Privacy Policy

This privacy policy explains how red-deer-resort-and-casino, operating via red-deer-resort-and-casino-ca.com, collects, uses, and protects your personal information. It applies to all players and website visitors engaging with our services. This policy is effective as of November 6, 2025.

Who We Are

OBSERVE: The operator of red-deer-resort-and-casino-ca.com is red-deer-resort-and-casino, owned by O'Chiese First Nation (via O'Chiese Business and Investment Centre). Our main office is located at 3310 50 Avenue, Red Deer, Alberta, T4N 3X9, Canada. The casino operates under the authority of the Alberta Gaming, Liquor and Cannabis (AGLC), with a valid Casino Operator - Land-based license through 2025.

Legal Entity: red-deer-resort-and-casino, operated by O'Chiese Business and Investment Centre.
Legal Address: 3310 50 Avenue, Red Deer, Alberta, T4N 3X9, Canada.
Registration: Casino Operator - Land-based license (AGLC), valid through 2025.
Data Protection Contact: Olivia Tremblay, Data Protection Officer (DPO).
Email: [email protected]
Support: [email protected]
Phone: not specified

For all data protection inquiries, please contact our DPO using the above information.

What Personal Data We Collect

OBSERVE: In compliance with Canadian privacy law (PIPEDA, Alberta PIPA), we collect the following categories of data when you use red-deer-resort-and-casino-ca.com:

Personal Identification Data: Full name, date of birth, email address, phone number, physical address, and government-issued identification for KYC verification.
Technical Data: IP address, device identifiers, browser type, operating system, access times, and server logs.
Payment Data: Bank account details, card information (processed via secure payment partners), transaction records, and payout details.
Behavioral Data: Betting history, game activity, interaction logs, navigation clicks, responsible gambling limits, and self-exclusion requests.
Cookies and Tracking Technologies: Session cookies, persistent cookies, third-party analytics and advertising cookies.

We only collect the minimum data necessary to provide and improve our services and to comply with applicable laws.

Legal Basis for Processing

OBSERVE: Our data processing practices adhere to Canadian privacy regulations and industry standards. We process your personal information based on the following legal grounds:

User Consent: We obtain your explicit consent for marketing communications, cookies, and optional data uses. You may withdraw consent at any time.
Contract Fulfillment: Data necessary to register, operate, and maintain your account, process payments, and provide casino services.
Legitimate Interests: To ensure security, prevent fraud, conduct analytics, and improve our offerings, provided these interests do not override your rights.
Legal Obligations: Compliance with regulatory requirements, including Know Your Customer (KYC), Anti-Money Laundering (AML), and reporting obligations as mandated by AGLC and Canadian law.

Protective Clause: We do not process personal data for purposes incompatible with those stated above without obtaining additional consent or providing notice as required by law.

Purpose of Processing

OBSERVE: We use your data for specific, limited purposes in accordance with the principles of necessity and proportionality:

Providing Casino Services: Creating and managing user accounts, facilitating gameplay, administering promotions, and processing transactions.
Improving Services: Analyzing usage patterns, enhancing website features, conducting customer satisfaction surveys, and resolving technical issues.
Marketing Communications: Sending promotional offers, newsletters, and updates where you have given consent.
Analytics: Monitoring user engagement, website performance, and operational efficiency (using anonymized or aggregated data where possible).
Fraud Prevention and Security: Detecting and preventing fraudulent activity, enforcing terms of use, and maintaining the integrity of our services.

We do not use your personal data for automated decision-making or profiling that produces legal effects without your explicit consent.

Disclosure & Sharing

OBSERVE: We disclose personal data only when necessary and in accordance with applicable laws. Data may be shared with the following third parties:

Payment Partners: Financial institutions, payment processors, and payout facilitators for secure transaction processing.
Service Providers: IT infrastructure, customer support, analytics, and marketing service providers under strict contractual obligations.
Regulators: Alberta Gaming, Liquor and Cannabis (AGLC) and other competent authorities for compliance, audits, and reporting.
Affiliates: Red-deer-resort-and-casino affiliated companies, only where necessary for joint service provision and with appropriate safeguards.
Advertising Networks: Third-party advertising partners, exclusively with your consent, for targeted advertising and promotional campaigns.

Legal Obligation: All third-party disclosures are governed by data processing agreements ensuring confidentiality and compliance with CA privacy standards. We do not sell or rent your personal information to unrelated third parties.

International Transfers

OBSERVE: While our primary operations and data storage are within Canada, certain data may be transferred to service providers or partners located outside Canada (including the United States and European Economic Area) for technical support, analytics, or cloud hosting.

Protections Applied: We ensure that any international transfers comply with applicable laws by implementing Standard Contractual Clauses (SCCs), Data Processing Agreements, or equivalent safeguards to protect your data.
User Rights: You will be notified if your data is transferred to a new jurisdiction and provided with information on the applicable protection measures.

Regional Compliance Note: All international data transfers are subject to the requirements of Canadian privacy law (PIPEDA, Alberta PIPA), and, where relevant, international standards.

Data Retention

OBSERVE: We retain personal data only as long as necessary for the purposes described, in accordance with legal and regulatory obligations:

Account Data: Retained for the duration of your active account and up to 5 years after account closure or inactivity, as required by AGLC and AML/KYC regulations.
Transaction Records: Payment and financial data are retained for at least 5 years to comply with accounting and anti-fraud obligations.
Marketing Data: Retained until you withdraw your consent or unsubscribe from communications.
Cookies and Analytics: Data retention periods vary by type; see Cookies section for details.

Deletion Criteria: Data is securely deleted or anonymized upon user request (subject to legal exceptions), expiration of retention periods, or when processing purposes are fulfilled.

Your Rights

OBSERVE: In line with Canadian privacy law (PIPEDA, Alberta PIPA) and international best practices, you have the following rights regarding your personal data processed by red-deer-resort-and-casino-ca.com:

Right of Access: Request information about the personal data we hold about you, the purposes of processing, and any third-party disclosures.
Right to Correction: Request correction of inaccurate or incomplete personal data.
Right to Deletion: Request deletion of your data, subject to mandatory retention requirements under Canadian law and gambling regulations.
Right to Restrict Processing: Request limitation on data processing in certain circumstances (e.g., contesting accuracy or processing unlawfully).
Right to Object: Object to data processing for marketing or legitimate interest purposes.
Right to Data Portability: Request a copy of your personal data in a structured, commonly used format.
Right to Withdraw Consent: Withdraw your consent for marketing at any time without affecting the lawfulness of prior processing.

Procedure for Exercising Rights:

Submit your request via email to [email protected] or [email protected], with sufficient information to identify your account.
We will respond within 30 days of receipt, free of charge, unless requests are manifestly unfounded or excessive (in which case a reasonable fee may apply).
If you are unsatisfied with our response, you may escalate your complaint to the Office of the Information and Privacy Commissioner of Alberta (see Complaints & Contacts section).

Protective Clause: Certain rights may be limited by applicable law or regulatory obligations (e.g., AML/KYC record retention).

Cookies & Tracking Technologies

OBSERVE: Our website uses cookies and similar tracking technologies to enhance user experience, improve service functionality, and analyze website performance. The types and purposes are as follows:

Session Cookies: Temporary cookies essential for navigation and site security; expire when you close your browser.
Persistent Cookies: Remain on your device for a set period to remember preferences and login details.
Third-Party Cookies: Set by analytics and advertising partners (e.g., Google Analytics) for visitor statistics and targeted marketing, only with your consent.

Cookie Management: You can manage or disable cookies at any time through your browser settings or by accessing the cookie preferences panel on red-deer-resort-and-casino-ca.com. Disabling certain cookies may impact website functionality.

Data Security

OBSERVE: Protecting your personal data is a top priority for red-deer-resort-and-casino-ca.com. We implement robust security measures in accordance with ISO 27001, SOC 2, and industry best practices:

Encryption: All data in transit is encrypted using TLS 1.2 or higher. Sensitive data at rest is protected via advanced encryption standards.
Access Controls: Strict authentication (including multi-factor authentication) and role-based access limit data access to authorized personnel only.
Security Audits: Regular external and internal audits are conducted to identify and remediate vulnerabilities.
Staff Training: Mandatory security awareness and privacy training for all employees and contractors.
Incident Response: Formal procedures are in place for reporting, investigating, and responding to data breaches, including regulatory notification obligations.

Protective Clause: While we employ state-of-the-art security, no method of transmission or storage is 100% secure. We encourage users to use strong passwords and notify us immediately of any suspected unauthorized access.

Complaints & Contacts

OBSERVE: If you have questions or concerns about your data or this policy, you may contact us through the following channels:

Data Protection Officer (DPO): Olivia Tremblay
Email: [email protected]
Support: [email protected]
Mailing Address: 3310 50 Avenue, Red Deer, Alberta, T4N 3X9, Canada
Phone: not specified
Online Feedback: Currently, no online contact form is specified; please use email for direct queries.

Complaint Procedure

Submit your complaint or inquiry by email or mail to the DPO with a clear description of your issue.
We will acknowledge receipt within 7 days and aim to provide a substantive response within 30 days.
If unsatisfied, you may escalate your complaint to the Office of the Information and Privacy Commissioner of Alberta:
Website: https://oipc.ab.ca
Phone: +1 780-422-6860
Mailing Address: Suite 410, 9925 - 109 Street NW, Edmonton, Alberta, T5K 2J8, Canada

Protective Clause: You have the right to lodge a complaint with the relevant supervisory authority at any time.

Updates

OBSERVE: This privacy policy may be updated to reflect changes in legal requirements, operational practices, or service offerings. The latest version will always be posted on red-deer-resort-and-casino-ca.com.

Notification Procedures: For material changes, we will notify users via email, website banners, and/or account dashboard alerts at least 30 days in advance.
Version Control: Last updated: November 6, 2025
Changelog: All material amendments will be summarized at the end of this policy, highlighting key changes.
User Options: If you object to material changes, you may close your account or contact our DPO for clarification.

We encourage you to review this policy regularly to stay informed about how we protect your information.