burger icon
Happy Luke United Kingdom
Log In

Privacy Policy

This privacy policy explains how the Happy Luke version of the Happy Luke online casino, operated via happiluker.com, collects, uses, discloses and protects personal data of players and website visitors from the United Kingdom and other regions. It applies to all visitors to happiluker.com, registered account holders, and anyone who contacts us or interacts with our services. The policy is effective from 6 November 2025 and was last reviewed in January 2026.

Who We Are

The Happy Luke version of the Happy Luke casino available through happiluker.com is operated by:

  • Legal entity (data controller): Class Innovation B.V.
  • Legal form: Besloten Vennootschap (B.V.) incorporated under the laws of Curaçao
  • Company registration number: 150599
  • Gambling licence: Online gambling sublicense under master licence 365/JAZ issued by Gaming Curacao (pre-LOK regime)
  • Registered office / legal address: Curaçao (full corporate details available from the Curaçao company register and Gaming Curacao)

Class Innovation B.V. is the controller responsible for the processing of your personal data in connection with happiluker.com, including the Happy Luke localized experience for UK-based users. The service is offered on an offshore, grey-market basis to the UK and is not licensed by the United Kingdom Gambling Commission (UKGC). As a result, UK-specific gambling ombudsman schemes and UKGC fund-segregation rules do not apply, although we voluntarily seek to align our data protection practices with UK standards.

Data Protection Contact

We have appointed an internal data protection contact point to handle privacy-related queries:

  • Data protection contact / DPO team: Data Protection Officer, Class Innovation B.V.
  • Email: privacy@happiluker.com
  • Postal contact (for privacy matters): Data Protection Officer, Class Innovation B.V., Curaçao

You may contact the data protection contact / DPO team at any time with questions, to exercise your rights, or to lodge a complaint regarding our use of your personal data.

What Personal Data We Collect

When you access or use happiluker.com (including the Happy Luke localized version), we collect and process the following categories of personal data, depending on how you interact with us:

Identity and Contact Data

  • Account identification: full name, username, date of birth, nationality, and other identifiers required to verify your age and identity.
  • Contact details: email address, telephone number (if provided), postal address and country of residence.
  • Verification documents: copies or details of passports, ID cards, driving licences, proof of address, or other KYC/AML documentation required to comply with legal obligations.

Technical and Usage Data

  • Technical identifiers: IP address, approximate location derived from IP, device identifiers, browser type and version, operating system, language settings and time zone.
  • Log data: login dates and times, session duration, pages viewed, clicks, referral URL, and error or crash logs.
  • Security-related data: device fingerprinting, failed login attempts, and security flags to help detect fraud or misuse.

Payment and Financial Data

  • Transaction details: deposits, withdrawals, bonuses credited, account balances and transaction timestamps.
  • Payment method data: partial card details (where applicable), e-wallet identifiers, bank account identifiers, payment provider IDs and related metadata, as shared with us by payment partners.
  • Anti-fraud / AML data: checks performed against sanctions lists, adverse media screening and risk scores generated or obtained from specialist providers where required by law.

Behavioral and Profile Data

  • Gameplay and betting history: games played, stakes, wins and losses, session lengths, wagering patterns, bonus usage and self-exclusion or cool-off actions.
  • Interaction history: communications with customer support, complaints, feedback, and records of your requests and our responses.
  • Marketing profile: your opt-in/opt-out choices, preferred communication channels, campaign responses, and inferred interests derived from your use of happiluker.com.

Cookies and Similar Technologies

  • Cookie identifiers: unique identifiers stored in cookies or similar technologies, which may be linked to your account or browser.
  • Tracking technologies: pixels, tags, SDKs and local storage used to remember your settings, analyze usage, prevent fraud and, where permitted, personalize marketing.

Where we need to collect personal data under law or under our contract with you and you fail to provide that data, we may not be able to open or maintain your account or provide certain features of happiluker.com.

Legal Basis for Processing

In the UK and for UK-based users, we process personal data primarily under the UK General Data Protection Regulation (UK GDPR) and the UK Data Protection Act 2018. For players and visitors from the European Economic Area we also take into account the EU GDPR, and we align our practices, where relevant, with the principles of Mexican privacy law. Our main legal bases are:

Performance of a Contract

  • Account setup and management: to register and verify your Happy Luke account at happiluker.com, provide access to games, manage your balance and process deposits and withdrawals.
  • Customer support: to respond to your queries, complaints and requests, and to provide information about your account and transactions.
  • Service operation: to ensure that the website, games, payment services and support channels function as described in our terms and conditions.

Compliance with Legal Obligations

  • KYC and AML: to verify your identity, age and address; to monitor transactions; and to store records as required by applicable anti-money laundering, counter-terrorist financing and responsible gambling laws.
  • Regulatory reporting: to respond to lawful requests from Gaming Curacao, other competent authorities, tax authorities and law enforcement bodies.
  • Record-keeping: to maintain business and accounting records for legally required retention periods.

Legitimate Interests

  • Fraud prevention and security: to protect happiluker.com, our users and our business from fraud, abuse, unauthorised access and other harmful activity.
  • Service improvement and analytics: to analyze usage patterns, fix bugs, optimize performance, and develop new games and features that are relevant to our players.
  • Risk and regulatory management: to manage the risks associated with operating from Curaçao as an offshore service for UK and other markets, including monitoring geo-blocking, enforcing access controls and assessing future regulatory changes such as Curaçao's LOK regime.
  • Internal training and quality: to review support interactions and gameplay monitoring for training and quality assurance.

Consent

  • Marketing communications: sending you email, SMS or push notifications about promotions, bonuses and offers, where you have chosen to receive such communications and have not opted out.
  • Optional cookies and tracking: using non-essential cookies (such as advertising and some analytics cookies) where required by law and where you have given consent through our cookie banner or settings.

Where we rely on consent, you may withdraw it at any time using the tools in your account or by contacting us, without affecting the lawfulness of processing carried out before withdrawal.

Purpose of Processing

We use personal data collected through happiluker.com for clearly defined purposes that align with our contractual duties, our regulatory context as a Curaçao-licensed operator, and our obligations under UK data protection law.

Provision of Casino Services

  • Account creation and maintenance: to create and manage your Happy Luke account, verify your identity, manage login credentials and prevent unauthorised access.
  • Game access and operation: to enable you to play games, place bets, participate in tournaments and track your gameplay history.
  • Payments: to process deposits, withdrawals, bonuses and refunds and to keep accurate records of all financial transactions.

Regulatory Compliance and Risk Management

  • Responsible gambling: to monitor play patterns, apply self-exclusion and limits, and take steps where problematic behavior is detected.
  • AML and sanctions: to screen users and transactions against sanctions lists and other data sources as required by applicable laws.
  • Jurisdictional controls: to enforce geo-blocking, manage access from the UK and other regions, and respond to regulatory pressures (including changes under Curaçao's LOK regime) that may affect future access to happiluker.com.

Service Improvement and Analytics

  • Usage analytics: to understand how users interact with happiluker.com, identify technical issues, improve navigation and enhance user experience.
  • Product development: to test and roll out new games, features or promotions based on aggregated or anonymised usage data.

Marketing and Personalisation

  • Direct marketing: to send promotional communications where permitted, tailored to your preferences and play history.
  • Personalised content: to display customised offers, recommendations and bonus suggestions based on your behaviour and preferences, where allowed by law and your consent choices.

Fraud Prevention and Security

  • Security monitoring: to detect suspicious logins, automated abuse, bonus exploitation and other fraudulent activity.
  • Incident response: to investigate and respond to security incidents and player complaints and to implement remedial measures.

Disclosure & Sharing

We share personal data only where necessary for the purposes described above, and subject to appropriate safeguards and contractual protections.

Service Providers and Business Partners

  • Payment processors and banks: to process deposits, withdrawals, chargebacks and fraud checks. These partners receive transaction data, limited account details and technical information necessary to execute payments securely.
  • Game providers: to deliver games and related features, usually receiving pseudonymized identifiers and gameplay data rather than full identity details.
  • IT and infrastructure providers: cloud hosting, content delivery networks, security service providers and analytics vendors who process technical and usage data on our behalf.

Professional Advisers and Corporate Transactions

  • Advisers: lawyers, auditors, accountants and other professional advisers who may need access to limited personal data to provide their services and help us comply with legal and regulatory requirements.
  • Corporate changes: in the event of a merger, acquisition, reorganisation or sale of business assets, personal data may be shared with prospective or actual purchasers, subject to confidentiality obligations and applicable law.

Regulators and Public Authorities

  • Gaming regulator: Gaming Curacao and other relevant authorities may receive data for licensing, reporting or enforcement purposes.
  • Law enforcement and courts: we may disclose data where required to do so by law, court order, or to protect our rights, the rights of our users or the public.

Affiliates and Marketing Partners

  • Affiliates and marketing networks: with your consent and where permitted by law, we may share limited identifiers (such as cookie IDs or pseudonymized account IDs) with advertising and affiliate partners to measure campaign performance and, where allowed, to personalise marketing.

We do not sell your personal data in the sense commonly understood under data protection laws. Any sharing with third parties is governed by data processing agreements or equivalent contractual safeguards, especially where partners are located outside the UK or the EEA.

International Transfers

Because happiluker.com is operated by Class Innovation B.V. from Curaçao and uses global service providers, your personal data may be transferred to and processed in countries outside the United Kingdom and the European Economic Area (EEA), including jurisdictions that may offer a different level of data protection.

Locations of Processing

  • Curaçao: primary location for core operational processing carried out by Class Innovation B.V. as licence holder under master licence 365/JAZ.
  • Other regions: technical and support services may be provided from locations in the EEA, the United Kingdom, India, South East Asia (including Thailand and Vietnam) and other jurisdictions where our vendors operate.

Safeguards for International Transfers

  • Standard Contractual Clauses (SCCs): where required by UK or EU data protection law, we implement European Commission or UK-approved SCCs with our non-UK/EEA service providers.
  • Technical and organisational measures: encryption, access controls and minimisation of data shared with third parties, consistent with recognised security practices.
  • Risk assessments: we assess the local legal environment and adopt supplementary measures where necessary to ensure essentially equivalent protection for your data.

While these safeguards are designed to protect your data, you acknowledge that by using an offshore gambling service such as Happy Luke on happiluker.com, your data may be processed in jurisdictions where supervisory structures and enforcement mechanisms differ from those in the UK. This does not limit your ability to exercise your rights under UK data protection law as set out in this policy.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, regulatory and reporting requirements, and then securely delete or anonymise it.

Typical Retention Periods

  • Account and identification data: normally kept for the duration of your relationship with us and for up to five (5) years after account closure, or longer where required by AML, tax or other applicable law.
  • Transaction and gameplay records: maintained for at least five (5) years from the date of the relevant transaction or from account closure, to comply with regulatory and accounting obligations and to resolve disputes.
  • Marketing data: retained for as long as you remain opted-in to marketing, and for a short period afterwards (typically up to two (2) years) to evidence your choices and manage suppression lists.
  • Technical logs and security data: stored for shorter periods, generally between six (6) months and two (2) years, depending on the type of log and security relevance.

Deletion Criteria

  • End of purpose: when data is no longer needed for the purpose for which it was collected and no legal retention requirement applies, it is deleted or irreversibly anonymised.
  • User request: where you validly exercise your right to erasure, we delete or anonymise your data unless we must keep it to comply with legal obligations or to defend legal claims.
  • Regulatory changes: if changes in law, such as those arising from Curaçao's LOK regime or UK regulatory developments, require shorter or longer retention, we will adjust our practices accordingly and update this policy.

Your Rights

Under the UK GDPR and the UK Data Protection Act 2018, and in alignment with relevant EU GDPR and Mexican privacy principles (including the Federal Law on Protection of Personal Data Held by Private Parties in Mexico), you have a range of rights over your personal data. These generally apply regardless of our Curaçao location.

Data Subject Rights

  • Right of access: to obtain confirmation of whether we process your data and to receive a copy of the personal data we hold about you, along with information about how we use it.
  • Right to rectification: to have inaccurate or incomplete personal data corrected, including updating your contact details or verification documents.
  • Right to erasure: to request deletion of your personal data, particularly where it is no longer necessary for the purposes for which it was collected, you withdraw consent and no other legal basis applies, or you consider the processing unlawful. We may retain data where necessary to comply with legal obligations (for example AML and accounting regulations).
  • Right to restriction: to request that we limit the processing of your data, for example while we verify its accuracy or consider an objection you have raised.
  • Right to object: to object at any time to processing based on our legitimate interests, including profiling. We will cease such processing unless we demonstrate compelling legitimate grounds overriding your interests, rights and freedoms, or the processing is needed for legal claims.
  • Right to data portability: to receive personal data you have provided to us in a structured, commonly used and machine-readable format and to request that we transmit it to another controller where technically feasible.
  • Rights related to marketing: to withdraw consent to direct marketing and to object at any time to marketing, including profiling for marketing purposes. You can change your preferences in your account settings or via the unsubscribe options in marketing messages.

Where Mexican data protection law applies to you, these rights broadly correspond to the "ARCO" rights (Access, Rectification, Cancellation and Opposition). While happiluker.com does not primarily target Mexico, we seek to accommodate such requests in line with both UK and Mexican principles where feasible.

How to Exercise Your Rights

  • Submission: send your request to privacy@happiluker.com from the email associated with your account, or submit it through any dedicated privacy or contact form available within your happiluker.com account.
  • Verification: we may ask for additional information (for example, copies of ID or security questions) to confirm your identity before actioning your request, especially for sensitive actions such as data access or erasure.
  • Response times: we aim to respond to all valid requests within one (1) month of receipt. In complex cases or where you have made multiple requests, this period may be extended by up to two (2) further months; if so, we will inform you of the extension and reasons.
  • Fees: we handle requests free of charge. We may charge a reasonable fee or refuse to act on clearly unfounded or excessive requests, in accordance with applicable law.

Cookies & Tracking Technologies

happiluker.com uses cookies and similar technologies to provide and improve the Happy Luke service, to secure our platform and, where permitted, to personalise content and marketing.

Types of Cookies

  • Strictly necessary (session) cookies: required for the website and games to function, to enable login, maintain sessions, process payments and secure your account. These are typically deleted when you close your browser.
  • Functional (persistent) cookies: used to remember your preferences (such as language, region and display settings) across visits.
  • Analytics cookies: used to collect aggregated information about how visitors use happiluker.com, helping us understand performance, detect errors and improve user experience.
  • Advertising and affiliate cookies: set by us or third parties to measure the effectiveness of campaigns, track referrals from affiliate websites and, where permitted, tailor marketing to your interests.

Managing Cookies

  • Browser settings: you can usually configure your browser to block or delete cookies. However, blocking strictly necessary cookies may affect core functionalities such as login or payment processing.
  • On-site controls: where available, you can use our cookie banner or preferences centre on happiluker.com to manage non-essential cookies.
  • Opt-out tools: for third-party analytics or advertising providers, you may use their own opt-out mechanisms where provided.

Data Security

We take the security of your personal data seriously and implement technical and organisational measures designed to protect it against unauthorised access, alteration, disclosure or destruction. While no online service can guarantee absolute security, we aim to align our controls with recognised security standards.

Technical Measures

  • Encryption in transit: data exchanged between your browser and happiluker.com is protected using TLS (Transport Layer Security) version 1.2 or higher, where supported by your device and browser.
  • Encryption at rest: sensitive data, including certain financial and authentication data, is stored in encrypted form or otherwise pseudonymized in our systems.
  • Access controls: access to production systems and databases is restricted to authorised personnel on a need-to-know basis using role-based permissions, strong authentication and logging.
  • Network and application security: use of firewalls, intrusion detection or prevention tools, anti-fraud systems and regular vulnerability assessments to mitigate common threats.

Organisational Measures

  • Staff training: employees and contractors with access to personal data receive training on confidentiality, data protection and security best practices.
  • Policies and procedures: internal policies govern data handling, access management, incident response and acceptable use of systems.
  • Incident response: we maintain procedures for detecting, investigating and responding to suspected personal data breaches, and for notifying affected individuals and relevant authorities where required by law.

Our aim is to design our security framework to be consistent with internationally recognised standards such as ISO 27001 and SOC 2, although this does not necessarily mean we hold formal certification. You should also take appropriate steps to protect your account, including choosing strong passwords, keeping them confidential and enabling any security features we offer.

Complaints & Contacts

If you have concerns about how happiluker.com, operated by Class Innovation B.V., handles your personal data, you have several ways to contact us and, if needed, to escalate your complaint.

How to Contact Us

  • Email (primary channel): privacy@happiluker.com
  • In-account contact: where available, use the "Contact Us" or support section within your happiluker.com account to raise privacy-related queries.
  • Postal address (privacy matters): Data Protection Officer, Class Innovation B.V., Curaçao

Internal Complaint Procedure

  1. Step 1 - Submit your complaint: contact us via email or through your account, clearly describing your concern and including any relevant account or transaction details.
  2. Step 2 - Acknowledgement: we will acknowledge receipt of your complaint as soon as reasonably possible, usually within a few business days.
  3. Step 3 - Investigation: our data protection or compliance team will review your complaint, gather any necessary information and, where relevant, consult with other internal teams.
  4. Step 4 - Response: we aim to provide a substantive response within one (1) month. If the matter is particularly complex or you have submitted multiple issues, we may need up to two (2) additional months; if so, we will inform you of the extension and reasons.

Escalation to Supervisory Authorities

  • United Kingdom (primary authority for UK users): you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you are not satisfied with our response. Further information is available at https://ico.org.uk, or by writing to Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, United Kingdom.
  • European Union / EEA: if you are located in the EEA, you may also complain to your local data protection authority or to the authority in the Member State of your habitual residence, place of work or the place of the alleged infringement.
  • Mexico: if Mexican data protection law applies to you, you may contact the Mexican data protection authority, the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI). Further information is available at https://www.inai.org.mx.

Nothing in this section limits any other rights or remedies you may have under applicable data protection law. However, as noted, Happy Luke is not regulated by the UK Gambling Commission, and UK gambling ombudsman services such as IBAS are not available for disputes related to our offshore operations.

Updates

We may update this privacy policy from time to time to reflect changes in our processing activities, legal requirements, regulatory guidance or technical developments, including changes arising from the implementation of Curaçao's LOK regime or evolving UK and international data protection standards.

How We Inform You of Changes

  • Website notice: the updated policy will be posted on happiluker.com with a revised "Last updated" date.
  • Direct notifications: for material changes, we will seek to notify you in advance via email, account messages and/or prominent banners on happiluker.com.
  • Advance notice: where feasible and where a change could significantly affect your rights or the way we process your data, we will provide at least thirty (30) days' notice before the change takes effect.

Versioning and Your Choices

  • Version control: we maintain records of previous versions of this privacy policy and can provide them upon reasonable request.
  • Your options: if you do not agree with a material change, you may close your account and request that we delete or restrict your data, subject to our legal obligations to retain certain records.

Last updated: January 2026 (effective date of current version: 6 November 2025).