Our legal status under UK data protection law is that of a data controller and in this capacity we will securely store and process your personal information which you have provided to us. Data controller is a legal term which identifies the person who controls what to do with any given personal information. As data controller we have registered with the Information Commissioner’s Office and our registration number is ZA247738.
The steps we take to protect your personal information and how you can review and correct your personal information are also covered here.
Collection of information
The personal information we collect from you may include:
- any information you provide to us if you contact us; and
- information you submit when you log into our Portal, which may include your email address and password.
You are not required to provide any of this information, but if you do not, we may not be able to provide you with the requested services.
We may also observe your use of our Portal and derive certain information from this which may include personal data.
How is your personal information used?
We will use the personal information you provide to us to:
- check that your email address is a valid company email address for an operator licensed by the Gambling Commission of Great Britain;
- provide you with access to our Portal and provide our services to you;
- develop our services to enhance their usability and functionality and improve the user-experience; and
- contact you.
With whom is your personal information shared?
We may disclose personal information that we receive through our Portal with service providers retained by us in connection with the provision of our Portal and services, including in respect of the provision of technology services and website hosting. Access to your personal information by these service providers is limited to the information necessary for the service provider to perform its function on our behalf.
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006, which includes The Remote Gambling Association.
We may disclose depersonalised data (such as aggregated statistics) about the users of our Portal and services in order to describe our traffic patterns and other services information to prospective partners and other reputable third parties and for other lawful purposes, but these statistics will include no personally identifying information.
We may occasionally be required by law, court order or governmental authority to disclose certain types of personal information. Examples of the type of situation where this would occur would be:
- in the administration of justice; or
- where we have to defend ourselves legally.
The requirements of data protection laws
- we will only collect sufficient personal information for the uses set out above;
- we will endeavour to keep your personal information up-to-date;
- we will not transfer your personal information to a country outside the European Economic Area unless safeguards are in place to protect your personal information to the standards that apply within the EEA.
We are committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use, or disclosure.
For example, we store the personal information you provide on secure computer systems with limited access that are located in facilities to which access is limited.
We will hold your personal data for so long as we are providing services to you and for no more than one year after. We will endeavor to delete any personal data sooner where it is not necessary for us to hold this, but please be aware that we may hold personal data for longer if we are under a legal obligation to do so or where we have a reasonable belief that it is necessary to do so for business or legal reasons.
You have the following rights in relation to your personal data:
- a right of access to a copy of the information comprised in your personal data;
- a right to access your personal data in machine-readable format and to request that we transfer this to a third party data controller;
- a right to object to decisions being taken by automated means;
- a right to object to processing that is likely to cause or is causing damage or distress;
- a right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed;
- a right to claim compensation for damages caused by a breach of data protection legislation; and
- a right to lodge a complaint to the Information Commissioner's Office in respect of our use of your personal data.
If you are unsure about your rights or are concerned about how your personal data may be processed you should contact the Information Commission's Office.
If you contact us in relation to your rights we will do our best to accommodate your request or objection. Please note, however, that not all rights are absolute. Sometimes other legal obligations or third party rights will take precedence.
If you request a copy of personal data that we hold about you, we may require ID.
You can help us to maintain the accuracy of your information by notifying us of any change.
Please email us if you would have any queries about, or would like to enforce, your rights set out above.
We use or intend to use certain third party service providers in connection with providing the Portal and our services. The providers that may process personal data provided by you to us in order to enable us to provide the Portal and our services are:
- The Data Shed Limited; and
In turn, The Data Shed Limited also uses certain third party service providers, again in order to enable it to provide its services to us. These providers are:
- Okta, Inc
- Amazon Web Services
All such third party providers are required to provide their services in accordance with applicable data protection laws.
Links to other websites
Our Portal may contain links to other websites. We are not responsible for the content, security, practices or privacy policies employed by other websites. We encourage you to carefully review these sites’ privacy policies so that you know how they will collect, use, and share your information.
If you have questions regarding this policy or our handling of your personal information, please email@example.com. We will promptly address your concern and strive to reach a satisfactory resolution.