Privacy Policy
This page sets out what personal information Gransino gathers from visitors, the reasons for it, where it lives, who it goes to, and how to exercise your rights under UK privacy law. The technical companion — cookies, analytics, browser storage — sits on the Cookie Policy page; this page is the plain-English version of the same setup.
Gransino runs as an independent informational platform; the broader context is on the About page. This privacy policy covers the Gransino website alone. The moment a reader clicks through to an operator's site, that operator's own privacy policy takes over; Gransino shares no data with operators beyond the limited form set out below.
1. What Gransino is
Gransino publishes reviews and guides on online casinos available to UK players. The flagship operator review is the Gransino Casino homepage. The site hosts no games, runs no player accounts, takes no deposits, holds no funds and processes no withdrawals. There is no signup and no login. A standard visit involves no data exchange beyond ordinary web traffic. Where Gransino does collect personal data — for instance, when you write in through the contact channels — this page spells out exactly what becomes of it.
2. UK privacy law context
Gransino handles personal information in keeping with the UK GDPR and Data Protection Act 2018 and the thirteen UK GDPR principles overseen by the Information Commissioner's Office (ICO). European visitors also have their GDPR rights honoured. Californian visitors have their CCPA rights honoured so far as they apply. Where any of these frameworks imposes a stricter rule, the stricter rule prevails.
3. What data Gransino collects
Three categories: technical traffic data, contact data you submit voluntarily, and aggregated analytics.
| Category | What is collected | Why | Legal basis |
|---|---|---|---|
| Technical traffic data | IP address (anonymised after 24h), browser type, device type, page URL requested, timestamp, referrer. | Serve pages, prevent abuse, debug performance issues. | Legitimate interest under UK GDPR Article 6 legitimate interest. |
| Voluntary contact data | Name, email address, message content, supporting documents you choose to attach. Submitted only if you write to us. | Reply to your enquiry. | Consent under UK GDPR consent basis (you provide the data; we use it for the stated purpose). |
| Aggregated analytics | Pseudonymous traffic statistics generated by Google Analytics 4 with IP anonymisation enabled. | Understand which pages are useful and which are not. | Consent (you can decline analytics cookies on first visit). |
Here is what Gransino leaves well alone. No financial data — no payment processing happens on this domain at all. No gambling-account credentials, since we operate no accounts. No biometric data. No location any finer than your country (and even that is inferred from an anonymised IP). And nothing in the special categories: race, religion, health, sexual orientation, political opinion. Targeted advertising and remarketing play no part either; for how the site actually earns its keep, see the Affiliate Disclosure page.
4. Cookies and similar technologies
The cookies Gransino uses, the third-party services that set them, and how to manage them are laid out in full on the Cookie Policy page. In brief: strictly necessary cookies (page loading, consent banner state, abuse prevention) are always set; analytics and affiliate-tracking cookies are set only once you consent via the cookie banner; and you can revise your choice whenever you like through the footer link.
5. Affiliate links and operator-side tracking
When you click an outbound operator link on Gransino, three things follow. First, an internal redirect at /go logs the click for our analytics (whether or not you carry on). Second, your browser is sent on to the operator's site. Third, the operator may set its own cookies and count the visit as a referral. Gransino hands over no name, email or other identifying personal data to the operator. All the operator learns is that "a visitor arrived from Gransino". Should you then open an account on the operator's site, that registration falls under the operator's own privacy policy, not this one.
6. How long data is retained
- IP addresses: for abuse prevention, a raw IP lives no longer than 24 hours; after that we anonymise it, lopping off the last octet on IPv4 or the trailing 80 bits on IPv6. The anonymised version is then kept for traffic statistics for as long as 14 months.
- Contact correspondence: emails and any attachments are retained for 24 months for follow-up and audit purposes, then deleted unless still under active discussion.
- Analytics events: Google Analytics 4 data is held for 14 months under our configuration, after which it is deleted automatically.
- Cookie consent record: the consent record itself lives locally in your browser for 12 months, after which the consent banner shows again.
Where the law demands longer retention — say, tax records under HMRC record-keeping rules for affiliate-related accounting — the data in question is held only for the legally required period and used for nothing else.
7. Who Gransino shares data with
Three controlled categories. Service providers that run parts of the Gransino infrastructure — web hosting, content delivery, email — each bound by a written data-processing agreement that limits their use of the data to delivering the service. Analytics providers (Google Analytics 4): IP-anonymised traffic data only, with no personally identifying information. Law-enforcement bodies and regulators: solely in answer to a valid legal demand, and only for the data that demand covers. Gransino never sells, rents or trades personal data to anyone.
8. Where data is stored
Gransino infrastructure runs on cloud providers in the UK and the European Economic Area. A few service providers — Google Analytics 4 in particular — process data in the United States. Where data leaves the UK, the recipient is tied either to Standard Contractual Clauses or to an equivalent regime the ICO has judged to offer protection at least as strong as UK law.
9. Your rights
Under the UK GDPR and equivalent international laws, you hold the following rights over any personal data Gransino keeps about you.
- Access: ask what we hold and be given a copy.
- Correction: ask for inaccurate data to be put right.
- Deletion: ask for your data to be erased, subject to legal retention requirements.
- Withdrawal of consent: where processing rests on consent, you may withdraw it at any time without undoing earlier lawful processing.
- Complaint: if you think Gransino has mishandled your data, you can complain to the ICO at ico.org.uk. UK readers should normally come to us first so we get a chance to put things right.
To exercise any of these rights, write to the privacy address shown on the Contact page. Gransino will reply within 30 days, the window the UK GDPR requires.
10. Children's privacy
Gransino content is written for adult UK readers. The site is neither aimed at nor intended for anyone under 18. We do not knowingly collect personal data from minors. If we learn that data has been submitted by someone under 18, that data is deleted and, where relevant, the parent or guardian is informed.
11. Security
The security controls Gransino runs are the industry-standard set: TLS 1.2 or better on everything in transit, access controls and least-privilege rules throughout internal systems, regular audits of who can reach what, logging of every administrative action, and third-party penetration testing of the public site at intervals. None of that makes any system genuinely unbreakable — so if a personal-data breach likely to do serious harm ever occurs, those affected hear from us directly and the ICO is notified, exactly as the ICO breach notification regime under the UK GDPR requires.
12. Changes to this policy
If this policy changes, the "Last updated" date at the top is amended. Significant changes — new categories of data collected, new third-party processors, altered retention periods — come with a banner on the home page for at least 30 days. Minor housekeeping (rewording, link updates) does not set off a banner.
13. Contact
Privacy questions are best sent through the privacy contact listed on the Contact page. Editorial questions about Gransino content go via the editorial channel; correction requests follow the procedure on the Editorial Policy page. Player-safety guidance for anyone reading this site is on the Responsible Gambling page.