burger icon
Goal Bet United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how GLB International N.V., operating the online gambling services available through the Goal Bet section of the website goelbet.com (the "Website"), collects, uses, discloses and protects personal data of players and other visitors. It applies to all users who access or use the Website, create an account, place bets, or otherwise interact with our services from the United Kingdom and other permitted locations. This Privacy Policy is effective from 6 November 2025 and remains in force until replaced or updated, including throughout 2026, in accordance with the "Updates" section below.

Who We Are

The online gambling services for Goal Bet on goelbet.com are operated by:

  • Operator: GLB International N.V.
  • Legal form: Public limited company (N.V.) incorporated under the laws of Curaçao
  • Registered jurisdiction: Curaçao (full registered address and company registration number as stated in the applicable corporate and licensing records)
  • Gaming licence: Curaçao eGaming, Licence No. 1668/JAZ (master licence sub-licence)

The services are provided on a cross-border basis and the operator does not hold a licence from the UK Gambling Commission. Players in the United Kingdom access the Website as a grey-market, non-GamStop option, and their data is primarily processed under the laws of Curaçao, supplemented by the requirements of the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, and aligned principles of other applicable data protection laws.

We have appointed an internal data protection function to oversee compliance with this Privacy Policy:

  • Data Protection Officer / Data Protection Team: Goal Bet Data Protection Team, acting on behalf of GLB International N.V.
  • Contact for privacy matters: via the dedicated privacy contact details provided in the "Contact Us" or "Privacy" section of goelbet.com, or through your account messaging centre.
  • Preferred communication channels: secure web forms or email, allowing us to verify your identity and respond within the statutory time limits.

If you require our full corporate address or additional registration information for the purposes of exercising your rights or submitting a complaint, you may request it through the channels described above and we will provide it in our written response, subject to identity verification.

What Personal Data We Collect

When you use Goal Bet on goelbet.com, we collect and process various categories of personal data, depending on how you interact with the Website and services. These categories include, in particular:

  • Identification and contact data: full name, date of birth, nationality, residential address, email address, mobile and landline phone numbers, username, account ID, and verification documents (such as copies of ID cards, passports, utility bills, proof of address, and other KYC/AML documentation).
  • Account and transactional data: account registration details, login credentials (stored in encrypted form), account preferences, communication language, deposit and withdrawal history, betting and gaming history, stakes, wins and losses, bonus usage, loyalty and VIP status, and records of interactions with customer support.
  • Payment and financial data: partial payment card details (masked where appropriate), bank account or e-wallet information, payment processor identifiers, transaction identifiers, chargeback history, payment risk assessments, and related billing information. We do not store full card details where this is handled by PCI-DSS compliant payment providers.
  • Technical and device data: IP address, approximate geolocation derived from IP, device identifiers, browser type and version, operating system, language settings, referral URLs, access times, session identifiers, and device characteristics collected through log files and similar technologies.
  • Behavioural and usage data: clickstream data, pages and sections visited (including within Goal Bet), time spent on specific pages, in-game behaviour, bet selection patterns, error reports, interactions with banners and offers, and responses to promotions, surveys and feedback requests.
  • Risk, compliance and responsible gambling data: KYC/AML risk categorisation, sanctions and politically exposed person (PEP) screening results, fraud indicators, device fingerprint information, self-exclusion and time-out status (including non-GamStop status where legally permissible), affordability and responsible gambling profile data, and notes created for compliance investigations.
  • Communication data: records of communications with our support, risk, payment and compliance teams (including emails, live chat transcripts, tickets created via the Website or mobile interface, and correspondence related to complaints or disputes).
  • Cookies and similar technologies: identifiers stored in cookies, pixels, tags, SDKs, local storage and similar tracking technologies that allow us to recognise your browser or device, maintain your session, secure the Website, analyse performance and deliver marketing content in accordance with your choices.

We do not intentionally collect personal data from individuals under the age of 18 or below the minimum legal gambling age in their jurisdiction. If we discover that a minor has provided us with personal data, we will take reasonable steps to delete the relevant data and close any associated account, subject to retention requirements for fraud and legal obligations.

Legal Basis for Processing

We process personal data in connection with Goal Bet on goelbet.com only where we have a valid legal basis under applicable data protection laws, in particular the UK GDPR and aligned principles in other jurisdictions. Depending on the specific activity, we rely on one or more of the following grounds:

  • Performance of a contract: We process your identification, contact, account, transactional, payment and technical data where this is necessary to:
    • create and manage your player account;
    • enable you to deposit funds, participate in betting and gaming, and request withdrawals;
    • provide customer support and account management;
    • administer promotions and loyalty programmes associated with your account; and
    • deliver the Website and services you request in a functional and secure manner.
  • Compliance with legal obligations: As a licensed gambling operator in Curaçao and a provider of financial-related services, we must comply with anti-money laundering (AML), counter-terrorist financing (CTF), fraud prevention, sanctions, taxation and accounting obligations. This requires:
    • collecting and retaining KYC/AML documentation and verification records;
    • screening you against sanctions, PEP and risk databases;
    • monitoring transactions and gambling behaviour for suspicious activity; and
    • retaining certain records for minimum statutory periods (often up to 5 years or more after account closure).
  • Legitimate interests: We may process personal data where it is necessary for our legitimate interests, provided these are not overridden by your rights and freedoms. These interests include:
    • securing the Website, preventing abuse, fraud, chargebacks and misuse of bonuses;
    • ensuring game integrity and fair use of our services;
    • improving and optimising our products, user interface, and technical performance;
    • conducting statistical and anonymised analytics to understand service usage; and
    • defending our legal rights and handling disputes, complaints or regulatory investigations.
    When relying on legitimate interests, we implement safeguards such as pseudonymisation, aggregation and minimisation, and you have the right to object to such processing as set out in the "Your Rights" section.
  • Consent: In certain cases we process your data based on your explicit consent, for example:
    • sending you marketing communications by email, SMS, push notifications or other electronic means;
    • using non-essential cookies and similar technologies for personalised advertising and advanced analytics; and
    • sharing limited data with affiliates and advertising partners for targeted campaigns.
    You can withdraw your consent at any time through your account settings, the unsubscribe link in our communications, or by contacting us, without affecting the lawfulness of processing carried out before withdrawal.
  • Protection of vital interests and public interest: In rare cases we may process data where necessary to protect your vital interests or those of another person, or where required in the public interest, such as responding to urgent law enforcement requests or investigating potential criminal conduct.

Purpose of Processing

We use the personal data described in this Privacy Policy strictly for specified, explicit and legitimate purposes. In particular, we process data for the following purposes:

  • Provision of gambling services: to register and manage your Goal Bet account on goelbet.com, authenticate logins, process deposits and withdrawals, enable betting and gaming, apply bonuses and promotions, and provide multi-language customer support.
  • Regulatory compliance and risk management: to comply with KYC/AML/CTF obligations, carry out age and identity verification, detect and investigate fraud and abuse, manage chargebacks and payment disputes, monitor betting patterns for integrity purposes, and fulfil reporting obligations to regulators and competent authorities in Curaçao and other relevant jurisdictions.
  • Responsible gambling and player protection: to analyse your activity for early signs of problematic gambling, apply self-exclusion or time-out measures, enforce deposit, loss and session limits, and document responsible gambling interactions in line with industry best practices.
  • Service improvement and analytics: to understand how users interact with Goal Bet and other parts of goelbet.com, evaluate the effectiveness of our design and offers, test new features, ensure technical stability, and compile aggregated statistics that no longer identify individual users.
  • Marketing and personalisation: to send you promotional content about Goal Bet products, tournaments, bonuses and offers, to personalise your experience on the Website, to display relevant banners and messages, and to measure the performance of campaigns, subject to your consent and applicable laws in the UK and other jurisdictions.
  • Security and fraud prevention: to protect accounts from unauthorised access, apply device fingerprinting and IP analysis, prevent abuse of bonuses, reduce fraud risk, investigate suspicious behaviour, and protect our infrastructure and other players.
  • Customer support and dispute resolution: to respond to your queries, requests and complaints, keep records of our communications for quality assurance and training, and handle disputes, chargebacks and legal claims.

Disclosure & Sharing

We treat your personal data as confidential and only disclose it to third parties where this is necessary for the purposes described in this Privacy Policy, where required by law, or where you have provided your consent. The categories of recipients include:

  • Payment service providers and financial institutions: banks, card schemes, e-wallet providers, prepaid card issuers, payment gateways and other financial intermediaries that process deposits, withdrawals and refunds on our behalf. These entities receive limited data necessary to execute the relevant payment and comply with their own regulatory obligations.
  • Technical and infrastructure providers: hosting providers, cloud service platforms, content delivery networks, security and DDoS protection providers, email and SMS gateway services, customer support platforms, and other IT providers that support the operation of goelbet.com and Goal Bet.
  • Verification, risk and compliance partners: identity verification vendors, KYC/AML screening services, sanctions and PEP screening providers, fraud prevention tools and chargeback management services, who assist us in verifying your identity, assessing risk and meeting regulatory obligations.
  • Analytics and marketing partners: web analytics providers, advertising networks, affiliate networks and performance measurement platforms that help us understand Website usage, run marketing campaigns and attribute traffic. Where required, such sharing is based on your consent to the use of cookies and similar technologies and may involve the use of pseudonymised identifiers.
  • Affiliates and group entities: companies that are under common ownership or control with GLB International N.V. and that provide internal support services, such as risk management, customer support, IT, or marketing, subject to appropriate intra-group data protection arrangements.
  • Regulators, authorities and dispute bodies: the Curaçao eGaming authority, tax authorities, law enforcement agencies, courts, arbitration bodies, and other public authorities or regulators, where required by law or reasonably necessary to protect our rights, respond to legal process or comply with enforceable governmental requests.
  • Professional advisers: lawyers, auditors, consultants and other professional advisers who assist us with legal, financial, tax or business matters, subject to confidentiality obligations.
  • Business transfers: in the event of a merger, acquisition, restructuring, reorganisation, or sale of assets related to Goal Bet or goelbet.com, personal data may be transferred to the acquiring or successor entity, subject to safeguards and continuity of this Privacy Policy or a comparable level of protection.

We do not sell your personal data in the sense of transferring it in exchange for monetary consideration as a standalone asset. Any sharing with marketing or affiliate partners occurs under limited conditions, is subject to contractual safeguards, and, where required, is based on your explicit consent.

International Transfers

Given the international nature of online gambling services, your personal data may be transferred to and processed in countries outside the United Kingdom and the European Economic Area ("EEA"), including Curaçao and other jurisdictions where our service providers and partners are located. These countries may have different data protection laws from those in your home jurisdiction.

  • Primary processing location: Personal data collected through Goal Bet on goelbet.com is primarily processed in Curaçao, where GLB International N.V. is established and licensed.
  • Service provider locations: We may use service providers located in various jurisdictions, including but not limited to EU/EEA member states, the United Kingdom, and third countries such as the United States or other territories, to provide hosting, security, analytics, communications and payment processing services.
  • Safeguards for international transfers: Where we transfer personal data outside the UK or EEA, we implement appropriate safeguards to protect your data, including:
    • using standard contractual clauses (SCCs) approved under UK data protection law (and, where relevant, EU SCCs) to contractually require an equivalent level of protection;
    • conducting transfer impact assessments and applying additional technical or organisational measures (such as encryption and pseudonymisation) where necessary;
    • working, where applicable, with service providers that participate in recognised data protection frameworks or adhere to codes of conduct or certification mechanisms accepted by competent authorities; and
    • limiting transfers to what is strictly necessary for the provision of the relevant services.

Further information about international transfers and a copy of the relevant contractual safeguards (subject to redactions for commercial confidentiality) can be requested through the contact channels described in the "Complaints & Contacts" section.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, accounting, regulatory and reporting requirements, and to resolve disputes. Retention periods may vary depending on the category of data and the applicable laws, particularly AML/CTF and gambling regulations. In general:

  • Account and identification data: We retain your core account details (such as name, contact information, identification documents and KYC verification records) for the duration of your relationship with us and, typically, for a period of up to 5 years after your account is closed, or longer where required by AML/CTF or other legal obligations.
  • Transactional and betting data: Records of deposits, withdrawals, bets, wins, losses, bonuses and loyalty activities are usually retained for at least 5 years after the relevant transaction or account closure, to comply with financial, tax and regulatory requirements and to handle disputes and audits.
  • Risk, compliance and responsible gambling data: Data used for fraud investigations, sanctions/PEP screening, self-exclusion, affordability assessments and responsible gambling monitoring may be kept for extended periods where necessary to protect you and us from future risk, subject to periodic review and minimisation.
  • Marketing data: We keep records of your marketing preferences and consents for as long as you remain subscribed and for a short period thereafter to demonstrate compliance. If you opt out of marketing, we retain a record of your opt-out to ensure that we respect your choice.
  • Technical logs and security data: Server logs, device identifiers and security-related records are normally retained for shorter periods (often between 6 and 24 months), unless a longer retention is required for investigation or legal purposes.
  • Complaint and dispute files: Correspondence and documents relating to complaints, chargebacks, legal claims or regulatory inquiries are kept for the duration of the matter and for a statutory or limitation period thereafter, in order to establish, exercise or defend legal claims.

When personal data is no longer required for the purposes for which it was collected and we are not legally obliged to retain it, we will securely delete, anonymise or aggregate it so that it no longer identifies you. If you request deletion of your personal data, we may still need to retain certain information where this is necessary to comply with legal obligations, for our legitimate interests, or as otherwise permitted by law.

Your Rights

As a data subject, you have a number of rights in relation to your personal data under the UK GDPR and other applicable laws. We also structure our internal processes to align with the ARCO rights (Access, Rectification, Cancellation and Opposition) under Mexican Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP), to the extent that law applies to certain processing operations or users.

  • Right of access: You have the right to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of that data together with information about the processing, including categories of data, purposes, recipients, and retention periods.
  • Right to rectification: You may request correction of inaccurate or incomplete personal data. Where possible, you can update certain details directly in your account; for other information (e.g., verification documents), we may ask you to provide supporting evidence before making changes.
  • Right to erasure ("right to be forgotten" / cancellation): You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you have withdrawn consent and there is no other legal basis, where you successfully object to processing, or where we processed your data unlawfully. We may not be able to delete data that we must keep for legal or regulatory reasons, including AML/CTF obligations.
  • Right to restriction of processing: You may request that we restrict processing of your personal data in certain circumstances, for example while we verify the accuracy of data that you contest, or where you have objected to processing and we are considering whether our legitimate grounds override your interests.
  • Right to object: You have the right to object, on grounds relating to your particular situation, to processing based on our legitimate interests, including profiling. In such cases we will stop processing unless we can demonstrate compelling legitimate grounds which override your interests, rights and freedoms, or the processing is necessary for legal claims. You also have an absolute right to object to processing for direct marketing, including profiling related to such marketing.
  • Right to data portability: For certain data that you have provided to us and which we process by automated means on the basis of your consent or a contract, you may request to receive it in a structured, commonly used and machine-readable format and to have it transmitted to another controller where technically feasible.
  • Right to withdraw consent: Where we rely on your consent (for example, for marketing communications or certain cookies), you may withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.
  • Rights under Mexican data protection law (ARCO): For users whose data is subject to Mexican law, we aim to facilitate the exercise of ARCO rights in line with LFPDPPP and guidance from the Mexican data protection authority (INAI), including the right to access, rectify, cancel or oppose the processing of your personal data under that framework.

How to exercise your rights: You can submit a request through the dedicated privacy or contact channels on goelbet.com, or by using the communication methods described in the "Complaints & Contacts" section. To protect your account and privacy, we may ask for additional information to verify your identity before acting on your request.

Response times and fees: We will respond to your request without undue delay and, in any event, within one month (30 days) of receipt. This period may be extended by up to two further months where necessary due to complexity or number of requests, in which case we will inform you of the extension and reasons. We will normally handle your request free of charge. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded or excessive, particularly due to their repetitive character, as permitted by law.

Cookies & Tracking Technologies

The Goal Bet section of goelbet.com uses cookies and similar technologies to distinguish you from other users, provide core functionality, enhance your experience and support marketing activities. Cookies are small text files stored on your device or browser when you visit the Website.

  • Types of cookies we use:
    • Session cookies: temporary cookies that are deleted when you close your browser. They enable essential functions such as login sessions, security checks and navigation within your account.
    • Persistent cookies: cookies that remain on your device for a defined period or until you delete them. They help us remember your preferences (such as language and odds format), recognise you on subsequent visits and provide a more personalised experience.
    • First-party cookies: cookies set directly by goelbet.com for functional, security and analytical purposes.
    • Third-party cookies: cookies set by external service providers, such as analytics tools, advertising networks and social media platforms, in connection with our services.
  • Purposes of cookies:
    • Strictly necessary / functional cookies: required for the operation of the Website and enabling core features, including account login, session management, payment processing and security protections.
    • Performance and analytics cookies: used to collect aggregated information about how visitors use the Website, such as which pages are visited most often, whether error messages are displayed and how users move around the site. These help us improve usability and performance.
    • Advertising and targeting cookies: used to deliver relevant ads, limit how often you see a particular advertisement, measure campaign effectiveness and personalise marketing content based on your interests, where permitted by law and subject to your consent.

Managing cookies: On your first visit, and periodically thereafter, you may be presented with a cookie banner or preference centre that allows you to accept or reject non-essential cookies. You can adjust your choices at any time via the cookie settings available on the Website or within your account, where provided. Additionally, most browsers allow you to manage cookies through their settings (including blocking or deleting cookies); however, blocking certain cookies may affect the functionality and performance of the Website.

Data Security

We implement a combination of technical and organisational measures designed to protect your personal data against unauthorised access, accidental loss, destruction or damage, in line with industry standards and legal requirements. While no system is completely secure, we continuously improve our security controls and assess risks in light of evolving threats.

  • Encryption and secure transmission: We use Transport Layer Security (TLS 1.2+) or equivalent protocols to encrypt data transmitted between your browser and our servers. Sensitive information, such as passwords and payment details processed by third-party providers, is protected using strong cryptographic techniques.
  • Data protection at rest: We apply access controls, segmentation and, where appropriate, encryption or pseudonymisation to data stored in our databases and backups, reducing the risk of unauthorised access and limiting the impact of potential security incidents.
  • Access controls and authentication: Access to personal data is granted only to authorised personnel and service providers who need it for legitimate business or compliance purposes, following the principle of least privilege. Administrative access is protected by strong authentication mechanisms, and multi-factor authentication is implemented where appropriate.
  • Security monitoring and testing: We monitor our systems and infrastructure for suspicious activity, apply intrusion detection and prevention tools, perform vulnerability assessments and, where appropriate, commission independent security reviews or audits. Where feasible, we design systems following recognised security frameworks and best practices (such as ISO/IEC 27001 and SOC 2-aligned controls).
  • Employee awareness and training: Staff with access to personal data receive training on data protection, confidentiality, responsible gambling and security obligations. We maintain internal policies and procedures to ensure that data is handled in accordance with this Privacy Policy and applicable laws.
  • Incident response: We maintain incident response procedures to detect, assess and respond to suspected personal data breaches. In accordance with UK GDPR and other applicable regulations, we will notify the relevant supervisory authorities and affected individuals when required by law, taking steps to mitigate potential harm.

Complaints & Contacts

If you have questions, concerns or complaints regarding this Privacy Policy or our handling of your personal data in connection with Goal Bet on goelbet.com, you may contact us using the following channels:

  • Data Protection Officer / Data Protection Team: contactable via the privacy-related email address or web form provided on the Website's "Contact Us" or "Privacy" page, clearly indicating that your request concerns data protection.
  • Online feedback and request forms: you may submit privacy-related requests and complaints through the secure contact forms or ticketing system accessible from your account or from the Website's support section.
  • Postal address: GLB International N.V., Data Protection, Curaçao (full postal details provided upon request or as indicated in your account documentation and on the Website).

Complaint procedure: We will acknowledge receipt of your complaint or request and seek to provide a substantive reply within 30 days, or within any shorter period required by applicable law. Where the matter is particularly complex or requires additional investigation, we may extend this period and will inform you accordingly. We may ask you for additional information to verify your identity and to clarify your concerns. We will endeavour to resolve your complaint amicably and transparently, explaining our reasoning and indicating any corrective actions taken.

Escalation to supervisory authorities: If you believe that we have not handled your personal data in accordance with applicable data protection laws, you have the right to lodge a complaint with a competent data protection authority. Relevant authorities include, in particular:

  • United Kingdom: Information Commissioner's Office (ICO) - Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, United Kingdom. Further contact details and online complaint forms are available at www.ico.org.uk.
  • Mexico: For processing activities subject to Mexican data protection law, you may contact the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI). Information on how to file a complaint is available at www.inai.org.mx.
  • Other EEA or local authorities: If EU or other national data protection laws apply to your situation, you may also have the right to lodge a complaint with the data protection authority of your habitual residence, place of work, or place of the alleged infringement.

We encourage you to contact us first so that we have an opportunity to address your concerns directly. However, you are not obliged to contact us before approaching a supervisory authority.

Updates

We may update this Privacy Policy from time to time to reflect changes in our processing activities, legal and regulatory developments, industry best practices, or operational adjustments affecting Goal Bet and goelbet.com. When we make material changes, we will take appropriate steps to notify you in advance and give you the opportunity to review the updated policy.

  • Notification methods: We may inform you of updates via:
    • email or account messaging, using the contact details associated with your account;
    • banners, pop-ups or notices displayed on the Website or within your account dashboard; and
    • links to the revised Privacy Policy on relevant pages of goelbet.com.
  • Advance notice for significant changes: Where practicable and where changes materially affect your rights or the way we process your data, we will provide prior notice of at least 30 days before the new version becomes effective, particularly in 2025 and 2026.
  • Your options: If you do not agree with the updated terms, you may choose to stop using the services and request account closure in accordance with our Terms and Conditions. Continued use of the Website after the effective date of the updated Privacy Policy will be considered as acknowledgement of the changes to the extent permitted by applicable law.

The current version of this Privacy Policy is labelled with the "Last updated" date below. We recommend that you review it periodically to stay informed about how we handle your personal data.

Last updated: 6 November 2025