Privacy Policy

This document explains, in plain English, how LilyMercer treats the personal information that comes our way when you read our non Gamstop casino coverage. Carrying on with your visit confirms you are comfortable with the practices outlined below.

1. Who We Are

LilyMercer ("we", "us", or "our") cares about the privacy of the people who read our work, and we make a point of handling the personal data we collect with proper attention. This notice applies to every visitor to our website. It describes the data we gather, the reasons we gather it, and the rights you can call on under the relevant UK rules — chiefly the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

LilyMercer is an independent editorial publication. Our work consists of operator reviews, side-by-side comparisons, and step-by-step guides covering non Gamstop casinos. We are not an online gambling brand ourselves — there are no games hosted on this domain, no player wallets, no wagers placed, and no winnings to pay out.

2. What Information We Collect

The personal data we end up holding falls into two distinct groups: information you actively hand over to us, and information our systems record in the background as you browse.

Data You Share With Us

• Contact details: If you reach out by email or fill in a contact form, we retain your name, the email address you wrote in from, and the content of whatever you sent us.
• Newsletter sign-ups: Subscribing to our updates means we hold the email address you provided plus any topic preferences you ticked along the way.
• Reader-submitted content: Anything you post on the site — comments, star ratings, written feedback — may include personal information that you have deliberately chosen to include.

Data Captured Automatically

• Browsing activity: Which pages you open, how long you read each one, the order you move through them in, where you arrived from, and similar engagement signals.
• Technical fingerprints: Your IP address, the brand and version of your browser, your operating system, your screen resolution, and basic device identifiers.
• Approximate location: A rough geographic estimate derived from your IP — typically no more precise than the city or country level.
• Cookies and similar trackers: Tiny files saved in your browser that let us recognise returning visitors and remember what they prefer. The dedicated Cookies section below has the full breakdown.

3. Why We Use Your Data

The personal information we collect supports a handful of clear purposes:

• Operating the site: Keeping pages rendering correctly, hunting down bugs, and studying how readers move through our content so we can improve it.
• Replying to your messages: Handling enquiries, fulfilling requests, and offering support where you have asked for it.
• Tailoring what you see: Suggesting guides, reviews, or operator comparisons that line up with the interests your reading habits reveal.
• Sending updates: Delivering newsletters, editorial round-ups, or promotional notes — exclusively to readers who have actively opted in.
• Legal compliance: Meeting whatever regulatory, accounting, or reporting duties happen to apply to us at the time.
• Protecting the platform: Detecting unusual behaviour, blocking unauthorised access attempts, and keeping the site safe for genuine readers.

4. Lawful Basis for Processing

UK GDPR requires every act of processing to sit on a recognised legal basis. The bases we rely on are these:

• Consent: Where you have given clear, affirmative agreement — for example, by joining a mailing list or accepting non-essential cookies on first visit.
• Legitimate interests: For analytics, fraud prevention, and editorial improvement, provided those interests do not override your own rights and freedoms.
• Legal obligation: Where a law or court order requires us to process particular information.
• Performance of a service: Where we need the data in order to deliver something you have specifically requested.

5. Cookies and Similar Technologies

Cookies are small text files dropped onto your device when you load a webpage. They help us see how the site is being used and let us personalise the reading experience for repeat visitors.

Categories We Deploy

• Strictly necessary: Required for core functions such as session management and security. These cannot be turned off.
• Analytics: Measure traffic patterns and indicate which pages are performing best. Tools such as Google Analytics may be involved here.
• Functional: Remember the choices you have made — language, layout, preferences — so the site feels personalised when you return.
• Marketing: Used to make any adverts more relevant to you and to measure how well our occasional campaigns are performing.

You can manage cookies through your browser settings, or — on first visit — through the consent banner we display. Turning off certain categories may disable some site features.

6. Who We Share Data With

We do not sell your personal data. Sharing is limited to a small set of clearly defined situations:

• Trusted suppliers: Third parties that help us run the website — hosting platforms, analytics providers, email-delivery services, customer-support tools. Each is contractually obliged to handle your data securely and only for the agreed purpose.
• Affiliate partners: Clicking a link out to an external casino operator means that operator may collect data on you according to its own privacy notice. What happens on their site is outside our control.
• Legal disclosure: Where a law, court, or regulator compels us to disclose information, we will comply.
• Corporate changes: If LilyMercer is merged, sold, or has its assets transferred, your data may move to the new operator under equivalent protections.

7. Transfers Outside the UK

Some of the suppliers we work with may process data outside the United Kingdom or the European Economic Area. Whenever that happens, appropriate safeguards are put in place — usually the Standard Contractual Clauses recognised by the UK Information Commissioner's Office (ICO), or transfers restricted to jurisdictions the UK government has deemed adequate.

8. How Long We Keep Your Data

Personal data is held only for as long as the original purpose requires — or for as long as the law tells us to keep it. Typical retention windows look like this:

• Contact enquiries: Retained for up to 24 months from the date of the last exchange between us.
• Newsletter subscriptions: Held until you unsubscribe or specifically ask us to delete you from the list.
• Analytics records: Aggregated, anonymised data may be kept indefinitely; identifiable analytics data is normally held for up to 26 months.
• Cookie data: Varies by cookie type — anywhere from a single session up to two years.

9. Your Rights as a User

UK GDPR gives you a defined set of rights over the personal data we hold about you:

• Right of access: Request a copy of the personal data we currently hold on you.
• Right to rectification: Ask us to correct anything that is inaccurate or to fill in anything incomplete.
• Right to erasure: Request deletion of your data where we have no overriding lawful reason to retain it.
• Right to restrict processing: Tell us to pause certain uses of your data in particular circumstances.
• Right to portability: Obtain your data in a structured, machine-readable format and pass it on to another provider.
• Right to object: Object to processing that relies on legitimate interests, including any direct marketing we may carry out.
• Right to withdraw consent: Where processing relies on your consent, you can withdraw that consent whenever you like.

To exercise any of these rights, contact us using the details at the bottom of this page. We aim to respond within one calendar month, though particularly complex or multi-part requests may take a little longer.

10. How We Protect Your Data

We apply sensible technical and organisational measures to defend personal data against unauthorised access, accidental loss, alteration, or unintended disclosure. Those measures include SSL encryption for data moving between your browser and our servers, strict access controls inside our editorial team, and regular reviews of our overall security posture. That said, no system connected to the public internet is ever fully impenetrable, and we cannot guarantee absolute security.

11. Visitors Under 18

This site is intended for adult readers aged 18 and over. We do not knowingly gather personal data from minors. If you have reason to think a person under 18 has submitted information to us, please contact us straight away and we will remove it.

12. Links to External Sites

Our pages contain links to external resources — casino operators, regulatory bodies, responsible-gambling charities, and reference material. We are not responsible for the privacy practices or the content of any third-party website. We strongly suggest checking the privacy notice of any external site before sharing personal information with it.

13. Updates to This Policy

We may revise this Privacy Policy from time to time to reflect operational changes, new technologies, updated legal requirements, or other relevant developments. Any revised version is published on this page with a refreshed "Updated" date at the top. We encourage you to look back in occasionally to see whether anything has changed.

14. Get in Touch

If you have any questions about this Privacy Policy, want to exercise any of your rights, or have concerns about the way we are handling your data, please get in touch:

You also retain the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe your personal data has been mishandled. See ico.org.uk for further detail.