burger icon
Forza Bet Coins United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how personal data is collected and used when you access or use the Forza Bet Coins online gambling services operated via forzabed.com, including when you visit our website, register an account, place bets, use Forza Coins, or contact customer support. It applies to players and website visitors located in the United Kingdom, and to any other individuals whose data we process in connection with these services. By using our services, you acknowledge that your personal data will be processed in accordance with this Privacy Policy and applicable law. Effective date: 1 January 2026.

Who We Are

The Forza Bet Coins service is provided through the website forzabed.com under the commercial brands Forza Bet Coins and Forza Bet UK.

Operator (data controller)

  • Legal entity name: Velocity Gaming Ltd
  • Legal form: Limited liability company (Ltd)
  • Company registration number: C-91234
  • Place of incorporation: Malta
  • Registered office: Velocity Gaming Ltd, registered in Malta under company number C-91234 (full registered office details are available via the Malta Business Registry and on the legal imprint of forzabed.com)

Licensing and regulatory oversight

  • Gambling licence: Remote gambling operator licence no. 39482 issued by the Gambling Commission of Great Britain (jurisdiction: Great Britain).
  • Primary market: United Kingdom - access to forzabed.com is geofenced to UK IP addresses; non-UK visitors may be redirected to a holding page or to an international .com counterpart operated under a Curaçao licence.

Data Protection Officer (DPO) / privacy contact

  • Responsible unit: Data Protection Officer, Velocity Gaming Ltd
  • Email: privacy@forzabed.com (or the most recently published privacy contact address on forzabed.com)
  • Postal contact: "Data Protection Officer, Velocity Gaming Ltd (C-91234), Malta" - the full postal address stated in the legal section of forzabed.com should be used on envelopes.

For all questions about this Privacy Policy, our data processing practices, or your privacy rights, you should contact our DPO using the contact details above or any dedicated contact channels provided within your forzabed.com account.

What Personal Data We Collect

Identity and contact data

  • Account data: first name, last name, date of birth, username, password (stored in hashed form), contact preferences, language and currency settings.
  • Contact details: email address, mobile phone number, residential address, country of residence, communication preferences (for example, whether you wish to receive marketing communications).
  • KYC and verification data: copies and data extracted from identity documents (such as passport or driving licence), proof of address documents (such as utility bills less than three months old), and any additional information you provide to prove your identity or eligibility.

Financial and transactional data

  • Payment data: limited card details (for example, payment card type, masked card number, expiry date), e-wallet identifiers, bank account identifiers, payment processor transaction IDs, and results of payment authorisations or chargebacks. Full card details are handled by secure payment service providers and are not stored by us in plain form.
  • Betting and gaming transactions: deposits, withdrawals, wagers, wins and losses, Forza Coins balances and redemptions, loyalty activity, bonus usage, and promotion participation.
  • Source of wealth / AML information: information contained in bank statements (for example, account holder name, account number, transaction history) and other financial documents that you provide when source of wealth checks are triggered (for example, once cumulative deposits reach £2,000 or other thresholds required by our AML policies or regulators).

Technical and usage data

  • Device and connection data: IP address, approximate geographic location derived from IP, device identifiers, device type, operating system, browser type and version, preferred language, network information, and information about used proxies or VPNs (in line with our IP masking and VPN detection rules).
  • Log and event data: login and logout timestamps, session identifiers, pages visited, clicks, scrolling and navigation patterns, form interactions, time on page, and technical error logs.
  • Security and integrity data: failed login attempts, unusual account access locations, self-exclusion flags (including those originating from GamStop), account status flags, fraud risk scores, and records of security incidents.

Behavioural and profiling data

  • Gameplay and betting behaviour: games played, bet sizes, frequency and time of play, win/loss patterns, bonuses claimed and used, and interactions with our loyalty and gamification systems (including Forza Coins earning and spending behaviour).
  • Responsible gambling indicators: patterns suggesting potential problem gambling (for example, sudden increases in deposit size or frequency, repeated session cancellations, or contacts with responsible gambling support), self-imposed limits, cooling-off periods, and self-exclusion choices (including those initiated via GamStop).
  • Marketing and communication data: records of emails and messages we send you, whether and when you opened them, which links you clicked, and your responses to surveys and feedback requests.

Cookies and similar technologies

  • Cookie data: unique identifiers stored in cookies or similar technologies that allow us to recognise your browser or device, keep you logged in, remember your preferences, analyse site usage, and measure the effectiveness of our marketing campaigns.
  • Third-party tracking: identifiers and technical data provided by analytics and advertising partners (for example, attribution identifiers or device signals) when you consent to such technologies.

We collect personal data directly from you (for example, when you register, deposit, or contact support), automatically through your use of forzabed.com, and from third parties (for example, payment providers, KYC and AML screening providers, GamStop, and other service partners) where this is necessary and lawful.

Legal Basis for Processing

We process your personal data only when we have a valid legal basis under the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations ("PECR"), and other applicable laws. Where relevant, we also take into account European Union GDPR standards and Mexican data protection rules.

Performance of a contract

  • Account creation and management: we process identity, contact, technical, and transactional data to create your forzabed.com account, verify that you meet legal eligibility criteria, and provide you with access to Forza Bet Coins services.
  • Provision of gambling services: we use your data to accept bets, settle wagers, credit wins, manage Forza Coins, apply bonuses, and operate our loyalty shop, as well as to provide customer support and resolve operational issues.
  • Payments: we process payment and transaction data to accept deposits, execute withdrawals, manage chargebacks, and reconcile financial records.

Compliance with legal obligations

  • Gambling regulation: we process data to comply with the licence conditions and codes of practice set by the Gambling Commission of Great Britain, including age and identity verification, responsible gambling interventions, and reporting requirements.
  • Anti-money laundering and counter-terrorist financing: we process identity, transactional, and source of wealth data to fulfil AML/CTF obligations, including customer due diligence, ongoing monitoring, and record keeping.
  • Data protection and other laws: we process data to respond to lawful requests from regulators, tax authorities, courts, police and other public authorities, and to maintain mandatory records for specified periods.

Legitimate interests

  • Service security and integrity: we process technical, usage, and security data to prevent fraud, detect and block IP masking or VPNs contrary to our Terms & Conditions (including Clause 4.2), protect your account, and preserve the integrity of our games and systems.
  • Service improvement and analytics: we analyse aggregated and pseudonymised data to understand how forzabed.com is used, improve performance and user experience, test new features, and optimise our motorsport-inspired user interface.
  • Internal governance: we process data to manage risk, perform internal audits, cooperate with independent auditors (for example, eCOGRA, ISO 27001 auditors), and exercise or defend legal claims.

Consent

  • Marketing communications: we rely on your consent (or on soft opt-in where permitted by PECR) to send you email, SMS, or push notifications about promotions, bonuses, Forza Coins offers, and new features. You can withdraw your consent at any time through your account settings or via the unsubscribe options in each message.
  • Cookies and similar technologies: we rely on your consent for non-essential cookies and similar technologies used for analytics, advertising, and personalisation, in accordance with PECR and UK GDPR. You can manage your choices at any time via our cookie banner or settings centre.

Alignment with EU and Mexican data protection principles

  • EU GDPR alignment: although forzabed.com is targeted at UK users, we broadly align our practices with EU GDPR principles, such as lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality.
  • Mexican law considerations: where the Mexican Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP) exceptionally applies to our processing (for example, if a Mexican resident interacts with our services), we will rely on equivalent legal bases recognised under that law and respect applicable ARCO rights (access, rectification, cancellation, and opposition), as described in the "Your Rights" section.

Purpose of Processing

Provision and operation of services

  • Account registration and access: to register you as a player, verify your age and identity, enable secure login, and provide you with a personalised account on forzabed.com.
  • Gambling and loyalty services: to accept and settle bets, operate casino games, award and redeem Forza Coins in the loyalty shop, manage bonuses and promotions, and provide other gambling-related features.
  • Customer support: to communicate with you, answer questions, investigate complaints, and provide assistance, including through email, on-site messaging, or other contact channels offered on forzabed.com.

Compliance, risk management, and responsible gambling

  • Regulatory and AML requirements: to perform KYC checks using electronic and manual verification, conduct source of wealth checks at thresholds such as £2,000 cumulative deposits, maintain transaction records, and report suspicious activity where required.
  • Responsible gambling: to monitor play patterns, identify potential harm, implement account limits, carry out interactions mandated by the UKGC, and integrate with GamStop and other self-exclusion mechanisms, as well as to cooperate with organisations such as BeGambleAware.
  • Security and fraud prevention: to detect and prevent fraud, abuse, bonus misuse, account takeovers, multi-accounting, IP masking, and other activities that might compromise the fairness or security of our services.

Service improvement and analytics

  • Performance and user experience: to analyse technical performance and player navigation patterns, identify bottlenecks, optimise page loading and game performance, and refine our motorsport-themed interface.
  • Business analytics: to aggregate and anonymise data for reporting, forecasting, product development, and strategic decision-making, without identifying individual users in reporting outputs.

Marketing and personalisation

  • Direct marketing: to send you offers and promotions about Forza Bet Coins services on forzabed.com, in accordance with your preferences and consent, including personalised offers based on your gameplay and Forza Coins activity.
  • Advertising and attribution: where permitted and subject to your cookie preferences, to work with advertising networks and affiliates to measure campaign performance and avoid showing you irrelevant or excessive marketing.

We will not use your personal data for purposes that are incompatible with those described in this Privacy Policy unless required or permitted by law, or unless we obtain your consent.

Disclosure & Sharing

Service providers and partners

  • Payment service providers and banks: to process deposits and withdrawals, verify payment instruments, handle chargebacks, and comply with AML and fraud prevention requirements.
  • KYC/AML and verification providers: to perform electronic identity checks, sanctions and PEP screening, address validation, and source of wealth assessments, using the documentation and data you provide and publicly available information.
  • IT and hosting providers: to host our platform, maintain our infrastructure, provide security, and support our games and customer service tools.
  • Analytics and marketing tools: to perform analytics, deliver communications, and measure campaign effectiveness, subject to your marketing and cookie preferences.

Group entities, affiliates, and related brands

  • Group companies and brands: with other entities within the wider Velocity Gaming group (for example, sister brands such as Turbo Spin and Nitro Casino) for purposes such as compliance, risk management, and responsible gambling, especially where GamStop self-exclusion must apply across the group.
  • Affiliates and marketing partners: limited information may be shared with affiliate partners and advertising networks to validate referrals, prevent fraud, and manage campaigns, where permitted by law and subject to contractual safeguards.

Regulators, public authorities, and dispute resolution bodies

  • Regulators and law enforcement: the Gambling Commission of Great Britain and other competent authorities, courts, law enforcement, and tax authorities may receive your data where we are legally required or permitted to disclose it (for example, for regulatory reporting, investigations, or enforcement actions).
  • Alternative dispute resolution: the Independent Betting Adjudication Service (IBAS) or other appointed ADR bodies may receive relevant information when they handle a dispute between you and us.
  • International authorities: where foreign data protection or gambling regulators (for example, EU supervisory authorities or the Mexican data protection authority INAI) have jurisdiction over a specific matter, we may share relevant data as required or permitted by law.

Business transfers

  • Corporate transactions: in the context of a merger, acquisition, reorganisation, or sale of assets involving Velocity Gaming Ltd or the Forza Bet Coins business, your personal data may be transferred to potential or actual acquirers, their advisers, and other relevant third parties, subject to appropriate confidentiality and data protection safeguards.

We do not sell your personal data. Any sharing of data is limited to what is necessary, is governed by contracts that include data protection obligations, and occurs only where a valid legal basis exists.

International Transfers

Because we operate in multiple jurisdictions and use international service providers, your personal data may be transferred to and processed in countries outside the United Kingdom, including within and outside the European Economic Area ("EEA"). These countries may have different data protection standards from those in the UK.

Typical transfer locations

  • Malta: as the country of incorporation of Velocity Gaming Ltd (C-91234), certain data processing and corporate functions may be performed in Malta.
  • EEA member states: some of our hosting, IT support, payment, or analytic providers may be located or process data within the EEA.
  • Other third countries (including Curaçao): some technical services or group operations may involve processing in countries such as Curaçao, where an international .com counterpart may be licensed, or other jurisdictions where our providers are located.

Safeguards for international transfers

  • Legal mechanisms: when transferring data from the UK to countries that are not subject to a UK adequacy regulation, we implement appropriate safeguards, such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses.
  • Technical and organisational measures: we require our providers to implement robust security controls (for example, encryption in transit and at rest, access controls, audit logs) and to process data only on our documented instructions.
  • Risk assessments: where necessary, we perform transfer risk assessments to evaluate whether the laws and practices in the recipient country might affect the effectiveness of our safeguards, and we take additional measures if needed.

Details of the specific safeguards used for a particular transfer, including copies of relevant contractual clauses, can be requested from our DPO, subject to the protection of commercial confidentiality and security considerations.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, regulatory, accounting, and reporting requirements, and to resolve disputes. Retention periods may vary depending on the type of data and legal obligations that apply in the UK and, where applicable, in other jurisdictions.

Indicative retention periods

  • Player account and identification data: normally retained for the duration of your account and for at least five (5) years after your account is closed or after the date of your last transaction, whichever is later, in line with UK AML and Gambling Commission requirements. In some cases this period may be extended to up to seven (7) years where necessary for legal claims or regulatory investigations.
  • Transaction and financial records: retained for at least seven (7) years after the relevant transaction, to comply with accounting, tax, and anti-money laundering obligations.
  • Responsible gambling, self-exclusion, and risk data: retained for as long as necessary to support responsible gambling measures and to comply with regulatory requirements, and generally for up to seven (7) years after account closure or the end of a self-exclusion period, whichever is longer, where required.
  • Customer support communications: retained for up to five (5) years after resolution of the issue, or longer if related to disputes or regulatory matters.
  • Marketing data: retained until you withdraw your consent or object to processing, and for a short period thereafter (normally not exceeding two (2) years) to record and respect your opt-out preferences.
  • Technical logs and security data: retained for a period proportionate to security and operational needs (typically between six (6) months and two (2) years), unless a longer period is required for investigating incidents or meeting regulatory obligations.

Deletion and anonymisation

  • Secure deletion: when personal data is no longer required, we either securely delete it or anonymise it so that it can no longer be linked to an identified or identifiable individual.
  • Exceptions: we may retain certain data for longer where necessary to comply with legal obligations, resolve disputes, enforce our terms, or as required by regulators in the UK or other jurisdictions, including Mexico and EU member states where relevant.

Your Rights

Under the UK GDPR and the Data Protection Act 2018, and where applicable under EU GDPR and Mexican data protection law (LFPDPPP), you have a number of rights in relation to your personal data. These rights may be subject to conditions, exemptions, or limitations set out in the law.

Core data protection rights

  • Right of access: you can request confirmation of whether we process your personal data and receive a copy of that data, together with information about how we process it.
  • Right to rectification: you can request that inaccurate or incomplete personal data be corrected or completed. This includes updating your contact details or other account information.
  • Right to erasure ("right to be forgotten"): you can request deletion of your personal data in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and no other legal basis applies. We may be unable to erase data that we must keep for legal or regulatory reasons (for example, AML record-keeping).
  • Right to restriction of processing: you can request that we restrict processing of your personal data in specific situations, such as when the accuracy of the data is contested or when you have objected to processing and we are verifying our legitimate grounds.
  • Right to object: you can object at any time, on grounds relating to your particular situation, to processing based on our legitimate interests. You can also object at any time to processing of your data for direct marketing, including profiling related to such marketing, and we will stop this use.
  • Right to data portability: in certain circumstances, you can request to receive personal data that you provided to us in a structured, commonly used, machine-readable format, and to have it transmitted to another controller where technically feasible.
  • Right to withdraw consent: where we rely on your consent (for example, for marketing or non-essential cookies), you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

Mexican ARCO rights and alignment

  • ARCO rights (Mexico): where the Mexican Federal Law on Protection of Personal Data Held by Private Parties applies, you may exercise your rights of Acceso, Rectificación, Cancelación y Oposición (ARCO). These rights broadly correspond to access, rectification, deletion (cancellation), and objection.
  • Alignment with our processes: our procedures for access, rectification, deletion, and objection are designed to be compatible with ARCO rights to the extent applicable. If you indicate that your request is made under Mexican law, we will handle it taking into account the specific requirements of that law.

How to exercise your rights

  • Submitting a request: you can submit privacy requests by contacting our DPO at privacy@forzabed.com or via any dedicated privacy or contact form made available within your forzabed.com account.
  • Information we may request: to protect your account and personal data, we may ask you for additional information to verify your identity before processing your request (for example, confirmation of certain account details or a secure verification step within your logged-in session).
  • Response times: we aim to respond to your request within one (1) month of receipt. This period may be extended by up to a further two months for complex or multiple requests, in which case we will inform you of the extension and reasons within the initial month.
  • Fees: requests are generally handled free of charge. We may charge a reasonable fee or refuse to act where requests are manifestly unfounded, excessive, or repetitive, as permitted by law.

If you are not satisfied with our response, you also have the right to lodge a complaint with a supervisory authority, as explained in the "Complaints & Contacts" section.

Cookies & Tracking Technologies

We use cookies and similar technologies on forzabed.com to make our services work, keep your account secure, and improve your experience. Where required by law, we will request your consent for non-essential cookies through our cookie banner or settings panel.

Types of cookies we use

  • Strictly necessary cookies: session and persistent cookies that are essential for the operation of the site and the provision of services, such as keeping you logged in, enabling account security features, and processing transactions. You cannot disable these cookies via our cookie settings because they are required for the service.
  • Functional cookies: cookies that remember your preferences, such as language, odds format, and display settings, and that help provide a smoother user experience across sessions.
  • Analytics and performance cookies: first-party and third-party cookies that help us understand how visitors use forzabed.com, which pages are most frequently visited, and where performance issues occur, so that we can improve our motorsport-inspired interface and the overall service.
  • Advertising and marketing cookies: cookies and similar technologies used to deliver and measure marketing campaigns, to prevent the same adverts being shown excessively, and to tailor offers based on your interests, where you have consented to such use.

Managing cookies and tracking

  • Cookie banner and settings: when you first visit forzabed.com (and periodically thereafter), you will see a cookie banner that allows you to accept or reject non-essential cookies. You can also adjust your choices at any time via the cookie settings panel available on the site.
  • Browser settings: most browsers allow you to block or delete cookies, or to configure settings so that cookies are accepted only from certain sites. If you block all cookies, some features of forzabed.com may not function properly or may not be available.
  • Third-party choices: where we use third-party analytics or advertising tools, those providers may offer their own opt-out mechanisms (for example, via their websites or industry opt-out pages). These options are in addition to, not instead of, our own cookie controls.

Data Security

We take the security of your personal data very seriously and maintain a comprehensive information security programme aligned with recognised international standards, including our ISO 27001-certified information security management system.

Technical and organisational measures

  • Encryption: data transmitted between your browser and forzabed.com is protected using TLS 1.2 or higher. Where appropriate, we also encrypt personal data at rest using industry-standard algorithms.
  • Access controls: access to personal data is restricted to authorised staff and service providers who need it to perform their duties, based on role-based access control and the principle of least privilege.
  • Authentication and monitoring: strong authentication mechanisms are used for administrative access; we also log and monitor access and changes to critical systems and data, and may use multi-factor authentication for certain high-risk actions.
  • Network and system security: we use firewalls, intrusion detection and prevention systems, anti-malware solutions, and other technical safeguards to protect our infrastructure.

Governance, training, and audits

  • Policies and procedures: we maintain internal policies covering information security, acceptable use, incident management, and data protection, which are regularly reviewed and updated.
  • Staff training: employees and contractors with access to personal data receive appropriate training on data protection, confidentiality, and security practices.
  • Independent testing and certification: our platform is subject to regular security assessments and audits. Our RNG is tested by eCOGRA, and our information security controls are certified against ISO 27001.

Incident response

  • Detection and response: we operate processes for detecting, investigating, and responding to suspected or actual security incidents.
  • Breach notification: where a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required, affected individuals without undue delay, in line with UK GDPR and, where applicable, other relevant laws.

While no system can be guaranteed to be completely secure, we are committed to maintaining appropriate security controls and continually improving our defences in line with evolving threats and regulatory expectations.

Complaints & Contacts

Contacting us about privacy

  • Primary contact: Data Protection Officer, Velocity Gaming Ltd.
  • Email: privacy@forzabed.com (or any updated privacy contact address listed on forzabed.com).
  • Postal mail: "Data Protection Officer, Velocity Gaming Ltd (C-91234), Malta" sent to the registered office address indicated in the legal section of forzabed.com.
  • Online contact: where available, you may also use the secure messaging or contact forms within your forzabed.com account to submit privacy-related queries or complaints.

Internal complaint procedure

  1. Submission: send us a clear description of your concern, including any relevant account details and supporting documentation, via the contact methods above.
  2. Acknowledgement: we will acknowledge receipt of your complaint within two (2) working days where possible.
  3. Investigation: your complaint will be reviewed by the appropriate team (including, where relevant, our compliance and security teams) and, if necessary, escalated to senior management.
  4. Response: we aim to provide a substantive response within thirty (30) days. If we need more time due to the complexity of the issue, we will inform you of the delay and provide an estimated timeframe.

Escalation to supervisory authorities

  • United Kingdom - Information Commissioner's Office (ICO): if you are not satisfied with our response or believe that your rights under UK data protection law have been infringed, you have the right to lodge a complaint with the ICO:
    Website: https://ico.org.uk
    Telephone (UK): +44 303 123 1113
  • European Union: if EU data protection law applies to you in a particular case, you may lodge a complaint with the data protection authority in your EU member state of residence, place of work, or place of the alleged infringement.
  • Mexico - INAI: where Mexican data protection law (LFPDPPP) applies, you may submit complaints or queries to the National Institute for Transparency, Access to Information and Personal Data Protection (INAI). Details on how to do so are available on INAI's official website.

We encourage you to contact us first so that we can try to resolve your concerns directly before you contact a supervisory authority, but you are not required to do so.

Updates

We may update this Privacy Policy from time to time to reflect changes in our services, our processing activities, legal requirements, or regulatory guidance.

How we will inform you

  • Website notices: we will post the updated Privacy Policy on forzabed.com and change the "Last updated" date shown at the end of the policy.
  • Direct notifications: for material changes (for example, new types of data processing or changes in how we share data), we will provide additional notice via email, account notifications, or prominent banners on the site.

Advance notice and your choices

  • Advance notice: where required by law or where a change is significant, we will provide at least thirty (30) days' advance notice before the new version takes effect, unless immediate implementation is required by law or to address security or regulatory issues.
  • Your review: you should review any updated Privacy Policy carefully. Continued use of Forza Bet Coins services on forzabed.com after the changes take effect will mean that you accept the updated policy.
  • Account closure: if you do not agree with material changes, you may choose to stop using our services and close your account, subject to our Terms & Conditions and any regulatory obligations (for example, settlement of outstanding bets or balances).

Last updated: January 2026.