burger icon
Star Sports United Kingdom
Log In

Privacy Policy

This Privacy Policy explains how your personal data is collected, used, stored, and shared when you visit or use the Star Sports online betting services provided via the website stersports.com (the "Website"), including any related mobile or responsive versions. It applies to Website visitors, registered account holders, and individuals who otherwise interact with us in connection with these services. Please read it carefully before using the Website or providing any personal data.

By using the Website, you acknowledge that your personal data will be processed in accordance with this Privacy Policy, the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, and, where applicable, other relevant data protection laws.

Effective date: 1 January 2026

Who We Are

The controller responsible for your personal data in connection with the Star Sports services operated through stersports.com is:

Star Racing Limited
trading as Star Sports
Unit C, 12b Manor Road
Hove, East Sussex, BN3 5LP
United Kingdom

Star Racing Limited is a private limited company established in the United Kingdom and licensed and regulated by the UK Gambling Commission ("UKGC") under, among others, the following licences:

  • Remote operating licence: 009177-R-104555-013 (remote gambling operations for the Website).
  • Non-remote operating licence: 009177-N-104556-012 (on-course betting and physical betting shops in the UK).

The relevant public register entry is available via the UKGC website (public register business ID 9177).

Data protection contact details

Star Racing Limited has appointed an internal contact for data protection matters (Data Protection Officer or equivalent function):

  • Postal address: Data Protection Officer, Star Racing Limited, Unit C, 12b Manor Road, Hove, East Sussex, BN3 5LP, United Kingdom.
  • Email: privacy@stersports.com (or any replacement address notified on the Website).

You may use these contact details for any questions about this Privacy Policy or to exercise your data protection rights.

What Personal Data We Collect

When you use Star Sports services via stersports.com, we collect and process different categories of personal data. The exact data we collect depends on how you interact with us, regulatory requirements, and the products you use.

Identity and contact data

  • Basic identification details: full name, date of birth, gender (where required), nationality, and proof of age information.
  • Contact details: email address, residential address, postcode, country of residence, and telephone number(s).
  • Verification/KYC data: copies or details of identity documents (e.g. passport, driving licence, national ID), proof of address (e.g. utility bill, bank statement), and any information you provide to help us verify your identity, age, source of funds or source of wealth, as required by UK AML and safer gambling rules.

Account and transactional data

  • Account details: username, account ID, security questions and answers, chosen preferences (language, odds format, marketing preferences), and account status.
  • Betting and gaming data: betting history, stake amounts, markets selected, outcomes, winnings and losses, live betting activity, limits and self-exclusion settings, and interaction history (such as responsible gambling interactions).
  • Payment and financial data: partial and tokenised payment card details, bank account information, e-wallet identifiers, deposit and withdrawal records, financial transaction logs, and information generated by payment service providers to prevent fraud and comply with AML obligations.

Technical and usage data

  • Technical data: IP address, device identifiers, operating system, browser type and version, time zone and language settings, and approximate location derived from your IP address.
  • Log data: dates and times of access, pages viewed, clicks, referral URLs, session duration, error logs, login attempts (successful and unsuccessful), and security-related events.
  • Device and network data: information about the device and network you use to access the Website (for example, hardware model, mobile network information, and other technical details provided by your browser or device).

Behavioural and profiling data

  • Behavioural data: patterns of play, staking behaviour, frequency and timing of bets, preferred sports and markets, and responses to promotions.
  • Profiling data: risk scores and segments created for anti-fraud, AML, creditworthiness (where applicable), and responsible gambling assessments, as well as segmentation for marketing where permitted by law and your preferences.

Communications and customer support data

  • Support interactions: records of live chat sessions (including typical hours of 09:00 - 22:00), telephone calls, emails, social media interactions (e.g. Twitter/X), and any information you provide in complaint forms or feedback.
  • Evidence and correspondence: documents, screenshots, or other materials you submit in relation to disputes, complaints, or verification requests.

Cookies and similar technologies

  • Cookies: small text files stored on your device to support essential Website functions, remember preferences, and improve performance.
  • Analytics and tracking tools: tags, pixels, and similar technologies used to measure Website usage, detect technical issues, and understand how visitors interact with the Website.
  • Advertising identifiers: where permitted, identifiers used by advertising networks and partners to measure campaign performance and deliver more relevant marketing (subject to your consent and settings).

Some of this data is mandatory for regulatory reasons (for example, age verification and AML), and if you choose not to provide it, we may be unable to open or maintain your account.

Legal Basis for Processing

We process your personal data only when we have a valid legal basis under the UK GDPR and related laws. Depending on the context, one or more of the following legal bases may apply.

Performance of a contract

  • Account creation and management: we process identity, contact, and account data to register you as a customer, provide you with access to Star Sports services on stersports.com, and manage your account.
  • Provision of betting services: we process betting history, payment data, and technical data to accept bets, settle markets, credit winnings, process deposits and withdrawals, and provide related customer support.
  • Implementation of your requests: we process your data to apply limits, self-exclusions, or other settings you select, and to respond to your communications.

Compliance with legal obligations

  • Gambling regulation: we process your data to comply with UKGC licence conditions, codes of practice, and other gambling laws, including identity checks, age verification, and responsible gambling obligations.
  • AML and counter-terrorist financing: we process identity, transactional, and behavioural data to comply with anti-money laundering and counter-terrorist financing laws, including ongoing monitoring, enhanced due diligence, and reporting to competent authorities where required.
  • Tax, accounting, and audit: we retain and process transactional and financial records to meet our tax, accounting, reporting, and record-keeping obligations.
  • Data protection and e-privacy: we process your preferences and consents to comply with UK GDPR, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations ("PECR").

Legitimate interests

We may process your data where it is necessary for our legitimate interests or those of a third party, provided that your interests and fundamental rights do not override those interests. These interests include:

  • Ensuring network and information security: monitoring access, detecting and preventing fraud, abuse, or unauthorised use of accounts, and maintaining the integrity of our systems.
  • Business operations and service improvement: analysing usage data to improve Website performance, product offerings, customer experience, and support quality.
  • Risk management and compliance oversight: implementing internal controls, carrying out audits, managing disputes, and working with the Independent Betting Adjudication Service (IBAS) and other ADR bodies.
  • Direct marketing to existing customers: sending you information about similar products and services where the law allows and you have not opted out, always with a clear opportunity to unsubscribe.

Consent

  • Marketing communications: where required by PECR or other applicable laws, we rely on your consent to send email, SMS, or online marketing, or to use your data for certain profiling activities related to personalised offers.
  • Optional cookies and tracking: we rely on your consent for non-essential cookies (such as analytics and advertising cookies) and similar technologies, as explained in the Cookies & Tracking section.
  • Specific optional features: we may ask for your consent before enabling certain optional features or data uses that are not strictly necessary for the contract or our legitimate interests.

You can withdraw your consent at any time using the mechanisms described in this Privacy Policy, without affecting the lawfulness of processing before withdrawal.

Purpose of Processing

We use your personal data for clearly defined purposes that align with our legal obligations, contractual commitments, and legitimate interests, while respecting your privacy.

Providing and managing our betting services

  • Account registration and administration: to create and manage your Star Sports account, verify your details, maintain your preferences, and provide support.
  • Bet placement and settlement: to process bets, manage markets, calculate and pay winnings, and handle related financial transactions.
  • Customer support: to respond to your queries through live chat, telephone, email, or social media, and to resolve complaints or disputes (including via IBAS where applicable).

Regulatory compliance and responsible gambling

  • Legal and regulatory duties: to comply with UKGC licence conditions, AML regulations, and other legal requirements, including identity checks, monitoring transactions, and reporting suspicious activity.
  • Responsible gambling: to monitor patterns of play, identify potential signs of gambling-related harm, contact you where appropriate, and apply tools such as deposit limits, time-outs, or self-exclusion.

Fraud prevention, security, and risk management

  • Fraud and abuse detection: to detect and prevent fraud, bonus abuse, money laundering, identity theft, and other unlawful or improper activities.
  • Security and performance: to protect the security of our systems, data, and customers, maintain backups, and troubleshoot performance or availability issues.

Analytics, service improvement, and business management

  • Analytics and reporting: to analyse how customers use the Website and services, including through aggregated statistics, in order to improve user experience and business performance.
  • Product development: to test and roll out new features, markets, promotions, and user interface improvements.
  • Internal governance: to perform internal audits, compliance reviews, and management reporting.

Marketing and promotions

  • Direct marketing (where permitted): to send you information about promotions, offers, and products related to our services by email, SMS, push notifications, or online messaging, subject to your consent or applicable legal basis.
  • Personalisation: to tailor marketing content and promotions based on your preferences and betting history, where legally permitted and consistent with your choices.
  • Advertising measurement: to measure the effectiveness of our marketing campaigns, including through cooperation with advertising networks and partners.

Disclosure & Sharing

We share your personal data only where necessary and lawful, following appropriate safeguards and contractual protections. The main categories of recipients are set out below.

Group entities and business partners

  • Group and associated entities: any group companies or associated entities that support the operation of Star Sports services, subject to internal data protection arrangements.
  • Payment providers and banks: payment service providers, banks, and financial institutions that process deposits, withdrawals, refunds, and chargebacks.

Service providers (processors)

  • IT and hosting providers: companies that supply hosting, cloud storage, IT support, data backup, and security services.
  • Verification and AML providers: identity verification, age verification, fraud prevention, credit reference, and AML screening providers, including providers that validate documents and perform sanctions or politically exposed person checks.
  • Analytics and customer support tools: providers of analytics platforms, customer relationship management systems, live chat tools, and communication services.
  • Marketing and advertising partners: email delivery platforms, campaign management tools, and advertising networks that assist us with marketing, subject to your choices and applicable law.

Regulators, authorities, and dispute resolution bodies

  • Regulatory and law enforcement authorities: the UK Gambling Commission, tax authorities, law enforcement agencies, and other competent authorities, where required by law or licence conditions or where we consider disclosure necessary to protect our rights or the rights of others.
  • Alternative dispute resolution (ADR): the Independent Betting Adjudication Service (IBAS) and any other ADR entities or ombudsman bodies that handle disputes between you and us.
  • Courts and legal advisors: courts, legal counsel, auditors, and professional advisors where reasonably necessary for the establishment, exercise, or defence of legal claims or for compliance and audit purposes.

Affiliates and advertising networks

  • Affiliate partners: where you sign up via an affiliate or referral partner, we may share limited information (for example, confirmation of registration or spend) with that partner to administer the arrangement, as permitted by law and our agreements.
  • Advertising networks: subject to your consent and preferences, we may share online identifiers and limited usage data with advertising networks and platforms to deliver and measure targeted advertising campaigns.

Corporate transactions

  • Business transfers: if we undergo a reorganisation, merger, acquisition, or sale of assets, your data may be transferred to the relevant third parties as part of the transaction, subject to appropriate confidentiality and data protection safeguards.

We do not sell your personal data in the sense of transferring it to third parties for their own independent marketing purposes without your explicit knowledge and, where legally required, your consent.

International Transfers

Your personal data is generally stored and processed within the United Kingdom and the European Economic Area ("EEA"). However, some of our service providers and partners may be located, or may process data, outside the UK and EEA, including in countries that may not provide the same level of data protection as your home jurisdiction.

Where we transfer personal data internationally, we take appropriate steps to ensure that your data remains adequately protected, including by:

  • Using approved safeguards: entering into contracts with recipients that incorporate the European Commission's standard contractual clauses and/or UK International Data Transfer Addendum, or other equivalent safeguards approved by relevant authorities.
  • Assessing local law and risk: conducting transfer impact assessments to evaluate the legal environment of the destination country and applying additional technical and organisational measures where necessary.
  • Using certified frameworks: in limited cases, relying on recipients' participation in recognised data transfer frameworks (such as the EU - US Data Privacy Framework or any UK extension), where appropriate and lawfully available.

You may contact us for more information about international transfers relevant to your account and to request a copy of the key contractual safeguards in place, subject to appropriate redactions and legal restrictions.

Data Retention

We retain your personal data only for as long as necessary to achieve the purposes set out in this Privacy Policy or to comply with legal, regulatory, accounting, or reporting requirements. Retention periods may differ depending on the type of data and the context of processing.

Typical retention periods

  • Account and identification data: normally retained for the duration of your relationship with us and for at least five (5) years after account closure, in line with AML and gambling regulatory obligations, and in some cases longer where legally required (for example, to satisfy tax or regulatory inquiries).
  • Transactional and betting data: generally retained for at least five (5) years from the date of the relevant transaction or event, and up to seven (7) years where needed for legal or accounting purposes.
  • Marketing data: retained until you withdraw your consent or object to direct marketing, or for a shorter period where we determine that the data is no longer needed, after which it will be anonymised or deleted.
  • Technical logs and security records: retained for periods typically ranging from a few months up to two (2) years, depending on security and operational requirements.
  • Complaint and dispute files: retained for the life of the complaint or dispute and for a reasonable period afterwards (often up to six (6) years) to enable us to respond to claims and demonstrate compliance.

Deletion and anonymisation

  • Deletion: when data is no longer needed, we securely delete or destroy it, or, where this is not technically feasible, we apply safeguards to prevent further use.
  • Anonymisation: in some cases we convert data into aggregated or anonymised form so that it can no longer be linked to you. We may use such data indefinitely for statistical, research, and reporting purposes.

Where you exercise your right to deletion, we will also consider our legal retention obligations and may retain certain data where required or permitted by law, informing you accordingly.

Your Rights

Under the UK GDPR and related UK laws, and, where applicable, Mexican data protection law and other regional regulations, you have a number of rights in relation to your personal data. The availability and exact scope of these rights depend on your location and the legal basis for processing.

Rights under UK data protection law (UK GDPR)

  • Right of access: to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of that data and information about how we process it.
  • Right to rectification: to have inaccurate or incomplete personal data corrected or updated.
  • Right to erasure: to request deletion of your personal data in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected or where you withdraw consent and there is no other legal basis for processing. This right is subject to legal and regulatory retention requirements.
  • Right to restriction of processing: to request that we limit the processing of your data in specific situations, such as while we verify its accuracy or assess an objection.
  • Right to object: to object to processing based on our legitimate interests, including profiling for those purposes, and to object at any time to processing for direct marketing.
  • Right to data portability: to receive certain personal data in a structured, commonly used, machine-readable format and to request that we transmit that data to another controller where technically feasible and lawful.
  • Rights relating to automated decision-making: to obtain human intervention, express your view, and contest decisions that are based solely on automated processing (including profiling) which produce legal or similarly significant effects, for example in some risk or AML assessments.
  • Right to withdraw consent: where processing is based on your consent, you can withdraw this consent at any time, without affecting the lawfulness of processing before withdrawal.

Alignment with Mexican privacy law (where applicable)

If you are located in Mexico, additional rights may apply under Mexican data protection regulations, including the Federal Law on Protection of Personal Data Held by Private Parties and related rules. These rights generally include ARCO rights:

  • Acceso (Access): the right to know which personal data we hold about you and how it is used.
  • Rectificación (Rectification): the right to request correction of inaccurate or incomplete data.
  • Cancelación (Cancellation): the right, in certain circumstances, to request that your data be cancelled or deleted when it is no longer necessary for the purposes described, subject to applicable retention requirements.
  • Oposición (Objection): the right to oppose certain processing activities, particularly for marketing or profiling, where permitted by law.

You can exercise these rights using the contact methods set out in the "Who We Are" and "Complaints & Contacts" sections. We will apply the highest level of protection available to you under the laws that apply in your case.

How to exercise your rights

  1. Submit your request: contact us by email at privacy@stersports.com or by post to the Data Protection Officer at the address provided above, clearly describing the right you wish to exercise and providing sufficient information to identify your account (for example, username, registered email, and verification details).
  2. Verification: for your security, we may ask you to provide additional information to confirm your identity before we act on your request.
  3. Response timeframe: we aim to respond within one (1) month of receiving a valid request. In complex cases or where we receive multiple requests, this period may be extended by up to two (2) further months, in which case we will inform you of the extension and reasons.
  4. Charges: we will handle your requests free of charge, unless they are manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act, as permitted by law.

Some rights may be limited, for example where responding to your request would negatively impact the rights and freedoms of others or conflict with our legal obligations (such as AML and gambling regulation). If we refuse or limit a request, we will explain the reasons and inform you of your right to lodge a complaint with a supervisory authority.

Cookies & Tracking Technologies

We use cookies and similar technologies on stersports.com to operate the Star Sports services, improve performance, and provide a better user experience. Some cookies are essential, while others are optional and used only with your consent.

Types of cookies

  • Session cookies: temporary cookies that exist only while your browser is open and are deleted when you close it. They are used, for example, to keep you logged in as you navigate the Website.
  • Persistent cookies: cookies that remain on your device for a set period or until you delete them, used to remember your preferences and recognise you when you return.
  • First-party cookies: cookies set directly by us to support the functioning and security of the Website.
  • Third-party cookies: cookies set by third-party service providers, such as analytics platforms and advertising partners.

Purposes of cookies

  • Strictly necessary cookies: enable core functions such as account login, navigation, bet placement, and security. These are essential to provide the services you have requested and cannot be switched off via our interfaces, though you can block them in your browser (which may affect functionality).
  • Functional cookies: remember your settings and choices (such as language, odds format, and display preferences) to enhance your experience.
  • Analytics cookies: help us understand how visitors use the Website, which pages are popular, and how users interact with features, so we can improve performance and usability.
  • Advertising and tracking cookies: used, where permitted, to deliver relevant marketing, limit how often you see an advertisement, and measure the effectiveness of campaigns across channels.

Managing cookies

  • Website settings: where available, you can use our cookie banner or preferences tool to accept or reject non-essential cookies and change your choices at any time.
  • Browser settings: most browsers allow you to block or delete cookies via their settings. Doing so may affect your ability to use certain features or maintain a logged-in session.
  • Third-party tools: for certain advertising cookies, you may manage preferences via industry tools or directly with the providers, as described in their privacy notices.

Further details, including a list of cookies used and their lifetimes, may be provided in a separate Cookie Policy linked from the Website.

Data Security

We take the security of your personal data very seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, accidental loss, alteration, or disclosure.

Technical safeguards

  • Encryption in transit: we use up-to-date transport layer security (TLS 1.2 or higher) to encrypt data transmitted between your device and our servers.
  • Encryption at rest: where appropriate, we encrypt sensitive data at rest or apply equivalent safeguards and logical separation.
  • Access controls: access to systems and databases is restricted based on role and business need, protected by strong authentication mechanisms, including multi-factor authentication for privileged accounts where appropriate.
  • Network and application security: we employ firewalls, intrusion detection and prevention systems, vulnerability management, and secure development practices to protect our infrastructure and applications.

Organisational and procedural measures

  • Policies and training: staff are bound by confidentiality obligations and receive regular training on data protection, information security, and responsible gambling obligations.
  • Vendor management: we select service providers carefully and impose contractual obligations requiring them to protect your data and process it only on our instructions.
  • Audit and oversight: we periodically review our security controls and processes, taking into account recognised standards and industry best practices (including, where appropriate, alignment with frameworks such as ISO 27001 and SOC 2).

Incident response

  • Monitoring and detection: our systems are monitored for unusual activity and potential security incidents.
  • Response procedures: in the event of a suspected or actual data breach, we follow documented procedures to contain, investigate, and remediate the issue.
  • Notification: where a data breach is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required, inform you without undue delay, in accordance with legal requirements.

While no system can be guaranteed to be completely secure, we continually assess and improve our security measures to reflect technological developments and emerging risks.

Complaints & Contacts

If you have questions or concerns about how we handle your personal data, or if you wish to lodge a complaint, you can contact us and, if necessary, escalate your concerns to the relevant supervisory authorities.

Contacting us

  1. First contact: please contact our Data Protection Officer or data protection contact:
    • Email: privacy@stersports.com
    • Post: Data Protection Officer, Star Racing Limited, Unit C, 12b Manor Road, Hove, East Sussex, BN3 5LP, United Kingdom
  2. Information to include: provide your name, contact details, account information (if applicable), and a clear description of your concern or request. This helps us respond efficiently.
  3. Response time: we aim to acknowledge your complaint promptly and to respond in full within one (1) month. For complex matters, we may require more time, in which case we will keep you informed of progress.

Supervisory authorities (UK and EU)

  • UK Information Commissioner's Office (ICO): if you are dissatisfied with our response or believe that we are processing your data in breach of UK data protection law, you can lodge a complaint with the ICO:
    Website: https://ico.org.uk
  • EU supervisory authorities: if you are located in the European Economic Area and your complaint relates to processing within the scope of EU GDPR, you may also contact your local data protection authority. Details are available via the European Data Protection Board website:
    Website: https://edpb.europa.eu

Mexican data protection authority (where applicable)

If you are located in Mexico and believe that your rights under Mexican data protection law have been infringed, you may lodge a complaint with the competent Mexican data protection authority:

  • Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI)
    Website: https://home.inai.org.mx

You are encouraged to contact us first so that we can attempt to resolve your concern directly, but you are not required to do so before contacting a supervisory authority.

Updates

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, regulatory guidance, or technical developments. When we make changes, we will take appropriate steps to inform you.

How we will inform you

  • Website notice: we will publish the updated Privacy Policy on stersports.com and change the "Last updated" date shown below.
  • Direct notifications: for material changes, we may also notify you by email, display banners or pop-up messages on the Website, or post a notice in your account dashboard.

Advance notice and your choices

  • Advance notice: where we make significant changes that materially affect your rights or how we use your data, we will, where practicable, provide at least thirty (30) days' notice before the changes take effect.
  • Your options: if you do not agree with the updated Privacy Policy, you may choose to close your account and stop using the Star Sports services. Continuing to use the services after the effective date of the update will normally signify your acceptance of the changes, to the extent permitted by law.

Version control

  • Current version: Privacy Policy - Last updated: January 2026.
  • Record of changes: material changes may include updates to data categories collected, new processing purposes, new categories of recipients, or changes to your rights and how you can exercise them. We maintain internal records of previous versions and can make them available on request where appropriate.

If you have any questions about this Privacy Policy or how it applies to your use of the Star Sports services on stersports.com, please contact us using the details provided in the "Who We Are" and "Complaints & Contacts" sections.