Legal

Privacy & Cookies Policy

Last updated / Effective: 23 June 2026

This Privacy Policy explains how 3-102-943085 Sociedad de Responsabilidad Limitada ("3-102-943085 S.R.L.", "Raize", "we", "us"), which operates the Raize online poker platform at raize.poker, collects, uses, shares and protects your personal data, and your rights over it.

We are committed to processing your personal data in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR"), the UK GDPR and Data Protection Act 2018, and the data-protection requirements of our Anjouan gaming licence.

1. Who is responsible for your data (controller)

The data controller is 3-102-943085 S.R.L., registered office San José, Escazú, San Rafael, Guachipelín, 400 m north of Construplaza, Latitud Norte Building, 3rd Floor, c/o Quatro Legal, Costa Rica. For any privacy matter, contact us at admin@raize.poker.

We do not offer the Service to residents of the European Union, the European Economic Area or the United Kingdom (see our Terms, Restricted Territories). We nonetheless apply the data-protection standards set out in this Policy as a matter of good practice and to meet the data-protection conditions of our Anjouan licence.

2. The personal data we collect

We collect this from you directly, automatically as you use the Service, and from third parties (identity-verification, sanctions/PEP, fraud-prevention, blockchain-analytics and payment providers).

3. How we use your data and our lawful bases

PurposeLawful basis (GDPR/UK GDPR)
Create and operate your Account; provide gamesContract (Art 6(1)(b))
Notify your introducing/managing agent that your Account is linked to them, and share limited account details so they can help manage and support your AccountLegitimate interests (Art 6(1)(f)) — operating our agent/introducer programme and supporting account management; this is the basis for all agent-linked Accounts (including where your Account was created by, or later assigned to, an agent), and you may object (§8). Contract (Art 6(1)(b)) may additionally apply where you registered through an agent.
Identity verification / KYC (incl. biometric facial check)Legal obligation (Art 6(1)(c)) + legitimate interests (Art 6(1)(f)); plus Art 9 condition for biometric data — see §6
AML/CFT, sanctions screening, fraud prevention, source-of-fundsLegal obligation (Art 6(1)(c)); legitimate interests (Art 6(1)(f)); substantial public interest (Art 9(2)(g)) for any special-category data
Process crypto deposits/withdrawalsContract (Art 6(1)(b)); legal obligation (Art 6(1)(c))
Game integrity, anti-collusion/anti-bot, dispute resolution, live-dealer recordingLegitimate interests (Art 6(1)(f)); legal obligation (Art 6(1)(c))
Responsible-gaming monitoring and toolsLegal obligation (Art 6(1)(c)); legitimate interests; substantial public interest / explicit consent for any health-related inference
Marketing (where permitted / where you consented)Consent (Art 6(1)(a)) or legitimate interests, per local law
Improve and secure the Service; analyticsLegitimate interests (Art 6(1)(f))
Comply with regulators, courts and lawLegal obligation (Art 6(1)(c))

Where we rely on legitimate interests, we have balanced them against your rights; you may object (§8).

4. Marketing

We will only send you gambling marketing in line with applicable law and your preferences. You can opt out at any time via your Account settings or the unsubscribe link in any message. We do not market to minors, self-excluded players, or persons who have asked us to stop, and we never present gambling as a solution to financial problems.

5. Who we share your data with

We do not sell your personal data.

6. Biometric data & facial verification (Youverse) — sensitive data

This section explains how we handle your biometric data. Please read it before completing verification. We ask for your separate, explicit consent to this processing, as described below.

6.1 What we collect and why

To meet our legal and licensing obligations (age verification, KYC and anti-money-laundering) and to prevent fraud and underage gambling, we require you to complete a facial verification check during onboarding (and sometimes again later). Using your device camera, you provide a selfie or short video, which is processed through our verification provider Youverse. This processes biometric data, including:

Where we also verify a government-issued identity document, your selfie may be compared with the photo on that document.

6.2 This is "special category" data

Because this data is used to uniquely identify you, it is "special category" biometric data under Article 9 GDPR / UK GDPR. The law requires us to have both a general lawful basis (Article 6) and a separate Article 9 condition before we process it.

6.3 Our lawful bases

6.4 Your explicit consent, and your right to withdraw it

We ask for your explicit, separate consent to the biometric processing before the check, with clear information about what is processed and why. You can withdraw your consent at any time by contacting admin@raize.poker. Withdrawing consent (or declining the check) means we cannot complete the verification the law requires, so we will not be able to open or maintain your Account or allow real-money play, and we may close your Account and return any undisputed Player Funds after our checks. Withdrawal does not affect processing carried out before withdrawal, or processing we must continue for AML record-keeping.

6.5 Youverse's role and where your data is processed

The facial-verification service is provided by Youverse (YooniK – Privacy and Authentication Systems, S.A., a company incorporated in Portugal, EU). Under our agreement, Youverse acts solely as our data processor and processes your data only to provide the verification service to us; it does not use your biometric data for its own purposes. Any data Youverse uses to improve its own services is anonymised so that it no longer identifies you.

Your biometric data is processed within the European Union (on cloud infrastructure located in Ireland), where strong data-protection law applies. Youverse uses a privacy-protective, decentralised design: where a facial template is retained, it is hashed and split into parts stored separately, so there is no central database that could expose your biometric information. Youverse maintains information-security safeguards aligned with the ISO/IEC 27001 standard, and its liveness technology is independently tested to the ISO/IEC 30107 presentation-attack standard.

6.6 Retention and deletion of biometric data

Your biometric data is kept only for as long as necessary. For document/identity checks, Youverse does not persist or store your identity-verification data on its servers after a verification is completed. Where a facial template is retained to support facial log-in/authentication, it is held only in the hashed, split form described above for as long as your Account uses that feature, and is deleted when you stop using it or close your Account. Raize itself retains only the verification result (pass/fail) and a record that verification took place, for the five-year period required by anti-money-laundering law (§7).

6.7 International transfer of biometric data

Where Youverse or its infrastructure processes your data outside your country, we protect that transfer with appropriate contractual and security safeguards — see §10.

7. How long we keep your data (retention)

When data is no longer needed, we delete or anonymise it.

8. Your data-protection rights

Subject to law, you have the right to: access your data; rectify inaccurate data; request erasure; restrict or object to processing; data portability; withdraw consent at any time (including biometric consent, §6.4); and not be subject to solely automated decisions with legal/significant effects without safeguards. To exercise any right, contact admin@raize.poker. We respond within one month (extendable for complex requests). Some rights are limited where we must keep data to meet AML, licensing or other legal obligations.

You also have the right to complain to a data-protection authority in your country of residence, where one exists. Please raise any concern with us first at admin@raize.poker; you may also contact our licensing authority, Anjouan Licensing Services Inc.

9. Cookies and tracking

We use cookies and similar technologies to operate the Service (essential cookies), remember preferences, provide security, and measure and improve performance. Non-essential cookies (analytics, marketing) are used only with your consent through our cookie banner, which you can change at any time.

10. International data transfers

We may transfer personal data to recipients (including Youverse and other providers) in other countries. Where we do, we put in place appropriate contractual and security safeguards — such as data-processing agreements and recognised standard contractual clauses — so that your data continues to receive a high standard of protection, and we assess the risks of each transfer. Copies of the safeguards we use are available on request at admin@raize.poker.

11. Data security

We use technical and organisational measures to protect your data, including TLS/SSL encryption in transit, encryption of sensitive data at rest, access controls, two-factor authentication, firewalls and intrusion detection, and regular testing. No system is completely secure; please protect your own credentials.

12. Personal data breaches

If a personal-data breach is likely to result in a risk to your rights, we will notify the competent supervisory authority within 72 hours where required, and affected individuals where the risk is high. We will also notify Anjouan Licensing Services Inc. within 24 hours of a major incident such as a data breach, as required by our licence.

13. Children

The Service is strictly for adults aged 18+. We do not knowingly collect data from anyone under 18; if we learn we have, we delete it and close the Account.

14. Changes to this Policy

We may update this Policy. We will post the revised version with a new "Effective" date and, for material changes (including to biometric processing), give prominent notice and, where required, seek fresh consent.

15. Contact

Data controller: 3-102-943085 S.R.L. (trading as Raize). Privacy contact: admin@raize.poker. Licensing authority: Anjouan Licensing Services Inc., 15619 Hamchako, Mutsamudu, Autonomous Island of Anjouan, Union of the Comoros.