Trust

Built for the audits you have not had yet

Operators in regulated jurisdictions live with regulators, banks, and parent groups asking hard questions. Here is the posture, in plain language.

Granular role-based access control

Immutable audit log

Strong session authentication, automatic rotation

TLS in transit · encryption at rest

GDPR-ready · self-exclusion

ISO/IEC

27001

Information security

target · audited

ISO/IEC

27701

Privacy management

target · audited

ISACA

COBIT

Governance & control

aligned

GDPR

Data protection · Art. 32

ready

Security

How access, audit, encryption and headers are handled, every action a regulator might trace.

Explore more →

Compliance

GDPR, AML/KYC posture, data residency options and how we approach jurisdictional differences.

Explore more →

Responsible gaming

Self-exclusion, deposit limits, problem-gambling resources, and how the platform supports operator obligations.

Explore more →

Have a compliance question we did not cover?

Send the question. We will answer it in writing within two business days.

Talk to compliance

Trust FAQ

The questions auditors and regulators send first

Is PokerManagers GDPR-compliant?

Yes. Data minimization, lawful-basis tracking, subject-access workflows, right-to-be-forgotten, breach reporting and Article 32 controls are baked into the platform from day one.

What certifications do you have?

Designed to follow ISO/IEC 27001 (information security) and ISO/IEC 27701 (privacy). Aligned with ISACA COBIT for governance and control. Independent certification is on the roadmap and not yet awarded; controls and evidence are available under NDA.

Where is data stored?

Region-pinned per tenant. EU, UK and TR data residency on the Enterprise tier. AES-256 at rest in the database, backups and object store.