Privacy Policy

Introduction

The Company is committed to protecting your privacy and handling your data in an open and transparent manner and with the observance of the relevant data protection legislation issued by the relevant authorities (“Applicable Laws”).

This Notice provides an overview on how we collect, use and otherwise process your personal data as data controllers when you use our products and services or use/or access our websites (hereinafter referred to as ”Websites”) and our mobile apps (hereinafter referred to as “Apps”) (hereinafter collectively referred to as “Services”).

This Notice applies to any person which is (i) a potential customer, a current customer or a former customer registered on our sports betting and online games platform available on our Websites/Apps (hereinafter referred to as ”Customers”) or (ii) is accessing and using our Websites/Apps as a simple user/visitor, without registering on and using our sports betting and online games platform (hereinafter referred to as ”Website Visitors”).

This Notice also details how the Company may process the personal data of other persons which are not Customers or Website Visitors, but have relevant relation with a Customer, thus requiring the Company to process their personal data for regulatory purposes (e.g. a person which is an ultimate beneficial owner in relation to a transaction in which the Customer is involved, or is a politically exposed person, being in close relationship with the Customer).

This Notice also details your rights as a data subject and as such you have the following rights under the Applicable Laws:

Right to Confirmation and Access:

You can obtain from us confirmation that we are processing your personal data, as well as information regarding the specifics of the processing such as: the purpose, the categories of personal data processed, the recipients of the data, the period for which the data is kept, the existence of the right to rectification, deletion or restriction of processing. This also enables you to e.g. receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Right to Rectification:

You have the right to request the correction of inaccurate personal data and to have incomplete personal data completed.

Right to Anonymization, Blocking, or Deletion:

You have the right to request the anonymization, blocking, or deletion of unnecessary or excessive personal data, or data processed in non-compliance with the Applicable Laws.

Right to Data Portability:

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format, and if you expressly request us, we may transmit your personal data to another entity, where technically feasible.

Right to Deletion of Data Processed with Consent:

This enables you to request us the erasure of your personal data where: (i) the personal data are no longer necessary in relation to the purposes for which we collected and process them; (ii) you withdrew consent for the personal data processing (when applicable) and we have no other legal grounds for the processing; (iii) the personal data are unlawfully processed; respectively (iv) the personal data have to be erased according to the Applicable Law.

Right to Information:

You have the right to obtain information about the public and private entities with which we have shared your personal data.

Right to Withdraw Consent:

You have the right to withdraw your consent for the processing of personal data at any time, whenever consent is the legal ground for the processing specific data. In this case, kindly note that we will not be allowed to commence or continue our business relationship, and therefore we will not be able to provide you with our Services. Please note that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal or the processing based on other legal grounds provided for in the Applicable Laws.

Right to Object to Processing:

You have the right to object to the processing of personal data based on grounds relating to your particular situation, where the processing is carried out on the basis of our legitimate interests or for direct marketing purposes. In this case, kindly note that we will not be allowed to commence or continue our business relationship, and therefore we will not be able to provide you with our Services.

Right to Review Automated Decisions:

You have a number of rights in relation to automated individual decisions that we make. You have the right to (i) express your point of view, and/or (ii) challenge the automated decision, and/or (iii) or request human intervention. If you request human intervention, the (automated) decision will be reviewed by our specialized staff who will be able to modify or adjust the decision (as appropriate).

Right to Lodge a Complaint:

Where we are relying on a legitimate interest and there is something about your particular situation you may object to processing on this ground. If you lodge an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. In this case, kindly note that we will not be allowed to commence or continue our business relationship, and therefore we will not be able to provide you with our Services. If you believe that your personal data has not been processed in accordance with the Applicable Laws, you have the right to lodge a complaint with the relevant authorities.

Rights to restriction of processing:

You may request the restriction of your personal data processing if : (i) you contest the accuracy of the personal data, for a period enabling us to verify the accuracy of the personal data at issue; (ii) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; (iii) we no longer need the personal data for the purposes of the processing, but they are required by you for a legal claim; respectively (iv) if you have objected to processing, pending the verification whether the Company’s legitimate interests as controller override your rights as data subject. In this case, kindly note that we will not be allowed to commence or continue our business relationship, and therefore we will not be able to provide you with our Services.

TO EXERCISE THE RIGHTS MENTIONED ABOVE, YOU CAN CONTACT OUR SUPPORT TEAM.

What personal data do we process?

In order to establish and maintain a business relationship with us, you are required to provide certain personal data that is necessary for the initiation of the rendering of services and execution of the Terms and Conditions, as well as to comply with Applicable Laws.

Depending on how you interact with us or register and use the Services, we may process various categories of personal data, provided by You, inferred by us based on your interaction with us, or obtained from third parties, as the case be, including:

Identification data: username, name, surname, facial recognition, password, date of birth, address, unique identification number (such as Tax Identity Number), other identification card data (e.g., copy of IDs, passports, tax identification number, residence permit), citizenship for the purpose usage of all of the features of the Services, provision of the following activities on website and mobile applications: Bet placement, playing games, viewing Bet history, Financial account history (account replenishments and withdrawals), Ordering account replenishments and withdrawals, Account settings, Account security settings;

Other KYC data: information required to verify the authenticity of data provided during the registration process on our gambling platform (e.g. utility bills, internet/TV/phone subscription bills), information required to prove the source of funds (e.g. bank statements, tax returns, payslips etc.), information whether you may be a politically exposed person, a close affiliate of such person and relevant information in this respect, data related to potential international sanctions, your image (from facial recognition, other biometric data and photographs) which may be required by us to verify the authenticity of your data; any other data for the purposes of verifying the source of wealth to validate the customer’s transactions;

Contact and communications data: phone number, e-mail address, name, birth data, country, saved phone calls and text live chats for the purpose of communication with us and providing Customer support;

Financial transactions data: the payment method used; bank account number, payment card number, and other payment details (amount, payer identity and other transaction data), account financial history (deposits and withdrawals), information regarding the taxes retained and paid on behalf of the Customers;

Data related to illegal or fraudulent activities: information whether you may be included on a list of fraudulent or undesired players, data related to criminal investigations or sanctions imposed to the Customers/potential Customers following any fraudulent or illegal activities;

Geolocation data: the country, the city and the ISP from which the gambling platform is accessed (based on client IP address);

Online identifiers: cookie identifiers and other similar identifiers;

Device and connection data: type of device accessing our Websites/Apps, browser used, IP address;

Online activity data: include the data collected via the cookies and tracking technologies implemented on our Websites and Apps.

Preferences data: include the data concerning your permissions given to process personal data requiring your consent (e.g. for marketing activities, for placing and using non-essential cookies and other tracking technologies).

Where do we get your data from?

We may obtain your personal data:

Directly from you: (i) when you provide the information directly to us, either in writing (e.g., filling in forms, by e-mail or live chat) or verbally (e.g., following a telephone conversation with you) or (ii) by observing the interaction we have with you.

For example, we will obtain your personal data when you: (i) register on our Websites or Apps or use any of our Services, (ii) express your preferences to receive commercial communications (including personalized marketing communications) or other offers and information from us, (iii) contact us through various channels; (vi) simply visit or browse our Websites or Apps.

From third parties: the external sources from which we may obtain your data include:

Public sources providing information on international sanctions lists;

Private third parties providing fraud prevention and background verification services;

Our services providers whose services are integrated into our gambling platforms (e.g. payment services providers);

Public authorities or institutions, for example in the context of judicial investigations, court requests, requests related to complaints submitted by you.

From our Customers, whenever such data relates to a person which is in a relevant relationship with the Customer (e.g. close relative of a publicly exposed person or a politically exposed person).

Whether you have an obligation to provide us with your personal data

In order for us to be able to proceed with a business relationship with you, you must provide certain personal data to us which are necessary for the required commencement and execution of a business relationship, as well as required by Applicable Laws. We are furthermore required to collect such personal data given the provisions of the anti-money laundering law which require that we verify your identity before we enter or maintain a business relationship with you. Certain information may be further required under the anti-money laundering Applicable Laws in order to verify the legitimacy of the sources of your funds.

Kindly note that if you do not provide us with the required data, then we will not be allowed to commence or continue our business relationship, and therefore we will not be able to provide you with our Services.

Why we need Your personal data and what is the legal basis for processing

We will use your personal data for the following purposes:

Registration of the game account, account management and provision of the Services

We will process your personal data for the purposes related to the provision of our Services which include:

Creating, authenticating and managing the game account within the gambling platform available on our Websites and Apps.

Providing any gambling Services via the gambling platforms (including processing of deposits, placing the bets, processing of stakes, processing and payment of wins).

Analysis and settlement of the results of your participation in the gambling Services.

Sending messages or information regarding changes to the features of our Services you use (including so-called "functional messages"). This may include information regarding changes to the terms and conditions of our products and services or, as applicable, the interruption, expiration or suspension of services, technical migration of services, termination of the contract.

Processing any deposit limits, voluntary suspension, interruption or exclusion from the games;

Enforcing the terms and conditions of our Services.

We will use mainly the following personal data: Identification data, Contact data, Financial transactions data, Geolocation data, Device and connection data, Data related to illegal or fraudulent activities, Communications data, Preference data.

Legal basis: (i) conclusion and performance of the contract, (ii) compliance with our legal obligations, and (iii) our legitimate interest in adapting our Services to the needs and risk profile of our clients.

Identity verification, verification of transactions and regulatory reporting

As a licensed gambling operator, the Company must comply with certain legal requirements invoked by Applicable Laws, including:

identity verification when entering into the contract with us and throughout the contract performance, by facial recognition and other biometric data;

additional know-your-customer verifications, which may include the verification of the source of funds and the pattern of your transactions with us;

regulatory reporting to the competent authorities in accordance with the applicable gambling and anti-money laundering legislation.

We will use mainly the following personal data: Identification data, Contact data, Financial transactions data, Data related to illegal or fraudulent activities, Device and connection data, Communications data.

Legal basis: compliance with our legal obligations.

Customer support and management | Complaints handling

We collect and process some personal data to provide support services to our Customers and handling of the complaints. We will also process personal data of Website Visitors and of any other persons contacting us through the available channels seeking answers to their requests.

As part of our customer support service, the telephone conversation with our agents may be recorded. If you continue the call, we will assume that we have your consent to record the call. If you do not wish this, please end the call and contact us through other available communication channels.

We will use the following personal data: Identification data, Contact data, Communication data, Device and connection data. Depending on the type of request/complaints we may also process any other personal data listed in Section 2 above.

Legal basis: (i) performance of the contract with you in terms of customer support; (ii) compliance with our legal obligations related to assistance and customer relationship management; (iii) our legitimate interests, namely: (1) our commercial interest to properly manage the relationship with our Customers/Website Visitors, as well as to analyze the activity our employees/contractors providing customer support services; (2) our interest in handling and keeping records of requests from authorities related to your complaints; (3) the need to improve our organizational structure and customer support / complaint handling process.

Management of Company's claims | Dispute Resolution and Litigation

We may process your personal data in order to defend our rights and interest in litigation and/or administrative proceedings, including to collect and recover any debts you may owe us under the contract with us.

We will use mainly the following personal data: Identification data, Contact data, Financial transactions data, Geolocation data, Device and connection data, Data related to illegal or fraudulent activities, Communications data.

Legal basis: The company’s legitimate interest consists in the defense of our rights and interests in court / other administrative proceedings.

Marketing Personalization of commercial offers and communications | Surveys

Please refer to the Direct Advertising Policy available at link.

Functioning of the IT systems, Security and Abusive use of our systems

When you use or access the Websites/Apps, our systems automatically collect certain Device and connection data (such as, the IP address, the date and time of accessing / logging in to the system, the operating system used, the type of browser used) which are used to prevent and investigate potential abuses or frauds in using our IT systems / services provided by us, as well as to ensure the long-term viability of our IT systems.

Legal basis: Our legitimate interest to ensure the viability of the IT systems, the prevention and investigation of fraudulent and abusive use of our systems / Services.

Cookies and Similar Technologies

We use cookies on our Websites and other techniques, such as tracking pixels or code in Apps. We use such technologies both as a technical means of providing Services on our Websites and Apps as well as for analyzing the interaction of our Customers and Website Visitors with our Websites and Apps. In addition, we use cookies and similar technologies for the tailored online advertising as mentioned in Section E above.

Legal basis: (i) contract necessity for essential cookies and tracking technologies and (ii) consent for the non-essential ones.

Prevention of abusive use of Services | Prevention, management and reporting of frauds and illegal activities

We will process your personal data to detect and protect against fraudulent, improper or abusive use of Services, including analysis, investigation and reporting of frauds, money laundering and other illegal gambling schemes.

We will use mainly the following personal data: Identification data, Contact data, Financial transactions data, Geolocation data, Device and connection data, Data related to illegal or fraudulent activities, Communications Data.

Legal basis: (i) performance legal obligations applicable to gambling operators; (ii) processing necessary for substantial public interest (when it comes to compliance with AML/CFT requirements) (iii) our legitimate interest in protecting our rights and interests against abusive use or fraudulent use of Services

Compliance with other regulatory requirements

As gambling operator we may be required to comply with other regulatory requirements in the Applicable Laws in which we may be required to process your personal data, including:

reporting of data from the gambling activities to the national gambling authority (e.g. we are required to grant national gambling authority access to all data related to your participation in gambling activities, we are also required to report to the gambling authority certain information about you, for example if we suspend a transaction for breach of terms of Services or breach of Applicable Laws, or in case your account becomes dormant and we are unable to return to your account the balance);

to keep a register of self excluded players, or of the persons which are prevented from gambling or required a suspension or interruption of access to the games;

to monitor your time spent on the gambling platform and to send you notifications within the time intervals provided by the Applicable Laws and responsible gaming policies;

to comply with the tax payment and tax reporting obligations in relation to your wins;

to ensure the access of the gambling platform is granted only to the eligible persons;

to disclose any information we may hold about you to the competent public authorities with the observance of the Applicable Laws.

Any of the following personal data may be processed depending on the type of requirements: Identification data, Contact data, Financial transactions data, Device and connection data, Geolocation data, Data related to illegal or fraudulent activities, Communications data.

Legal basis: (i) compliance with legal obligations, and/or (ii) our legitimate interest in addressing and managing the relevant legal requirements applicable to us (if that legal requirement does not specifically require us to process certain personal data, but the achievement of the objective involves the processing of said data).

Who receives your personal data

We disclose your personal data to persons authorized by us to process personal data (i.e., entities we contract to carry out various personal data processing operations on our behalf).

Also, if the Applicable Law obliges us or we have a legal basis to do so, we may disclose your personal data to third-party entities acting as controllers (entities that process data for their own purposes).

We will not sell, disclose, or rent your personal information to third parties in ways different from those disclosed in this Notice. However, we may disclose and/or transfer your personal information to third parties in the event of a merger, acquisition, or sale of the company or the company’s assets and rights to the acquirer or in compliance with legal duty and obligation to cooperate with local authorities to enforce Applicable Laws, as well as to investigate and prosecute illegal and fraudulent activities.

Data disclosure to the public authorities in countries we operate:

(i) Gambling Authorities

(ii) Law Enforcement Bodies

(iii) Tax authorities

Data disclosure to other third parties:

(i) The Company may responsibility disclose some of your personal data to relevant Sports Governing Bodies (e.g. FIFA, IOC, UEFA, CSO, CBF) and in cases of investigation of money laundering, fraud and/or identifying match fixing;

(ii) the providers of payment services for processing the payments made by customers;

(iii) our consultants and legal and tax on a need to know basis and subject to appropriate safeguards;

(v) the providers of cookies and similar technologies, whenever such partners act as controllers;

(iv) other entities where we are required or otherwise have a valid legal basis for the disclosure of your personal data.

Transfer of your personal data to a third country or to an international organization

Your personal data may be transferred to third countries. In such cases, we will make sure that the personal data will be transferred with the observance of the requirements of the applicable data protection legislation and that your rights and interests are adequately protected. Specifically, we take the following measures:

Adequacy Decisions:

We may transfer your personal data to countries that have been recognized by the relevant data protection authorities as providing an adequate level of data protection.

Standard Contractual Clauses:

In the absence of an adequacy decision, we use standard contractual clauses approved by the relevant data protection authorities to ensure that your personal data is protected.

Binding Corporate Rules:

For intra-group transfers, we may use binding corporate rules that provide adequate safeguards for the protection of your personal data.

Other Legal Mechanisms:

In specific cases, we may rely on other legal mechanisms, such as the necessity of the transfer for the performance of a contract or your explicit consent.

We will always take steps to ensure that any international transfer of personal data is handled carefully to protect your rights and interests. Transfers to service providers and other third parties will be protected by contractual commitments and, where appropriate, other safeguards.

You can contact us at any time using our contact details to find out more about the countries to which we transfer your data, as well as the safeguards we have put in place in relation to these transfers.

Processing of personal data of children

Our Services are restricted to users who are 18 years of age or older. We do not permit Customers under the age of 18 to have registered accounts on our Websites/Apps and we do not intent or knowingly collect personal information from anyone under the age of 18.

We will delete any personal data and implement any applicable measures, in accordance with our obligations as gambling providers, in case we find that persons under age of 18 have registered/used Websites or Apps in breach of our terms & conditions and the Applicable Laws.

Security Measures

We are committed to ensuring the security of your personal data. To safeguard your privacy and protect your data against misuse, unauthorized access or disclosure, loss, alteration, or destruction, we implement a range of security measures. These measures include:

Technical Measures:

Encryption: We use encryption technologies to protect your personal data during transmission and storage.

Firewalls and Intrusion Detection Systems: Our systems are protected by firewalls and monitored by intrusion detection systems to prevent unauthorized access.

Access Controls: We implement strict access control measures to ensure that only authorized personnel can access your personal data.

Procedural Measures:

Data Minimization: We collect and process only the personal data that is necessary for the purposes outlined in our privacy policy.

Regular Audits: We conduct regular audits of our data processing activities to ensure compliance with data protection regulations and our internal policies.

Incident Response: We have an incident response plan in place to address any data breaches or security incidents promptly and effectively.

Monitoring and Tracking:

Activity Logs: We maintain logs of access and activity on our systems to detect and investigate any suspicious behavior.

Continuous Monitoring: Our security team continuously monitors our systems for potential vulnerabilities and threats.

Training and Awareness:

Employee Training: We provide regular training to our employees on data protection and security best practices.

Awareness Programs: We run awareness programs to ensure that all staff are aware of their responsibilities in protecting personal data.

We are constantly reviewing and updating our security measures to adapt to new threats and technological advancements. While we strive to protect your personal data, it is important to understand that no security system is impenetrable. Therefore, we encourage you to take your own precautions to protect your personal data, such as using strong passwords and keeping your login credentials confidential.

If you have any questions about our security measures or if you suspect any misuse of your personal data, please contact our Customer Support.

Security Incident

We take the security of your personal data very seriously and have implemented robust measures to protect it. However, in the unlikely event of a security incident that compromises your personal data, we are committed to notifying you promptly and transparently. Our security incident notification practices are as follows:

Identification and Assessment:

Detection: We continuously monitor our systems for potential security incidents, including unauthorized access, data breaches, and other forms of data compromise.

Assessment: Upon detection of a potential security incident, we will promptly assess the nature and scope of the incident to determine the impact on your personal data.

Notification to Affected Individuals:

Timely Notification: If we determine that a security incident has resulted in the unauthorized access, disclosure, alteration, or destruction of your personal data, we will notify you without undue delay.

Content of Notification: The notification will include:

A description of the nature of the incident.

The categories and approximate number of affected individuals and data records.

The likely consequences of the incident.

The measures we have taken or plan to take to address the incident and mitigate its effects.

Contact details for further information and assistance.

Notification to Authorities:

Regulatory Authorities: We will notify the relevant data protection authorities of any security incidents that pose a risk to the rights and freedoms of individuals, in accordance with applicable legal requirements.

Law Enforcement: If the incident involves criminal activity, we will also notify the appropriate law enforcement agencies.

Mitigation and Remediation:

Immediate Action: We will take immediate steps to contain and mitigate the impact of the security incident, including securing our systems, recovering data, and preventing further unauthorized access.

Remediation Plan: We will develop and implement a remediation plan to address the root cause of the incident and prevent future occurrences.

Communication Channels:

Primary Contact Method: We will use your registered email address or other primary contact method to notify you of the security incident.

Alternative Methods: If necessary, we may use alternative communication methods, such as phone calls or postal mail, to ensure you receive the notification.

Support and Assistance:

Customer Support: Our customer support team will be available to assist you with any questions or concerns you may have regarding the security incident.

Credit Monitoring: In cases where the incident poses a significant risk of harm, we may offer credit monitoring services or other protective measures to affected individuals.

We are committed to maintaining the highest standards of data security and will continue to review and improve our security practices to protect your personal data.

Right to lodge a complaint

If after complaining to us you still feel that your personal data has not been handled appropriately, according to the law, you can lodge a complaint with the Supervisory authority for personal data processing of your habitual residence.

Data protection is of utmost importance to us. In this regard, we constantly strive to provide all possible means to ensure the protection of your personal data, restricting unauthorized access and/or potential alterations. These means include information security measures consistent with current best practices to safeguard the privacy of our customers. These measures encompass technical, procedural, monitoring, and tracking steps designed to protect data against misuse, unauthorized access or disclosure, loss, alteration, or destruction.

Data Retention and Deletion

We are committed to retaining your personal data only for as long as necessary to fulfill the purposes for which it was collected, as well as to comply with legal, regulatory, and contractual obligations. Our data retention and deletion practices are as follows:

General Retention Periods:

Active Accounts: Personal data of customers with active user accounts on our websites or apps will be retained for as long as the account remains active.

Legal Compliance: We are required by law to retain data collected via our gaming platform related to your contract with us for at least five (5) years from the date of their initial collection.

AML/CFT Obligations: Pursuant to our obligations under Anti-Money Laundering and Counter-Terrorist Financing (AML/CFT) legislation, we retain data related to our Know Your Customer (KYC) processes for a period mandated by Applicable Laws.

Specific Retention Periods:

Petitions/Complaints: Documents and information related to any petitions or complaints raised by you will be stored for at least two (2) years from the registration date of each petition/complaint.

Marketing Data: Personal data of individuals in our marketing database will be retained until they exercise their right to withdraw consent or object to processing.

Cookies and Similar Technologies:

Data related to cookies and similar technologies will be retained according to the specific periods set for such technologies, ranging from the duration of the browsing session to up to five (5) years.

Retention for the Statutory Limitation Period:

Some information may be kept indefinitely to comply with legal obligations, such as those related to taxation, player protection, civil law, criminal law, and other legal matters.

Deletion of Personal Data:

Upon Request: You have the right to request the erasure of your personal data where it is no longer necessary for the purposes for which it was collected, you have withdrawn consent, the data was unlawfully processed, or it must be erased to comply with legal obligations.

Automatic Deletion: Personal data will be deleted automatically once the retention period expires, unless there are other legal grounds for retaining the data longer.

Exercise of Rights:

You can contact us at any time using our contact details to request the deletion of your personal data or to find out more about our data retention periods.

We ensure that your personal data is securely deleted or anonymized when it is no longer needed, following industry best practices and legal requirements.

Transparency and Accessibility

We are committed to ensuring that our data processing practices are transparent and that you have easy access to information about how your personal data is handled. Our transparency and accessibility practices are as follows:

Clear and Accessible Information:

Privacy Policy: Our Privacy Policy is available on our website and provides comprehensive information about how we collect, use, share, and protect your personal data.

Regular Updates: We regularly review and update our Privacy Policy to reflect any changes in our data processing practices or legal requirements. We will notify you of significant changes and encourage you to review the policy periodically.

Communication Channels:

Customer Support: Our customer support team is available to answer any questions you may have about our data processing practices. You can reach us through the contact details provided on our website.

Accessibility for All Users:

Inclusive Practices: We are committed to ensuring that our services are accessible to all users, including those with disabilities. We strive to comply with accessibility standards and best practices to provide an inclusive experience.

Feedback and Improvements: We welcome feedback on how we can improve the accessibility of our services. If you encounter any accessibility barriers, please contact us, and we will work to address them promptly.

We are dedicated to maintaining transparency in our data processing practices and ensuring that you have easy access to information and control over your personal data.