burger icon
Dream Vegas Review Canada
Log In

Privacy Policy

This Privacy Policy explains how White Hat Gaming Limited collects, uses, discloses, and protects personal information when you visit or use the Canadian-facing Dream Vegas services available via dreamvegas-ca.com, including the Dream Vegas pages (together, the "Site"), and when you interact with us as a player or website visitor. It applies to individuals in Canada who access the Site, whether or not they create an account or place real-money wagers. By using the Site, you acknowledge that you have read and understood this Privacy Policy. This Privacy Policy is effective as of 1 January 2026.

Who We Are

The Site is operated for Canadian players under the Dream Vegas brand by:

White Hat Gaming Limited
Registered office: 85 St John Street, Valletta, VLT1165, Malta

White Hat Gaming Limited is licensed and regulated for online gambling activities in multiple jurisdictions, including:

  • Canada (Ontario) - listed as an operator with the Alcohol and Gaming Commission of Ontario (AGCO) and iGaming Ontario (iGO): https://igamingontario.ca/en/operator/white-hat-gaming-limited
  • Malta - licensed by the Malta Gaming Authority under licence number MGA/B2C/370/2017: https://authorisation.mga.org.mt/verification.aspx?lang=EN&company=c73232
  • United Kingdom - regulated by the UK Gambling Commission: https://www.gamblingcommission.gov.uk/public-and-players/enforcement/white-hat-gaming-limited

Further corporate information about White Hat Gaming Limited can be found via publicly available registries and regulatory websites, including:

White Hat Gaming Limited maintains an information security management system aligned with ISO 27001 standards.

Data Protection Contact (DPO / Privacy Office)

If you have any questions or requests regarding this Privacy Policy or our handling of personal information, you can contact our Data Protection Officer (DPO) or privacy team at:

  • Email: [email protected]
  • Postal address: Data Protection Officer, White Hat Gaming Limited, 85 St John Street, Valletta, VLT1165, Malta

What Personal Data We Collect

We collect and process different categories of personal information about players and visitors to the Site. The exact data we collect depends on how you interact with us, but generally includes:

  • Identification and contact data - such as your full name, date of birth, residential address, billing address, email address, telephone number, language preference, and copy or details of identification documents (e.g., passport, national ID, driving licence) when required for KYC and age verification.
  • Account and profile data - including username, encrypted password, security questions and answers, account preferences, communication preferences, responsible gambling settings, and records of account status (active, self-excluded, closed).
  • Verification and compliance data - information collected for "know your customer" (KYC), anti-money laundering (AML), and other regulatory checks, such as proof of identity, proof of address, source of funds or wealth documentation, occupation and employment information, and results of sanctions and politically exposed persons (PEP) screening.
  • Payment and financial data - such as limited payment card details (e.g., card type, last four digits, expiry date), bank account information, e-wallet identifiers, transaction records (deposits, withdrawals, chargebacks, refunds), currency, and payment status. Full card data is typically processed by our payment providers and not stored in a readable form by us.
  • Technical and device data - including IP address, device identifiers, browser type and version, operating system, screen resolution, approximate location derived from IP (e.g., city, province, country), access times, session identifiers, and technical logs (log files, error logs, performance data).
  • Usage and behavioural data - such as login dates and times, pages viewed, links clicked, time spent on pages, in-game activity, bonuses claimed, wagering and betting history, game preferences, responsible gambling interactions, communication logs, and interaction with customer support (via chat, email, or other channels).
  • Marketing and communication data - including your preferences regarding receiving marketing from us and our partners, records of marketing consents and opt-outs, information about which promotional emails or notifications you open, click, or interact with, and responses to surveys or feedback forms.
  • Cookies and similar technologies - data collected through cookies, web beacons, pixels, SDKs, and similar technologies, such as session identifiers, authentication tokens, analytics events, advertising identifiers, and tracking information used to remember your preferences and measure performance. For more detail, see the "Cookies & Tracking Technologies" section below.
  • Information from third parties - including data obtained from identity verification providers, payment providers, credit and affordability checks where permitted by law, fraud prevention agencies, marketing affiliates, social media platforms (when you choose to interact with our official pages), and regulators or law enforcement authorities.

Legal Basis for Processing

Our primary privacy obligations arise under applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA) and substantially similar provincial laws. Where relevant, we align our practices with international standards, including the EU General Data Protection Regulation (GDPR) and the Mexican Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP).

We process personal information based on the following legal grounds (or equivalent concepts under applicable law):

  • Your consent
    We rely on your consent to:
    • send you electronic marketing communications (email, SMS, push notifications) where required by law;
    • use certain cookies and similar technologies for analytics and advertising purposes;
    • perform certain optional profiling and personalization activities not strictly necessary for providing the services.
    You may withdraw your consent at any time, as described in the "Your Rights" and "Cookies & Tracking Technologies" sections.
  • Contractual necessity
    We process your personal data when it is necessary to enter into and perform our contract with you, including to:
    • create and manage your player account;
    • verify your eligibility to use the Site and place bets;
    • process deposits, wagers, and withdrawals;
    • provide customer support and resolve operational issues;
    • deliver the games, promotions, and services you request.
    Without this information, we cannot provide our real-money gambling services.
  • Compliance with legal and regulatory obligations
    As a regulated gambling operator, we must comply with obligations imposed by Canadian laws (including gambling regulations in Ontario), Maltese law, and other applicable regimes, such as:
    • age and identity verification;
    • anti-money laundering and counter-terrorist financing requirements, including transaction monitoring and reporting;
    • responsible gambling duties, including monitoring patterns of play and interventions where necessary;
    • record-keeping, audit, and reporting obligations towards regulators and tax authorities;
    • responding to lawful requests from law enforcement and regulators.
    In these cases, processing is necessary for us to meet our legal obligations.
  • Legitimate interests (or equivalent grounds)
    We process personal data where it is necessary for our legitimate interests, provided these are not overridden by your rights and interests, including to:
    • maintain the security and integrity of our systems and the Site;
    • prevent, detect, and investigate fraud, cheating, and abuse;
    • protect the safety, rights, and property of players, staff, and third parties;
    • analyze and improve our games, services, and user experience;
    • conduct internal reporting, analytics, and business planning;
    • defend our legal rights, handle complaints, and manage disputes.
    When we rely on legitimate interests, we apply appropriate safeguards and allow you to object where applicable under law.

For users in jurisdictions where GDPR or equivalent laws apply, the processing bases above correspond to Article 6(1)(a), (b), (c), and (f) GDPR. For users in Mexico, they align with consent and other lawful bases under LFPDPPP and its Regulations.

Purpose of Processing

We use the personal information we collect for the following purposes:

  • Providing and operating the Site and gambling services
    • to create and manage your Dream Vegas account on dreamvegas-ca.com and related Dream Vegas pages;
    • to verify your identity, age, and location to ensure you can legally gamble in your province or territory;
    • to process deposits, wagers, bonuses, winnings, and withdrawals;
    • to provide customer support and manage day-to-day account queries.
  • Regulatory compliance, responsible gambling, and risk management
    • to comply with gambling, AML/CTF, and other regulatory requirements in Canada (including Ontario), Malta, and other relevant jurisdictions;
    • to monitor gameplay and transaction patterns for signs of problem gambling, fraud, or misuse;
    • to apply responsible gambling tools (limits, time-outs, self-exclusion) and record related interactions.
  • Improving and personalizing our services
    • to analyze aggregated usage data and feedback to improve games, features, and Site performance;
    • to personalize content, offers, and recommendations (for example, displaying relevant games or promotions);
    • to test new features and optimize our user interface.
  • Marketing and promotions
    • to send you promotional communications (email, SMS, push, on-site messages) about bonuses, tournaments, and offers, where permitted by law and your preferences;
    • to measure the effectiveness of our marketing campaigns, including affiliates and advertising networks;
    • to conduct surveys, contests, and loyalty programs.
  • Analytics and reporting
    • to produce internal and regulatory reports on market performance, responsible gambling, and operational metrics;
    • to compile anonymized or aggregated statistics for business insights and compliance reporting (e.g., as reflected in iGaming Ontario's market performance reports).
  • Security, fraud prevention, and dispute management
    • to secure our systems and prevent unauthorized access;
    • to detect and prevent fraud, money laundering, collusion, bonus abuse, and other prohibited behaviour;
    • to handle complaints, disputes, chargebacks, and legal claims.

Disclosure & Sharing

We do not sell your personal information. However, we may share personal data with selected third parties for the purposes described in this Privacy Policy, subject to appropriate safeguards and contractual protections.

  • Group entities and related brands
    We may share personal data with other entities within the White Hat Gaming group (for example, back-office or technology entities operating other brands such as Casimba, The Grand Ivy, Temple Nile, and Barz Casino) where necessary for centralized services, internal administration, regulatory reporting, security, or group-level risk management.
  • Payment service providers and financial institutions
    We share necessary information with banks, card schemes, payment processors, e-wallet providers, and other payment intermediaries to:
    • process deposits and withdrawals;
    • verify payment methods and prevent fraud;
    • comply with AML and financial regulations.
    These providers act as independent controllers or processors depending on their role.
  • Identity verification, KYC, and fraud prevention partners
    We may disclose identification, KYC, and transaction data to specialized third parties (e.g., identity verification companies, sanctions and PEP screening services, address verification providers, fraud detection services) to verify your details and prevent illegal activity.
  • Technology, hosting, and support providers
    We use third-party vendors to provide hosting, cloud infrastructure, content delivery, customer support tools (including live chat), email delivery, SMS gateways, analytics, and security services. These providers may process personal data on our behalf as data processors and are contractually required to protect it.
  • Marketing, analytics, and advertising partners
    With your consent where required, we work with:
    • analytics providers (e.g., to analyze Site usage and performance);
    • affiliate networks and marketing partners who refer you to the Site;
    • advertising networks and platforms that deliver targeted advertising based on cookies or similar technologies.
    You can control many of these activities through your cookie and marketing preferences.
  • Regulators, law enforcement, and public authorities
    We may disclose personal data to regulators (including AGCO, iGaming Ontario, the Malta Gaming Authority, and other regulators), law enforcement agencies, courts, and other public authorities where required by law or regulation, or where we reasonably believe disclosure is necessary to:
    • comply with a legal or regulatory obligation;
    • protect our rights, safety, or property or those of our players or third parties;
    • assist with the prevention or investigation of crime, fraud, or regulatory breaches.
  • Professional advisers
    We may share information with lawyers, auditors, accountants, and other professional advisers as needed to obtain advice, conduct audits, or manage legal claims.
  • Corporate transactions
    In the event of a proposed or actual merger, acquisition, sale of assets, or corporate reorganization involving White Hat Gaming Limited, your personal data may be disclosed to prospective or actual buyers and their advisers, subject to appropriate confidentiality obligations. If a transfer occurs, your personal data will remain subject to safeguards consistent with this Privacy Policy.

International Transfers

Your personal data may be transferred to and processed in countries outside of your province, territory, or country of residence. This includes, in particular, transfers between Canada, Malta, the United Kingdom, and other European Economic Area (EEA) countries, and to other jurisdictions where some of our service providers are located (such as the United States or other non-EEA countries).

When we transfer personal data internationally, we implement safeguards designed to ensure an equivalent level of protection, including:

  • Contractual protections - we enter into data protection agreements with our processors and partners, including, where applicable, the European Commission's Standard Contractual Clauses (SCCs) or similar instruments recognized under applicable law, to ensure adequate protection for cross-border transfers.
  • Jurisdictional assessments - we assess the legal environment in destination countries, considering regulatory guidance and case law, and implement additional technical or organizational safeguards where appropriate (such as encryption or pseudonymization).
  • Canadian and international standards alignment - we align cross-border transfer practices with Canadian privacy principles under PIPEDA and with guidance from international data protection authorities, including the Office of the Privacy Commissioner of Canada, European data protection authorities under GDPR, and the Mexican data protection authority (INAI) for users in Mexico.

By using the Site, you understand that your personal information may be transferred to and processed in countries outside Canada, some of which may have different or less protective data protection laws than those in your home jurisdiction. In such cases, we will ensure that appropriate safeguards are in place as described above.

Data Retention

We retain personal information only for as long as necessary to fulfil the purposes described in this Privacy Policy, including to satisfy legal, regulatory, accounting, or reporting requirements. Retention periods may vary depending on the type of data and the jurisdiction in which you play.

We typically apply the following retention periods (subject to applicable legal obligations that may require longer retention):

Category of Data Typical Retention Period
Account and profile data (identification, contact details, account history) For the life of your account and up to 5 years after account closure, or longer if required by law (e.g., for AML or gambling regulatory purposes).
KYC and verification data (ID documents, proof of address, source of funds) Generally 5 to 7 years after account closure or after the last transaction requiring such information, in line with AML and regulatory requirements.
Transaction and financial records (deposits, wagers, withdrawals, chargebacks) At least 5 to 7 years from the date of the relevant transaction, depending on applicable accounting, tax, and regulatory rules.
Customer support communications and complaint records Up to 5 years after resolution of the query or complaint, or longer where necessary in case of disputes or regulatory investigations.
Marketing and consent records For as long as you remain subscribed to marketing communications and for up to 2 years after your last meaningful interaction with us (e.g., last login or last interaction with marketing), unless a longer period is required to demonstrate compliance with consent obligations.
Technical logs and security-related data Typically between 6 months and 2 years, depending on the type of log, unless we need to retain logs longer to investigate or respond to a security incident or legal claim.
Cookies and tracking data In accordance with the lifetime of each cookie or similar technology, as described in our cookie information (generally from the session duration up to 24 months), unless a longer period is technically necessary or legally permitted.

When personal data is no longer required for the purposes for which it was collected, we will either anonymize it (so it can no longer be associated with an identifiable individual) or securely delete it. We may retain anonymized or aggregated data indefinitely for statistical, research, or business analysis purposes.

If you request deletion of your personal data, we will also consider whether we must retain certain information to comply with legal or regulatory obligations or to establish, exercise, or defend legal claims. Where we cannot fully delete data, we will restrict its use to the minimum necessary purpose.

Your Rights

Our handling of personal information is designed to comply with Canadian privacy laws, including PIPEDA and substantially similar provincial laws (such as Alberta and British Columbia's Personal Information Protection Acts and Quebec's private-sector privacy laws). We also aim to align key aspects of our practices with the EU GDPR and the Mexican Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP), especially for users located in those jurisdictions.

Core rights available to you

  • Right to access
    You can request confirmation of whether we hold personal information about you and obtain a copy of that information, together with an explanation of how we use it and with whom it is shared, subject to certain legal exceptions.
  • Right to rectification (correction)
    You can request correction of inaccurate or incomplete personal information. In many cases, you can update certain details directly through your account settings (e.g., contact information). We may ask for documentation to verify changes to important data (such as your legal name or address).
  • Right to deletion / cancellation (subject to legal obligations)
    You can ask us to delete or anonymize your personal information where:
    • it is no longer necessary for the purposes for which it was collected;
    • you have withdrawn consent (where consent was the legal basis) and we have no other legal ground to continue processing;
    • you have successfully objected to the processing; or
    • deletion is required to comply with applicable law.
    However, because we are a regulated gambling and financial services operator, we may need to retain certain data for legal, regulatory, or anti-fraud reasons. In those cases, we will restrict its use to the minimum necessary.
  • Right to restriction of processing
    In certain circumstances, you can request that we restrict the processing of your personal data (for example, while we verify its accuracy or assess an objection). During restriction, we will continue to store the data but will generally not use it for other purposes, except as permitted by law.
  • Right to object
    Where we rely on legitimate interests to process your personal information, you may object to this processing if you believe your privacy interests outweigh our legitimate interests. We will consider your objection and determine whether we can stop or limit the processing. You can also object at any time to the use of your data for direct marketing, in which case we will stop such marketing.
  • Right to withdraw consent
    Where we rely on your consent (for example, for marketing communications or certain cookies), you may withdraw that consent at any time. This will not affect the lawfulness of processing carried out before your withdrawal, but we will stop the processing that relied on consent going forward.
  • Right to data portability (where applicable)
    In jurisdictions where this right is recognized (e.g., under GDPR), you may request a copy of certain personal information you provided to us in a structured, commonly used, machine-readable format and, where technically feasible, request that we transmit it to another service provider.
  • Rights related to automated decision-making
    We may use automated tools to help us make certain decisions, such as detecting fraudulent behaviour or applying responsible gambling measures. Where such automated decisions have a significant effect on you and are based solely on automated processing, you may have the right to obtain human review, express your point of view, and contest the decision, in accordance with applicable law.

Additional rights for users in Mexico and the EU/EEA

  • Mexico (ARCO rights)
    If you are located in Mexico, you may have additional rights under LFPDPPP, often referred to as ARCO rights (Acceso, Rectificación, Cancelación y Oposición). These rights broadly correspond to access, rectification, cancellation (deletion), and opposition (objection) to processing. We will handle such requests in accordance with Mexican data protection law and applicable timeframes.
  • EU/EEA and UK (GDPR-aligned rights)
    If GDPR or UK GDPR applies to you (for example, if you are located in the EEA or UK), the rights described above apply as set out in Articles 12 - 22 GDPR/UK GDPR. We will consider your requests and respond in line with those frameworks, including any specific conditions or limitations.

How to exercise your rights

  1. Submit your request
    You can exercise your rights at any time by contacting our DPO or privacy team at [email protected] or by writing to the postal address provided in the "Who We Are" section. Please specify:
    • your full name, username, and registered email address;
    • the nature of your request (e.g., access, correction, deletion, objection);
    • the jurisdiction you reside in (e.g., Canada, Mexico, EU/EEA).
  2. Identity verification
    To protect your data, we may ask you to provide additional information to verify your identity before fulfilling your request (for example, by confirming certain account details or providing identification documents where legally appropriate).
  3. Response timeframes
    We aim to respond to all valid requests within 30 days of receipt. If your request is complex or we receive numerous requests, we may extend this period as permitted by law, in which case we will inform you of the extension and the reasons for it.
  4. Fees
    We will not charge a fee for processing your request unless it is manifestly unfounded or excessive (for example, repeated frequent requests). If a fee is applicable, we will explain why and provide you with an estimate before proceeding.

Cookies & Tracking Technologies

We use cookies and similar technologies on the Site to ensure it functions properly, to enhance your user experience, to perform analytics, and, where permitted, to support marketing and advertising. Cookies are small text files placed on your device when you visit a website.

Types of cookies we use

  • Strictly necessary cookies
    These cookies are essential for the operation of the Site and enable core functionality such as page navigation, account login, security, and access to secure areas. The Site cannot function properly without these cookies. They are usually set in response to actions you take (e.g., logging in, setting privacy preferences).
  • Functional (preference) cookies
    These cookies allow the Site to remember your choices and preferences, such as language, region, or display settings, providing a more personalized experience.
  • Analytics and performance cookies
    These cookies collect information about how visitors use the Site, such as which pages are visited most often, how users move around the Site, and whether they encounter error messages. We use this information in aggregated form to improve the performance and usability of the Site.
  • Advertising and targeting cookies
    With your consent where required, we and our advertising partners may use these cookies to deliver relevant advertisements to you on our Site or on other websites, measure the effectiveness of advertising campaigns, and limit how often you see a particular ad.
  • Session vs. persistent cookies
    Session cookies are temporary and are deleted when you close your browser. Persistent cookies remain on your device for a specified period or until you delete them.
  • First-party and third-party cookies
    First-party cookies are set by the Site (dreamvegas-ca.com), while third-party cookies are set by external service providers (for example, analytics providers or advertising networks).

Managing cookies and preferences

  • You can manage or disable cookies through your browser settings. The method varies by browser, but you can usually find cookie settings in the "Privacy" or "Security" section of your browser's options. Please note that blocking certain cookies (especially strictly necessary cookies) may impact the functionality of the Site or prevent you from using certain features.
  • Where available, we may provide a cookie banner or preferences centre when you first visit the Site (and periodically thereafter), allowing you to accept or reject non-essential cookies and adjust your preferences at any time.
  • For interest-based advertising, you may also use industry opt-out tools such as the Digital Advertising Alliance of Canada (DAAC) at https://youradchoices.ca, though these tools do not prevent all tracking and may rely on cookies themselves.

For more information about the specific cookies used on the Site and their lifetimes, please refer to any dedicated cookie information that we may provide via the Site's interface.

Data Security

We implement technical and organizational measures designed to protect your personal information against unauthorized access, loss, misuse, alteration, or disclosure. While no method of transmission or storage is completely secure, we continuously work to maintain a robust security posture in line with industry standards.

Technical measures

  • Encryption in transit and at rest - data transmitted between your browser and our systems is protected using Transport Layer Security (TLS) version 1.2 or higher. Where appropriate, we also encrypt data at rest within our systems and databases.
  • Access controls and authentication - access to personal data is restricted to authorized personnel and service providers who need it for their duties. We use role-based access controls, unique user IDs, strong authentication mechanisms (including multi-factor authentication where appropriate), and regular access reviews.
  • Network and infrastructure security - we employ firewalls, intrusion detection and prevention systems, secure configurations, segmentation of networks, and continuous monitoring to protect our environment.
  • Logging and monitoring - we maintain logs of system access and critical activities and monitor them for suspicious behaviour, enabling us to detect and respond to potential security incidents.

Organizational and process measures

  • Information security management - White Hat Gaming Limited operates an information security management system aligned with the ISO 27001 standard for information security. We also expect our key service providers to adhere to comparable security frameworks, and where applicable, to SOC 2-aligned controls.
  • Policies and training - we maintain internal policies on data protection, information security, and acceptable use. Employees and contractors with access to personal information receive training on privacy and security requirements and are bound by confidentiality obligations.
  • Secure development and testing - our systems and applications are developed following secure coding practices and are subject to testing, including vulnerability assessments and, where appropriate, penetration testing.
  • Incident response - we maintain incident response procedures to identify, assess, and respond to suspected personal data breaches or security events. Where required by law, we will notify relevant authorities and affected individuals within the applicable timeframes.

You are responsible for maintaining the confidentiality of your account credentials. We strongly recommend that you choose a strong, unique password, do not reuse it across other services, and do not share it with anyone. If you suspect any unauthorized access to your account, please contact us immediately.

Complaints & Contacts

We are committed to protecting your privacy and addressing any concerns you may have about our handling of your personal information. If you have questions, concerns, or complaints, you have several options for contacting us and, if necessary, escalating your complaint.

How to contact us

  • Data Protection Officer / Privacy Team
    Email: [email protected]
    Postal address: Data Protection Officer, White Hat Gaming Limited, 85 St John Street, Valletta, VLT1165, Malta

When contacting us, please include your full name, account username, registered email address, and a clear description of your question or complaint.

Our internal complaint process

  1. Initial review - we will acknowledge receipt of your complaint as soon as reasonably possible, typically within 10 business days.
  2. Investigation - we will investigate your complaint, which may involve liaising with relevant internal departments (e.g., customer support, security, compliance).
  3. Response - we aim to provide a substantive response within 30 days of receiving your complaint or privacy request. If we are unable to meet this timeframe due to complexity or other legitimate reasons, we will inform you of the delay and the expected new timeframe.
  4. Further steps - if you remain unsatisfied with our response, you may request that your complaint be escalated within our organization, and you also have the right to contact the relevant privacy or data protection authority as described below.

Escalation to supervisory authorities

If you are not satisfied with how we handle your personal information or your complaint, you may have the right to lodge a complaint with a supervisory authority in your jurisdiction.

  • Canada - Federal and provincial privacy regulators
    • Office of the Privacy Commissioner of Canada (OPC)
      Website: https://www.priv.gc.ca
    • Alberta - Office of the Information and Privacy Commissioner of Alberta
      Website: https://www.oipc.ab.ca
    • British Columbia - Office of the Information and Privacy Commissioner for British Columbia
      Website: https://www.oipc.bc.ca
    • Quebec - Commission d'accès à l'information du Québec
      Website: https://www.cai.gouv.qc.ca
  • Mexico - National Institute for Transparency, Access to Information and Personal Data Protection (INAI)
    If you are located in Mexico and believe your ARCO rights have been infringed, you may lodge a complaint with INAI.
    Website: https://www.inai.org.mx
  • European Union / EEA and United Kingdom - Data Protection Authorities
    If GDPR or UK GDPR applies, you can lodge a complaint with your local data protection authority in the EU/EEA or with the UK Information Commissioner's Office (ICO). Contact details for EEA data protection authorities are available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en. The ICO's website is: https://ico.org.uk.

We encourage you to contact us first so that we can try to resolve your concern directly, but you are not obliged to do so before contacting a regulator where applicable law allows direct complaints.

Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, legal or regulatory developments, or improvements to our services. When we make changes, we will revise the "Last updated" date at the end of this Privacy Policy.

How we will notify you of changes

  • Minor changes - for non-material changes (for example, clarifying language or correcting typographical errors), we may simply update the Privacy Policy on the Site without additional notice.
  • Material changes - for significant changes that affect your rights or the way we process your personal information (such as introducing new processing activities, changing the purposes of processing, or altering your rights), we will provide more prominent notice, which may include:
    • email notifications to the address associated with your account;
    • prominent banners or notices on the Site;
    • notifications within your account dashboard, where applicable.
    We will provide such notice at least 30 days before material changes take effect, where feasible and required by law.

Your options in relation to updates

  • If you continue to use the Site after the effective date of the updated Privacy Policy, this will typically signify your acceptance of the changes, to the extent permitted by law.
  • If you do not agree with material changes to the Privacy Policy that significantly affect your rights or the way we use your personal information, you may:
    • adjust your privacy, cookie, or marketing preferences;
    • request deletion or restriction of certain data, subject to legal and regulatory requirements;
    • close your account and stop using the Site.

We recommend that you review this Privacy Policy regularly to stay informed about how we collect, use, and protect your personal information when you use Dream Vegas services via dreamvegas-ca.com.

Last updated: January 2026