Privacy Policy

This Privacy Policy explains how Plaza Royal, operated through the website plazaroyell.com under the Plaza Royal brand, collects, uses, discloses, and protects personal data of players and website visitors. It applies to all visitors, registered players, and other individuals whose personal data are processed in connection with the use of the UK-facing services available on plazaroyell.com. This Privacy Policy is effective from 6 November 2025 and was last substantively reviewed and updated in January 2026.

1. Who We Are

The UK-facing version of Plaza Royal on plazaroyell.com is operated by:

Operator (Data Controller for UK players): AG Communications Limited, a limited company registered in Malta under registration number C48328.
Registered/Head Office: 135, High Street, Sliema, SLM 1549, Malta.
UK Gambling Licence: Remote Operating Licence number 39483, issued by the United Kingdom Gambling Commission (UKGC) for the provision of remote gambling services to players in the United Kingdom. The public register entry is available at UKGC Licence 39483.

AG Communications Limited acts as the primary data controller in respect of personal data of players located in the United Kingdom who use Plaza Royal services via plazaroyell.com. For technology, platform and some back-office services, AG Communications Limited may rely on group companies, including Aspire Global International Ltd, headquartered at 135, High Street, Sliema, SLM 1549, Malta, which operates under Malta Gaming Authority licence number MGA/CRP/148/2007 for non-UK markets.

We have appointed a dedicated data protection function (Data Protection Officer or equivalent data protection team) responsible for overseeing questions in relation to this Privacy Policy and our compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Protection Contact: Data Protection Officer, AG Communications Limited, 135, High Street, Sliema, SLM 1549, Malta.
How to contact us: You may contact our data protection team by using the contact methods provided in the "Contact Us" or support sections of plazaroyell.com, including secure messaging once logged into your account, or by writing to the postal address above and indicating "For the attention of the Data Protection Officer".

What Personal Data We Collect

When you access or use Plaza Royal services on plazaroyell.com, we collect and process different categories of personal data. The exact data collected will depend on how you interact with us (for example, whether you only browse the website or register and place bets).

Identification & Contact Data

Account and identity details: full name, date of birth, gender, nationality, residential address, postcode, country of residence, username, and account ID.
Contact details: email address, mobile phone number and other telephone numbers you provide.
Verification and KYC data: copies or details of identity documents (such as passport, national ID card, driving licence), proof of address (such as utility bills or bank statements), and information obtained from third-party identity verification and credit reference agencies for Know-Your-Customer (KYC) and anti-money laundering (AML) purposes.

Technical & Device Data

Technical identifiers: Internet Protocol (IP) address, device identifiers, browser type and version, operating system, time zone setting, language settings, and similar technical information.
Usage and log data: login dates and times, pages visited, session duration, clicks, navigation paths, referral URLs, and error logs generated when you use plazaroyell.com.

Payment & Financial Data

Payment method details: information about your deposits, withdrawals and payment instruments (such as partial card numbers, expiry dates, and card issuer information) processed via our payment service providers. We do not store your full card number or CVV; these are handled by PCI-DSS-compliant payment processors.
Transaction data: records of deposits, withdrawals, bets, stakes, wins, losses, chargebacks, refunds and related financial activity in your Plaza Royal account on plazaroyell.com.
AML and affordability data: information relating to source of funds, source of wealth, income, occupation and financial standing that we may request to meet our regulatory responsibilities and to comply with UK GC and AML regulations, including where stricter checks are required following UKGC enforcement actions against AG Communications Limited.

Behavioural & Profile Data

Gaming behaviour: betting and gaming history, including games played, stakes, frequency of play, session times, bonuses used, self-exclusion status, reality checks usage, and other responsible gambling metrics.
Interaction data: records of your communications with us (for example, via email, live chat, secure messages, or recorded customer support calls), complaints, requests and feedback.
Marketing and preference data: your consent choices, subscription preferences, response and engagement with promotional offers, campaigns, surveys and competitions.

Cookies & Similar Technologies

Cookies: small text files stored on your device to remember your preferences, keep you logged in, secure your account, and understand how you use the site.
Similar identifiers: web beacons, pixels, tags and Software Development Kits (SDKs) used for security, analytics, fraud prevention and, where permitted, marketing and personalisation.

Where permitted by law, we may combine information that we collect from you directly with information obtained from third parties, such as identity verification providers, credit reference agencies, anti-fraud databases, GamStop (for self-exclusion), and responsible gambling organisations, to verify your identity, assess risk and meet our legal and regulatory obligations.

Legal Basis for Processing

For users of Plaza Royal on plazaroyell.com who are located in the UK, we process personal data in accordance with the UK GDPR and the Data Protection Act 2018. Depending on the specific activity, we rely on one or more of the following legal bases:

Performance of a Contract

Account creation and management: we process your identification, contact, technical and transactional data in order to register your account, enable you to log in securely, and provide our online casino and betting services.
Provision of gaming services: processing of your bets, gaming history, bonuses, promotions, deposits and withdrawals is necessary for the performance of the gaming contract between you and AG Communications Limited.
Customer support: we use your contact and interaction data to respond to your enquiries, handle complaints, and provide requested assistance.

Compliance with Legal and Regulatory Obligations

Gambling regulation: as a UKGC-licensed operator (licence 39483), we must comply with the Licence Conditions and Codes of Practice, which include identity verification, anti-money laundering, dispute handling, and safer gambling requirements.
KYC and AML laws: we process your identification, financial and behavioural data to satisfy legal obligations under applicable anti-money laundering and counter-terrorist financing legislation, including record-keeping for prescribed periods and enhanced checks where warranted by risk or regulatory guidance, including in response to previous AML enforcement actions against AG Communications Limited.
Self-exclusion and player protection: we process data relating to self-exclusion, time-outs, limits and interactions with responsible gambling tools, including sharing information with GamStop and relevant support organisations where required, to protect vulnerable players.
Tax, reporting and legal claims: we retain and may disclose data as necessary to comply with tax laws, statutory reporting, accounting standards and to establish, exercise or defend legal claims.

Legitimate Interests

Security and fraud prevention: we process device, behavioural and transaction data to detect, investigate and prevent fraud, money laundering, bonus abuse, account takeover and other misuse of Plaza Royal services on plazaroyell.com.
Service improvement and analytics: we analyse aggregated and pseudonymised data to understand how our website and games are used, improve performance, develop new features, and enhance user experience.
Business operations: we process certain data to administer our business, manage risk, conduct internal audits and ensure continuity of service.

When we rely on legitimate interests, we carefully balance those interests against your rights and freedoms and implement safeguards such as pseudonymisation, minimisation and access controls.

Consent

Direct marketing: we will only send you marketing communications (for example, by email, SMS or push notification) about Plaza Royal services on plazaroyell.com where you have given us your consent or where we are otherwise permitted by law. You can withdraw your consent at any time via your account settings or by using the unsubscribe links in our communications.
Cookies and similar technologies: we rely on consent for non-essential cookies (such as advertising and some analytics cookies) in accordance with UK ePrivacy rules. You can manage these preferences through our cookie banner or settings tool.

Purpose of Processing

We use the personal data collected through Plaza Royal on plazaroyell.com for the following purposes:

Provision of services: to create and manage your player account, verify your identity and age, process deposits and withdrawals, provide access to games, calculate and pay winnings, and deliver other services you request.
Compliance and risk management: to satisfy our obligations under UK gambling regulation, the UKGC licence conditions, AML and counter-terrorist financing legislation, and other applicable laws, including monitoring transactions, performing KYC checks and maintaining appropriate records.
Responsible gambling: to monitor player behaviour, identify markers of harm, implement and manage self-exclusion and other player protection tools, and cooperate with responsible gambling bodies such as GamCare, BeGambleAware and GamStop.
Customer support and communication: to respond to your queries, complaints and feedback, provide service-related notifications (for example, changes to terms, service interruptions, or security alerts), and manage your relationship with us.
Analytics and service improvement: to analyse usage patterns, performance and trends (often on an aggregated or pseudonymised basis) in order to improve our games, website performance, user interface and overall service quality.
Marketing and personalisation: to send you tailored offers, promotions, bonuses and other marketing communications relating to Plaza Royal on plazaroyell.com, subject to your consent and preferences, and to measure the effectiveness of our marketing campaigns.
Security and fraud prevention: to protect our systems and users by detecting, preventing and investigating fraud, abuse, unauthorised access, bonus misuse, money laundering and other suspicious activities.
Legal claims and business records: to establish, exercise or defend legal claims, implement regulatory decisions, and maintain appropriate business and accounting records.

14. Disclosure & Sharing

We do not sell your personal data. However, in order to operate Plaza Royal on plazaroyell.com, comply with our legal obligations and provide our services, we may share your personal data with the following categories of recipients, always on a need-to-know basis and subject to appropriate safeguards:

Group companies: group entities such as Aspire Global International Ltd and other affiliates that provide platform, technology, risk management, compliance and customer support services. These entities may process your data as processors acting on our instructions or, in some cases, as joint controllers, depending on the specific arrangement.
Payment service providers and banks: providers that process deposits and withdrawals, verify payment instruments and perform fraud checks.
KYC, AML and identity verification providers: third-party service providers and credit reference agencies that help us verify your identity, assess risk, prevent money laundering and fraud, and comply with regulatory requirements.
Gaming and software providers: third-party game studios and platform providers whose games you access via Plaza Royal on plazaroyell.com, where information such as your username, IP address, game sessions and transaction data may be shared to enable technical delivery of games and jackpot pooling.
IT, security and analytics providers: companies that provide hosting, maintenance, monitoring, security, analytics, email delivery and similar services necessary to operate the website and protect our systems.
Marketing partners and affiliates: advertising networks, affiliate partners and campaign managers that promote Plaza Royal on plazaroyell.com. We share limited data with such partners, usually in pseudonymised or aggregated form, and only where permitted by law and, where required, based on your consent.
Regulators and public authorities: the United Kingdom Gambling Commission, the Malta Gaming Authority, tax authorities, law enforcement and other competent authorities where required by law or regulation, or where we have a good-faith belief that such disclosure is necessary to comply with legal obligations or protect our rights, players or the public.
Alternative dispute resolution (ADR) bodies and ombudsmen: where you raise a dispute that is referred to an ADR body such as IBAS for gambling-related issues, we may share relevant personal data and transaction records to enable the ADR body to consider your complaint.
Professional advisors: lawyers, auditors, consultants and other professional advisors who require access to data to provide their services, subject to confidentiality obligations.
Business transfers: in the event of a merger, acquisition, restructuring, sale of assets or similar corporate transaction involving AG Communications Limited or its group, your personal data may be transferred to the relevant third parties, subject to appropriate safeguards and, where required, your rights under data protection law.

Whenever we share personal data with third-party processors, we enter into written agreements requiring them to use the data only for the specified purposes, implement appropriate security measures, and process the data in accordance with applicable data protection laws.

3. International Transfers

AG Communications Limited is established in Malta and operates Plaza Royal services for UK players on plazaroyell.com using infrastructure and service providers located in various countries. This may involve transferring your personal data outside the United Kingdom, including to:

European Economic Area (EEA) and Malta: where group companies and certain service providers are based. The UK Government has recognised the EEA and Malta as providing an adequate level of data protection, so transfers to these countries can take place without additional safeguards.
Other countries: selected service providers, such as IT, cloud hosting, analytics and anti-fraud providers, may be located or may store data in countries that are not subject to a UK adequacy regulation.

Where we transfer personal data to countries outside the UK that do not provide a level of protection equivalent to UK law, we implement appropriate safeguards, such as:

Standard Contractual Clauses (SCCs) and UK addenda: using the UK-approved International Data Transfer Addendum and/or the International Data Transfer Agreement (IDTA) and, where applicable, European Commission SCCs, supplemented with risk assessments and additional technical and organisational measures.
Data minimisation and pseudonymisation: limiting the data transferred to what is strictly necessary and, where feasible, transferring pseudonymised data.
Contractual protections: requiring recipients to handle the data in accordance with UK GDPR standards and to implement appropriate security measures.

You may contact our data protection team using the details set out in the "Who We Are" section to obtain more information about the safeguards we use for specific international transfers, including copies of relevant contractual clauses, subject to confidentiality obligations.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, regulatory, accounting and reporting requirements, and to resolve disputes. Retention periods may vary depending on the type of data and the applicable legal requirements, particularly in the gambling and AML context.

Account and identification data: typically retained for the duration of your active account and, after closure, for a minimum of five (5) years in accordance with AML regulations and UKGC requirements, or longer if required for ongoing investigations, regulatory requests or legal claims.
Transaction and gaming data: records of deposits, withdrawals, bets, wins, losses and related data are generally retained for at least five (5) years after the end of the business relationship or the last transaction, in line with legal obligations and regulatory guidance.
KYC and verification documents: copies of identity and address documents and related verification records are retained for the period necessary to comply with AML and KYC obligations, usually at least five (5) years after account closure or the last relevant transaction.
Responsible gambling and self-exclusion data: data relating to self-exclusion, limits and responsible gambling interventions are retained for the duration of any active exclusion or restriction and for a period thereafter as required by UKGC rules and to evidence compliance and protect players.
Marketing data: information about your marketing preferences and consents is retained while you have an active relationship with Plaza Royal on plazaroyell.com and for a reasonable period after you stop engaging with us, typically up to two (2) years from your last interaction, unless you withdraw consent or object earlier, in which case we retain only a suppression record to respect your choice.
Customer support and complaint records: correspondence and complaint files are retained for as long as necessary to handle the matter and for a period thereafter to comply with regulatory obligations and to defend against potential claims, generally up to six (6) years, in line with typical limitation periods.

When personal data is no longer required for the purposes for which it was collected and no legal obligation requires its retention, we will either securely delete, anonymise or aggregate it so that it can no longer be associated with an identifiable individual. Our deletion processes are designed to ensure that backups and archives are also addressed within reasonable operational cycles.

Your Rights

If you are located in the United Kingdom, your personal data processed in connection with Plaza Royal on plazaroyell.com is subject to the UK GDPR and related legislation. In certain circumstances, you may also benefit from rights under other data protection regimes, such as Mexican data protection law, where applicable to you. The rights described below apply in addition to any rights granted under local law.

Data Protection Rights (UK GDPR)

Right of access: you can request confirmation as to whether we process your personal data and obtain a copy of that data, together with information about how and why we process it.
Right to rectification: you can ask us to correct inaccurate or incomplete personal data. In many cases, you can update basic information directly in your Plaza Royal account settings on plazaroyell.com.
Right to erasure ("right to be forgotten"): you can request deletion of your personal data where, for example, it is no longer necessary for the purposes for which it was collected, you withdraw consent (where processing was based on consent), or you successfully object to processing. This right is subject to important exceptions, particularly where we must retain data to comply with AML, gambling and other legal obligations.
Right to restriction of processing: you can ask us to suspend processing of your data in certain circumstances, for example while we verify its accuracy or consider an objection, or where processing is unlawful but you prefer restriction instead of deletion.
Right to object: you can object to processing that we carry out on the basis of legitimate interests, including profiling for risk or marketing analysis, on grounds relating to your particular situation. We will stop the processing unless we can demonstrate compelling legitimate grounds which override your interests, rights and freedoms, or where processing is required for legal claims.
Right to object to direct marketing: you can object at any time to processing of your personal data for direct marketing purposes, including profiling related to such marketing. If you do so, we will stop processing your data for this purpose.
Right to data portability: in certain cases, you can request that we provide your personal data in a structured, commonly used and machine-readable format, and that we transmit it to another controller where this is technically feasible and where the processing is based on consent or on a contract and carried out by automated means.
Right to withdraw consent: where we rely on your consent (for example, for certain marketing activities and non-essential cookies), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

Alignment with Mexican Data Protection Law

While Plaza Royal on plazaroyell.com is primarily directed at UK players and regulated under UK law, some individuals may interact with our services from Mexico or otherwise fall within the scope of Mexican data protection regulations, including the Federal Law on Protection of Personal Data Held by Private Parties and its Regulations. Where applicable, such individuals may enjoy additional or overlapping rights often referred to as ARCO rights (Access, Rectification, Cancellation and Opposition):

Access: the right to know which personal data we hold about you, how we obtained it and how we use it.
Rectification: the right to request correction of inaccurate or incomplete data.
Cancellation: the right to request that we stop processing and, where appropriate, delete your data when it is no longer necessary or where processing is not justified.
Opposition: the right to oppose certain processing based on legitimate interest or specific purposes.

Where Mexican data protection law applies to you, we will handle your requests consistently with both UK and Mexican requirements, ensuring that you receive the highest applicable level of protection.

How to Exercise Your Rights

Submission channels: you can exercise your rights by contacting our data protection team using the contact details indicated in the "Who We Are" section and via the contact or support tools available on plazaroyell.com. Please clearly indicate that your request concerns your data protection rights.
Information required: to protect your privacy, we may need to verify your identity before acting on your request. This may involve asking you to provide additional information, for example confirming account details or providing identification documents where necessary.
Timeframe: we aim to respond to all valid requests within one (1) month of receipt, and no later than 30 days, as required by UK GDPR. Where requests are particularly complex or numerous, we may extend this period by up to a further two months; in such cases, we will inform you of the extension and the reasons for it.
Cost: we handle rights requests free of charge. However, we may charge a reasonable fee or refuse to act on a request that is manifestly unfounded, excessive or repetitive, as permitted by law.
Limitations: some rights may be restricted by legal or regulatory requirements, particularly in relation to AML, fraud prevention and gambling regulation. Where we cannot fully comply with your request, we will explain the reasons to the extent we are legally permitted to do so.

Cookies & Tracking Technologies

When you access Plaza Royal via plazaroyell.com, we use cookies and similar technologies to ensure the website functions correctly, to secure your account, to improve our services, and, where permitted, to personalise your experience and deliver relevant marketing.

Types of Cookies

Session cookies: temporary cookies that are stored on your device while you browse and are deleted when you close your browser. They are used to manage sessions, keep you logged in, and support basic site functionality.
Persistent cookies: cookies that remain on your device for a defined period or until you delete them. They help us remember your preferences, such as language or login details, and can be used to recognise you on return visits.
First-party cookies: cookies placed by plazaroyell.com to support the operation of Plaza Royal services.
Third-party cookies: cookies placed by third-party service providers, such as analytics providers or advertising networks, to help us measure traffic, prevent fraud, or deliver tailored content and marketing, where permitted.

Purposes of Cookies

Strictly necessary and functional: required for the basic operation of the site and for providing the services you request, such as logging in, maintaining your session, ensuring security and remembering certain choices.
Analytics and performance: used to understand how visitors use Plaza Royal on plazaroyell.com, identify popular pages, detect errors and improve performance and user experience.
Advertising and personalisation: used, where allowed, to deliver targeted advertisements and promotions related to Plaza Royal, to limit the number of times you see an ad, and to measure the effectiveness of marketing campaigns.

Managing Cookies

Cookie banner and settings: on your first visit, and periodically thereafter, you will be presented with a cookie banner allowing you to accept or manage non-essential cookies. You can change your preferences at any time via the cookie settings tool available on plazaroyell.com, where provided.
Browser controls: most web browsers allow you to block or delete cookies through their settings. Please note that disabling certain cookies may affect the functionality of Plaza Royal services and your ability to use some features.
Do Not Track and similar signals: unless required by law, we do not currently respond to browser-based "Do Not Track" signals. You can manage your tracking preferences using our cookie tools and browser settings.

4. Data Security

We take the security of personal data processed in connection with Plaza Royal on plazaroyell.com very seriously. We implement appropriate technical and organisational measures designed to protect your data against unauthorised access, alteration, disclosure or destruction.

Technical Measures

Encryption in transit: data transmitted between your browser and our servers is protected using current industry-standard Transport Layer Security (TLS 1.2 or higher), helping to prevent interception or tampering.
Encryption at rest: sensitive data, including certain financial and authentication information, is stored using strong encryption or hashing algorithms, with keys managed and restricted in accordance with internal policies.
Access controls: access to systems and databases containing personal data is restricted on a need-to-know basis, protected by authentication mechanisms such as strong passwords, multi-factor authentication (MFA) where appropriate, and role-based access control.
Network and infrastructure security: we use firewalls, intrusion detection and prevention systems, anti-malware tools and other security technologies to protect our network and systems.

Organisational Measures

Policies and training: we maintain internal policies on data protection, security and acceptable use. Staff with access to personal data receive regular training on confidentiality, data protection and information security.
Vendor management: third-party service providers that process data on our behalf must implement appropriate security measures, and are subject to contractual obligations and periodic oversight.
Risk assessments and audits: we carry out risk assessments, internal reviews and, where relevant, independent audits to evaluate the effectiveness of our security controls and to make necessary improvements.

Incident Response

Monitoring and detection: our systems are monitored for unusual activity and potential threats, enabling us to detect incidents in a timely manner.
Response procedures: we maintain incident response plans to investigate and mitigate suspected or actual data breaches, including steps to contain the incident, assess its impact and restore normal operations.
Notification: where required by law, we will notify the relevant supervisory authority, such as the Information Commissioner's Office (ICO) in the UK, and affected individuals without undue delay, providing information about the nature of the breach, likely consequences and measures taken.

We aim to align our security practices with recognised industry standards and frameworks, such as ISO 27001 and SOC 2, where appropriate. This does not necessarily mean that we are certified under any particular standard but reflects our commitment to continuous improvement of our security posture.

9. Complaints & Contacts

If you have questions, concerns or complaints about how Plaza Royal on plazaroyell.com handles your personal data, or if you wish to exercise your data protection rights, you can contact us and, if necessary, escalate your complaint to the relevant supervisory authorities.

Contacting Us

Data protection contact: Data Protection Officer, AG Communications Limited, 135, High Street, Sliema, SLM 1549, Malta.
Online contact: you can reach us through the customer support and contact tools available on plazaroyell.com, including secure messaging for registered players and any contact forms provided.
Postal mail: please send written correspondence to the address above, clearly marking it "Data Protection" or "Privacy Complaint".

Complaint Procedure

Initial contact: submit your question or complaint using one of the contact channels listed above, providing as much detail as possible, including your username, relevant dates, and a description of your concern.
Acknowledgement: we will acknowledge receipt of your complaint within a reasonable period, typically within five (5) business days, and provide a reference number where applicable.
Investigation: your complaint will be reviewed by the appropriate team, which may include our data protection and compliance personnel. We may contact you if we require additional information.
Response timeframe: we aim to provide a substantive response within one (1) month of receiving your complaint or rights request, in line with UK GDPR. For complex matters or multiple requests, this period may be extended by up to two additional months, in which case we will inform you of the extension and reasons.
Outcome: we will inform you in writing of the outcome of our investigation and any measures taken or proposed to address your concern.

Escalation to Supervisory Authorities

United Kingdom (primary regulator for UK players): if you are dissatisfied with our response or believe that we are not processing your personal data in accordance with the law, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
Website: https://ico.org.uk
Phone (UK): 0303 123 1113
European Union: if you are located in the EU and your data is processed in that context, you may also have the right to lodge a complaint with your local data protection authority in the EU. Details of EU supervisory authorities can be found on the European Data Protection Board website.
Mexico: where Mexican data protection law applies to you, you may lodge a complaint with the Mexican data protection authority, the National Institute for Transparency, Access to Information and Personal Data Protection (INAI):
Website: https://home.inai.org.mx

For gambling-related disputes that are not specifically about data protection (for example, issues about game outcomes or payouts) and that cannot be resolved through our internal complaints process, UK players may also be able to refer their complaint to our appointed Alternative Dispute Resolution (ADR) entity, such as the Independent Betting Adjudication Service (IBAS), in accordance with our terms and conditions. This is separate from your data protection rights and supervisory authorities.

15. Updates

We may update this Privacy Policy from time to time to reflect changes in our processing activities, legal obligations, regulatory guidance, technological developments or improvements to Plaza Royal services on plazaroyell.com. When we do so, we will revise the "Last updated" date and, where appropriate, provide additional notice.

Notification of Changes

Website notifications: for non-material updates, we may publish the revised Privacy Policy on plazaroyell.com and indicate the date of the latest revision.
Email and account alerts: for material changes that significantly affect how we process your personal data or your rights, we will provide prominent notice, which may include email notifications, in-account messages, or pop-up notices when you next log in.
Banners and prompts: we may display banners or notifications on plazaroyell.com inviting you to review the updated Privacy Policy.

Advance Notice and Your Options

Advance notice: where changes are material and, in our assessment, may significantly impact you, we will provide you with advance notice of the updated terms, typically at least 30 days before the changes take effect, unless immediate implementation is required by law or regulatory requirement.
Continued use: your continued use of Plaza Royal services on plazaroyell.com after the effective date of the updated Privacy Policy will constitute your acknowledgement of the changes, to the extent permitted by law.
Right to object or close your account: if you do not agree with the updated Privacy Policy, you may choose to discontinue using our services and close your account. You may also exercise any relevant data protection rights (such as objection or erasure, where applicable) as described in the "Your Rights" section.

Last updated: January 2026 (previous substantial review: 6 November 2025).