Table of Content

2. About Us

Cherry Online Ltd, a company registered in Malta under company number C108209, is located at Mezzanine Office, The George, Ball Street, Paceville, St Julian’s STJ 3123, Malta. References to “Cherry Online,” “we,” “us,” or “our” pertain to Cherry Online Ltd. We own and operate the website www.cherry-online.com and serve as the “data controller” under applicable data protection regulations, responsible for determining how your personal data is handled.

3. Information We Collect

We collect various types of information when you engage with our services, including:

  • Information Collected Automatically: When you visit our website, we gather technical details such as your device’s model, operating system, IP address, browser type, mobile identifiers, login data, browsing behaviour, and other usage-related information based on your interactions with our services.
  • Information You Provide: During registration, you may share personal details like your full name, phone number, gender, date of birth, email address, and country of residence. If your gaming account is active, we may request additional documentation, such as identification, bank card details, bank statements, proof of funds, wealth source, insurance records, or other relevant information. We maintain records of all communications, including those via the website, email, or other methods. Phone calls may be recorded or monitored to ensure accurate execution of your instructions, resolve issues, comply with regulations, enhance service quality, train staff, or prevent fraud and other crimes.
  • Third-Party Information: We may obtain personal data from third parties, such as verification services, credit reference agencies, or fraud prevention organizations.
  • Publicly Available Information: To promote responsible gambling and prevent illegal use of our services, we may access publicly available data, such as social media profiles, property records, or bankruptcy information, to assess financial capacity or monitor account risks. We handle this data with care to protect your privacy.

4. Purpose of Data Collection

We collect, process, and store your personal information for the following purposes:

  • Service Delivery: To fulfill our contractual obligations, including account creation, validation, and administration, as outlined in the Terms and Conditions you accept during registration. This includes tasks like sending password reminders or notifying you about website maintenance, policy updates, or changes to terms of use.
  • Legal and Regulatory Compliance: To meet obligations related to responsible gambling, anti-money laundering, and other legal requirements. This may involve processing personal data, including sensitive information, to detect or prevent suspicious activity, fraud, crime, or problem gambling.
  • Specific Purposes:
    • Directing users to the appropriate country-specific services per our licensing terms.
    • Ensuring only eligible individuals access our services.
    • Protecting users with anti-fraud measures.
    • Preventing, detecting, and prosecuting criminal activities.
    • Verifying identity and funding sources for transactions.
  • Direct Marketing: We may use your data for marketing communications (e.g., via email, SMS, phone, or push notifications) about our products, services, or events, subject to your consent. You can opt out during registration, choose specific devices for receiving communications, or modify preferences later through your account settings, by contacting customer support, or emailing our Data Protection Officer (DPO) at dpo@cherry-online.com.
  • Legitimate Interests: We may process data to enhance your experience, improve our services, or ensure safety, provided this does not override your rights or freedoms. Examples include:
    • Personalizing your experience based on usage history (e.g., recommending products). You can disable personalization by contacting customer support or the DPO.
    • Conducting analysis and research to improve services, including statistical and trend analysis.
    • Responding to inquiries, complaints, or disputes to enhance customer support and resolve issues.
    • Improving gaming safety through network security measures.
    • Contacting you about promotions or competitions you’ve entered.

For sensitive (special category) data, we process it only with your explicit consent, when required to fulfill legal obligations, when you’ve made the data public, or for reasons of public interest under EU or Member State law. If you choose not to provide certain information, we may be unable to deliver our services.

You may request a report on our balancing test for legitimate interest processing or object to such processing, though this right may not be absolute in all cases.

5. Cookies

Cookies are vital for the secure and efficient operation of our website. They help us personalize your experience, streamline navigation, and improve functionality. Cookies collect some personal data as you browse, but you can control their use through your browser settings. Our cookie banner will notify you of their use when you visit our site. For more details, refer to our cookie policy.

6. Sharing Your Personal Data

We may share your personal data within our group of companies to improve your experience, enhance service delivery, or personalize interactions, always in compliance with GDPR and other data protection laws. Strict security measures protect your data from unauthorized access or loss.

We may also share your data with third parties under specific circumstances, ensuring they adhere to equivalent data protection standards. These purposes include:

  1. Sending service-related notifications about changes to our products or services.
  2. Complying with legal or regulatory requirements.
  3. Authorizing financial institutions to share necessary information for regulatory compliance.
  4. Establishing, exercising, or defending legal rights.
  5. Detecting or preventing fraud when irregularities are suspected.
  6. Verifying identity through authentication agencies.
  7. Engaging third-party service providers to deliver requested services, such as payment processing.
  8. Sharing with entities that introduced you to our services.
  9. Allowing external auditors to ensure compliance with laws and regulations.

All data sharing is conducted with appropriate safeguards, and we do not share your data for purposes unrelated to our services.

7. Data Transfers Outside the EEA

Currently, we do not transfer personal data outside the European Economic Area (EEA). Should such transfers become necessary within our group or to partners, we will implement safeguards to ensure your data is protected to EEA standards.

8. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy or to comply with legal obligations, such as anti-money laundering or licensing requirements. For active customers, we retain data to meet contractual and legal obligations. After you cease using our services, we may retain data for up to ten years to comply with EU or local laws or to address potential legal claims (e.g., negligence).

9. Your Rights Over Your Personal Data

As the data subject, you have the following rights regarding your personal data:

  • Right to Be Informed: You are entitled to clear information about how we collect and use your data.
  • Right to Access: You can request a copy of your personal data via a data subject access request by contacting customer support or our DPO at dpo@cherry-online.com.
  • Right to Erasure (Right to Be Forgotten): You may request deletion of your data when it is no longer needed, you withdraw consent, or we lack a legal basis to process it. However, data required for legal compliance will be retained until the mandatory period expires.
  • Right to Data Portability: You can request your data in a machine-readable format for reuse elsewhere, applicable only to data you provided directly, processed by automated means, or based on consent or a contract.
  • Right to Rectification: You can request corrections to inaccurate or incomplete data we hold.
  • Right to Restrict Processing: You may limit how we process your data under certain conditions.
  • Right to Object: You can object to processing based on legitimate interests or for direct marketing (including profiling). You can withdraw marketing consent via email footers, account settings, or by contacting customer support or the DPO.
  • Right to Avoid Automated Decision-Making: You can object to decisions made solely by automated systems that significantly affect you and request human intervention, except where necessary for a contract or permitted by law.

10. Data Security

We prioritize the security of your personal information, implementing robust measures to protect it in line with this policy and strict data protection standards. We adhere to ISO27001 principles and conduct quarterly security audits to ensure the integrity of our systems.

11. Contact Us

For questions or clarifications about your personal data, contact our Data Protection Officer at dpo@cherry-online.com. Responses will be provided during office hours.

12. Complaints

If you have concerns about how we handle your personal data, please contact us at dpo@cherry-online.com for resolution. If you are unsatisfied with our response or believe we are not processing your data lawfully, you may file a complaint with the Office of the Information and Data Protection Commissioner (IDPC) in Malta or your national data protection authority.

13. Updates to This Privacy Notice

Cherry Online Ltd reserves the right to update or amend this policy as needed. We recommend checking this notice periodically for changes. If significant updates are made, we will notify you in advance, allowing you time to review and decide whether to continue using our services. If you do not agree to the changes, we may be unable to provide some or all of our services.

This policy was last updated on June 17, 2025.