burger icon
Motherland Сasino
Log In

Privacy Policy

This Privacy Policy explains how mother-land at https://mother-land-ca.com collects, uses, discloses, and protects personal information. It applies to players, account holders, and visitors who access our Canadian website and related services. Effective date: 01 October 2025.

Observe: Canadian users require clear notice of practices under PIPEDA and substantially similar provincial laws.

Expand: Policy covers website visitors, registered players, and prospective users; includes cookies and cross-border transfers.

Reflect: This document provides layered transparency, practical controls, and complaint routes aligned with Canadian requirements.

Who We Are

Observe: Identify the operator, legal seat, and governance for privacy accountability.

Expand: Corporate details enable exercising rights and regulatory oversight across borders.

Reflect: We designate a privacy lead and provide contact channels suitable for Canadian residents.

  • Operator of record: MIBS N.V., a company incorporated in Curaçao (Company No. 162031).
  • Registered/Legal address: Zuikertuintjeweg Z/N (Zuikertuin Tower), Willemstad, Curaçao.
  • Trading name and site for Canada: mother-land, operated via https://mother-land-ca.com.
  • Data Protection Office (privacy lead): Attention: Data Protection Office, MIBS N.V., Zuikertuintjeweg Z/N (Zuikertuin Tower), Willemstad, Curaçao.
  • How to contact us about privacy: Use the "Contact" or support section available on https://mother-land-ca.com or write to the postal address above. If you hold an account, you may also use secure in-account messaging for privacy requests. We currently do not operate a telephone line dedicated to privacy inquiries.

Regulatory note: Licensing and corporate registrations referenced in public sources remain subject to clarification. Privacy compliance is provided irrespective of gaming licensure status.

What Personal Data We Collect

Observe: Users need a precise list of data categories.

Expand: Gaming operations require KYC/AML, device, and behavioral data to operate safely.

Reflect: Collection is proportional to services provided and legal obligations.

  • Identity and contact data: name, date of birth, residence address, email, phone; government ID and verification images (e.g., passport, driver's licence), proof of address, and age verification results.
  • Account and usage data: username, profile settings, security credentials (hashed), support communications, preferences, responsible gambling settings.
  • Technical data: IP address, device identifiers, operating system, browser, screen resolution, language, time zone, referral URLs, session timestamps, error logs, crash reports.
  • Geolocation and fraud signals: coarse geolocation derived from IP, device/network signals, velocity checks, device fingerprinting consistent with applicable law.
  • Payment and transactional data: deposit/withdrawal amounts, methods, masked card or account tokens, payment processor references, chargebacks, tax and AML screening results.
  • Gameplay and behavioral data: game sessions, bets, wins/losses, return-to-player interactions, bonuses used, clickstream, feature engagement.
  • Cookies and similar technologies: session and persistent cookies, local storage, SDKs, pixels, analytics tools; see Cookies section for details.
  • Special categories: We do not intentionally collect sensitive health data. We may process sanctions/PEP screening results required for AML/KYC compliance.
  • Minors: We do not knowingly collect data from anyone below the legal gambling age in their province/territory (18 or 19, as applicable). Accounts suspected to be underage are closed and data deleted subject to legal holds.

Legal Basis for Processing

Observe: Canadian law (PIPEDA and similar provincial laws) requires meaningful consent and appropriate purposes.

Expand: Some processing is necessary to perform a requested service or comply with law; limited reliance on legitimate business purposes is applied proportionately.

Reflect: We align purposes to what a reasonable person would consider appropriate in the circumstances.

  • Consent: Provided when you create an account, use the site, accept cookies, or opt in to marketing. You may withdraw consent to non-essential uses at any time.
  • Contractual necessity: To open, verify, and operate your account; process payments and withdrawals; deliver games; provide customer support; honor bonuses and promotions.
  • Legal obligations: To meet KYC/AML, counter-fraud, sanctions screening, reporting, record-keeping, tax, and responsible gambling obligations, as applicable.
  • Legitimate business purposes (appropriateness test): Security, fraud prevention, service analytics, service improvement, and internal reporting, balanced against your privacy interests and with opt-outs where required.

Purpose of Processing

Observe: Users expect a clear mapping of data to purposes.

Expand: Security, compliance, and service improvement are core to gaming operations.

Reflect: Non-essential purposes are optional and controllable.

  • Service delivery: Account registration, age and identity verification, access to games, payments, customer support.
  • Safety and integrity: Fraud detection, account security, risk scoring, incident prevention and response, responsible gambling tools.
  • Compliance: KYC/AML checks, sanctions screening, statutory reporting, record-keeping.
  • Analytics and improvement: Site performance, user experience optimization, feature development, A/B testing using aggregated or de-identified data where possible.
  • Marketing and personalization: With consent where required: offers, newsletters, bonuses, and tailored content; you may opt out at any time.
  • Business administration: Accounting, audits, dispute management, and corporate governance.

Disclosure & Sharing

Observe: Disclosures must be specific and conditional.

Expand: We use third parties essential to operate a compliant casino service.

Reflect: We contractually require recipients to protect personal information.

  • Payment partners: Banks, card schemes, payment processors, and anti-fraud providers to process deposits/withdrawals and prevent fraud.
  • Identity/KYC/AML vendors: Document verification, sanctions/PEP screening, geolocation, and risk-scoring providers.
  • Technology and hosting: Cloud hosting, content delivery networks, security monitoring, error logging, and analytics (advertising networks only with your consent where required).
  • Affiliates and marketing partners: For referral attribution and, with consent, marketing communications; data is shared on a need-to-know basis with controls.
  • Regulators and authorities: Where required or permitted by law (e.g., AML reporting, lawful access requests, dispute resolution, chargeback investigations).
  • Corporate transactions: In the context of merger, acquisition, financing, or sale of assets, subject to confidentiality and continued protections.
  • With your direction: When you request or consent to a specific disclosure.

International Transfers

Observe: Data may be processed outside Canada, including Curaçao and other jurisdictions.

Expand: PIPEDA requires comparable protection via contractual measures when transferring to service providers abroad.

Reflect: We disclose locations and safeguards and remain accountable for third parties processing on our behalf.

  • Locations: Data may be accessed or stored in Curaçao (corporate operations) and in other countries where our vetted providers operate (including, potentially, the United States and the EU/EEA).
  • Safeguards: Contractual protections imposing confidentiality, security, and limited processing; vendor due diligence; technical controls (encryption, access controls); ongoing monitoring.
  • EEA/UK data (where applicable): We use European Commission-approved Standard Contractual Clauses and supplementary measures. For US vendors handling EEA data, participation in the EU-US Data Privacy Framework may be used where appropriate.
  • Your awareness: Foreign authorities may lawfully access data under their local laws; we assess risk and minimize transfers consistent with necessity.

Data Retention

Observe: Retention must be limited to what is necessary.

Expand: Gaming, payment, and AML functions impose minimum record-keeping periods.

Reflect: We apply defined schedules and securely delete or anonymize when no longer needed.

  • Account and identity (KYC) records: Retained for up to 5 years after account closure, unless a longer period (up to 7 years) is required for fraud, chargeback, or AML purposes.
  • Transactional and payment data: Up to 7 years for accounting, tax, and dispute defense.
  • Gameplay and behavioral logs: Up to 5 years after last activity, then aggregated or anonymized.
  • Support communications: 3 years from resolution, or longer if part of an active dispute.
  • Security and access logs: 24 months unless needed for investigations.
  • Marketing data: Until you withdraw consent or after 24 months of inactivity, whichever occurs first.
  • Cookies: Session cookies expire when you close your browser; persistent cookies typically last 6-24 months, per cookie purpose.
  • Deletion criteria: End of purpose; withdrawal of consent for non-essential processing; expiry of legal limitation periods; successful erasure request where applicable.

Your Rights

Observe: Canadians must be able to access, correct, and challenge compliance within defined timeframes.

Expand: Some users may benefit from additional rights under other regimes when applicable (e.g., GDPR, Mexico).

Reflect: We provide consistent procedures, verification, and timely responses.

  • Access (PIPEDA/AB/BC/Quebec): Request a copy of your personal information and information about its use and disclosure. We respond within 30 days or inform you of delays with reasons.
  • Correction/rectification: Request correction of inaccurate or incomplete data. If we disagree, you may add a statement of disagreement to your file.
  • Withdrawal of consent: You may withdraw consent to non-essential processing (e.g., marketing) at any time; this does not affect processing required to provide the service or meet legal obligations.
  • Restriction/objection (where applicable): You may ask us to pause certain processing where you contest accuracy or necessity; we will assess under the appropriateness test and applicable law.
  • Portability (good-faith facilitation): While not mandated by PIPEDA, we will, where feasible, provide commonly used, machine-readable exports of core account data.
  • Complaint and challenge compliance: You may challenge our compliance with applicable privacy laws; see Complaints & Contacts.

EU/EEA/UK residents (if applicable): GDPR rights include access, rectification, erasure, restriction, portability, and objection, plus the right to lodge a complaint with your supervisory authority.

Mexico residents (if applicable): Under Mexico's LFPDPPP, ARCO rights (Access, Rectification, Cancellation, Opposition) apply; see Complaints & Contacts for INAI details.

How to exercise: Submit a request through the contact options stated in Who We Are. We may request identity verification. We generally respond within 30 days. Requests are free of charge, except where permitted by law for manifestly unfounded/excessive requests or for reasonable reproduction costs.

Cookies & Tracking Technologies

Observe: Transparency about tracking is essential.

Expand: Classify cookies by duration and purpose with user controls.

Reflect: Users can manage preferences via browser and our on-site tools.

  • Types:
    • Session cookies: deleted when you close your browser.
    • Persistent cookies: remain for a set period (typically 6-24 months).
    • Third-party cookies/SDKs: analytics, performance, fraud prevention, and (with consent) advertising.
  • Purposes:
    • Strictly necessary/functional: login, account security, load balancing, payment flows.
    • Analytics/performance: site usage metrics, error diagnostics, feature improvement.
    • Advertising/marketing (opt-in where required): personalized offers, campaign measurement, affiliate attribution.
    • Security/fraud: bot detection, abuse prevention, session integrity.
  • Controls: Use your browser settings to block or delete cookies. Where available, use our on-site cookie preferences tool to opt out of non-essential cookies. Blocking essential cookies may impair service functionality. We honor your choices but do not respond to Do Not Track signals due to industry inconsistency.

Data Security

Observe: Users need assurance of robust protections.

Expand: Combine technical, organizational, and procedural safeguards.

Reflect: Security is risk-based and continuously improved.

  • Encryption: TLS 1.2+ for data in transit; industry-standard encryption (e.g., AES-256) for data at rest where applicable.
  • Access controls: Role-based access, least-privilege, multi-factor authentication for administrative access, strict credential management.
  • Network and application security: Firewalls, WAF, DDoS mitigation, vulnerability scanning, secure SDLC, code reviews, and regular penetration testing by vetted providers.
  • Monitoring and logging: Centralized logging, anomaly detection, alerting, and incident response runbooks.
  • Organizational measures: Background-checked staff where lawful, confidentiality obligations, periodic privacy and security training.
  • Vendor management: Due diligence, contractual security clauses, and continuous oversight of service providers.
  • Standards alignment: Our controls are designed with reference to ISO/IEC 27001 and SOC 2 principles. We may engage service providers that maintain such certifications.
  • Incident response: We investigate and remediate security events. Where a breach creates a real risk of significant harm, we will notify affected individuals and regulators as required by law.

Complaints & Contacts

Observe: Clear channels and escalation paths are required.

Expand: Canadian users can complain to the OPC or provincial authorities; other regimes may apply based on residence.

Reflect: We provide stepwise procedures and timelines.

  1. Contact us first: Submit your question or complaint via the contact options in Who We Are. Provide enough detail for us to identify your account and the issue. We acknowledge receipt promptly.
  2. Our review: We investigate and aim to resolve within 30 days. If more time is needed, we will inform you of the reason and expected timeline.
  3. Escalation (Canada): If unresolved, you may contact:
    • Office of the Privacy Commissioner of Canada (OPC): https://www.priv.gc.ca/en/contact-the-opc/
    • Alberta OIPC: https://oipc.ab.ca
    • BC OIPC: https://www.oipc.bc.ca
    • Quebec Commission d'accès à l'information (CAI): https://www.cai.gouv.qc.ca
  4. Escalation (EU/EEA/UK, if applicable): Contact your local supervisory authority. A list is available via the EDPB: https://edpb.europa.eu/about-edpb/about-edpb/members_en
  5. Escalation (Mexico, if applicable): Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI): https://www.inai.org.mx

Data Protection Office (mailing): Attention: Data Protection Office, MIBS N.V., Zuikertuintjeweg Z/N (Zuikertuin Tower), Willemstad, Curaçao.

Updates

Observe: Users must be informed of changes with appropriate notice.

Expand: Material changes warrant advance notice and user options.

Reflect: We practice versioning and transparent changelogs.

  • Notification methods: Email notices (where available), in-account alerts for registered users, and prominent website banners on https://mother-land-ca.com.
  • Advance notice: For material changes (e.g., new categories of data, new purposes, new third-party types), we provide at least 30 days' notice before they take effect, unless required sooner by law or for security reasons.
  • User options: You may object to new non-essential processing, adjust preferences, or close your account before the effective date of material changes.
  • Version control: We maintain a changelog summarizing material updates.
    • v2025.10: Comprehensive Canadian alignment; clarified international transfers; expanded rights and complaints; refined retention schedules.
  • Last updated: October 2025.

Regional compliance note: This policy is designed to meet Canada's PIPEDA and substantially similar provincial laws. Where you are protected by another regime (e.g., GDPR, Mexico's LFPDPPP), those rights are respected alongside this policy, as described above.