Privacy Policy
A Clear Statement of Scope and Responsibility
This Privacy Policy describes how information is collected, used, retained and protected when you access or interact with http://book-of-ra2.com (the “Website”). The Website provides access to a non-monetised demonstration version of the slot game commonly known as “Book of Ra 2 Demo”. It does not operate as a real-money gambling platform, does not process financial transactions and does not provide licensed betting services.
Even where no financial processing takes place, a website may still collect certain categories of personal or technical information. This can occur through comment functionality, account systems, server logs, browser cookies or security mechanisms designed to maintain platform integrity. The purpose of this Privacy Policy is to explain clearly and transparently what information may be processed, why such processing occurs, and what rights visitors may have in relation to their data.
We aim to collect only the minimum amount of information necessary to ensure technical stability, moderation functionality and reasonable security standards. We do not sell personal data, we do not engage in behavioural gambling profiling, and we do not track wagering activity for commercial exploitation. The demo-based nature of the Website materially limits the scope of data processing compared to transactional gambling operators.
By using the Website, you acknowledge that you have read and understood the terms outlined in this Privacy Policy. Continued use of the Website constitutes acceptance of the principles described herein.
For privacy-related enquiries, you may contact us at:
[email protected]
Who We Are and What This Website Represents
Our website address is: http://book-of-ra2.com.
The Website operates as an informational and demonstration-based platform providing access to a simulated version of the “Book of Ra 2” slot experience. The gameplay available on the Website functions in demo mode only and does not involve real-money stakes, deposits, withdrawals or financial account integration.
We are not a gambling operator. We do not hold a betting licence and we do not offer wagering services. The Website exists solely for informational and demo entertainment purposes. No banking information, credit card details or payment credentials are requested or processed through the platform.
The distinction between a demo platform and a real-money gambling operator is significant from a data protection perspective. Licensed gambling operators typically process:
• financial transaction histories
• identity verification documents
• regulatory compliance records
• wagering patterns and behavioural risk assessments
The Website processes none of the above. Our data footprint is intentionally limited to what is technically required for platform functionality and user interaction.
Where users choose to interact through comments or optional account systems (if available), certain personal information may be voluntarily provided. In addition, standard technical data may be generated automatically through server infrastructure and browser communication protocols.
We consider transparency fundamental. For this reason, we provide detailed explanations of how such limited data is handled within the sections below.
Information Collected Through Comments and User Interaction
Although browsing the Website does not require registration or financial disclosure, certain interactive features may involve the collection of personal or technical information.
Comments
When visitors leave comments on the Website, we collect the data shown in the comments form. This typically includes:
• name (if entered)
• email address (if entered)
• website field (optional)
• the content of the comment
In addition to the information provided directly by the user, the Website also collects the visitor’s IP address and browser user agent string. This information assists in spam detection, fraud prevention and protection against automated abuse.
The IP address is not collected for commercial profiling. It is used solely for moderation integrity and technical security analysis.
An anonymised string created from your email address (commonly referred to as a hash) may be provided to the Gravatar service to determine whether you are using that service. The Gravatar service privacy policy is available at https://automattic.com/privacy/. After approval of your comment, your profile picture may be visible to the public within the context of your comment if associated with a Gravatar account.
We do not use comment data to construct behavioural gambling profiles, nor do we analyse comment activity to predict gaming patterns. Comment data exists for public discussion, moderation continuity and platform stability only.
Voluntary Account Information (If Applicable)
If account functionality is available, users may provide registration information such as:
• username
• email address
• password (stored in encrypted or hashed format)
This information is used exclusively for authentication, user identification within the Website environment and comment attribution.
We do not require identity verification documents, government-issued identification or financial validation records, as the Website does not process real-money transactions.
Technical and Server Log Data
Like most websites, certain technical information is automatically recorded by servers during normal operation. This may include:
• IP address
• browser type and version
• operating system
• date and time of access
• referring URL
Such information is necessary for:
• diagnosing technical issues
• preventing malicious access attempts
• monitoring server performance
• maintaining uptime and operational continuity
Technical log data is not linked to gambling monetisation strategies and is not shared with betting operators.
Cookies, Browser Storage and Functional Persistence
The Website uses cookies and comparable browser-based storage technologies to ensure technical stability, user convenience and reasonable security functionality. Cookies are small text files stored on your device when you access a website. They allow the Website to recognise your browser, maintain session continuity and preserve certain user preferences across visits.
Because http://book-of-ra2.com operates exclusively as a demo-based informational platform and does not process financial gambling activity, cookies are not used to monitor wagering behaviour, track betting expenditure or construct financial risk profiles. Their purpose is strictly operational and usability-related.
Cookies deployed on the Website may fall into the following categories:
Essential Technical Cookies
Essential cookies are necessary for the core operation of the Website. Without them, certain features such as login authentication or comment submission may not function properly.
If you visit a login page (where available), a temporary cookie may be set to determine whether your browser accepts cookies. This cookie contains no personal data and is automatically discarded when you close your browser. Its sole function is to confirm compatibility with cookie-based session handling.
When logging into an account (if account functionality exists), authentication cookies may be created to store login information and session status. These cookies typically last for two days. If the “Remember Me” option is selected, authentication may persist for up to two weeks. Logging out will remove login cookies from your browser.
Screen display preference cookies may also be stored to remember user interface settings. These may remain active for up to one year unless manually deleted through browser controls.
These cookies are necessary for functional continuity and are not used for advertising, behavioural targeting or commercial profiling.
Comment Convenience Cookies
If you leave a comment on the Website, you may opt in to saving your name, email address and website field in cookies. This is designed for convenience so that you do not need to re-enter these details when submitting future comments.
Such cookies typically remain active for one year unless cleared manually.
The use of these cookies is voluntary. You may decline or remove them at any time through your browser settings. Refusing these cookies will not prevent you from accessing the Website but may require manual re-entry of information during future interactions.
Editorial and Administrative Cookies
If you edit or publish content within an authorised administrative environment, an additional cookie may be stored in your browser. This cookie contains no personal data and merely indicates the post ID of the article edited. It typically expires after one day.
Its purpose is internal workflow management and does not involve public tracking or user profiling.
Legal Basis for Cookie Processing
Where required under applicable data protection legislation, non-essential cookies rely on user consent. Essential cookies required for technical functionality may rely on legitimate interest as a lawful basis, given that they are strictly necessary for secure and stable Website operation.
Users retain the ability to control cookie behaviour through browser settings, including blocking, deleting or limiting cookie storage. Please note that disabling certain cookies may affect login systems, comment functionality or other interactive features.
Importantly, the Website does not deploy cookies for:
• real-money gambling analytics
• behavioural advertising linked to betting activity
• creditworthiness assessment
• financial data modelling
The scope of cookie usage remains proportionate to the demo-based and non-financial nature of the platform.
Embedded Content and Interaction with External Platforms
Articles or informational sections on the Website may include embedded content, such as videos, images, articles or media elements hosted by third-party platforms. Embedded content from external websites behaves in the same way as if the visitor had directly accessed that third-party website.
This means that external platforms may:
• collect data about you
• use their own cookies
• embed additional tracking technologies
• monitor interaction with embedded media
If you are logged into an external service (for example, a video-sharing platform) while visiting the Website, your interaction with embedded content may be associated with your account on that external platform.
The Website does not control how third-party services collect, process or retain data. Any such processing is governed exclusively by the privacy policy of the respective external provider.
We encourage users to review the privacy policies of external services before interacting with embedded content.
The inclusion of embedded material is intended for informational enhancement and does not imply endorsement, partnership or joint data processing arrangements unless explicitly stated.
Where external services are integrated for operational necessity — such as spam detection, content delivery or infrastructure support — such integrations are selected based on technical reliability and security standards. Data shared with such services is limited to what is necessary for the intended operational function.
The Website does not embed content for the purpose of covert tracking or behavioural monetisation related to gambling habits.
Data Sharing, Service Providers and Legal Disclosure
We do not sell personal data to third parties.
We do not trade user information.
We do not participate in gambling data exchange networks.
Any sharing of information is limited strictly to operational necessity or legal obligation.
Password Reset Processing
If you request a password reset (where account functionality exists), your IP address may be included in the reset email. This serves as a security measure to confirm the authenticity of the request and to reduce the risk of fraudulent account recovery attempts.
This information is not disclosed publicly and is not used for marketing analysis.
Automated Spam Detection
Visitor comments may be checked through automated spam detection services. This process may involve transmitting limited technical data, including IP address, comment content and metadata, to a specialised spam filtering provider.
The sole purpose of this transfer is to maintain the integrity of the discussion environment and protect the Website from automated abuse, malicious posting or bulk spam activity.
We do not transmit financial credentials, wagering data or payment identifiers to such services, as the Website does not collect this type of information.
Hosting and Infrastructure Providers
Personal and technical data may be processed by third-party hosting providers responsible for server infrastructure, maintenance, security updates and uptime management.
These providers operate under contractual obligations designed to ensure confidentiality and appropriate data protection safeguards. They are not authorised to use personal data for independent commercial purposes.
Legal Requirements
We may disclose personal data where required to do so by law, regulation, court order or governmental request. Any such disclosure will be limited to the scope legally mandated and assessed for proportionality.
In circumstances involving suspected abuse, fraud or unlawful activity, limited data may be disclosed to competent authorities where legally justified.
Because the Website does not engage in financial gambling operations, the likelihood of regulatory financial disclosure obligations is substantially reduced compared to licensed betting platforms.
Data Retention Principles, Storage Duration and Lifecycle Management
Data retention within http://book-of-ra2.com is guided by the principle of proportionality. Because the Website operates exclusively as a demo-based informational platform and does not process financial gambling activity, the categories of personal data stored are inherently limited. Nevertheless, even limited data requires structured retention policies to ensure lawful and responsible management.
Retention is determined by the purpose for which data was collected, the technical necessity of preserving that data, and any legal obligations that may apply.
Purpose-Based Retention Framework
Each category of data processed through the Website is linked to a defined operational purpose. Data is not retained arbitrarily or indefinitely without justification.
For example:
• Comment data is retained to preserve discussion continuity and moderation integrity.
• Account data (if applicable) is retained to maintain authentication and user attribution.
• Server logs are retained to maintain technical security and investigate potential abuse.
Where the purpose ceases to exist, data is subject to deletion, anonymisation or restriction.
Indefinite Retention of Public Comments
Comments submitted by users may be retained indefinitely. This retention serves multiple legitimate interests:
• preservation of public discussion context
• prevention of duplicate moderation processes
• continuity of thematic conversation
• historical reference within the Website environment
However, indefinite retention does not equate to unrestricted processing. Comments remain subject to removal upon legitimate request, provided that such removal does not undermine legal obligations or the structural integrity of published content.
Where deletion is requested, we assess:
• whether the comment contains personal data beyond public display
• whether removal would materially distort the discussion thread
• whether retention is required for legal or administrative reasons
If removal is granted, associated metadata may also be deleted or anonymised.
Account Data Retention and Deactivation
Where user registration functionality exists, account data is retained for the duration of the active account. If a user chooses to delete their account, personal data associated with that account will be erased or anonymised, except where retention is necessary for:
• compliance with legal obligations
• resolution of disputes
• prevention of abuse or repeated violations
Inactive accounts may be subject to periodic review. Where prolonged inactivity is detected, we may anonymise or remove dormant account data to reduce unnecessary retention.
Server Logs and Security Data
Technical logs containing IP addresses, browser signatures and system-level access data are retained for a limited duration aligned with security and operational needs.
Such logs are necessary for:
• identifying malicious access attempts
• diagnosing performance issues
• detecting denial-of-service activity
• ensuring infrastructure reliability
Retention of security logs is limited in time and scope. Logs are rotated or deleted according to hosting provider policies and internal risk assessment procedures.
We do not compile long-term behavioural profiles from server logs. Technical data is not aggregated for gambling analytics or commercial resale.
Data Minimisation and Periodic Review
Retention practices are subject to periodic review. We assess:
• whether stored data remains necessary
• whether anonymisation is feasible
• whether deletion can be implemented without impairing operational integrity
The guiding principle is minimisation: we seek to reduce stored personal data to the lowest volume compatible with legitimate technical and administrative functions.
Data Subject Rights Under the General Data Protection Regulation and Related Frameworks
Individuals interacting with the Website may be entitled to rights under the General Data Protection Regulation (GDPR) or other applicable data protection laws, depending on their jurisdiction.
Although the Website does not process financial gambling data or engage in automated risk profiling, it recognises that even limited personal data processing carries corresponding individual rights.
Right of Access
You may request confirmation as to whether personal data concerning you is being processed. Where such processing occurs, you may request:
• a copy of the personal data
• information regarding the purpose of processing
• categories of data concerned
• categories of recipients (if any)
• retention periods or criteria used to determine them
Access requests must allow reasonable identification of the relevant records.
Right to Rectification
If you believe that personal data held about you is inaccurate or incomplete, you may request correction. Rectification may include:
• updating account details
• correcting misspelled names
• amending inaccurate metadata
We take reasonable steps to ensure that corrections are implemented without undue delay.
Right to Erasure
You may request deletion of personal data where:
• the data is no longer necessary for its original purpose
• consent has been withdrawn (where consent applies)
• processing lacks lawful basis
• you object to processing and no overriding legitimate interest exists
However, this right is subject to exceptions. We may retain certain data where necessary for:
• compliance with legal obligations
• establishment or defence of legal claims
• prevention of fraud or platform abuse
• safeguarding the integrity of published discussions
Each erasure request is assessed individually and proportionately.
Right to Restriction of Processing
In certain situations, you may request restriction of processing rather than deletion. This may apply where:
• the accuracy of data is contested
• processing is unlawful but erasure is not desired
• data is required for legal claims
Restricted data may remain stored but will not be actively processed beyond the restricted purpose.
Right to Data Portability
Where technically feasible and legally applicable, you may request an exported file of personal data you have provided. Such data will be provided in a structured, commonly used and machine-readable format.
Because the Website does not maintain extensive behavioural or financial datasets, the scope of portable data is generally limited to:
• account information
• comment records associated with identifiable credentials
Right to Object
You may object to processing based on legitimate interest. In such cases, we will evaluate whether compelling legitimate grounds override the objection.
Given the limited and non-commercial scope of data processing on the Website, legitimate interest is typically confined to security, moderation and technical functionality.
Exercising Your Rights
Requests concerning data subject rights may be submitted to:
We may require identity verification to prevent unauthorised disclosure of personal data.
We aim to respond to legitimate requests within a reasonable timeframe and in accordance with applicable legal standards.
Data Security Architecture, Risk Assessment and Protective Measures
Security of personal data is treated as a structural responsibility rather than a mere technical feature. Although the Website processes limited categories of data, we recognise that any internet-based platform is exposed to potential risks.
Risk Landscape Overview
Potential risks include:
• unauthorised access to user accounts
• interception of data during transmission
• automated spam attacks
• brute-force login attempts
• server-level vulnerabilities
• software exploitation
The risk profile of the Website is lower than that of real-money gambling operators because no financial transactions are processed. However, the presence of comment systems and optional account functionality still requires robust safeguards.
Technical Safeguards
We implement reasonable technical measures, which may include:
• HTTPS encryption to protect data in transit
• secure password hashing algorithms
• restricted administrative access controls
• firewall configuration and intrusion detection
• regular software and plugin updates
• monitoring of suspicious login patterns
Administrative access is limited to authorised personnel and protected through authentication protocols.
Organisational Safeguards
Data protection responsibilities are incorporated into operational practices. This includes:
• limiting access to personal data
• reviewing retention necessity
• ensuring third-party providers meet security expectations
• responding promptly to suspected incidents
Third-Party Infrastructure Risk
Hosting providers and spam detection services are selected based on technical reliability and security standards. Where data is processed by third parties, it is limited to what is necessary for operational purposes.
We do not authorise third-party providers to exploit personal data for unrelated commercial gain.
Limitation of Absolute Security
Despite implementing reasonable safeguards, no system can guarantee absolute security. Transmission of data over the internet inherently carries some risk. Users are encouraged to:
• use secure networks
• protect their account credentials
• avoid sharing sensitive personal information unnecessarily
In the unlikely event of a significant data breach affecting stored personal data, we will assess notification obligations under applicable legal frameworks and act accordingly.
FAQ About Privacy on Book of Ra 2 Demo
The following section is intended to clarify common questions regarding data processing on http://book-of-ra2.com. This FAQ does not replace the full Privacy Policy above but serves as an accessible explanation of key principles.
Do you collect financial or payment information?
No. The Website does not process deposits, withdrawals, payment cards, bank transfers or any other financial transactions. The demo-based nature of the platform means that no real-money wagering takes place. As a result, we do not collect banking credentials, transaction histories, betting records or identity verification documents.
Any personal data processed through the Website is limited to voluntary submissions (such as comments or optional account registration) and technical data required for operational stability.
Is this Website a real-money casino?
No. http://book-of-ra2.com provides access to a demo version of the “Book of Ra 2” slot experience. It does not operate as a licensed gambling operator and does not facilitate wagering with real funds.
This distinction significantly reduces the scope of data processing compared to regulated betting platforms, which are typically required to collect financial and compliance-related data.
Why is my IP address collected when I leave a comment?
IP addresses are collected for security and moderation purposes. This helps us detect spam, automated abuse, malicious posting patterns and other forms of technical misuse.
We do not use IP addresses to build behavioural gambling profiles or conduct commercial targeting. IP data is processed strictly for maintaining platform integrity and preventing abuse.
How long are my comments stored?
Comments and associated metadata may be retained indefinitely in order to preserve discussion continuity and moderation history. However, users may request deletion of their comments, subject to review and applicable legal considerations.
Retention of comments does not involve commercial exploitation or resale of user-generated content.
Can I request deletion of my personal data?
Yes. You may request deletion of personal data we hold about you, including account information or comment records. However, this right is subject to certain limitations, such as legal obligations, fraud prevention or the need to preserve the structural integrity of published discussions.
Requests may be submitted to [email protected], and reasonable identity verification may be required.
Do cookies track my gambling behaviour?
No. The Website does not operate real-money gambling systems and therefore does not track betting behaviour, wagering frequency or financial exposure. Cookies are used solely for technical functionality, session continuity and user convenience.
There is no behavioural gambling analytics deployed on the platform.
Is my data shared with betting operators or advertisers?
No. We do not sell, trade or transfer personal data to betting operators, advertising networks or gambling analytics providers. Data sharing is limited to operational service providers such as hosting infrastructure or spam detection systems, and only where necessary.
What happens if there is a data security incident?
While we implement reasonable technical and organisational safeguards, no internet-based system is immune to risk. In the unlikely event of a significant data breach affecting stored personal data, we will assess legal notification obligations and act in accordance with applicable data protection regulations.
Because the Website does not store financial information, the potential impact of a security incident is materially lower than that of transactional gambling platforms.
Our Commitment to Responsible and Proportionate Data Handling
The purpose of this Privacy Policy is not merely regulatory compliance but transparency. http://book-of-ra2.com operates as a demo-based informational platform, and this operational reality shapes the way data is handled.
We do not process financial transactions.
We do not collect payment credentials.
We do not analyse betting behaviour.
We do not construct gambling risk profiles.
The personal data processed through the Website is limited to what is voluntarily provided by users or technically required for stable operation, moderation and security.
Where data is retained, it is retained for defined purposes. Where rights apply, they are respected in accordance with applicable legal standards. Where third-party services are involved, their role is restricted to operational necessity.
We recognise that privacy expectations extend beyond financial contexts. Even within a demo environment, users deserve clarity regarding how information is handled. For this reason, we have outlined our practices in detail and provided a direct contact channel for enquiries:
By continuing to use the Website, you acknowledge that you have reviewed this Privacy Policy and understand the limited and proportionate nature of data processing carried out within this demo-based environment.
