The Gambling Commission website uses cookies to make the site work better for you. Some of these cookies are essential to how the site functions and others are optional. Optional cookies help us remember your settings, measure your use of the site and personalise how we communicate with you. Any data collected is anonymised and we do not set optional cookies unless you consent.

Set cookie preferences

You've accepted all cookies. You can change your cookie settings at any time.

Skip to main content


The prevention of money laundering and combating the financing of terrorism

Guidance for remote and non-remote casinos: fifth edition

  1. Contents
  2. Part 7 - Record keeping
  3. 10 - Data protection

10 - Data protection

Any personal data obtained by casino operators for the purposes of the Regulations may only be processed for the purposes of preventing money laundering and terrorist financing. 147

Personal data should not be used for any other purpose unless:

  • use of the data is permitted by or under any law other than the Regulations
  • the casino operator has obtained the agreement of the subject of the data to the proposed use of the data. 148

Casino operators are obliged to provide new customers with the following information before they establish a business relationship with them:

  • the registrable particulars of the operator
  • a statement that any personal data received from the customer will be processed only for the purposes of preventing money laundering or terrorist financing, or as permitted by the circumstances described in the paragraph above. 149


147 Regulation 41(1).
148 Regulation 41(3).
149 Regulation 41(4).

Previous section
Form in which records are to be kept
Is this page useful?
Back to top