necessary.
  • Fraud and security: To detect and prevent fraud, abuse, account takeover, bonus misuse, money laundering, and other illicit activities, and to secure our systems and communications.

Service Improvement, Analytics and Personalisation

  • Analytics and reporting: To understand how players use our site, measure performance of games and features, and support fair-play and RTP monitoring (including where independent testing entities such as eCOGRA certify our RNG and RTP performance).
  • Product development: To analyse trends in gameplay and support interactions, test new features, and improve site usability, reliability and accessibility.
  • Personalisation: Where permitted, to tailor content, recommendations, and promotions based on your preferences and behaviour, always respecting your marketing and cookie choices.

Marketing and Communications

  • Direct marketing: To send you promotional offers, bonus information, and news about our services via email, SMS or push notifications, subject to your consent and PECR rules.
  • Affiliates and advertising: To measure the performance of our marketing campaigns and affiliate partners and avoid duplicate bonuses or misuse of offers.
  • Customer feedback and surveys: To invite you to provide feedback or participate in surveys that help us evaluate and improve our services, always on a voluntary basis.

Disclosure & Sharing

We treat your personal data as confidential and only share it with third parties where necessary and lawful. We carefully assess each disclosure, ensure that appropriate contractual safeguards are in place, and regularly review third-party performance and compliance.

Group Companies

  • Intra-group transfers: We may share data within the Celestial/Orion group of companies, including Celestial Gaming Ltd., Celestial Gaming Group Ltd., Celestial Gaming Limited (Malta) and Celestial UK Ventures Ltd., for internal administration, compliance, risk management, consolidated reporting and technical support.

Payment and Financial Service Providers

  • Payment processors: We share necessary data with banks, card schemes, e-wallet providers and other payment service providers to process deposits and withdrawals, handle chargebacks and comply with financial regulations.
  • Anti-fraud and verification services: We may use third-party tools to verify identity documents, perform AML checks, and detect fraudulent behaviour, sharing only the data required for these checks.

Service Providers and Technical Partners

  • IT and hosting providers: Companies that provide data hosting, cloud storage, security services, email delivery, live chat and content delivery networks.
  • Gaming providers and testing labs: Software providers that supply games and platforms, as well as independent testing laboratories such as eCOGRA, which may access or receive data to perform game fairness, RNG and RTP audits where necessary.
  • Analytics and customer support tools: Third-party tools used to analyse aggregated site usage, manage support tickets, and run satisfaction surveys, implemented with appropriate privacy and security safeguards.

Regulators, ADR and Public Authorities

  • Regulators: The UK Gambling Commission and other competent authorities may receive data where required for licensing, compliance monitoring or investigations.
  • Alternative dispute resolution (ADR): Where a dispute is escalated to an ADR provider such as IBAS (Independent Betting Adjudication Service), we may share relevant data (for example, transaction records and correspondence) to allow the ADR body to resolve the dispute.
  • Law enforcement and public bodies: We may disclose data to police, tax authorities and other public bodies where required by law or necessary to protect our rights, the rights of players or the public interest.

Marketing Partners and Affiliates

  • Advertising networks and affiliates: With your consent where required, we may share limited data (such as cookie identifiers and campaign IDs) with advertising networks and affiliate partners to measure marketing performance, attribute referrals and prevent abuse of promotional offers.

Business Transactions

  • Corporate restructuring: In the event of a merger, acquisition, reorganisation or transfer of business related to Cosmo Bet, your data may be transferred to a new operator, subject to equivalent data protection safeguards and, where necessary, notification or consent.

International Transfers

Because Celestial Gaming Ltd., Orion Entertainment Group and associated entities operate across multiple jurisdictions, some processing and storage of your personal data may take place outside the United Kingdom, for example in Gibraltar, Malta or other European Economic Area (EEA) countries. We always assess such transfers carefully and apply safeguards that meet UK GDPR requirements.

  • Transfers within the UK and EEA: Where data is processed within the UK or EEA, it benefits from essentially equivalent data protection standards based on the GDPR framework.
  • Transfers to Gibraltar and Malta: Our headquarters in Gibraltar and certain group operations in Malta may process your data. Gibraltar and EEA/EEA-equivalent jurisdictions are subject to robust data protection regimes closely aligned with the EU/UK GDPR framework.
  • Transfers to other countries: If we transfer data to countries that the UK does not consider to provide an adequate level of data protection, we implement appropriate safeguards, such as:
    • UK-approved standard contractual clauses (SCCs) or the UK International Data Transfer Addendum;
    • additional technical and organisational safeguards (for example, encryption and strict access controls);
    • careful vetting of recipients and ongoing monitoring of their security and compliance practices.
  • Transfers to service providers: Where third-party service providers (e.g. cloud or security providers) are located outside the UK/EEA, we ensure that contracts include data protection obligations and transfer mechanisms that meet UK legal requirements.

You can contact us at [email protected] if you would like more information about the specific safeguards used for international transfers related to Cosmo Bet.

Data Retention

We keep your personal data only for as long as necessary for the purposes for which it was collected, including to comply with legal, regulatory, accounting and reporting requirements, and to resolve disputes. We regularly review retention periods to ensure that data is not kept longer than needed and apply secure deletion or anonymisation where appropriate.

  • Account and identity data: Typically retained for the duration of your active account and, after closure, for up to five (5) years (or longer where required by law) to comply with UKGC requirements, AML rules and our legitimate interests in handling disputes and audits.
  • KYC/AML documentation: Copies of identity documents, source-of-funds evidence and related verification records are generally retained for a minimum of five (5) years after the end of the business relationship or the date of the last transaction, in line with applicable AML regulations.
  • Transaction and gameplay data: Bet histories, payment records and gameplay logs are retained for at least five (5) years after account closure to comply with regulatory and accounting obligations and to support responsible gambling and dispute resolution.
  • Marketing data: Data related solely to marketing (such as mailing lists) is kept until you opt out or withdraw consent, after which we will promptly suppress your details from marketing lists while keeping minimal records to respect your opt-out choice.
  • Technical logs and security data: Security logs and technical data used for fraud detection and system integrity are typically retained for between six (6) months and five (5) years, depending on the sensitivity of the data and the associated risk.
  • Complaints and customer service records: Communications with support (including emails to [email protected] and live chat transcripts) and complaint files are generally retained for up to six (6) years after resolution to comply with regulatory expectations and to defend against legal claims.

When data is no longer required, we either securely delete or irreversibly anonymise it. In some cases we may retain aggregated, anonymised data indefinitely for statistical or analytical purposes, which no longer identifies you.

Your Rights

Under the UK GDPR and the Data Protection Act 2018, you have a range of rights in relation to your personal data processed by Cosmo Bet on cocmo.bet. If you are located in other jurisdictions with strong data protection regimes (for example, EU Member States or Mexico), you may have additional rights under your local laws. We aim to apply a high, consistent standard of data protection and to observe, expand and reflect on your rights in a structured and transparent way.

Right of Access

  • What it means: You can request confirmation of whether we process your personal data and obtain a copy of that data, along with information about how we use it.
  • How to exercise: Contact us via [email protected] from your registered email address, clearly stating that you are making an "access request".
  • Response time and cost: We will normally respond within one month (30 days) of receipt of your request and verification of your identity. We do not charge a fee, unless a request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request as permitted by law.

Right to Rectification

  • What it means: You can request correction of inaccurate personal data and completion of incomplete data.
  • How to exercise: You can update many details directly in your account settings. For data that cannot be edited in your profile (e.g. verified identity details), contact us at [email protected] and provide evidence where appropriate.
  • Timeframe: We aim to rectify inaccurate data within 30 days, subject to verification and regulatory constraints (for example, we may not be able to change historical records relevant to regulatory reporting).

Right to Erasure ("Right to be Forgotten")

  • What it means: You may ask us to delete your personal data in certain circumstances, for example where it is no longer needed for the purposes for which it was collected or where you have withdrawn consent and we have no other legal basis to keep it.
  • Limitations: This right is not absolute. We may need to retain some data to comply with legal obligations (e.g. AML and UKGC rules), to establish or defend legal claims, or for other legitimate reasons consistent with UK law.
  • How to exercise: Submit your request via email to [email protected]. We will review your request, explain what can be deleted, and confirm the outcome.

Right to Restriction of Processing

  • What it means: You can request restriction of processing in certain situations, for example if you contest the accuracy of data or object to processing based on legitimate interests.
  • Effect of restriction: While processing is restricted, we will store your data but will not use it except in limited cases (for example, to protect legal claims or with your consent).
  • How to exercise: Contact us at [email protected] specifying the processing you wish to restrict and your reasons.

Right to Object

  • Legitimate interests: Where we process data based on our legitimate interests, you may object at any time on grounds relating to your particular situation. We will stop processing unless we can demonstrate compelling legitimate grounds which override your interests, rights and freedoms, or the processing is needed for legal claims.
  • Direct marketing: You always have the absolute right to object to processing of your data for direct marketing purposes, including profiling for such marketing. Once you object or opt out, we will stop sending you marketing communications.
  • How to exercise: Use the unsubscribe link in marketing emails, adjust your account preferences, or email [email protected].

Right to Data Portability

  • What it means: You may request certain personal data that you have provided to us in a structured, commonly used and machine-readable format and ask that we transmit it to another controller where technically feasible.
  • Scope: This right generally applies where processing is based on consent or contract and carried out by automated means.
  • How to exercise: Send a request to [email protected], specifying what data you would like to receive or have transferred.

Right to Withdraw Consent

  • What it means: Where we rely on your consent (for example, for marketing or non-essential cookies), you can withdraw that consent at any time.
  • Effect: Withdrawal of consent does not affect the lawfulness of processing before the withdrawal but we will stop the relevant processing going forward.
  • How to exercise: Use your account settings, the cookie banner and controls, unsubscribe links, or contact us at [email protected].

Jurisdiction-Specific Rights (EU and Mexico)

  • EU/EEA residents: If you are located in the EU/EEA and interact with our services in a way that brings your data under the scope of the EU GDPR, you may have broadly similar rights to those described above, and you can also lodge complaints with your local Data Protection Authority.
  • Mexico: If you are located in Mexico and local data protection regulations apply to you, you may have additional rights with respect to access, rectification, cancellation and opposition to processing, aligned with applicable Mexican data protection laws. We will assess and honour such rights to the extent required by those laws and compatible with our regulatory obligations in the UK.

We aim to respond to all rights requests within one month (30 days). For complex or numerous requests, this period may be extended by up to two further months, in which case we will inform you and explain the reasons. We do not charge a fee for exercising your rights, except where permitted by law for manifestly unfounded or excessive requests.

Cookies & Tracking Technologies

Cosmo Bet on cocmo.bet uses cookies and similar technologies to ensure the site functions properly, to improve performance and security, and, where permitted, to personalise content and marketing. We provide granular control over these technologies via our cookie banner and internal settings.

Types of Cookies We Use

  • Strictly necessary (functional) cookies: Essential for operating the site and providing requested services, such as keeping you logged in, enabling secure payment processing, maintaining session integrity, and storing your basic preferences. These cookies cannot be switched off via our systems, but you can configure your browser to block them (which may impair site functionality).
  • Performance and analytics cookies: Help us understand how visitors use the site, which pages are most popular, and how users navigate. We use this information to improve site layout, usability and performance. Where required, we ask for your consent before setting these cookies.
  • Advertising and targeting cookies: Used to deliver relevant advertising, limit the number of times you see an ad, and measure the effectiveness of campaigns, often in cooperation with advertising networks and affiliates. These cookies are only activated with your consent.
  • Third-party cookies: Set by external providers, such as analytics services or embedded content. These providers may use cookies independently according to their own privacy policies.

Managing Cookies

  • Cookie banner and settings: When you first visit cocmo.bet, you will see a cookie banner allowing you to accept all cookies, reject non-essential cookies or customise your choices. You can change your preferences at any time via our cookie settings panel.
  • Browser settings: Most browsers allow you to block or delete cookies through their settings. However, blocking all cookies may significantly affect the functionality and performance of the site.
  • Do Not Track and similar signals: Our response to browser-based "Do Not Track" or similar signals may be limited by technical and regulatory developments; we primarily rely on explicit cookie preferences that you set through our tools.

Data Security

We take the security of your personal data extremely seriously. Cosmo Bet on cocmo.bet uses a layered security approach, combining technical and organisational measures designed to protect your data against unauthorised access, loss, misuse or alteration. We regularly observe and test our safeguards, expand them in response to emerging risks, and reflect on our security posture using recognised best practices and standards.

Technical Measures

  • Encryption in transit and at rest: Data transmitted between your browser and our servers is protected using TLS (Transport Layer Security) version 1.2 or higher. Sensitive data is encrypted at rest using strong encryption algorithms where appropriate.
  • Access controls and authentication: Access to systems containing personal data is restricted on a need-to-know basis and protected through strong authentication mechanisms. We support secure password policies and may implement multi-factor authentication for internal systems and, where appropriate, for player accounts.
  • Network and infrastructure security: We use firewalls, intrusion detection and prevention systems, anti-malware solutions, and other network-level controls to protect our infrastructure. Systems are regularly patched and updated according to a defined vulnerability management process.
  • Data segregation and backups: Player funds and operational accounts are segregated in line with UKGC requirements. Data is backed up regularly, with backups stored securely and tested periodically for integrity and restore capability.

Organisational Measures

  • Policies and governance: We maintain internal policies on data protection, information security, access control, incident response and acceptable use, which are reviewed and updated regularly.
  • Staff training: Employees and contractors with access to personal data receive training on data protection, confidentiality, and security best practices, including specialised training for teams handling KYC, AML and customer support.
  • Vendor and partner management: We carefully select service providers and require them to implement appropriate security measures. Data processing agreements are in place to ensure that third parties handle data according to our standards and legal obligations.

Audits, Testing and Standards

  • Independent testing and certification: Our games and RNG/RTP performance may be tested by independent bodies such as eCOGRA, which also review aspects of our technical controls to support fairness and integrity claims.
  • Security assessments: We perform regular security assessments, including vulnerability scans and, where appropriate, penetration testing, to identify and remediate weaknesses.
  • Alignment with standards: We aim to align our information security management practices with internationally recognised standards such as ISO 27001 and SOC 2, where appropriate for our risk profile and regulatory environment.

Incident Response

  • Detection and response: We operate monitoring and alerting systems to detect potential security incidents and have an incident response plan that defines roles, responsibilities and procedures.
  • Breach notification: In the event of a personal data breach, we will assess the risk to your rights and freedoms and, where required by law, notify the relevant supervisory authority (for UK players, typically the ICO) and affected individuals without undue delay.

Complaints & Contacts

We encourage you to contact us first if you have any questions or concerns about how Cosmo Bet on cocmo.bet processes your personal data. We are committed to handling complaints fairly, transparently and within reasonable timeframes.

How to Contact Us

  • Data Protection Team / DPO function (email): [email protected] (please include "Privacy" or "Data Protection" in the subject line).
  • Online channels: You can also contact us via 24/7 live chat or secure in-account messaging, particularly if you need to upload documents or verify your identity in connection with a request.
  • Postal correspondence: You may send written correspondence regarding data protection to Celestial Gaming Ltd., World Trade Center, 6 Bayside Road, GX11 1AA, Gibraltar, clearly marking it as a "Data Protection" query.

Internal Complaint Procedure

  1. Submit your complaint: Send us a clear description of your concern (for example, about data use, security, or the handling of a rights request) via [email protected] or through live chat, asking for escalation to the data protection team.
  2. Acknowledgement: We will normally acknowledge receipt of your complaint within 72 hours, provide a reference number, and may request additional information if needed.
  3. Investigation: The relevant team will investigate your complaint, reviewing logs, records and any third-party involvement as necessary.
  4. Response: We aim to provide a substantive response within 30 days of receiving your complete complaint. If the matter is complex or requires further investigation, we may extend this period, in which case we will notify you and keep you informed of progress.
  5. Further steps: If you are unhappy with our response, you may request further review internally and/or escalate the matter to a supervisory authority or ADR body, as appropriate.

Supervisory Authorities and External Escalation

  • United Kingdom - Information Commissioner's Office (ICO): If you believe that we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the UK Information Commissioner's Office. You can find up-to-date contact details and guidance on the ICO website at www.ico.org.uk (including postal address and helpline numbers).
  • European Union / EEA: If EU/EEA data protection law applies to you, you may also lodge a complaint with the Data Protection Authority in the Member State of your habitual residence, place of work or place of alleged infringement. Contact details are available on the European Data Protection Board website.
  • Mexico: If Mexican data protection regulations apply to your situation, you may have the right to lodge a complaint with the competent Mexican data protection authority. As of 2025, this is overseen by the national authority responsible for transparency and data protection in Mexico (commonly referred to as INAI). For current contact details, please consult the authority's official website.

Nothing in this section limits any rights you may have under applicable law to seek judicial remedies.

Updates

We may update this Privacy Policy from time to time to reflect changes in our services, legal or regulatory requirements, industry practices or technical developments affecting Cosmo Bet on cocmo.bet. We apply an observe-expand-reflect cycle to such updates: we observe changes in law and operations, expand our analysis to determine their impact on your privacy, and reflect these changes transparently in this document.

How We Notify You of Changes

  • On-site notifications: Significant changes will be highlighted on our website, for example through banners, pop-up notices or messages in your account dashboard.
  • Email communication: Where changes are material or required by law or regulation (for example, if they affect how your data is used or your rights), we will notify you by email using the address registered on your account.
  • Advance notice: For material changes that significantly affect your rights or how we use your data, we will normally provide at least 30 days' advance notice where practicable, so that you have time to review the changes and, if you do not agree, to close your account and cease using our services.

Version Control and "Last Updated"

  • Version tracking: Each version of this Privacy Policy will be identified by an effective date and, where relevant, a brief description of material changes.
  • Last updated: This Privacy Policy was last updated in November 2025.
  • Your options: If you continue to use Cosmo Bet on cocmo.bet after changes take effect, you will be deemed to have accepted the updated Privacy Policy. If you do not agree with an update, you should stop using our services and may request account closure and, where applicable, exercise your data protection rights as described above.

We recommend that you review this Privacy Policy periodically to stay informed about how we protect your personal data.