burger icon
Evo United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how Evo at evos-uk.com ("we", "us", "our") collects, uses, discloses, and protects your personal data when you visit our website, create an account, play games, or otherwise interact with our services. It applies to players, visitors, and any other individuals whose personal data we process in connection with evos-uk.com. This Privacy Policy is effective from 6 November 2025 and continues to apply until replaced or updated.

Who We Are

The online gaming services offered under the name Evo are provided through the website evos-uk.com (the "Website"). For data protection purposes, the primary data controller is the company that operates evos-uk.com (the "Operator"). The Operator is responsible for determining how and why your personal data is processed in connection with your use of the Website and associated services.

The Operator uses remote gambling software and related services supplied by the Evolution group, including Evolution AB, a Swedish public company (Aktiebolag, AB) listed on Nasdaq Stockholm (ticker: EVO). Evolution group entities act as our providers and, in certain cases, as joint controllers where they independently determine certain processing of your personal data (for example, to comply with their own regulatory obligations).

Evolution's UK-facing gambling software activities are licensed and supervised by the UK Gambling Commission ("UKGC") under Remote Gambling Software licence, Account Number 41655, as recorded on the UKGC public register at: https://gamblingcommission.gov.uk/public-register/business/detail/41655. This licence is a B2B software provider licence and does not replace the remote operating licences held by UK-facing casino operators.

Details such as the Operator's full legal name, registered office address, and company registration number are provided in the legal and "Contact" sections of evos-uk.com and in your account or transactional documentation. These details form part of this Privacy Policy by reference.

You may contact our designated Data Protection Officer (DPO) or data protection team by using the contact information published on evos-uk.com (for example, any privacy or support email address and postal contact provided there). Please clearly mark your communication as "Data Protection / Privacy Request" so it can be routed appropriately.

What Personal Data We Collect

We collect and process different categories of personal data about you, depending on how you use evos-uk.com and the Evo services.

Identification and Contact Data

  • Personal identification details: full name, date of birth, gender, nationality, and proof-of-identity details (such as ID or passport numbers and copies) where required for age verification, Know Your Customer ("KYC"), and anti-money laundering ("AML") checks.
  • Contact details: email address, residential address, country of residence, telephone number(s), and other contact channels you provide when registering or communicating with us.
  • Account data: username, password (stored in hashed form), security questions, account preferences, responsible gambling settings (including any self-exclusion via GAMSTOP), and communication preferences.

Technical and Usage Data

  • Technical data: IP address, device identifiers, browser type and version, operating system, time zone, language settings, and information about the hardware and network you use to access evos-uk.com.
  • Log and event data: login attempts, successful and failed authentication events, session durations, page views, error logs, and technical diagnostic information.
  • Cookies and tracking technologies: identifiers stored in cookies, web beacons, pixels, and similar tools that help us recognize your browser or device, as described in the "Cookies & Tracking Technologies" section.

Gaming, Behavioral, and Transaction Data

  • Gaming data: betting and game history, stakes placed, wins and losses, game sessions (including live casino sessions supported by Evolution studios in Latvia and Malta), in-game actions, chat interactions where available, and any limits or self-exclusion tools you configure.
  • Payment and financial data: partial payment card details, bank account information, e-wallet details, transaction identifiers, deposits, withdrawals, chargebacks, and records needed to process payments and comply with AML, fraud, and accounting requirements.
  • Behavioral and analytics data: clicks, navigation paths, time spent on pages, interaction with promotions, and aggregated information used to understand how users engage with evos-uk.com and Evo content.

Communications and Verification Data

  • Communications: records of your interactions with us (emails, messages, support tickets, complaint correspondence) and, where applicable, recordings or transcripts of phone or live chat communications with customer support, responsible gambling teams, or verification teams.
  • Verification and compliance data: results of KYC/AML checks, sanctions and politically exposed persons ("PEP") screening, address verification, source-of-funds/source-of-wealth documentation, and internal risk assessments.

Legal Basis for Processing

We process your personal data in accordance with the UK General Data Protection Regulation ("UK GDPR") and the UK Data Protection Act 2018. Where applicable, we also align with the EU GDPR and, for certain users, relevant local privacy laws such as the Mexican Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP).

Contractual Necessity

  • Account creation and management: We process identification, contact, and account data to create, maintain, and manage your Evo account on evos-uk.com, provide access to games, process your deposits and withdrawals, and provide customer support.
  • Provision of gambling services: We process gaming and transaction data to settle bets, credit winnings, apply bonuses, manage promotions, and ensure accurate records of your gaming activity.

Compliance with Legal Obligations

  • KYC/AML and regulatory requirements: We process identity, verification, transaction, and gaming data to comply with applicable gambling and AML legislation, record-keeping duties, and reporting obligations to the UK Gambling Commission and other authorities.
  • Accounting and tax: We retain certain financial and transactional data to comply with statutory accounting, audit, and tax record requirements.

Legitimate Interests

  • Service security and integrity: We process technical, log, and behavioral data to monitor for suspicious activity, prevent fraud and abuse, maintain the security of our systems and those of our providers (including Evolution group), and ensure the integrity of games.
  • Service improvement and analytics: We use aggregated and pseudonymised analytics data to understand performance, improve user experience, optimize our offerings, and develop new features relevant to Evo users in the UK market.
  • Establishment, exercise, or defence of legal claims: We may process relevant data to handle complaints, resolve disputes, respond to regulators, and protect our legal rights.

Consent

  • Marketing and personalised offers: We process your contact and behavioral data to send you email, SMS, push notifications, or in-account messages about promotions, new games, and offers only where you have given valid consent or where UK e-privacy rules allow us to do so. You can withdraw consent at any time.
  • Optional cookies: We use non-essential cookies (for example, for advertising or advanced analytics) on the basis of your consent, gathered through our cookie banner or settings on evos-uk.com.

Purpose of Processing

Provision and Operation of Services

  • Account registration and management: To register you as an Evo player on evos-uk.com, verify your age and identity, manage your account, and maintain accurate records of your activity and preferences.
  • Game delivery and operation: To provide access to casino and live casino games (including those supported by Evolution's studios in Latvia and Malta), process bets, calculate and credit winnings, manage jackpots, and keep the gaming environment fair and secure.

Compliance, Risk Management, and Responsible Gambling

  • Regulatory compliance: To comply with obligations under gambling, AML, counter-terrorist financing, and other applicable laws, including monitoring transactions, performing checks, and retaining records for prescribed periods.
  • Responsible gambling: To support tools such as deposit limits, time-outs, self-exclusion (including integration with GAMSTOP for UK players), and to enable monitoring of play patterns so we can identify and assist users who may be experiencing gambling-related harm, including signposting to services such as BeGambleAware.

Analytics, Improvement, and Marketing

  • Service performance and improvement: To analyse how players and visitors use evos-uk.com, measure performance of games and features, diagnose technical problems, and enhance the overall user experience.
  • Marketing and personalisation: To provide you with tailored promotions, bonuses, and recommendations where permitted by law and, where required, based on your explicit consent to receive marketing communications.

Fraud Prevention and Security

  • Fraud detection and prevention: To detect and prevent fraud, money laundering, match-fixing, bonus abuse, account takeover, and other forms of misuse, including by monitoring patterns of play, device usage, and transaction anomalies.
  • Security and incident response: To safeguard the security of our systems, the Evolution group infrastructure, and your data, and to investigate and respond to actual or suspected security incidents.

Disclosure & Sharing

We do not sell your personal data. We only share it with third parties where this is necessary for the purposes described in this Privacy Policy, where required by law, or where you have given your consent.

Service Providers and Group Companies

  • Evolution group and other gaming providers: We share relevant data with Evolution group entities and, where applicable, other authorised game or platform providers who technically operate the games and infrastructure you use on evos-uk.com. These entities may act as processors or, in some cases, joint controllers under data protection law.
  • Payment processors and financial institutions: We share payment-related data with banks, card schemes, payment service providers, and fraud-prevention services to process deposits, withdrawals, chargebacks, and to prevent financial crime.
  • Technical and professional service providers: We use third parties for hosting, cloud services, IT support, analytics, identity verification, email delivery, and other operational services. These providers are bound by contractual obligations to protect your data and use it only under our instructions.

Regulators, Authorities, and Dispute Resolution Bodies

  • Regulatory and law enforcement authorities: We may disclose data to the UK Gambling Commission, the Information Commissioner's Office (ICO), tax authorities, and law enforcement or other public bodies where required by law or where we reasonably consider it necessary to comply with legal or regulatory obligations.
  • Alternative dispute resolution (ADR): In the event of gambling-related disputes, we may share relevant information with ADR services such as IBAS to facilitate independent adjudication.

Affiliates, Marketing Partners, and Advertising Networks

  • Affiliates and marketing partners: Where you arrive at evos-uk.com via an affiliate or marketing partner, we may share limited information (for example, registration and conversion data) for tracking and commission purposes based on our legitimate interests in measuring campaign performance.
  • Advertising and analytics networks: With your consent to non-essential cookies, we may share pseudonymised data with analytics providers and advertising networks to measure campaigns and deliver relevant advertising, in line with applicable e-privacy and data protection rules.

Corporate Transactions

  • Business transfers: If we undergo a corporate transaction (such as a merger, acquisition, or restructuring involving the Evo business associated with evos-uk.com), your data may be disclosed to prospective or actual counterparties and advisers, subject to appropriate confidentiality safeguards, and transferred as part of the resulting corporate entity where permitted by law.

International Transfers

Because Evo at evos-uk.com uses infrastructure and service providers in multiple countries, your personal data may be transferred outside the United Kingdom and the European Economic Area ("EEA"). This includes, in particular, transfers to:

  • Latvia and Malta: where Evolution operates live casino studios and related gaming infrastructure that support UK-facing tables and services.
  • Sweden and other EEA states: where Evolution AB and other group entities or service providers are located or host their systems.
  • Other jurisdictions: where technical, payment, or support providers used by the Operator or Evolution group are established or host data (for example, secure cloud infrastructure providers).

When we transfer your personal data internationally, we implement appropriate safeguards as required by UK GDPR and, where relevant, EU GDPR. These safeguards may include:

  • Adequacy regulations or decisions: Transfers to countries that have been recognised as providing an adequate level of data protection by the UK government (and, where relevant, the European Commission).
  • Standard Contractual Clauses and UK Addendum/IDTA: Use of the European Commission's standard contractual clauses and/or the UK International Data Transfer Agreement or Addendum, including additional technical and organisational measures where appropriate.
  • Group-level data transfer agreements: Intra-group agreements between the Operator and Evolution group entities that contractually require an equivalent level of protection for personal data.

Where Mexican or other non-UK laws apply to particular users, we will take additional steps required by those laws - such as meeting requirements under Mexico's LFPDPPP - to ensure an adequate level of protection for transferred personal data.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, including satisfying any legal, accounting, or reporting requirements, and then securely delete or anonymise it.

  • Account and identification data: Kept for the lifetime of your active account and generally for up to 5 years after account closure or the end of our business relationship, in line with AML and regulatory record-keeping obligations applicable to UK gambling services.
  • Transaction and financial data: Retained for at least 5 - 7 years after the relevant transaction, or longer where required by tax, accounting, or AML laws.
  • Gaming and behavioral data: Retained while your account is active and typically for up to 5 years after closure, subject to longer retention where necessary to investigate or defend against legal or regulatory claims.
  • Technical and log data: Retained for shorter periods, usually between 6 months and 2 years, unless longer retention is necessary for security investigations, fraud prevention, or legal obligations.
  • Marketing data: Retained while you remain subscribed to marketing communications and for a reasonable period (typically up to 2 years) after you opt out, to maintain records of your consent status.
  • Complaints and correspondence: Retained for as long as necessary to resolve your issue and for a further period (typically up to 6 years) where required to evidence compliance and manage legal risks.

When retention periods expire or data is no longer needed for the purposes described, we will either securely delete it or irreversibly anonymise it. In some circumstances we may anonymise your personal data so that it can no longer be associated with you and use such anonymised data indefinitely for statistical, analytical, or reporting purposes.

Your Rights

Under UK GDPR and the UK Data Protection Act 2018, and where applicable under EU GDPR and Mexican LFPDPPP, you have a number of rights in relation to your personal data. These include:

  • Right of access: You can request confirmation of whether we process your personal data and obtain a copy of that data, together with information about how we use it.
  • Right to rectification: You can request correction of inaccurate data and completion of incomplete data. In many cases you can update key details directly in your evos-uk.com account.
  • Right to erasure ("right to be forgotten" / cancellation under ARCO): You can request deletion of your personal data where there is no lawful basis for us to continue processing it, subject to our legal obligations (for example, AML and regulatory retention requirements).
  • Right to restriction of processing: You can request that we limit processing of your data in certain circumstances, such as while we verify its accuracy or consider an objection you have raised.
  • Right to object: You can object to processing based on our legitimate interests (including profiling), and we will stop processing unless we demonstrate compelling legitimate grounds or processing is required for legal claims. You can always object to direct marketing and we will stop sending it.
  • Right to data portability: You can request that we provide certain personal data to you or a third party in a structured, commonly used, machine-readable format, where processing is based on consent or a contract and carried out by automated means.
  • Rights related to automated decision-making: If we use automated decision-making that produces legal or similarly significant effects on you (for example, certain risk or AML decisions), you have the right to request human review, to express your view, and to contest the decision.
  • Right to withdraw consent: Where we process your data based on consent (for example, for email marketing or non-essential cookies), you may withdraw that consent at any time. This does not affect processing carried out before withdrawal.

For users to whom Mexican privacy law applies, these rights broadly correspond to the ARCO rights (Access, Rectification, Cancellation, and Opposition) under the LFPDPPP. We aim to handle requests from such users in a way that is consistent with both UK GDPR and applicable Mexican requirements.

How to exercise your rights: You can submit a request by contacting our DPO or data protection team using the contact details provided on evos-uk.com, preferably from the email address linked to your account or via secure account messaging if available. We may ask you to provide information to verify your identity before acting on your request.

Response timeframe and cost: We will respond to your request without undue delay and in principle within one month (30 days) of receiving a complete request. This period may be extended by a further two months for complex or numerous requests, in which case we will inform you of the extension and reasons. We handle rights requests free of charge, except where requests are manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act, as permitted by law.

Cookies & Tracking Technologies

evos-uk.com uses cookies and similar technologies to provide, protect, and improve the Evo services.

Types of Cookies We Use

  • Strictly necessary cookies: Session and persistent cookies that are essential for the operation of the Website (for example, to keep you logged in, route traffic, prevent fraud, and secure payments). These cannot be disabled via our systems.
  • Functional cookies: Cookies that remember your preferences (such as language, region, or display settings) to provide a more personalised experience.
  • Analytics and performance cookies: First- and third-party cookies that help us understand how visitors use evos-uk.com, measure performance of pages and features, and improve our services.
  • Advertising and marketing cookies: Cookies and similar technologies used, where permitted, to deliver relevant offers, track campaign performance, and limit how often you see particular promotions.

How We Use Cookies

  • Service delivery and security: To enable core features (such as gameplay, account login, and payment processing), maintain session integrity, and prevent fraudulent use of accounts.
  • Personalisation and analytics: To remember your choices, tailor content and promotions, and compile aggregated statistics about usage of evos-uk.com.
  • Marketing and affiliate tracking: To measure the effectiveness of our advertising and affiliate relationships, including where you access the Website via partners.

Cookie Management

  • Consent management: Where required by law, non-essential cookies (for example, analytics and advertising) are only set with your consent, collected through a cookie banner or preference centre on evos-uk.com.
  • Browser settings: You can usually configure your browser to refuse all or some cookies, or to alert you when websites set or access cookies. If you disable cookies, some parts of the Evo services may not function properly.
  • Review and change preferences: Where we provide an internal cookie or privacy settings panel, you can adjust your cookie choices there at any time.

Data Security

We take the security of your personal data seriously and implement technical and organisational measures designed to protect it against unauthorised access, loss, misuse, alteration, or disclosure.

  • Encryption in transit and at rest: We use industry-standard encryption technologies, including TLS 1.2+ for data transmitted between your browser and evos-uk.com, and strong encryption methods for sensitive data stored in our systems and, where applicable, Evolution group systems.
  • Access controls and authentication: We apply role-based access controls so that only authorised personnel and service providers can access personal data strictly on a need-to-know basis. Multi-factor authentication and strong password policies are used where appropriate.
  • Secure infrastructure: The Evo environment associated with evos-uk.com and the Evolution group infrastructures (including studios in Latvia and Malta) are hosted in secure facilities with layered physical and logical security controls, regular patching, and proactive monitoring.
  • Monitoring, audits, and testing: We monitor systems for vulnerabilities and suspicious activity, conduct regular internal reviews, and may engage independent experts to perform security assessments or audits. Where applicable, we align our controls with recognised standards such as ISO 27001 and SOC 2 through our own practices or those of our key providers.
  • Staff training and policies: Personnel with access to personal data receive data protection and security training and are bound by confidentiality obligations and internal policies governing the use of such data.
  • Incident response: We maintain incident response procedures to detect, assess, and respond to potential data breaches or security incidents. Where required by law, we will notify the relevant supervisory authority and affected individuals without undue delay.

Complaints & Contacts

If you have questions, concerns, or complaints about how Evo at evos-uk.com processes your personal data, you can contact us using the privacy or support contact details provided on the Website. Please address your communication to the "Data Protection Officer" or "Privacy Team".

Internal Complaint Procedure

  1. Submit your complaint: Send your complaint via the contact channels listed on evos-uk.com (such as a privacy email address or contact form), providing your account details, a clear description of your concern, and any supporting documentation.
  2. Acknowledgement: We aim to acknowledge receipt of your complaint within 5 working days and will assign a reference where appropriate.
  3. Investigation: Your complaint will be reviewed by the relevant team (for example, our data protection or compliance team). We may contact you for further information if needed.
  4. Response: We will provide a substantive response as soon as reasonably possible and, in any event, generally within 30 days. If we cannot respond within this time due to complexity, we will inform you of the delay and the expected timeframe.

Supervisory Authorities

  • United Kingdom: If you are not satisfied with our response, you have the right to lodge a complaint with the UK data protection regulator, the Information Commissioner's Office (ICO). Further information is available at https://ico.org.uk.
  • European Union / EEA: If EU GDPR applies to you (for example, if you are located in the EEA), you may also lodge a complaint with your local data protection authority. Contact details are available via the European Data Protection Board website.
  • Mexico: Where Mexican privacy law applies, you may raise concerns with the Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI), the Mexican data protection authority, via https://home.inai.org.mx/.

For gambling-related disputes (for example, regarding bet settlement rather than data protection), you may have access to approved alternative dispute resolution bodies such as IBAS, as indicated in the terms and conditions of evos-uk.com and the relevant operator's UKGC licence conditions.

Updates

We may update this Privacy Policy from time to time to reflect changes in our processing activities, legal requirements, or the Evo services provided through evos-uk.com.

  • Notification of changes: When we make material changes, we will take appropriate steps to notify you in advance, which may include notices on the Website (such as banners or pop-ups), messages within your account dashboard, and/or email notifications.
  • Advance notice: Where feasible and required by law, we will provide at least 30 days' notice before significant changes take effect, particularly if the changes materially affect how we use your personal data.
  • Version control: Each version of this Privacy Policy is identified by an effective date and/or version reference. The current version is effective from 6 November 2025 and remains in force into 2026 unless replaced by a later version published on evos-uk.com.
  • Your continued use: Your continued use of Evo services at evos-uk.com after any update becomes effective will constitute your acknowledgement of the updated Privacy Policy. If you do not agree with any changes, you should stop using the services and, where applicable, request account closure.

You can always review the most current version of this Privacy Policy on evos-uk.com. We recommend that you check it periodically to stay informed about how we protect your personal data.