Switch Switch to
Switch to
ISO/IEC 27001
certification service


eGaming Compliance Services Limited (“eCOGRA”, “we”, “us”, or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains when and why we collect personal data from individuals, how we use it, the conditions under which we may disclose it to others, how we keep it secure and provides information regarding the rights of individuals.
Personal data is defined as any information relating to an identified or identifiable living/ natural person (“data subject”) that is not already in the public domain. eCOGRA will process any personal data provided to us whether obtained via the eCOGRA self-regulatory services, newsletter, testing agency services or any other means, or otherwise held by us relating to you in the manner set out in this Privacy Policy or as otherwise stated at the point of collection.

Personal Data We Collect

When collecting and using personal data, our policy is to be transparent about why and how we process personal data. eCOGRA will only process personal data to the extent that at least one of the following applies:  
Through your interaction with eCOGRA lines of business, eCOGRA may collect personal data that identifies an individual or relates to an identifiable individual.

• Dispute Resolution Services

By submitting a dispute to eCOGRA we collect and process personal data. This may or may not include a player’s name, surname, address, contact number, email address, identification document, utility bills and other information that is necessary for adequately investigating the dispute.

• eCOGRA Newsletter

Through subscribing to eCOGRA news, we obtain a subscriber’s name, email address and role in the industry.

• Testing Agency and Self-Regulatory Services

In performing our testing services, we may review or process personal data such as an individual’s name, surname, email address, identification number, phone number and other information that is necessary for adequately performing our testing services.

• Prospective Employees

When individuals apply to work for us, we may collect and process personal data in terms of our Human Resources policies and procedures. Personal data may include an individual’s name, surname, address, contact number, email address, identification document, utility bills and other information that is necessary to perform the recruitment process and define the contractual obligations with the prospective employee.

Purpose for Collection

eCOGRA will only use your personal data for the purpose for which it was collected, unless we obtain your specific consent to other uses, or unless otherwise required or permitted by law or professional standards:

• Dispute Resolution Services

eCOGRA obtains personal data of players through the various dispute forms on the eCOGRA Website to enable us to handle any disputes you may have with a Great Britain Gambling Commission licence holder or eCOGRA approved seal holder

• eCOGRA Newsletter

eCOGRA Public Relations (“PR”) may send you PR and marketing information relating to new eCOGRA clients, new eGAP seal holders, updates to self-regulatory requirements, eCOGRA’s achievements, the achievements of our client’s where eCOGRA has been involved, new executive level staff, and new services offered by eCOGRA.
While eCOGRA has performed an exercise to obtain informed reconsent from our clients for sending email press releases each correspondence will contain an easy means to opt out of further communication. Opting out of marketing communication does not opt the individual out of further correspondence with an eCOGRA representative based on the services we offer to the client organisation

• Testing Agency and Self- Regulatory Services

In order to fulfil our contractual and legal obligations as a Testing Agency we may review or process personal data in order to effectively perform our testing.

• Prospective Employees

We only obtain and process personal data of prospective employees in accordance with our Human Resources policies and procedures and to fulfil staffing requirements.

Sharing of Personal Data

eCOGRA will not sell, rent or share your personal data to third parties. However, eCOGRA may disclose your personal data to meet legal obligations, regulations, or valid governmental requests.

Personal Data Security

The security of your personal data is very important to eCOGRA. We use industry-standard methods and mechanisms, such as firewalls, encryption, intrusion monitoring, and passwords to protect electronic information. Multiple physical security methods, such as locking devices and 24-hour premise monitoring, are also employed. Access to personal data is limited and on a need-to-know basis.

Retention and Storage of Personal Data

We review our retention periods for personal data on a regular basis. We are legally required to hold certain types of information to fulfil our statutory obligations (for example licensing conditions). We will hold your personal data on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Personal data is stored on servers located in South Africa and is processed and secured as per the South African Protection of Personal Information Act (POPI). Personal data is also backed up to servers in Dublin and the Netherlands

Your Rights as a Data Subject

At any point whilst eCOGRA is in possession of or processing your personal data, all data subjects have the following rights:  
In the event that eCOGRA refuses your request under rights of access, we will provide you with a reason as to why, which you have the right to legally challenge.
eCOGRA at your request can confirm what information it holds about you and how it is processed.

You can request the following information:


If you wish to complain about our use of personal data, please send an email with the details of your complaint to info@ecogra.org. We will assess and respond to any complaints we receive within a timely manner.
You also have the right to lodge a complaint with the Information Commissioner's Office (“ICO”) (the United Kingdom’s data protection regulator). For further information on your rights and how to complain to the ICO, please refer to the ICO Website.

Changes to our Privacy Policy

Any changes made to eCOGRA’s Privacy Policy in the future will be posted on this page and any such changes will become effective upon posting of the revised Privacy Policy. If eCOGRA makes any material or substantial changes to this Privacy Policy, we will use reasonable endeavours to inform you via a notice on the eCOGRA Website or other agreed communications channels.
eCOGRA’s Privacy Policy was last updated 16/05/2018.
All contents of this Website are Copyright eCOGRA Trust © 2003-Present, eCOGRA and/or its licensors. All rights reserved. Various names and logos mentioned or displayed on this Website may be the trademarks of their respective owners and/or licensors.