Privacy Policy
This page explains what personal information Dream Jackpot collects from visitors, why we collect it, where it sits, who it gets shared with, and how to exercise your rights under UK privacy law. The technical companion — cookies, analytics, browser storage — sits on the Cookie Policy page; this page is the human-readable version of the same arrangement.
Dream Jackpot operates as an independent informational platform; the wider context is on the About page. This privacy policy covers the Dream Jackpot website only. Once a reader clicks through to an operator's site, that operator's own privacy policy takes over; Dream Jackpot doesn't share data with operators except in the limited form set out below.
1. What Dream Jackpot is
Dream Jackpot publishes reviews and guides about online casinos available to UK players. The flagship operator review lives on the Dream Jackpot Casino homepage. The site doesn't host games, run player accounts, accept deposits, hold funds or process withdrawals. There's no signup. There's no login. A default visit involves no data exchange beyond standard web traffic. Where Dream Jackpot does collect personal data — for example, when you reach out to us through the contact channels — this page sets out exactly what happens to it.
2. UK privacy law context
The handling of personal information at Dream Jackpot follows the UK GDPR and Data Protection Act 2018, together with the thirteen UK GDPR principles supervised by the Information Commissioner's Office (ICO). Visitors from Europe also receive their GDPR rights here. Visitors based in California get the benefit of CCPA rights to the extent those apply. Where one framework imposes a stricter rule, the stricter rule prevails.
3. What data Dream Jackpot collects
The data falls into three buckets: technical traffic information, voluntary contact submissions, and aggregated analytics.
| Category | What is collected | Why | Legal basis |
|---|---|---|---|
| Technical traffic data | IP address (anonymised after 24h), browser type, device type, page URL requested, timestamp, referrer. | Serve pages, prevent abuse, debug performance issues. | Legitimate interest under UK GDPR Article 6 legitimate interest. |
| Voluntary contact data | Name, email address, message content, supporting documents you choose to attach. Submitted only if you write to us. | Reply to your enquiry. | Consent under UK GDPR consent basis (you provide the data; we use it for the stated purpose). |
| Aggregated analytics | Pseudonymous traffic statistics generated by Google Analytics 4 with IP anonymisation enabled. | Understand which pages are useful and which aren't. | Consent (you can decline analytics cookies on first visit). |
Categories that Dream Jackpot deliberately doesn't collect include: financial data (no payment processing runs on this domain), gambling account credentials (we operate no accounts), biometrics, location beyond country level (which is derived from anonymised IP), and special-category data (race, religion, health, sexual orientation, political opinion). No targeted advertising or remarketing is used; the funding model behind the site appears on the Affiliate Disclosure page.
4. Cookies and similar technologies
Full details on every cookie Dream Jackpot uses, the third-party services responsible, and the available control mechanisms appear on the Cookie Policy page. The short version goes like this — strictly necessary cookies (page loading, consent banner state, abuse prevention) are placed by default; analytics and affiliate-tracking cookies are placed only after consent through the cookie banner; the selection can be changed any time via the link in the footer.
5. Affiliate links and operator-side tracking
Three things happen whenever a reader clicks an outbound operator link from Dream Jackpot. To start with — an internal redirect at /go logs the click for our own analytics regardless of whether the reader proceeds. Then — the browser is forwarded onward to the operator's site. And finally — the operator may set its own cookies and register the visit as a referral attribution. No name, email or other identifying personal data is handed over to the operator from Dream Jackpot. All the operator learns is that "the visitor arrived from Dream Jackpot". Should a reader go on to register on the operator's platform, that registration is then governed by the operator's privacy policy and not this one.
6. How long data is retained
- IP addresses: raw IPs persist for up to 24 hours for abuse-prevention purposes, then get anonymised by truncating the final octet on IPv4 or the trailing 80 bits on IPv6. Anonymised IPs remain on file for up to 14 months for traffic-statistics analysis.
- Contact correspondence: incoming emails and any attachments stay on file for 24 months — used for follow-up and auditing — then get deleted unless they're still part of an active conversation.
- Analytics events: Google Analytics 4 data retains for 14 months under our chosen configuration, after which it's deleted automatically.
- Cookie consent record: the consent itself sits in your browser's local storage for 12 months, after which the banner shows again.
When statutory retention runs longer — for instance tax records governed by HMRC record-keeping rules covering affiliate-related accounting — the relevant data stays only for that legally mandated window, never repurposed.
7. Who Dream Jackpot shares data with
Three carefully limited categories. The first — service providers that operate parts of the Dream Jackpot infrastructure stack (web hosting, content delivery, email), each one bound by a written data-processing agreement restricting their use of any data to delivering the service in question. The second — analytics providers, specifically Google Analytics 4, receiving only IP-anonymised traffic data with no personally identifying information attached. The third — law enforcement and regulators, who receive data only in response to a valid legal demand and only the data the demand specifies. Selling, renting or trading personal data — to anyone, ever — is not something Dream Jackpot does.
8. Where data is stored
The Dream Jackpot infrastructure sits on cloud providers based in the UK and the European Economic Area. A small number of service providers — Google Analytics 4 most notably — process data in the United States. Whenever data crosses out of the UK, the recipient is held to either Standard Contractual Clauses or to an equivalent framework that the ICO has approved as offering protection at least equivalent to UK law.
9. Your rights
UK GDPR and equivalent international frameworks grant you the following rights over any personal data Dream Jackpot holds about you.
- Access: request what we hold and receive a copy of it.
- Correction: ask that inaccurate data be put right.
- Deletion: request that your data be removed, subject to any legal retention obligation.
- Withdrawal of consent: where consent is the processing basis, you can withdraw it at any point — prior lawful processing remains valid.
- Complaint: if you think Dream Jackpot has mishandled your data, the ICO at ico.org.uk handles complaints. UK readers are usually best off contacting us first so the matter has a chance to be put right.
To exercise any of these rights, get in touch via the privacy channel listed on the Contact page. The response window is 30 days, as required by the UK GDPR.
10. Children's privacy
The audience for Dream Jackpot's content is adult UK readers. This site isn't aimed at, and isn't intended for, anyone below the age of 18. Personal data is not knowingly collected from minors. Should it come to light that data has been submitted by someone under 18, that data gets deleted and — where applicable — the parent or guardian is informed.
11. Security
The security controls in use at Dream Jackpot follow industry norms: TLS 1.2 or higher protecting every data transfer in transit; least-privilege access rules and tight access controls on internal systems; periodic reviews of who has access to what; logging on every administrative action; third-party penetration testing of the public site at regular intervals. Nothing is fully unbreakable; where a personal-data breach with a likely risk of serious harm occurs, the affected people are notified directly and the ICO is told in line with the ICO breach-notification regime under the UK GDPR.
12. Changes to this policy
Any change to this policy triggers a revised "Last updated" date at the top. Substantive changes — new data categories collected, new third-party processors, modified retention windows — also bring a homepage banner shown for at least 30 days. Smaller housekeeping changes (reword, link refresh) don't trigger a banner.
13. Contact
Privacy questions are best directed via the privacy channel on the Contact page. Editorial questions about Dream Jackpot content route through the editorial channel; the correction process is set out on the Editorial Policy page. Player-safety guidance for anyone reading this site sits on the Responsible Gambling page.