Privacy Policy and Personal Data Protection - Mostbet App 2026 | Official APK for Android & iOS, Free Download

Last updated: October 26, 2025

Version: 3.2

Introduction

Mostbet (hereinafter — "We", "Our Company", "Platform") takes the privacy and personal data of its users seriously. This Privacy Policy sets out how we collect, use, store, transmit, and protect your personal data:

✅ GDPR (General Data Protection Regulation, EU 2016/679) — for European Union users
✅ CCPA (California Consumer Privacy Act) — for users in California, USA
✅ UK Data Protection Act 2018 — for UK users
✅ Curaçao data protection law — the jurisdiction of our license
✅ Local data protection laws in the countries where we operate

By using our services (website, mobile application, software), you agree to the terms of this Privacy Policy.

Important: If you don't accept the terms of how we process your data, please don't use our platform.

Data Controller

Personal data controller:

Bizbon N.V.

Abraham de Veerstraat 9

Willemstad, Curaçao

Registration number: 152125

Email: privacy@mostbetapk.asia

Data Protection Officer (DPO):

Email: dpo@mostbetapk.asia

Response time: within 72 hours

What personal data we collect

We gather only the data needed to deliver our services, keep things secure, and meet legal requirements.

1️⃣ Identification data

Data that lets us identify you as a unique user:

Full name (first name, last name, father's name)
Date of birth (to confirm you're 18+)
Citizenship and country of residence
Identity document number (passport, ID card, driver's license)
Registration address and actual residential address
Mobile phone number (with country code)
Email address

Source: supplied by you at registration and verification (KYC).

2️⃣ Financial data

Details about your transactions and payment methods:

Deposit history: date, amount, payment method, status
Withdrawal history: date, amount, withdrawal method, status
Source of funds (for AML compliance)
Banking details: account number, IBAN, SWIFT (for transfers only)
Electronic wallet numbers: Skrill, Neteller, WebMoney, and so on
Cryptocurrency wallet address: Bitcoin, USDT, Ethereum, and so on

Important: We don't store full bank-card details (CVV, the complete card number). Payment data is handled by PCI DSS Level 1 certified processors. We keep only:

The first 6 and last 4 digits of the card number (masked)
The card expiration date
The card type (Visa, Mastercard, etc.)

Source: supplied by you during deposits/withdrawals; received from payment providers.

3️⃣ Gaming activity

Details about how you use the platform:

Betting history: date, time, bet type, amount, odds, result
Casino games history: games played, bets, winnings
Bonus: activated bonus, wagering conditions, status
Responsible-gaming limits: the restrictions you've set
Gaming session time: duration, frequency

Source: generated automatically by our platform.

4️⃣ Technical data

Details about your device and connection:

IP address (for geolocation and security)
Device type: smartphone, tablet, computer
Operating system: Android, iOS, Windows, macOS (version)
Browser: Chrome, Safari, Firefox (version)
Screen resolution and language settings
Unique device identifier (Device ID)
Connection details: provider, speed, stability

Source: collected automatically as you use the platform.

5️⃣ Communications

Records of your interactions with us:

Live chat messages (conversation history)
Emails (incoming and outgoing)
Phone calls (recorded for quality control, with your consent)
Telegram, WhatsApp, Viber messages (when you reach support)
Reviews and complaints

Source: supplied by you during conversations with support.

6️⃣ Marketing preferences

Details about your interests and consents:

Consent to receive promotional material (email, SMS, push)
Product types that interest you: sports, casino, live games
Click history on email newsletters and push notifications
Preferred communication language

Source: supplied by you at registration; updated through profile settings.

7️⃣ Cookies and analytics data

Data collected by web technologies (see the "Cookies" section below):

Pages you visited on our website
Time spent on each page
Traffic source: direct access, search engines, ad campaigns
Clicks on interface elements and buttons
Behavior patterns: scrolling, hovering, clicking

Source: collected automatically via cookies, Google Analytics, pixels.

Why we use your data

We process your personal data strictly for legitimate purposes, which include:

1️⃣ Service provision (Contract fulfillment)

Registering and managing your account
Processing deposits and withdrawals
Placing bets and taking part in games
Calculating bonuses and wagering
Providing technical support

Legal basis: fulfillment of the contract (User Agreement).

2️⃣ Legal compliance (Legal obligation)

Identity verification (KYC) — confirming age 18+, preventing multi-accounting
Anti-money laundering (AML) — checking the source of funds, monitoring suspicious transactions
Sanctions-list checks — OFAC, UN, EU, Interpol
Regulatory reporting — passing data to the Curaçao Gaming Control Board
Cooperation with law enforcement — during official inquiries

Legal basis: meeting our legal obligations.

3️⃣ Security and fraud prevention (Legitimate interest)

Spotting and stopping fraudulent transactions
Detecting bonus-hunting and abuse
Guarding against account compromise (bruteforce, phishing)
Monitoring DDoS attacks
Detecting bots and automated betting systems

Legal basis: our legitimate interest in protecting the platform and its users.

4️⃣ Marketing and personalization (Consent)

Sending promotional email newsletters about bonuses, promotions, and new games
Sending SMS and push notifications about special offers
Targeted advertising through partners (Google Ads, Facebook Ads)
Personalized game and betting offers

Legal basis: your explicit consent (which you can withdraw at any time).

5️⃣ Analytics and service improvement (Legitimate interest)

Analyzing user behavior to refine the interface
A/B testing new features
Studying which games and sports are most popular
Optimizing load speed and performance

Legal basis: our legitimate interest in raising the quality of our service.

Who we share your data with

We don't sell your personal data to third parties. We may, however, pass data to these categories of recipients:

1️⃣ Payment processors

For handling deposits and withdrawals:

Venson Ltd (Cyprus) — our main payment operator
Skrill, Neteller, ecoPayz — electronic wallets
Visa, Mastercard processors — bank cards
Coinbase, Binance Pay — cryptocurrency transactions

Data shared: name, email, transaction amount, payment method.

Protection: every processor holds PCI DSS Level 1 certification.

2️⃣ Game and sports data providers

For delivering content:

Evolution Gaming, Pragmatic Play, NetEnt — live casino and slots
Sportradar, Betradar — sports data and odds
Spribe — the Aviator game

Data shared: user ID (pseudonymized), game history.

Protection: data-protection agreements (DPA — Data Processing Agreements).

3️⃣ Verification and control services (KYC/AML)

For regulatory compliance:

Sumsub, Onfido — biometric document verification
ComplyAdvantage, Dow Jones — sanctions-list and PEP checks
SEON, Sift — fraud monitoring

Data shared: name, date of birth, document number, document photo.

Protection: GDPR compliant, ISO 27001 certified.

4️⃣ Analytics and marketing platforms

For analysis and advertising:

Google Analytics — web-traffic analysis
Facebook Pixel, TikTok Pixel — retargeting
AppsFlyer, Adjust — mobile-traffic attribution
Mailchimp, SendGrid — email newsletters

Data shared: IP address, cookies, web behavior, email (hashed for targeting).

Protection: data-protection agreements, with an opt-out option.

5️⃣ Cloud hosting providers

For data storage:

Amazon Web Services (AWS) — servers in Ireland (EU), Singapore, Virginia (USA)
Cloudflare — CDN and DDoS protection

Data shared: all platform data.

Protection: encryption at rest (AES-256) and in transit (TLS 1.3).

6️⃣ Regulators and law enforcement

During lawful requests:

Curaçao Gaming Control Board — the regulator of our license
Financial Intelligence Units (FIU) — where money laundering is suspected
Interpol, national police — during official investigation requests
Tax authorities — under local law upon request

Data shared: any data requested within the scope of the lawful request.

Protection: we check that each request is lawful.

7️⃣ Responsible gaming partners

For providing support (only with your consent):

GamCare, BeGambleAware, Gamblers Anonymous

Data shared: only at your request, anonymously or with your consent.

International data transfers

Mostbet serves users across 93 countries. Your data may be sent and processed outside your jurisdiction in other countries, including:

🌍 European Economic Area (EEA): Ireland (AWS servers)
🌍 USA: Virginia (AWS servers)
🌍 Singapore: AWS servers for Asian users
🌍 Curaçao: our main headquarters

Safeguards for international transfers:

✅ Standard Contractual Clauses (SCC) — approved by the European Commission
✅ Binding Corporate Rules (BCR) — the corporate group's internal rules
✅ Adequacy decisions — countries the EU recognizes as safe (e.g., Switzerland)
✅ Encryption in transit — all data encrypted during transfer (TLS 1.3)

How we protect your data

We put comprehensive technical and organizational measures in place to safeguard your personal data:

🔒 Technical measures:

✅ SSL/TLS 256-bit encryption — all data between your device and our servers is encrypted
✅ Encryption at rest — the database is encrypted with AES-256
✅ Two-factor authentication (2FA) — available to every user
✅ Payment-data tokenization — bank cards are swapped for tokens
✅ Firewalls — multi-layer server protection
✅ Intrusion detection systems (IDS/IPS) — 24/7 anomaly monitoring
✅ DDoS protection — Cloudflare Enterprise
✅ Penetration testing — every 6 months

🔐 Organizational measures:

✅ Restricted access — only authorized staff can reach data (the principle of least privilege)
✅ Non-disclosure agreements (NDA) — every employee signs one
✅ Staff training — ongoing data-protection education
✅ Access logging — every action on data is recorded in audit logs
✅ Incident-response procedures — an action plan for data breaches
✅ Regular audits — external ISO 27001 reviews

Security statistics:

🏆 Zero data-breach incidents across 15 years of operation
🏆 99.98% uptime — server stability
🏆 PCI DSS Level 1 certification — the highest payment-security standard

How long we keep your data

We hold your personal data only as long as the processing purposes require:

Data Type	Retention Period	Legal Basis
Identification data	5 years after account closure	AML/KYC legislation
Financial data	7 years after the last transaction	Tax legislation, AML
Gaming and betting history	5 years after account closure	Regulatory requirements, disputes
Support communications	3 years after the last contact	Service quality, disputes
Technical logs (IP, Device ID)	1 year	Security, fraud
Cookies	Up to 2 years (by type)	Marketing, analytics
Marketing data	Until consent is withdrawn or 2 years of inactivity	User consent

Once the retention period ends:

The data is permanently deleted (secure deletion)
Or anonymized for statistical use (so you can no longer be identified)

Your rights regarding personal data

Under GDPR and other data-protection laws, you hold the following rights:

1️⃣ Right to access

You can request a copy of all the data we hold about you.

How to exercise it:

Personal panel → Settings → Privacy → "Download my data"
Or send a request to privacy@mostbetapk.asia with the subject "Data Access Request"

Provision deadline: within 30 days (usually 3-5 days).

Format: CSV/JSON files in a ZIP archive.

2️⃣ Right to rectification

You can update or correct any inaccurate data.

How to exercise it:

Personal panel → Settings → Profile → Edit
Or write to support@mostbetapk.asia

Important: Changing your name or date of birth calls for fresh verification (KYC).

3️⃣ Right to erasure ("Right to be forgotten")

You can request that your data be deleted.

Conditions:

✅ The account is closed and there are no active obligations (debts, disputed transactions)
✅ The retention period for regulatory purposes has expired
❌ Data can't be deleted if it's still needed to fulfill the contract or meet legal obligations (AML, taxes)

How to exercise it:

Write to privacy@mostbetapk.asia with the subject "Data Deletion Request"

Processing deadline: within 30 days.

4️⃣ Right to restriction of processing

You can pause the processing of your data in certain situations (for example, while a dispute over the data's accuracy is ongoing).

How to exercise it:

Write to privacy@mostbetapk.asia with your reasoning

5️⃣ Right to data portability

You can obtain your data in a structured, machine-readable format (CSV, JSON) to move it to another provider.

How to exercise it:

Personal panel → Download my data
Or send a request to privacy@mostbetapk.asia

6️⃣ Right to object

You can object to your data being processed for marketing purposes or under legitimate interest.

How to exercise it:

For marketing: the "Unsubscribe" button in every email or your profile settings
For other purposes: write to privacy@mostbetapk.asia

7️⃣ Right to withdraw consent

Where processing rests on your consent, you can take it back at any time.

How to exercise it:

Personal panel → Settings → Privacy → Consent management

Important: Withdrawing consent doesn't affect the lawfulness of processing carried out before the withdrawal.

8️⃣ Right to lodge a complaint

You can file a complaint with a data-protection supervisory authority.

Contacts:

EU: your national data-protection authority (list)
UK: Information Commissioner's Office (ICO) — ico.org.uk
USA (California): California Privacy Protection Agency — cppa.ca.gov

Cookies and web technologies

What are cookies?

Cookies are small text files saved on your device when you visit our website. They help to:

Remember your settings (language, currency)
Keep you signed in (no need to enter your password on every visit)
Analyze how the website is used
Show you relevant advertisements

Types of cookies we use:

1️⃣ Strictly necessary cookies

Purpose: keeping core website functions running (login, security, cart).

session_id — session identifier
csrf_token — protection against CSRF attacks
auth_token — authentication token

Duration: until the browser closes (session) or 30 days.

Can they be disabled? ❌ No — the website wouldn't work.

2️⃣ Performance cookies

Purpose: gathering anonymous information about website use (which pages are popular, where users run into trouble).

_ga, _gid — Google Analytics
_hjid — Hotjar (session recordings, heatmaps)

Duration: 1-2 years.

Can they be disabled? ✅ Yes — through cookie settings.

3️⃣ Functionality cookies

Purpose: remembering your settings to personalize your experience.

language — the language you selected
currency — the currency you selected
theme — light/dark theme

Duration: 1 year.

Can they be disabled? ✅ Yes — but the website won't remember your settings.

4️⃣ Targeting/advertising cookies

Purpose: tracking your behavior to show you relevant advertisements.

_fbp — Facebook Pixel
_gcl_au — Google Ads
_ttp — TikTok Pixel
IDE — DoubleClick (Google Display Network)

Duration: up to 2 years.

Can they be disabled? ✅ Yes — through cookie settings or NAI opt-out (optout.networkadvertising.org).

Cookie management

In website settings:

Click the "Cookie settings" banner (on your first visit)
Or: website footer → "Cookie preferences"
Turn cookie categories on or off

In browser settings:

Chrome: Settings → Privacy → Cookies
Firefox: Settings → Privacy → Cookies
Safari: Settings → Privacy → Cookies
Edge: Settings → Cookies and permissions

Important: Turning off all cookies may stop the website from working (you might lose access).

Other web technologies

Alongside cookies, we use:

Tracking Pixels: invisible 1x1 images that track when email newsletters are opened and clicked.
Local Storage: storing settings locally on HTML5 devices.
Device Fingerprinting: collecting device configuration details for identification without cookies (resolution, fonts, plugins) (used to prevent fraud).

Marketing and newsletter unsubscribe

Types of marketing messages:

We may send you:

📧 Email newsletters: bonuses, promotions, new games, tournaments
📱 SMS: urgent offers, verification codes
🔔 Push notifications: (in the app) live events, bonus alerts

How to unsubscribe:

Email:

The "Unsubscribe" button in the footer of every email
Or: Personal panel → Settings → Communication → turn off "Promotional emails"

SMS:

Reply "STOP" to any SMS
Or: profile settings

Push notifications:

App settings → Notifications → turn off "Promo"
Or: OS settings (Android/iOS)

Important: You'll still receive transactional messages (deposit confirmations, withdrawals, password changes) — they're essential for the service to function.

Children protection

Mostbet strictly forbids registration and use of the service by anyone under 18 (and under 21 in some jurisdictions).

Protection Measures:

Compulsory age verification (KYC)
Blocking the account where minors are suspected
We don't knowingly collect children's data

If you discover a registered child:

Write to compliance@mostbetapk.asia right away
We'll delete the account and all data within 24 hours

Privacy Policy changes

We may update this Policy from time to time to reflect changes in the law or our own experience.

For significant changes:

✅ We'll notify you by email 30 days before the effective date
✅ We'll post a notice on the website and in the app
✅ We'll ask for fresh consent (where GDPR requires it)

How to track changes:

The last-updated date appears at the start of the document
The policy version appears at the start of the document
Change history is available on request at privacy@mostbetapk.asia

Contacts for privacy questions

If you have questions, requests, or complaints about how your data is processed:

Email Contacts:

📧 General questions: privacy@mostbetapk.asia
📧 Data Protection Officer (DPO): dpo@mostbetapk.asia
📧 Data deletion requests: privacy@mostbetapk.asia (subject "Data Deletion Request")
📧 Data access requests: privacy@mostbetapk.asia (subject "Data Access Request")

Other Contact Methods:

💬 Live chat: open 24/7 in the personal panel ("Privacy" section)
📞 Phone: support line (numbers by country)

Response times:

Email: within 72 hours
Access/deletion requests: within 30 days
Live chat: 1-5 minutes

Mailing address:

Bizbon N.V.

Abraham de Veerstraat 9

Willemstad, Curaçao

Attn: Data Protection Officer

Conclusion

Mostbet is dedicated to protecting your privacy and handling your data in a transparent, lawful, and fair way. We rely on advanced technology and hold firmly to international data-protection standards.

Your trust is our foundation.

By using our platform, you confirm that you've read this Privacy Policy and accept its terms.

Mostbet — your data has been kept securely since 2009.