burger icon
Doubledown Casino Canada
Log In

Privacy Policy

This Privacy Policy explains how we collect, use, disclose, and protect personal data of users of Doubledown Casino on the website located at https://doubledown-ca.com (the "Site") and related services. It applies to all visitors, registered players, and other individuals who access or use our social casino services from Canada. By using the Site, you acknowledge that you have read and understood this Policy. This Privacy Policy is effective as of 1 January 2026.

Who We Are

OBSERVE: Identify the operator and its contact points. EXPAND: Link web brand to responsible legal entities and DPO contact. REFLECT: Provide clear corporate and DPO details for jurisdictional transparency.

The Site and the Doubledown Casino social casino services available via https://doubledown-ca.com are operated on behalf of:

  • Operator: DoubleDown Interactive LLC
  • Legal form: Limited Liability Company (LLC)
  • Registered jurisdiction: Washington State, United States of America
  • Registration number: Washington State Unified Business Identifier (UBI) 603 046 380
  • Registered/Legal address: DoubleDown Interactive LLC, Washington State, USA (specific street and ZIP may be verified via the Washington State Department of Revenue corporate registry)
  • Headquarters location: Seattle, Washington, USA

The Site https://doubledown-ca.com is the official Canadian-facing domain for the Doubledown Casino social gaming offering ("Doubledown Casino", "we", "us", "our"). All references to Doubledown Casino in this Policy relate to the services provided via this domain.

Data Protection Contact

  • Data Protection Officer / Privacy Contact: Data Protection Department, DoubleDown Interactive LLC
  • Email (primary privacy contact): [email protected]
  • Support contact (for player privacy requests): [email protected]
  • Postal contact (privacy): DoubleDown Interactive LLC, Attn: Data Protection Department, Seattle, Washington, USA (full mailing details available upon request or via public corporate records)

You may also use our contact form at https://doubledown-ca.com/contact for privacy-related inquiries and rights requests, clearly marking your message as "Privacy / Data Protection".

What Personal Data We Collect

OBSERVE: Enumerate data categories. EXPAND: Distinguish between directly provided, automatically collected, and partner-supplied data. REFLECT: Link categories to their practical use and compliance justification.

Identity and Contact Data

  • Full name, display name or username.
  • Email address (e.g., the one used for registration, newsletters, or support interactions).
  • Telephone number, where you provide it for support or verification.
  • Country and province of residence, language preferences (e.g., en / Canada).

Account and Gameplay Data

  • Account identifiers (user ID, internal profile IDs associated with Doubledown Casino).
  • Gameplay history, including games played, in-game progress, session durations, virtual items and coins acquired or spent.
  • Behavioral and interaction data, such as clicks, navigation paths, timestamps of logins, session logs, in-game actions, and preferences.
  • Social interaction data (friends lists, chat logs or community interactions) where applicable and permitted by you and platform rules.

Technical and Device Data

  • IP address, approximate geolocation (country, region, and, where necessary, city-level approximation).
  • Device identifiers and characteristics (device type, operating system, browser type and version, screen resolution, unique device IDs where supported and lawful).
  • Log files, including access times, pages viewed, referring/exit pages and URLs, and error logs.

Payment and Transaction-Related Data

Doubledown Casino operates as a social casino. No real-money gambling is offered, but you may purchase virtual items or credits. For this purpose, we may collect:

  • Limited payment-related data, such as transaction timestamps, transaction IDs, purchased packages, currency, amount, and status (successful/failed/refunded).
  • Information about your chosen payment method (e.g., card type, payment service, digital wallet), without storing full card numbers or CVV, which are processed by our payment partners.
  • Billing country and certain billing details as required for tax, anti-fraud checks, and accounting.

Marketing, Communication, and Preference Data

  • Records of your communication with our support team (emails sent to [email protected] or via the contact form), including content of inquiries and our responses.
  • Newsletter subscriptions, marketing preferences, and opt-in/opt-out records.
  • Engagement with marketing communications (email opens, link clicks, unsubscribe actions).

Cookies and Similar Technologies

  • Cookie identifiers, session tokens, and related browser storage data.
  • Analytics data from cookies and SDKs (e.g., page performance, traffic sources, feature usage).
  • Advertising-related identifiers (where consented), used to deliver and measure relevant advertising.

We may also receive aggregated or pseudonymized data from our affiliates, advertising partners, and analytics providers to enhance our understanding of service performance and user preferences, always in accordance with applicable law.

Legal Basis for Processing

OBSERVE: Identify applicable bases (consent, contract, legitimate interests, legal obligations). EXPAND: Map each basis to key processing activities. REFLECT: Provide balanced description to align with Canadian privacy principles and, where relevant, international standards such as the GDPR.

Consent

  • We rely on your explicit or implied consent for:
    • Non-essential cookies and similar technologies used for analytics and advertising.
    • Direct marketing communications (e.g., email newsletters, promotional offers) where required by law.
    • Use of certain optional profile details and social features.
  • You may withdraw your consent at any time (see "Your Rights" below), without affecting the lawfulness of processing based on consent before its withdrawal.

Contract Fulfilment

  • We process your personal data where necessary to:
    • Create and maintain your Doubledown Casino account.
    • Provide access to our social casino games and related services.
    • Process your purchases of virtual items/credits and deliver those items to your account.
    • Provide customer support and resolve technical issues.
  • Without such processing, we would not be able to provide the core services of Doubledown Casino via doubledown-ca.com.

Legitimate Interests

  • We process certain data where it is necessary for our legitimate business interests and where these interests are not overridden by your privacy rights, including:
    • Ensuring the security and integrity of our Site, servers, and users (e.g., detecting abuse, fraud, cheating, or unauthorized access).
    • Analyzing and improving our services, including game performance, features, and user experience.
    • Tailoring non-intrusive content and basic marketing to your preferences, where permitted by law.
    • Protecting and enforcing our legal rights, including in connection with disputes, investigations, or regulatory inquiries.

Compliance with Legal Obligations

  • We may process and retain your data to:
    • Comply with applicable laws and regulations in the United States and Canada relating to consumer protection, taxation, recordkeeping, and online services.
    • Cooperate with lawful requests from law enforcement authorities, courts, or regulators.
    • Meet corporate and securities reporting obligations applicable to our corporate group (e.g., SEC and other regulatory filings), typically using aggregated or anonymized data.

Purpose of Processing

OBSERVE: List primary purposes. EXPAND: Connect purposes with typical data categories. REFLECT: Clarify how each purpose serves users and regulatory expectations.

Service Provision and Operation

  • To register and authenticate users of Doubledown Casino on doubledown-ca.com.
  • To provide and maintain access to our social casino games and virtual items.
  • To operate core functionalities such as saving game progress, leaderboards, social features, and in-game communications.

Service Improvement and Personalization

  • To understand how users interact with our Site and games, enabling us to fix bugs, improve stability, and enhance user experience.
  • To personalize content and game suggestions based on your preferences and historical interactions.
  • To conduct analytics, A/B testing, and statistical analysis on aggregated or pseudonymized data.

Marketing and Communications

  • To send promotional emails or in-game notifications about new features, events, and offers, subject to your consent and legal requirements.
  • To provide service-related announcements (e.g., maintenance notices, policy updates, security alerts).
  • To measure and optimize the effectiveness of marketing campaigns.

Fraud Prevention, Security, and Compliance

  • To detect and prevent fraud, abuse, cheating, money misuse in purchases of virtual items, and other prohibited activities.
  • To secure our systems, prevent unauthorized access, and safeguard the integrity of gameplay and virtual economies.
  • To comply with applicable legal and regulatory obligations and to respond to lawful requests from competent authorities.

Disclosure & Sharing

OBSERVE: Identify categories of recipients. EXPAND: Explain conditions, safeguards, and examples. REFLECT: Balance operational needs with users' expectations and legal duties.

Service Providers and Technical Partners

  • We engage third-party service providers who process personal data on our behalf and under our instructions ("processors"), including:
    • Hosting and infrastructure providers (servers, cloud services, content delivery networks).
    • Payment processors and billing providers handling purchases of virtual items.
    • Customer support platforms facilitating communication with players.
    • Analytics providers helping us measure performance and usage trends.
  • These providers are bound by contractual obligations to protect your data, use it only for specified purposes, and implement appropriate security measures.

Affiliates and Group Companies

  • We may share data with our corporate affiliates within the DoubleDown Interactive group and, where relevant, the wider corporate group (including DoubleDown Interactive Co., Ltd. and its parent DoubleU Games) for:
    • Internal administration and centralized services (IT, security, analytics).
    • Compliance, auditing, and reporting obligations.
    • Strategic business planning and risk management, typically using aggregated or pseudonymized data.

Regulators, Law Enforcement, and Legal Proceedings

  • We may disclose data where required or permitted by law, including:
    • To competent courts, law enforcement agencies, or governmental authorities in connection with legal proceedings, investigations, or regulatory inquiries.
    • To comply with orders or requests that we reasonably consider to be lawful and binding.
    • To protect the rights, safety, and property of DoubleDown Interactive LLC, our users, or the public, and to enforce our terms and conditions.

Advertising and Affiliate Partners

  • With your consent where required, we may share limited data (such as cookie identifiers, approximate location, or device information) with:
    • Advertising networks and social media platforms, for the purpose of delivering targeted advertising and measuring campaign performance.
    • Affiliate partners who refer players to us, for attribution and commission calculation, usually on an aggregated or pseudonymized basis.

Business Transfers

  • In connection with any merger, acquisition, asset sale, restructuring, or other corporate transaction involving DoubleDown Interactive LLC or its affiliates, personal data may be transferred to the relevant third parties, subject to appropriate confidentiality and data protection safeguards.

We do not sell your personal data in the sense of providing it to third parties in exchange for monetary consideration independent of the service, in line with common privacy principles applicable to Canadian users.

International Transfers

OBSERVE: Identify cross-border flows (Canada - USA and potentially beyond). EXPAND: Describe safeguards. REFLECT: Provide transparency on locations and protective mechanisms.

  • Your data may be transferred to and processed in countries other than the one in which you reside, including:
    • The United States of America (where DoubleDown Interactive LLC is established and where many of our servers and staff are located).
    • Other jurisdictions where our cloud service providers, technical partners, or group entities maintain operations (which may include jurisdictions in Europe or Asia, depending on infrastructure and support functions).
  • These countries may have data protection laws that differ from those in Canada, and may not be deemed to provide the same level of protection as your home jurisdiction.
  • To help ensure that your personal data receives an adequate level of protection, we implement appropriate safeguards, which may include:
    • Contractual protections with our service providers and affiliates that require them to protect your data, such as standard contractual clauses or equivalent contractual measures where applicable.
    • Technical measures including encryption in transit and at rest, strict access controls, and data minimization.
    • Organizational policies and training to ensure that privacy and security are respected across our global operations.

By using the Site and providing personal data, you acknowledge that your data may be transferred to and processed in the United States and other jurisdictions as described in this Privacy Policy, subject to these safeguards and applicable law.

Data Retention

OBSERVE: Define periods and criteria. EXPAND: Differentiate across data categories. REFLECT: Align retention with legal, operational, and user rights considerations.

  • General principle: We retain personal data only for as long as is reasonably necessary for the purposes set out in this Policy, including for the duration of your use of Doubledown Casino and for any period required by law, regulation, or to resolve disputes.

Retention Periods by Category (Indicative)

  • Account and profile data: Retained for the lifetime of your account and for up to 5 years after account closure or last active use, to:
    • Respond to potential complaints or disputes.
    • Comply with legal obligations and enforce our terms.
  • Gameplay and behavioral data: Typically retained in identifiable form for up to 5 years after your last activity, then either anonymized or aggregated for long-term analytics where feasible.
  • Payment and transaction data: Retained for at least 5 - 7 years from the date of the relevant transaction, or longer where necessary for tax, accounting, and legal obligations in relevant jurisdictions.
  • Customer support records: Retained for up to 5 years from the date of the last communication relating to the case, unless longer retention is required in connection with a dispute, investigation, or legal claim.
  • Marketing and consent records: Retained for as long as you remain subscribed or have not withdrawn your consent, and for a reasonable period (up to 3 years) thereafter to maintain proof of consent and compliance with marketing rules.
  • Technical logs and security data: Retained typically for 6 - 24 months, depending on the type of log and security requirements, with some aggregated or anonymized data kept for longer-term security analysis.

Deletion and Anonymization Criteria

  • When data is no longer required for the purposes for which it was collected, and no longer required to be kept under applicable law or for legitimate business interests (such as fraud prevention or dispute resolution), we will:
    • Delete or securely destroy it; or
    • Irreversibly anonymize it so that it can no longer be associated with you.
  • Upon your request and subject to applicable legal restrictions, we will also delete or anonymize certain personal data as described in the "Your Rights" section.

Your Rights

OBSERVE: Recognize key privacy rights similar to GDPR-style regimes and strong Canadian protections. EXPAND: Detail each right, procedures, timelines, costs. REFLECT: Provide robust, user-centric guarantees suitable for international best practice alignment.

Overview of Your Rights

Subject to applicable law and certain limitations, you have the following rights with respect to your personal data:

  • Right of access: To obtain confirmation as to whether we process your personal data and to receive a copy of such data, together with certain information about how we use it.
  • Right to rectification: To request correction of inaccurate or incomplete personal data.
  • Right to deletion (erasure): To request deletion of your personal data where, for example, it is no longer necessary for the purposes for which it was collected, or where you have withdrawn consent and there is no other lawful basis for processing.
  • Right to restriction of processing: To request that we limit the processing of your data in specific circumstances (e.g., while we verify its accuracy or consider an objection).
  • Right to object: To object to processing based on our legitimate interests, including profiling. We will consider your objection and stop processing unless we demonstrate compelling legitimate grounds or where processing is necessary for legal claims.
  • Right to data portability: Where technically feasible and applicable, to receive certain personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller.
  • Right to withdraw consent: Where processing is based on your consent (e.g., marketing communications, certain cookies), you may withdraw that consent at any time, without affecting the lawfulness of processing prior to withdrawal.
  • Right not to be subject to purely automated decisions with significant effects: To the extent such decisions are made, you may request human review and express your point of view, in line with applicable law.

How to Exercise Your Rights

  1. Submission of request: You may exercise your rights by:
    • Emailing us at [email protected] or [email protected] with "Privacy Request" in the subject line; or
    • Using the contact form at https://doubledown-ca.com/contact and selecting the relevant privacy option, where available.
  2. Verification: We may ask you for additional information reasonably necessary to verify your identity and to ensure that we are acting on a request from the correct individual (for example, confirming access to your registered email or account ID).
  3. Response timeframe: We aim to respond to all valid requests without undue delay and, in any event, within 30 days of receipt. If your request is complex or if we receive a high volume of requests, we may extend this period by a further 30 days. In such cases, we will inform you of the extension and the reasons for it.
  4. Fees: We will generally respond to your requests free of charge. However, where requests are manifestly unfounded, repetitive, or excessive, we may charge a reasonable fee or refuse to act on the request, as permitted by law.
  5. Limitations: Certain legal obligations or overriding legitimate interests may mean that we cannot fully comply with your request (e.g., where we must retain data for accounting, dispute resolution, or legal compliance). We will inform you where such limitations apply.

These rights are aligned with widely recognized international standards, such as those reflected in the EU General Data Protection Regulation-type frameworks, and are applied by us in a manner appropriate for Canadian users and other applicable jurisdictions.

Cookies & Tracking Technologies

OBSERVE: Classify cookie types and management options. EXPAND: Describe functional, analytics, and advertising roles. REFLECT: Offer users clear control mechanisms.

Types of Cookies We Use

  • Strictly necessary / functional cookies: Required for the operation of doubledown-ca.com, such as enabling basic navigation, login sessions, security features, and core gameplay functionality. These cookies are usually set in response to actions you take, such as setting your preferences or logging in.
  • Preference cookies: Remember your settings and choices (e.g., language, display preferences, sound settings) so that you do not need to configure them each time you visit.
  • Analytics and performance cookies: Help us understand how visitors use the Site (e.g., which pages are most popular, how long users spend on each page, error messages) and improve performance and user experience. Data collected is typically aggregated and used to produce statistics.
  • Advertising and targeting cookies: May be set by us or our advertising partners to build a profile of your interests and show you relevant advertisements on this and other websites or apps, and to measure the effectiveness of marketing campaigns. These cookies operate by uniquely identifying your browser and device.

Managing Cookies

  • You can manage or disable non-essential cookies through:
    • Your browser settings, where you may block or delete cookies. Please note that blocking certain cookies may impact your experience on the Site and some features may not function properly.
    • Any cookie consent or preferences panel that we may provide on doubledown-ca.com, allowing you to accept or reject specific categories of cookies (where applicable).
  • For more information about cookies in general, including how to see what cookies have been set and how to manage and delete them, you may consult your browser's help section or independent resources made available by consumer protection organizations.

Data Security

OBSERVE: Identify key security controls. EXPAND: Describe technical, organizational, and procedural measures. REFLECT: Ensure alignment with industry best practices and user assurance.

Technical Measures

  • Encryption in transit: We use Transport Layer Security (TLS) version 1.2 or higher to encrypt data transmitted between your device and our servers, helping to prevent interception or tampering.
  • Encryption at rest: Where appropriate, we use industry-standard encryption to protect stored data, especially for sensitive data categories.
  • Access controls: We implement strict access controls, including role-based access, unique user accounts for staff, and multi-factor authentication wherever feasible, to limit access to personal data to those who need it for their job duties.
  • Network and infrastructure security: We use firewalls, intrusion detection and prevention systems, and continuous monitoring to secure our infrastructure against unauthorized access and attacks.

Organizational and Procedural Measures

  • Staff training: Employees and contractors who handle personal data receive data protection and security awareness training, and are bound by confidentiality obligations.
  • Policies and governance: We maintain internal policies and procedures covering data protection, access management, incident response, and secure development practices.
  • Vendor due diligence: We conduct appropriate due diligence and impose contractual security requirements on third-party service providers who process data on our behalf.
  • Security reviews and audits: We periodically review our security controls and may engage independent experts to assess our security posture, drawing on recognized international standards such as ISO 27001 and SOC 2 as benchmarks where appropriate.

Incident Response

  • We maintain procedures to detect, investigate, and respond to potential data breaches or security incidents.
  • In the event of a security incident affecting your personal data, we will take appropriate steps to contain and remediate the incident, and, where required by law, notify you and/or relevant authorities without undue delay.

Despite our efforts, no system can be guaranteed 100% secure. You also play an important role in keeping your data safe by maintaining the confidentiality of your account credentials and promptly notifying us of any suspected unauthorized use of your account.

Complaints & Contacts

OBSERVE: Provide multiple channels for questions and complaints. EXPAND: Detail internal escalation and external supervisory options. REFLECT: Offer transparent, time-bound processes tailored for Canadian users and aligned with international practice.

Contacting Us

  • General and privacy inquiries: [email protected]
  • Player support and account-related privacy issues: [email protected]
  • Online contact form: https://doubledown-ca.com/contact
  • Postal: DoubleDown Interactive LLC, Attn: Data Protection Department, Seattle, Washington, USA (complete mailing details available via official corporate records or upon request).

Internal Complaint Procedure

  1. Submission: Send us a clear description of your concern or complaint, including relevant dates, account details, and any supporting evidence, via email or the contact form.
  2. Acknowledgement: We will acknowledge receipt of your complaint as soon as reasonably possible, typically within 5 business days.
  3. Investigation: Your complaint will be reviewed by our Data Protection Department or another appropriate internal team. We may contact you for additional information if needed.
  4. Response: We aim to provide a substantive response within 30 days from receipt of your complete complaint. If we require more time due to complexity, we will inform you of the delay and expected resolution timeframe.
  5. Escalation: If you remain dissatisfied with our response, you may request further internal review, which will be conducted by a senior member of our compliance or legal team where appropriate.

External Recourse

If you are not satisfied with our handling of your personal data or our response to your complaint, you may have the right to contact a competent data protection or privacy authority in your jurisdiction. For users in Canada, this may include:

  • Office of the Privacy Commissioner of Canada (OPC)
    Website: https://www.priv.gc.ca
    Complaints information: https://www.priv.gc.ca/en/report-a-concern/
  • Depending on your province, you may also have the option to contact a provincial privacy commissioner (for example, in Alberta, British Columbia, or Quebec). Refer to your local authority's website for details.

Nothing in this Privacy Policy limits any rights you may have to lodge a complaint with such authorities under applicable law.

Updates

OBSERVE: Define change management. EXPAND: Explain notification methods, versioning, and user options. REFLECT: Provide predictable, transparent update procedures through 2026.

Changes to This Policy

  • We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.
  • When we make material changes, we will:
    • Update the "Last updated" date at the end of this Policy; and
    • Provide additional prominent notice, which may include:
      • Displaying a banner or pop-up message on doubledown-ca.com.
      • Sending an email notification to the address associated with your account, where appropriate.
      • Providing an in-account or in-game notification.

Advance Notice and User Choices

  • For significant changes that materially affect your rights or the way we process your data, we will strive to provide advance notice of at least 30 days before the changes take effect, where practicable.
  • During this notice period, you may:
    • Review the updated Policy carefully to understand the changes.
    • Adjust your privacy settings, withdraw consent where applicable, or exercise other rights described in this Policy.
    • Choose to discontinue use of Doubledown Casino and request account closure if you do not agree with the updated Policy.

Continued use of doubledown-ca.com after the effective date of any updated Privacy Policy will constitute your acknowledgment and, where required, your acceptance of the changes.

Last updated: January 2026