Privacy Policy
1. Who We Are
Bibi.games (“Bibi“, “we“, “our“, or “us“) is a business‑to‑business studio that designs and supplies online casino slot content and related technology to licensed gaming operators worldwide. We do not provide gambling services directly to end‑users or players.
2. Scope of This Policy
This Privacy Policy explains how we collect, use, store, share and protect personal data when you:
visit bibi.games or any website or landing page that links to this Policy;
communicate with us by e‑mail, phone, social media or at events;
enter into, or negotiate, a commercial contract with us;
apply for employment with Bibi.
Because we are a B2B supplier, we normally process information about business contacts, not individual casino players. If you are a player, please review the privacy policy of the operator with whom you hold an account.
3. What Personal Data We Collect
| Category | Typical Data Elements | Source |
|---|---|---|
| Website usage data | IP address, browser type, device identifiers, pages visited, time spent, cookies & similar technologies | Automatic collection when you visit our site |
| Business contact data | Name, job title, business e‑mail, phone number, company address, correspondence history, contract information | You or your employer; public business listings |
| Marketing preferences | Newsletter opt‑in status, interaction with marketing emails | You (consent forms) |
| Recruitment data | CV, cover letter, education and employment history, interview notes, references | You; recruiters; referees |
We do not intentionally collect special categories of data (e.g. health, political opinions) nor data about children (under 18).
Cookies & Similar Tracking Technologies
We use first‑party cookies and third‑party analytics tools (such as Google Analytics) to understand how visitors interact with our site and to improve its performance. You can manage cookie preferences via your browser settings or our cookie banner.
4. How and Why We Use Personal Data
We process personal data for the following purposes and legal bases:
| Purpose | Legal Basis* |
|---|---|
| Provide and secure our website | Legitimate interests (IT security, site functionality) |
| Respond to enquiries, demo requests or RFI/RFPs | Legitimate interests; pre‑contract steps |
| Negotiate, conclude and perform contracts with operators, aggregators or suppliers | Contract performance |
| Send B2B marketing communications, newsletters and product updates | Consent (where required) or legitimate interests |
| Organise and attend industry events | Legitimate interests |
| Recruit and evaluate job candidates | Contract performance; legitimate interests; legal obligation (where required) |
| Comply with legal & regulatory obligations (e.g. anti‑money‑laundering, sanctions screening) | Legal obligation |
*For individuals in the European Economic Area (EEA) or United Kingdom, processing is based on the GDPR legal bases indicated above.
5. Sharing and Disclosure
We only share personal data when necessary:
Service providers such as hosting, analytics, e‑mail delivery, CRM, payroll and recruitment systems—bound by contractual obligations of confidentiality and data protection.
Business partners/clients during contract negotiation or integration, but only to the extent required.
Professional advisers & auditors (lawyers, accountants, insurers) under confidentiality.
Authorities where required by law, court order or to protect our rights.
Corporate transactions: if we are involved in a merger, acquisition or asset sale, data may be transferred as part of that deal, subject to confidentiality.
We never sell personal data.
6. International Transfers
Bibi is headquartered in Cyprus and uses suppliers located in several jurisdictions, including the EEA, United States and Canada. When we transfer personal data outside the EEA/UK we rely on:
adequacy decisions issued by the European Commission;
EU Standard Contractual Clauses or UK Addendum/IDTA;
other lawful transfer mechanisms under GDPR art. 46.
7. Data Security
We implement technical and organisational measures proportional to the risks, including:
ISO 27001‑aligned information‑security policies;
encryption in transit and at rest for sensitive data;
role‑based access controls and multi‑factor authentication;
routine penetration testing and vulnerability management;
employee training and NDAs.
No system is 100 % secure; if we detect a data breach that affects you we will notify the relevant supervisory authority and, where required, the affected individuals.
8. Data Retention
We retain personal data only as long as necessary for the purposes described above, including to meet legal, accounting or reporting requirements.
| Data type | Typical retention period |
|---|---|
| Web analytics logs | 14 months |
| Business correspondence & contracts | Duration of the contract + up to 7 years |
| Marketing opt‑in records | Until withdrawal of consent + 3 years |
| Recruitment records (unsuccessful) | 12 months, unless you agree to a longer talent‑pool period |
We may anonymise data so it can no longer identify you and keep it indefinitely for statistics.
9. Your Rights
Depending on your location, you may have rights to:
Access the personal data we hold about you;
Request rectification of inaccurate or incomplete data;
Request erasure (“right to be forgotten”);
Restrict or object to processing;
Port your data to another provider;
Withdraw consent at any time for marketing emails;
Lodge a complaint with a supervisory authority (e.g., Cyprus Commissioner for Personal Data Protection or your local regulator).
To exercise these rights, contact us using the details in Section 11.
10. California & Other U.S. State Privacy Notices
If you reside in California or another U.S. state with specific privacy laws, you may have additional rights such as the right to know, delete, opt‑out of “sale” or “sharing” (as defined under those laws). Bibi does not sell personal data for monetary consideration.
11. Contact Us
Bibi.games Ltd.
10 Spyrou Kyprianou Avenue, 2nd Floor
3070 Limassol, Cyprus
privacy@bibi.games
Our EU/UK representative (where required) and Data Protection Officer can be reached at the same address.
12. Children’s Privacy
Our services are intended strictly for adults (18+). We do not knowingly collect information about minors. If you believe a child has provided us with personal data, please contact us and we will delete it.
13. Changes to This Policy
We may revise this Policy from time to time. We will post the updated version on our website and indicate the “Last updated” date. Material changes will be announced via website notice or direct communication where feasible.
Questions? Please reach out at privacy@bibi.games and we’ll be happy to help.