What types of personal data do we collect on our Sites
We collect certain personal data about visitors and users of our Sites.
The most common types of personal data we collect include things like: usernames, personal names, email addresses, IP addresses, other contact details, survey responses, blogs, photos, payment information, transactional details, support queries, forum comments, blog comments, content you direct us to make available on our Sites (such as descriptions), and web analytics data.
How we collect personal data on our Sites
We collect personal data directly when you provide it to us, automatically as you navigate through the Sites, or through other people when you use services associated with the Sites.
We collect your personal data when you provide it to us when you subscribe to a newsletter, email list, submit feedback, enter a contest, fill out a survey, complete a form, purchase a product, download software, or send us an email.
Personal data we collect about you from third parties
Although we generally collect personal data directly from you, on occasion, we also collect certain categories of personal data about you from other sources including: (1) third party service providers (like Google, Facebook) who are located in Malta, the US or the UK, which may provide personal data about you when you link, connect, or login to your account with the third party provider and they send us personal data such as your registration and profile from that service. The personal data varies and is controlled by each such service provider or as authorized by you via your privacy settings at each such service provider; and (2) other third party sources or partners from Malta, the US or the UK, whereby we receive additional personal data about you (to the extent permitted by applicable law), such as demographic data or fraud detection information, and combine it with personal data we already have about you. For example, fraud warnings from service providers such as identity verification services. We also receive personal data about you and your activities on and off the Sites through partnerships, or about your experiences and interactions from our partner ad networks.
How we use your personal data
We will use your personal data where necessary for purposes which are in our, or third parties, legitimate interests. These legitimate interests include: (1) operating the Sites; (2) providing you with services described on the Sites; (3) responding to support requests, and helping facilitate the resolution of any disputes; (4) updating you with operational news and information about our Sites and services, i.e. to notify you about changes to our Sites, website disruptions or security updates; (5) carrying out technical analysis to determine how to improve the Sites and services we provide; (6) managing our relationship with you, i.e. by responding to your comments or queries submitted to us on the Sites or asking for your feedback or whether you want to participate in a survey; (7) managing our legal and operational affairs; (8) training CasinoCoin staff about how to best serve our user community; (improving our products and services; (9) providing general administrative and performance functions and activities.
We will also handle your personal data: (1) as required by law; and (2) to respond to legitimate judiciary and law enforcement authorities, or regulatory requests to abide by anti-money laundering (“AML”) regulations.
Who has access to your personal data
We will disclose personal data to the following recipients: (1) subcontractors and service providers who assist us in connection with the ways we use personal data (as set out above), in particular, security and fraud prevention services, payment processing services, and identification verification services. Our subcontractors and services providers may also transfer and access such personal data from other countries in which they have operations; (2) our professional advisors, including lawyers, accountants, and financial advisors; (3) regulators and government authorities in connection with our compliance procedures and obligations; (4) third party requests relating to criminal investigations or alleged or suspected illegal activity; (5) third party requests, in order to enforce or defend our rights, or to address financial or reputational risks; (6) intellectual property rights holders in relation to an allegation of intellectual property infringement or any other infringement; and (7) other recipients where we are authorized or required by law to provide your personal data.
Where we transfer and store your personal data
We are based in Malta, with servers in the US, so your data will be processed in Malta and the US, in accordance with applicable data protection regulations. Some of the recipients mentioned above, to whom we may disclose your personal information, may be located outside of Malta and the US. In order to protect your personal data we will strive to work with subcontractors and service providers who we believe maintain an adequate level of data security compliance.
How we secure your personal data
We store your personal data on secure servers that are managed by us and our service providers, and occasionally on hard copy files that are kept in a secure location in Malta or the US. Personal data that we store or transmit is protected by security and access controls, including username and password authentication, two-factor authentication, and data encryption where appropriate.
How you can access your personal data
You may request to access and receive a copy of your personal data and request corrections of any errors in such personal data by contacting us at [email protected].
We will send you marketing communications by email about products and services that we feel may be of interest to you, subject to your “opt-in” consent upon receiving any email communication from us or your registering for such email communications on our Sites. You can “opt-out” of any such email communications if you would prefer not to receive them in the future by using the “unsubscribe” option provided at the bottom of every email communication.
Cookies and web analytics
You may choose whether to accept cookies by modifying your browser preferences to accept all cookies, be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies parts of our Sites may not work properly during your use of our Sites.
When you visit our Sites, certain anonymous information is collected which does not reveal your identity. Occasionally, we will use third party advertising companies to serve ads based on prior visits to our Sites. For example, if you visit our Sites, you may later see an ad for our products and services when you visit a different website.
If you’re logged into your account on any of our Sites the following details may be recorded: (1) your IP address or proxy server IP address; (2) the domain name you requested; (3) the name of your internet service provider depending on the configuration of your ISP connection; (4) the date and time of your visit to the Site(s); (5) the length of your session; (6) the pages which you have accessed; (7) the number of times you access our Sites within any month; (7) the file URL you look at and information relating to it; (8) the website which referred you to our Sites; and (9) the operating system which your computer uses.
Personal data of minors
We do not knowingly provide services to or collect personal data from persons under 18 years of age. Our Sites are not directed or intended for children under the age of majority. If you are under 18 years of age, you should not register or provide personal data or information on our Sites. If you are the parent or guardian of a person under the age of 18 whom you believe has disclosed personal data to us, please immediately contact us at [email protected] so that we may delete and remove such minor’s personal data from our systems.
Personal data on the blockchain
The nature of blockchain technology means that any data entered onto a blockchain cannot be deleted; however, all such data is pseudo-anonymized which means that the data by itself on the blockchain does not reveal any personal data. We will never store any personal data on the CasinoCoin blockchain, and any personal data that we extract from the CasinoCoin blockchain which may be linked to an EU citizen can be deleted upon request, in accordance with the General Data Protection Regulation 2016/679 (the “GDPR”).
Software you download from our Sites
Some of the downloadable software offered on our Sites, including the CasinoCoin Bankroll Manager application (“BRM”) will collect, with your consent, your personal data including: (1) name and address details; (2) IP address or your proxy server IP address; (3) email address and phone number; (4) credit card details and billing information; (5) utility bills and proof of residence; and (6) other type of information when required.
The personal data we collect will be shared with our partners in order to be able to offer you our service(s), specifically this information will be transmitted for the purposes of: (1) know your customer (“KYC”) verification checks; (2) identity verifications; (3) payment verifications; (4) player profile confirmation and transmission; and (5) marketing and promotions.
We will be collecting personal data that is necessary for us to provide the service(s) we offer on our Sites and we will periodically be purging all personal data that we no longer need for business or legal purposes.
Retention and deletion of personal data
If you’re a user or visitor in the European Economic Area these rights also apply to you:
For the purposes of applicable EU data protection law (including the “GDPR”), we are a “data controller” and “data processor” of your personal data.
How to port your personal data
You are entitled to ask us to port your personal data (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase or restrict processing of your personal data. You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent as more fully described below.
These rights are limited in some situations if we can demonstrate that we have a legal requirement to process your personal data. In some circumstances, this means that we may retain some of your personal data even if you withdraw your consent.
Where we require your personal data to comply with legal or contractual obligations, then provision of such personal data is mandatory: if such personal data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In all other cases, provision of requested personal data is optional.
If you have unresolved issues you have the right to complain to the data protection authorities. The relevant data protection authority will be the data protection authority of the country: (1) of your habitual residence; (2) of your place of work; or (3) in which you consider the alleged data protection violation has occurred.
How to contact CasinoCoin