Speedy Lotto values that you entrust your information with us, and we want to be completely transparent about what we do with it. In this text we describe our policy regarding games, applications, software, websites, APIs (application programming interfaces), products, and services (the "Services"). Our starting point is that you should never be surprised by what we do with your information.
The Data Controller of your personal data is Hero Gaming, a Maltese company having its registered address at Level 0, Spinola Park, Triq Mikiel Ang Borg, SPK 1000 St Julian’s, Malta.
INFORMATION, PURPOSE, LAWFUL BASIS AND STORAGE
We collect the following data when you use our Services:
Information type: name, date of birth, phone number, address. Description & Purpose: This information is necessary to create an account and for us to be able to deliver the Services. It’s also used to communicate offers to you if you have agreed to that. Lawful Basis: Legitimate interest, contract fulfilment, consent. Storage: 6 years after you closed your account. Some information is stored for 10 years in accordance with legal requirements.
Information type: occupation, source of income, proof of legal assets, politically vulnerable person, international and/or financial sanctions, holding of a company or property, court decisions, insolvency, taxation information. Description & Purpose: We may collect information about your background from you directly or with the help of publicly available information for AML / CFT purposes or to fulfil our duty of care. Lawful Basis: Legal obligation. Storage: 6 years after you close your account. Some information is stored for 10 years in accordance with legal requirements.
Description & Purpose: If you have requested self-exclusion directly with us or through a system we are integrated with, such data will be processed in order to be able to handle your request. You cannot oppose this processing during the time you are self-excluded. Lawful Basis: Compliance with legal obligations Storage: Information on self-exclusion is saved for the duration of the exclusion or longer if required by law.
Information type: Preferred games, transaction history, interaction with the Services, device(s) and/or computer used for the Services, IP addresses, browser, language, Operating system, referring website / pages visited, location, information from cookies. Description & Purpose: This information is used to improve your gaming experience, or to enable some of the Services' features. We use the information we collect to improve and optimize the Services and to create new Services. For example, we may use the information in troubleshooting to protect against future problems, perform data analyses and tests, conduct investigations, and create new features and services. Lawful Basis: Legitimate interest, consent. Storage: 2 years after the information is collected.
Description and purpose: If you contact us to ask questions, participate in a survey, contest or offer, we will also collect the information you provide in connection with this, such as your name, contact details, and any messages. In extraordinary circumstances we might need to process your bank account details for refunds, in which case the details are deleted immediately after the refund. Lawful basis: Consent. Storage: 2 years after the information is generally collected, but depending on the nature of the communication, we may need to save it longer.
SPECIAL CATEGORIES OF PERSONAL DATA
We do not collect any specific personal data categories about you (this includes information about your race or ethnicity, religious or philosophical beliefs, sexual life, sexual orientation, political views, union membership, health information, genetic and biometric data). However, we cannot exclude that you submit such information in communication with us and that this information is then processed through our contact with you.
SAFETY AND STORAGE
We have strong security measures in place to keep your personal information secure, e.g. encryption and information security policies. Access to your personal data is limited to individuals who have a legitimate need to access it. We have established procedures to deal with any suspected personal data incidents and we will be required to notify you and all applicable authorities in case of an incident.
We use SSL encryption algorithms to protect your payment and card information just like most of the world's largest banks and financial institutions. We ensure that all deposits and withdrawals are fully protected thanks to the Payment Card Industry Data Security Standard (PCI), which means that we meet applicable requirements that our payment solutions are certified.
Your personal data is stored on servers in Malta.
THIRD PARTY SITES
HOW WE COMMUNICATE WITH YOU
We use your information when we need to send service messages to you and when we reply to you after you have initially contacted us. We also use your information to inform you about new features, offers, and products that we believe you would find interesting. You can control what marketing we send to you by contacting customer service or by unsubscribing from our newsletters. Keep in mind that data transmitted on the Internet can be sent across national borders, though sender and receiver are in the same country. This may result in mail your emails to us containing your information may be transmitted through a country where the data security is not equal to the country in which you reside.
HOW WE SHARE INFORMATION
Some of our partners are based outside the EEA and therefore the processing of your personal data may involve the transfer of data outside the EEA. When we transfer your personal data to a site outside the EEA, we ensure that a corresponding degree of protection is offered by ensuring that one of the security measures that have been deemed adequate is implemented. Contact us for more information about the specific mechanism used by us when transferring your personal data to locations outside the EEA.
You have the right to:
You also have the right to submit a complaint to the appropriate data protection regulatory authority. The competent authority in Malta is the Office of the Information and Data Protection Commissioner (OIDPC), but we hope we can resolve disputes among ourselves. When you exercise your rights by contacting us, we may need to request specific information from you to help us confirm your identity and ensure that you have the right to access your personal data (or to exercise any of your other rights).
CONTACT INFO TO DATA PROCESSOR
Hero Gaming Ltd
Level 0, Spinola Park
Triq Mikiel Ang Borg
St. Julian's SPK1000
Last updated: 24.02.2020