Privacy Policy

Effective Date: January 15, 2025

Here's what happens to your data when you work with TopsMega. No legal jargon - just what you need to know about how we handle information during license applications.

What We Collect (And Why)

Gaming license applications require extensive documentation. We collect:

  • Business Information: Company structure, ownership details, financial statements. Regulators demand this for probity checks - we're the middleman.
  • Personal Data: Director IDs, background checks, proof of funds. Required for fit-and-proper assessments in every jurisdiction.
  • Communication Records: Emails, call logs, application drafts. We keep these to track progress and cover both parties if regulators ask questions later.
  • Technical Data: IP addresses, browser info when you use our portal. Standard security protocol - helps us spot unauthorized access attempts.

How We Use Your Data

Three main purposes:

  1. Application Processing: We submit your docs to regulators, respond to their queries, manage the back-and-forth. Your data goes directly to licensing authorities - that's the job.
  2. Legal Compliance: AML checks, beneficial ownership verification, due diligence reports. Non-negotiable requirements in Malta, Curacao, and other Tier 1/2 jurisdictions.
  3. Service Delivery: Updates on application status, regulatory changes affecting your license, renewal reminders. We don't spam - only critical communications.

Who Sees Your Information

Limited circle:

  • Regulatory Bodies: Gaming authorities in your target jurisdictions. They get full application packages - it's literally why you hired us.
  • Third-Party Verifiers: Background check services, financial auditors, legal consultants. Only when regulators require independent verification.
  • Our Team: Licensed consultants handling your case. Everyone signs NDAs, but that's table stakes in this industry.

We don't sell data. Ever. Our business model is consulting fees, not data brokering.

Data Retention

We keep records for 7 years post-license issuance. Why? Regulators can audit applications years later. If we delete your files prematurely and authorities come asking, both you and we are in trouble.

After 7 years, we purge everything unless you're still a client with active licenses.

Your Rights

Under GDPR and equivalent laws, you can:

  • Request copies of what we hold (expect 200+ pages for complete applications)
  • Correct inaccuracies before submission
  • Object to processing - though this typically means withdrawing your application
  • Delete data after retention period expires

Security Measures

Bank-level encryption for stored files. Two-factor authentication on our portal. Regular penetration testing. Standard stuff for handling $500K+ license applications.

Breaches happen industry-wide - if ours occurs, you'll know within 72 hours per GDPR requirements.

Contact

Questions about your data? Email [email protected] - responses within 48 hours. For urgent regulatory concerns, call your assigned consultant directly.

This policy updates as regulations change. Major revisions trigger email notifications to active clients.