At Highroller-Casino (“Highroller-Casino“, “we“, “us“), we process personal data about our customers and visitors on our websites (“you“). We make efforts to handle your personal data with care, keep it secure and comply with data protection laws.
Highroller-Casino is engaged in performance marketing and lead generation online, with headquarters in Malta and subsidiaries in a number of other countries.
How this Policy Works
The purpose of this Policy is to explain when, why and how we process information which may relate to you (“personal data”). It also provides important information on your statutory rights. This Policy is not intended to override the terms of any contract you have with us, nor rights you might have under data protection laws.
Click on a topic in the list below to find out more on individual topics in more detail by following the various links. We have labelled sections of the Policy to make it easy for you to navigate to the information most relevant to you.
- Who is responsible for looking after your personal data?
- What personal data do we process?
- What do we use your personal data for and when do we process your personal data?
- Who do we share your personal data with?
- International Transfers
- Direct Marketing
- How long do we keep your personal data?
- What are your rights?
1. Who is responsible for looking after your personal data?
Highroller-Casino, is principally responsible for looking after your personal data (your Data Controller). Data Controller means the company that determines the means and purposes of processing of personal data.
You should be aware that although we are principally responsible for looking after your personal data, information may be held in databases which can be accessed by other companies. When accessing your personal data, all companies will comply with the standards set out in this Policy.
2. What personal data do we process?
We may process the following personal data about you:
- Email address
- Phone number
- Home address
- Date of birth
- IP address
- Location data
- Website usage data
- Content you submit, such as, posts, comments, personal preferences, opinions, complaints, chats
You may choose to provide other information directly to us or we might require other information from you. For example, we may collect other information when you decide to get in contact with us via our customer support, if we make available, or otherwise communicate with us.
3. What do we use your personal data for and when do we process your personal data?
Highroller-Casino will collect information directly from you when you use our services or visit our websites.
We use your personal data to:
- send out promotional emails relating to products and services, where we have obtained your consent to send you such emails. See also below on Direct marketing;
- to improve our marketing communications, where we may use a similar technology to cookies to confirm whether you have opened a marketing email or clicked on a link in the email;
- if we make available, check if you are eligible to claim our bonuses and offers;
- analyze information in our systems and databases to improve the way we run our business and websites according to user preferences, to provide a better service and user experience;
- improve and target advertisements that you receive from us and third parties;
- register you for a chat forum or community, if we make available, in which you can provide comments;
- meet or exercise any of our legal obligations or rights.
We will only process your personal data for the purposes set out in this Section 3 and where we are satisfied that:
- you have provided your consent to us using the data in that way, for example when you have requested or consented to receive direct marketing from us, or
- our use of your personal data is necessary to support ‘legitimate interests’ that we have as a business (for example, to receive certain communication from us, to analyse and share the underlying personal data collected via cookies for analytics and advertising purposes, to improve our products or marketing communications, to carry out analytics across our datasets or to respond to your inquiries via out customer support, if we make available) in a way that is proportionate and respects your privacy.
4. Who do we share your personal data with?
We work with many third parties, to help manage our business and deliver services. These third parties may from time to time need to have access to your personal data:
- Our mailing application providers:
- salesforce.com EMEA Limited, a limited liability company incorporated in England.;
- Aweber Systems, Inc., based in the USA, who is Privacy Shield certified as you may see here and processes personal data on our behalf; and
- Our mailing application provider GetResponse Sp. z o.o. based in Poland.
- Our plugin provider and host of WordPress.com Automattic, Inc., based in the USA who is Privacy Shield certified as you may see here and processes personal data on our behalf;
- Service providers or data processors that handle your personal data on our instructions, for example cloud services.
- Our subsidiaries, located inside or outside the EU/EEA. Transfers of personal data will be subject to WEBSITENAME intra group data transfer agreements.
- If we are under a duty to disclose in order to comply with a legal obligation or protect our interests or security.
- In the event we sell, buy or re-organise any business or assets, or if our assets are acquired by a third party, including prospective sellers or buyers.
5. International Transfers
International Transfers mean that personal data is transferred to a country outside the European Union.
As set out in Section 4 above, we may allow access to your personal data to third parties who may be located outside the European Union.
We may also disclose your personal data if we receive a legal or regulatory request from a foreign law enforcement body outside the European Union.
We will always take steps to ensure that any international transfer of information is managed to protect your rights and interests. Any requests for information that we receive from law enforcement or regulators will be carefully checked before personal data is disclosed.
You have the right to ask us for more information about the safeguards we have put in place as mentioned above. Contact us (see Section 8) if you wish further information.
6. Direct Marketing
We may use your personal data to send you direct marketing communications regarding products and services that we and our partners offer regarding for example online casino, sports betting and financial services. This may be in the form of email or targeted online advertisements.
The use and processing of your personal data for the purpose of sending you electronic marketing messages will be based on your consent to receive such messages. When permitted by law, it will be based on our legitimate interest (see Section 3 above). Provided we have received your consent, we will use a third-party to help us with processing of your personal data for marketing purposes (see Section 4 above).
At any time after we have your consent to send you electronic marketing messages, you always have a right to unsubscribe from receiving any further electronic marketing messages, at any time. You can use the opt-out link that you find in all direct electronic marketing communications, or by contacting us (see Section 8).
We take steps to limit direct marketing to a reasonable and proportionate level, and to send you communications that we believe may be of interest or relevance to you, based on the information we have about you.
We may display advertisements from third parties and other content that links to third-party websites. If you click on a third-party advertisement or link, please be aware that you are leaving our site and any data you provide will be processed in accordance with such third party’s respective privacy and cookie policies, which we advise you to consult beforehand.
8. How long do we keep your personal data?
We will retain your personal data for as long as reasonably necessary for the purposes listed in Section 3 of this Policy.
In some circumstances we keep your personal data during a certain period to meet for example legal, tax or accounting requirements.
We maintain a data retention policy for personal data in our care. Where your personal data is no longer required we will ensure it is either securely deleted or made anonymous.
9. What are your rights?
You have a number of rights in relation to your personal data. More information about each of these rights can be found by referring to the table set out further below.
To exercise your rights you may contact us as by sending an email to [email protected]
Please note the following if you wish to exercise your rights:
What this means
You can ask us to: confirm whether we are processing your personal data; give you a copy of that data; provide you with other information about your personal data, for example what data we have, what we use it for, who we disclose it to, whether we transfer it outside the EU and how we protect it, how long we keep it for, what rights you have, how you can make a complaint, where we got your data from and whether we have carried out any Automated Decision Making or Profiling, to the extent that information has not already been provided to you in this Policy.
You can ask us to rectify inaccurate personal data.
You can ask us to erase your personal data, but only where: it is no longer needed for the purposes for which it was collected; or you have withdrawn your consent (where processing was based on consent); or following a successful right to object (see ‘Objection’ below); or it has been processed unlawfully; or to comply with a legal obligation. We are not required to comply with your request to erase your personal data if the processing of your personal data is necessary: for compliance with a legal obligation; orfor the establishment, exercise or defence of legal claims;There are certain other circumstances in which we are not required to comply with your erasure request, although these two are the most likely circumstances in which we would deny that request.
You can ask us to restrict (i.e. keep but not use) your personal data, but only where:its accuracy is contested (see Rectification), to allow us to verify its accuracy; orthe processing is unlawful, but you do not want it erased; orit is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; oryou have exercised the right to object, and verification of overriding grounds is pending.We can continue to use your personal data following a request for restriction, where:we have your consent; orto establish, exercise or defend legal claims; orto protect the rights of another natural or legal person.
You can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it ‘ported’ directly to another Data Controller, but in each case only where:the processing is based on your consent or on the performance of a contract with you; andthe processing is carried out by automated means.
You can object to any processing of your personal data which has our ‘legitimate interests’ as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests.
We have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
You can ask to obtain a copy of, or reference to, the safeguards under which your personal data is transferred outside of the European Economic Area.
We may redact data transfer agreements or related documents (i.e. obscure certain information contained within these documents) for reasons of commercial sensitivity.
You have a right to lodge a complaint with the responsible local supervisory authority about our processing of your personal data.
We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.