burger icon
7 Seas Casino Play Review Canada
Log In

Privacy Policy

This Privacy Policy explains how FlowPlay, Inc., as operator of the 7 Seas Casino social casino experience on 7seas-ca.com (including review and informational content under the project identifier "7 Seas Casino"), collects, uses, discloses, and protects your personal information.

It applies to Canadian players, visitors, and other individuals who access or interact with 7seas-ca.com, our games, and related services. By using the Website or our services, you acknowledge that you have read and understood this Privacy Policy.

This Privacy Policy is effective from 1 January 2026 and is intended to align with applicable Canadian privacy laws and relevant international standards, including the EU General Data Protection Regulation (GDPR) and Mexican data protection regulations where they apply to specific users.

Who We Are

7seas-ca.com is a Canadian-facing access point for the "7 Seas Casino" social casino product, operated by:

  • Operator / Data Controller: FlowPlay, Inc.
  • Registered office / headquarters: 1008 Western Ave Ste 300, Seattle, WA, USA
  • Corporate site: https://flowplay.com

FlowPlay, Inc. is responsible for determining how and why personal information is processed in connection with 7seas-ca.com and the 7 Seas Casino project.

Data Protection Contact

If you have any questions about this Privacy Policy, our privacy practices, or your rights, you may contact our data protection contact point (Data Protection Officer / Privacy Team) at:

  • Email: [email protected] (please include "Privacy" in the subject line)
  • Postal: Privacy Team, FlowPlay, Inc., 1008 Western Ave Ste 300, Seattle, WA, USA

What Personal Data We Collect

We collect only the information necessary to operate a secure and enjoyable social casino service on 7seas-ca.com and to provide related review content. Depending on how you interact with us, we may process the following categories of data:

  • Identification and contact data: name or display name, email address, age or date of birth (to verify eligibility), country or province, and, where voluntarily provided, phone number or mailing address.
  • Account and gameplay data: username, profile information, in-game progress, virtual currency balances, friends lists, achievements, chat and community interactions, and preferences (e.g., language, notification settings).
  • Technical and device data: IP address, browser type and version, device identifiers, operating system, referring URLs, time zone, and log data related to access, errors, and security events.
  • Payment and transaction data (virtual items only): details relating to purchases of virtual currency or items (e.g., transaction dates, amounts, payment method type or app store identifier). We do not store full payment card numbers when processed by third-party providers.
  • Behavioral and usage data: clickstream data, pages viewed, session length, features used, in-game actions, betting and play patterns within the social casino environment, and responses to promotions.
  • Cookies and similar technologies: identifiers stored via cookies, SDKs, pixels, and similar technologies used to remember your settings, secure your sessions, measure traffic, and, where permitted, personalize content and marketing.
  • Communications and support data: any information you provide when contacting [email protected], participating in surveys, contests, or feedback forms, including the content of your messages.

Legal Basis for Processing

We process personal information in line with Canadian privacy requirements (including the Personal Information Protection and Electronic Documents Act - PIPEDA - and substantially similar provincial laws where applicable), and, where relevant, GDPR and Mexican data protection frameworks. Our main legal bases include:

  • Your consent: We rely on your informed consent for specific activities, such as:
    • Sending marketing emails or push notifications;
    • Setting non-essential cookies (e.g., analytics and advertising cookies);
    • Collecting optional profile details or survey responses.
  • Performance of a contract / providing requested services: We process data that is necessary to:
    • Create and manage your 7seas-ca.com account;
    • Provide access to the 7 Seas Casino social casino and related content;
    • Process purchases of virtual currency or items and maintain your balances.
  • Legitimate interests: We may process data for our legitimate business interests, balanced against your rights, including:
    • Maintaining and improving game stability and performance;
    • Preventing fraud, abuse, cheating, and security incidents;
    • Understanding usage patterns to improve content and user experience;
    • Measuring the effectiveness of campaigns and service features.
  • Compliance with legal obligations: In limited cases, we process and retain data to:
    • Comply with applicable laws, tax rules, consumer protection, and record-keeping duties;
    • Respond to lawful requests from courts, regulators, or law enforcement;
    • Manage disputes, enforce our Terms, and protect our legal rights.

Purpose of Processing

We collect and use personal information only for specific, explicit, and legitimate purposes. In particular, we use your data to:

  • Provide and operate our social casino services: to create and manage accounts, enable gameplay, manage virtual items and balances, save progress, and deliver core website functionality on 7seas-ca.com.
  • Maintain safety, integrity, and fairness: to authenticate users, secure accounts, monitor for cheating or abuse, prevent fraud, and enforce our Terms and community rules.
  • Improve our services and content: to analyze aggregated gameplay and website usage, test new features, evaluate performance, fix bugs, and optimize our review and informational content for Canadian users.
  • Communicate with you: to respond to support requests, send important notices about your account or changes to our services or policies, and notify you about service-related interruptions.
  • Marketing and personalization (where permitted): to send promotional communications, display tailored offers or recommendations within the social casino, and measure campaign effectiveness, subject to your consent and applicable law.
  • Legal, regulatory, and risk management purposes: to comply with applicable law, manage risk, exercise or defend legal claims, support audits, and cooperate with regulatory authorities, including those in Canada and, where relevant, in other jurisdictions.

Disclosure & Sharing

We do not sell your personal information for money. We may, however, disclose your information to trusted third parties under strict contractual safeguards and only for the purposes described in this Privacy Policy:

  • FlowPlay group and internal teams: authorized employees, contractors, and teams that need access to operate, support, and improve 7seas-ca.com and related systems, subject to confidentiality obligations.
  • Payment and transaction partners: third-party payment processors, app stores, and billing providers who process payments for virtual items on our behalf. These providers handle your financial data in accordance with their own security standards.
  • Technical and service providers: hosting providers, analytics services, security and anti-fraud tools, customer support platforms, email and notification services, and IT vendors who process data only as instructed by us.
  • Advertising and marketing partners: where permitted by law and, where required, with your consent, we may share limited identifiers or aggregated data with advertising networks or partners to deliver or measure personalized marketing. You can manage these preferences as described in this Policy.
  • Business partners and affiliates: selected partners who help us distribute, promote, or co-brand our social casino or review content, under appropriate data protection commitments.
  • Regulators and public authorities: governmental, regulatory, or law enforcement authorities when we are legally required or permitted to do so, or where such disclosure is necessary to protect our rights, the rights of players, or the security of our services.
  • Corporate transactions: in connection with a merger, acquisition, reorganization, or sale of assets, where personal data may be transferred as part of the transaction, subject to continued protection consistent with this Policy.

International Transfers

7seas-ca.com is offered to Canadian users but operated by FlowPlay, Inc. from the United States. As a result, your personal information may be transferred to, stored in, or accessed from countries outside your province or country of residence, including the USA and other jurisdictions where our service providers are located.

  • For Canadian users: By using 7seas-ca.com, you understand and consent to the processing of your information in countries that may have different data protection rules than Canada. When we transfer data, we take steps to ensure it remains subject to appropriate safeguards, and we require our service providers to protect it consistently with this Policy.
  • For users in the European Economic Area (EEA), the UK, or other regions with transfer restrictions: Where required, we implement suitable safeguards such as Standard Contractual Clauses or comparable mechanisms approved by relevant authorities to legitimize cross-border transfers.
  • For Mexican users: If Mexican data protection law applies to you, we aim to ensure that international transfers comply with the Federal Law on Protection of Personal Data Held by Private Parties and its regulations, including appropriate contractual safeguards with recipients.

Regardless of location, we use contractual, technical, and organizational measures to protect personal information when it is transferred internationally.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, to comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods may vary depending on the type of data and applicable laws, but we generally apply the following criteria:

  • Account and profile data: kept for the lifetime of your account and typically for up to 5 years after account closure, unless a longer period is required for legal, accounting, or dispute resolution purposes.
  • Gameplay and behavioral data: stored in identifiable form for as long as your account is active and for a limited period (usually up to 3 years) thereafter, after which it may be anonymized or aggregated.
  • Transaction data (virtual items): retained for up to 7 years where needed to meet tax, accounting, or legal record-keeping requirements, subject to applicable law.
  • Marketing data: information about your marketing preferences and interactions is retained for as long as you remain subscribed and generally no more than 2 years after you last interact with our marketing, unless longer retention is required or permitted by law.
  • Technical logs and security records: retained for a short, defined period (typically from several months up to 2 years) to ensure security, investigate incidents, and compile statistical insights.

When data is no longer needed and no legal obligation requires retention, we securely delete, anonymize, or aggregate it. You may also request deletion in accordance with the "Your Rights" section, subject to legitimate limitations (for example, where we must retain some records for legal reasons).

Your Rights

We respect your rights over your personal information and aim to align our practices with Canadian privacy requirements, GDPR principles, and Mexican data protection regulations where applicable. Depending on your location and the law that applies, you may have some or all of the following rights:

Core Rights for Canadian Users

  • Right to access: to obtain confirmation as to whether we hold personal information about you and to receive a copy, including explanations about how it is used.
  • Right to correction (rectification): to request that inaccurate or incomplete information be corrected or updated.
  • Right to withdraw consent: where processing is based on consent (e.g., marketing), you may withdraw it at any time, without affecting the lawfulness of processing prior to withdrawal.
  • Right to challenge compliance: to raise concerns about our handling of your information and expect a timely response and investigation.

Additional GDPR-Style Rights (EEA/UK and Similar Regimes)

  • Right to erasure: to request deletion of your personal data in certain circumstances (for example, where it is no longer needed, or you withdraw consent and there is no other legal basis).
  • Right to restriction: to ask us to limit processing of your data in specific situations (e.g., while we verify accuracy or resolve an objection).
  • Right to object: to object at any time to processing based on legitimate interests, and to object to direct marketing, including profiling related to such marketing.
  • Right to data portability: to receive certain information in a structured, commonly used, machine-readable format and to request that we transmit it to another controller where technically feasible.
  • Rights related to automated decision-making: where applicable, to request human intervention and to contest significant decisions based solely on automated processing.

Mexican ARCO Rights

If the Federal Law on Protection of Personal Data Held by Private Parties applies to you, you also have ARCO rights:

  • Access: to know what personal data we hold and how it is used.
  • Rectification: to request correction of inaccurate or incomplete data.
  • Cancellation: to request that we stop processing and delete your data when appropriate.
  • Opposition: to object to the use of your data for specific purposes, such as marketing.

How to Exercise Your Rights

  1. Submit your request: Contact us at [email protected] with "Privacy Request" in the subject line, or write to our postal address. Clearly describe the right you wish to exercise and provide sufficient information for us to identify your account.
  2. Identity verification: To protect your privacy, we may request additional information to verify your identity before acting on your request.
  3. Response timeframe: We aim to respond within 30 days of receiving a complete request, and we may extend this period where permitted by law (we will inform you if we do so).
  4. Fees: We process rights requests free of charge, unless a request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request as allowed by law.

Cookies & Tracking Technologies

We use cookies and similar technologies on 7seas-ca.com to enable core functionality, secure your sessions, and understand how our services are used. These technologies may be set by us (first-party) or by authorized third parties acting on our behalf.

Types of Cookies We Use

  • Strictly necessary (session) cookies: essential for the Website and social casino to function, for example to maintain log-in sessions, route traffic, and apply security controls. These are typically temporary and expire when you close your browser.
  • Functional (persistent) cookies: used to remember your settings and preferences, such as language, game sound options, or display preferences. They can remain on your device for a defined period.
  • Analytics cookies: enable us to measure visits, gameplay statistics, and usage trends in aggregate form, helping us improve performance, content, and user experience.
  • Advertising and personalization cookies: where permitted and, where required, with your consent, used to deliver more relevant promotions, measure campaign effectiveness, and avoid showing the same offer repeatedly.

Managing Cookies

  • You can manage or disable cookies through your browser settings. Instructions are typically available in the "Help" or "Settings" section of your browser.
  • Some devices and operating systems provide additional controls for app-level tracking or advertising identifiers.
  • Where available, we may provide in-service controls on 7seas-ca.com allowing you to manage certain cookie and tracking preferences.

Please note that if you disable certain cookies, some features of the Website or social casino may not function properly.

Data Security

We implement a combination of technical and organizational measures designed to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

  • Encryption and secure transport: data is transmitted using industry-standard TLS (Transport Layer Security) 1.2 or higher. Where appropriate, we encrypt data at rest using robust encryption algorithms.
  • Access controls and authentication: access to systems that process personal data is limited to authorized personnel based on role and necessity. Administrative access requires strong authentication, and access rights are reviewed periodically.
  • Network and application security: we use firewalls, intrusion detection or prevention tools, logging, and monitoring to help detect and mitigate threats, and we regularly apply security updates.
  • Vendor management: service providers that process personal information on our behalf are required to implement appropriate security measures and to process data only according to our instructions.
  • Staff awareness and training: employees and contractors with access to personal data receive guidance or training on privacy and security responsibilities and are bound by confidentiality obligations.
  • Incident response: we maintain procedures to investigate and respond to suspected data incidents. Where required by law, we will notify you and/or relevant authorities of certain data breaches without undue delay.

We endeavor to align our security practices with recognized industry standards and frameworks. However, no system can be guaranteed to be completely secure, and you should also take care to protect your account credentials and devices.

Complaints & Contacts

We take privacy-related complaints seriously and aim to resolve them fairly and promptly.

How to Contact Us or Make a Complaint

  1. Initial contact: Email us at [email protected] with "Privacy Complaint" in the subject line, or write to our postal address. Please provide a clear description of your concern and any relevant details.
  2. Acknowledgment: We aim to acknowledge receipt of your complaint within 5 business days.
  3. Investigation and response: We will investigate your complaint and generally provide a substantive response within 30 days. If we need more time, we will explain why and indicate when you can expect a response.
  4. Escalation: If you are not satisfied with our response, you may be entitled to escalate your complaint to a supervisory authority, as outlined below.

Supervisory Authorities

  • Canada: You may contact the Office of the Privacy Commissioner of Canada (OPC) via https://www.priv.gc.ca. Depending on your province, you may also have the right to contact your provincial privacy commissioner.
  • European Economic Area / UK: If GDPR applies to you, you may lodge a complaint with your local data protection authority in the EEA or the UK Information Commissioner's Office.
  • Mexico: If Mexican data protection law applies, you may contact the National Institute for Transparency, Access to Information and Personal Data Protection (INAI) via https://home.inai.org.mx.

We encourage you to contact us first so we can attempt to resolve your concern directly before you approach a supervisory authority.

Updates

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or privacy practices. When we make material changes, we will take appropriate steps to inform you in advance.

  • Notification methods: We may notify you via:
    • Email sent to the address associated with your account;
    • Notices within your account dashboard or in-game messages;
    • Prominent banners or pop-ups on 7seas-ca.com.
  • Advance notice: For significant changes that materially affect your rights or the way we process your data, we will provide, where practicable, at least 30 days' notice before the updated Policy takes effect.
  • Your choices: If you do not agree with the updated Policy, you may choose to stop using our services and, where applicable, request account closure and data deletion, subject to legal retention obligations.

Last updated: January 2026

Summary of recent material changes:

  • Clarified international transfer safeguards for Canadian, EU/UK, and Mexican users.
  • Enhanced description of user rights, including alignment with GDPR and Mexican ARCO principles.
  • Updated retention, security, and notification practices to reflect current operations and applicable standards through 2026.