Privacy Policy

Glimmer Ltd. Privacy Policy

  Data Controller

The Controller of your personal data is Glimmer Limited, 115B, Suite 3, Old Mint Street, Valletta, VLT 1515, Malta Tel: 00356 21 372292 Email


Certain sections of these websites, and certain products and services (hereinafter “Games”) are operated in conjunction with our third-party providers.


When accessing, browsing, or play games as a registered user on these websites, certain non-personal and/or pseudonymized data may be collected and shared with these third-parties. This data includes data about your browser, operating system and User ID. We may also collect and share the country from where you are accessing our system for statistical purpose. Nevertheless, none of these third parties are able to identify you with the information provided.


Grounds and Purposes of the Processing

As an Operator of the Website and as a Company engaged in the gaming sector, we are required to collect and process information about you, to better manage your relationship with us and be able to process your bets including card and on-line payments, to set-up, open and manage your account, to build up personal profiles, to respond to your queries, to provide you with information and updates about promotional offers and our products and services.


Additionally, we need to keep and process your data to comply with our legal and regulatory obligations, to pursue our legitimate business interests such as the detection and prevention of fraud, abuses, irregular betting and to protect our legal position in the event of disputes and / or legal proceedings.


We only collect and process data and information that you voluntarily, following a request, provide to us, or which derivate or we otherwise are able to obtain from legitimate sources.


Where we intended to process your data for one or more lawful purposes other than indicated above, we will provide you with information on such purposes and any other relevant details.


In the event that any further purpose requires your consent, we will refrain from the processing until we have explicitly obtained it.


Categories of Personal Data we process

3.1 Registration

In order, be to open a gaming account with any of our websites, and gain access to our gaming products, you will be required to provide us with a number of personal information, such as your full name, your date and place of birth, your nationality, your address, your contact number and your payment details (the “Registration Data”). 

As part of this registration process, you will be requested to create a username and a password, which will be treated in accordance with this Policy.

We are required by law to identify and verify our customers, and as a result of this, we would require certain information to manage your relationship with us. If you do not provide us with the data we request, we may be unable to comply with our legal obligation, and eventually we would be unable to provide you with access to any of our products and services.


3.2 Account Validation

Once you have set up your account with our sites, in order to have full access to all functionalities, you may be required to provide us with additional personal information to verify your registration data.

Such additional information may include, but is not limited to: documentation relating to your residential address or photographic evidence of your identity (the “Validation Data”)

As stipulated by law, we are required to verify the identity of our Customers, and therefore we only process your validation data to fulfil our legal and regulatory obligations.

If you do not provide us with this data we may be unable to comply with our obligations, as a result we may restrict, suspend or even close your account.


3.3 Account and Website Usage

Whenever you access any of the gaming products available on our website, make a deposit, or request a withdrawal, contact our customer service representative for assistance or to lodge a complaint, we may collect certain personal and non-personal information related to your gaming sessions and, in general, to your usage of such products and services. (the “Account Data”).

Account data may include, but not limited to information about how and when you visit the website, date on sections you click on, details of device used to access the website, IP address, and gaming data which includes playing patterns.



We may use cookies as a means of collecting information following your use of the Website. Upon registration on our website, and every time clients use our website, they are required to agree to our use of cookies.


Cookies are small pieces of data sent from a website and stored on the user's hard drive by the user's web browser, while the user is browsing. We may use them to improve the Website, and to provide a better and more personalised services. Some cookies allow the website to automatically recognise you, and your settings (for example, language or currency). Other cookies may be essential for the website to operate.


If you want to delete any cookies already stored on your computer or stop the cookies that keep track of your browsing patterns on the website, you may do so by deleting your existing cookies and/or altering your browser's privacy settings to block cookies (the process you follow will differ from browser to browser).


Should you require further information on how to do this, you are kindly requested to visit the website


Deleting our cookies or disabling our future cookies, may restrict or prevent you from accessing certain sections or features of the website.


Payments Gateway

We only keep the necessary information relating to your payment details when you use our website or download any of our applications.  We keep the date and time of your transaction, the transaction amounts and a unique number to identify your transaction.  This information is processed so as to meet our legal obligations, but also to safeguard both your and our legitimate rights when querying transaction.


The detail of your transaction payment processing is however handled entirely by a separate online payment system which we have no connection with.  We currently use the services of APCO Systems Limited for any credit card and e-wallet transactions and more information on how they process your data can be obtained on their own website:


KYC & Due Diligence

The Company is obliged to apply customer due diligence policy in line with AMLCFT and these policies require us to identify and verify customers and to verify source of funds & source of wealth;

  • when establishing business relationship,
  • when carrying out occasional transaction,
  • when further information is required to satisfy our legislative requirements.

Due diligence measures are carried out, at appropriate times, to existing customers on a risk-sensitive basis, including when the Company becomes aware that the relevant circumstances surrounding a business relationship have changed. We may contact you to provide us with further information to be able to complete checks. These checks include checks to verify your identity and address, and /or to provide us with further information about your source of wealth and source of income


All Personal information requested as part of our KYC procedure will be collected, processed, and stored in accordance with the General Data Protection Regulation (GDPR), rules and principles of which have been reflected in this Privacy Policy and which were implemented on a legal, technical and organizational level.


As part of the Company’s KYC and AML Policy, if any doubt arises regarding the information provided, the Company reserves the right to verify the said through third party due diligence applications.


Data Security and Disclosure

The Company takes reasonable steps to ensure that your information is kept secure and protected to the highest possible standards. In light of this we have applied all the appropriate, adequate and effective technical & physical safeguards, and we have also trained personnel to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.


The Company may also share due diligence records with Tumas Gaming Limited which is the parent company for Portomaso Casino & Oracle Casino. This is only done in cases where you decide to use any of their gaming services in order to avoid you the hassle of re-submit your information again. To this affect a controller to controller agreement has been signed between both companies and all GDPR safeguard mentioned in this policy will be effective similarly in both companies.


Although any category of personal data in accordance with this Policy is processed by the relevant department, your information may be disclosed on a strict need-to-know basis, to line managers, senior management, and to our Money Laundering Reporting Officer /Designated Employee.


For the purposes of preventing fraud, money laundering and for data verification purposes, we may use third parties including credit reference agencies, and record any searches on your file. Where your information is processed on our behalf by any third party, we protect your personal data by putting in place contractual clauses and undertakings, aimed to ensure a level of protection at least as appropriate and adequate as ours.


We may also be obliged to share any of your personal information which we have access to with competent authorities upon a lawful request.  This may include enforcement agencies such as the Financial Intelligence Analysis Unit (FIAU), Police and courts of law and public authorities such as the Malta Gaming Authority. 


Retention Period

As stipulated by law, we keep your information for a period of 5 years from;

  •  the date on which the business relationship is terminated;
  •  the occasional transaction is carried out;
  •  the last transaction;
  • submissions to or requests by any Agency or Authorities;


Your Rights

In respect of any of your personal data collected and processed by us in accordance with this Policy, at any time you have the right to:

  •  Access personal data which you have provided;
  • Rectify such personal data;
  • Oppose data which is processed pursuit to a legitimate interest or consent, if you deem that it is overriding your rights as data subject;
  •  Request the restriction of processing such personal data.
  • Where you have given your consent to processing, in addition to the right stated above, at any time you have the right to:
  •  Withdraw the consent to processing without affecting the lawfulness of the processing based on consent before withdrawal;
  •  Request the erasure of your personal data.

In order to exercise your rights, you might be asked to provide us with a form of identification.


You may obtain further information on how to exercise your rights or to request access to or rectification or erasure of your data, or to oppose to the processing by sending an email at:


If, at any time, you deem that the processing of your personal data is not being conducted in compliance with this Policy or with any applicable law, you may lodge a complaint with the Data Protection Officer:


Information and Data Protection Commissioner, Floor 2, Airways House, Triq Il-Kbira, Sliema. Tel.00356-23287100; email:



Changes to this Policy

The Company periodically reviews this policy and should any changes take place, these will be uploaded on our website and will become automatically effective.