VERSION 1.1 DATED 20 MAY 2022
1. WHO ARE WE?
Any references in this Privacy Notice to 'Infiniza' the 'Company', 'We', 'Us' or 'Our' refers to Infiniza Limited, a company having registration number C77819 and registered at The Bastions Office No.2, Emvin Cremona Street, Floriana, FRN 1281, Malta. Any references to 'You', 'Your', or 'User' means anyone who uses the Service provided on this Website.
You can contact Us via Live Chat or email email@example.com. We have appointed a Data Protection Officer, who You may contact for any queries about this Privacy Notice or how We handle Your data by sending an email to firstname.lastname@example.org.
2. WHY DO WE COLLECT PERSONAL DATA?
To provide You with the Service and register an account on Goldroll Casino, We need to collect Your personal identification data. In providing the Service to You for which You have registered, We may also need to share Your personal data with some third-party service providers. In doing so, We ensure to establish appropriate safeguards to protect Your data.
The personal data that We collect from You when registering and operating Your account on Goldroll Casino is to comply with Our legal obligations. This includes those for the operation of Our license that the Malta Gaming Authority issued, its regulations and guidelines, and to meet Our obligations related to the Financial Intelligence Analysis Unit (FIAU) and other relevant competent authorities, when required to do so, to assist in any law enforcement investigation. If You fail to provide Us with the necessary personal data and/or information upon Our request, We will terminate the relationship with You.
Apart from having a legal obligation to collect Your personal data and information, We also have a legitimate interest to protect Goldroll Casino from being misused for fraudulent and/or illegal activities. These include, but are not limited to, promotional abuse, fraudulent activities, money laundering and/or terrorist financing, and also online security risks. Collecting Your personal data allows Us to ensure the security, accessibility and availability of Our Website's Service to You.
Sometimes, We may send You marketing communications, but only if You have opted in to such Service either during the registration process or by changing Your settings from Your account profile. These marketing communications will help You to stay updated with the latest news about the new games, products, bonuses, offers and other related promotions. You have the right to change Your marketing preferences at any time at no cost by either changing these settings from Your account profile or by unsubscribing directly from the marketing communication or contacting Our Customer Support Team on Live Chat or by emailing email@example.com.
3. WHAT CATEGORIES OF PERSONAL DATA DO WE COLLECT?
The categories of personal data that We collect from You and process are as follows:
When You complete the registration process to register for an account on Goldroll Casino, personal identification and communication details are provided to us. This includes collecting Your details such as Your full name, date of birth, residential address, and communication details, including Your email address and/or phone number.
Your personal data and information may also be collected through other means such as through documentation or information that You provide Us upon Our request. Documents are provided for identity, age and address verification, and payment verification purposes. However, We may request other documentation from You as part of Our legal and regulatory obligations and to maintain Your account with Us.
We also hold records of Your financial accounts' information and some aspects of Your financial transactions through the use of Your account on this Website. In addition, We record Your logins and visits to this Website, such as through geolocation information, traffic data, and weblogs, amongst other information. Moreover, all Live Chats and email correspondence held with Our Customer Support Team is recorded and maintained for security and training/educational purposes.
Although We do not collect special categories of data regularly, We may receive such data from You. For instance, if You inform Us that You have a gambling problem, We would treat such information as being equivalent to health information, and so We will protect it.
4. COLLECTION OF INFORMATION FROM COOKIES
5. WHY DO WE PROCESS YOUR DATA?
We collect and process Your personal data for the below reasons:
- Creating, operating, and managing Your account;
- To play games and perform relevant activities related to games;
- For Us to carry out identification and verifications checks about You;
- For You to place Your bets and process online payments;
- Complying with Our legal, licensing and regulatory requirements, including those related to Data Protection;
- Creating User profiles for Anti-Money Laundering Risk Assessment purposes. To prevent the illegal use of Our Website, We need to carry out profiling of Our Users and their activities using automated processes. However, any decisions taken based on these profiles are taken by natural persons;
- Monitoring and tracking transactions to prevent fraud, abnormal betting patterns, money laundering and/or terrorist financing, including the transferring of personal data to Our payment processing service providers;
- Meeting Our obligations with the relevant authorities, including to inform and assist them in any potential criminal activities investigations, such as those related to fraud, money laundering and/or terrorist financing amongst others; and
- For marketing purposes, only when You actively consent to receive marketing material about new games, bonuses, offers and promotions. Although, You may opt out at any time.
6. WHERE DO WE KEEP YOUR PERSONAL DATA?
We ensure to take all the necessary security and standard precautions to keep Your personal data safe. Our servers are physically located within the European Union, and they may only be accessed online through encrypted connections by authorised persons. In following best security practices and standards, We only contract with third-party providers who follow and ensure an adequate level of security similar to Ours.
We may also store Your data within our Group of companies. Because this may be located outside the EEA, We will still ensure to have adequate security measures in place and that Your personal data is always protected. For instance, by having in place Standard Contractual Clauses as per the European Commission.
7. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
Your personal data may also be exchanged with certain third-party providers to be able to carry out the following processes and provide Our Service to You:
- Payment processing;
- Marketing, where Your consent was obtained;
- Anti-Fraud, Anti-Money Laundering and/or Combatting Terrorist Financing checks;
- Other Data Controllers;
- Joint Controllers; and
- Data Processors.
A list of our third party providers may be provided to You upon request.
Please note that We may be required to disclose Your personal details to such third-party service providers to satisfy Our regulatory obligations and legitimate interests.
Anti-fraud, anti-money laundering and combatting terrorist financing checks are used to verify Your personal details, which is done via electronic means by matching Your details against third party databases to assess whether:
- You may be a Politically Exposed Person (PEP) or close associate of a PEP.
- You are subject to Financial Sanctions.
- Your personal details are close to or match people with adverse media results.
Where Our payment providers request such information for fraud enquiries, We will provide such personal data on the basis that the request for information is to either protect Your rights or for a legitimate interest that is to protect Us against fraud.
We ensure that data transfers with any third-party service providers are covered with appropriate contracts and safeguards that are put in place between the Data Controller (being Us) and the Data Processor (being the third party) under the General Data Protection Regulation (GDPR). These contracts will include references to confidentiality, strict processing rules, security safeguards, breach notification requirements and provision of assistance to Us so that Your rights are satisfactorily exercised.
In case of a change in the Data Controller, We will attempt to inform You about this and the identity of the new Data Controller either by contacting You directly or by placing notices on this Website or by using other communication methods.
We are also obliged to disclose Your personal data to the relevant regulatory authorities to satisfy Our legal obligations. These include, but are not limited to the:
- Malta Gaming Authority (MGA)
- Financial Intelligence Analysis Unit (FIAU)
- Sanctions Monitoring Board (SMB)
- Other relevant law enforcement entities
In disclosing to the relevant authorities, We are obliged to provide all personal details and documents, the payment and betting transaction history, the communication history, and any other information We hold about You. All personal data and records, including the documents, is transferred to the relevant authority through secure means, as may be prescribed by such authorities that are beyond our control.
In cases where We would need to supply Your personal data to third-party providers, such as for marketing purposes, We will provide You with a specific opt-in possibility where Your active consent is required to transfer Your data to such third-party providers. Such marketing partners are limited to only receiving Your contact details, for instance, Your email address and/or mobile phone number, that is only when You consent to receive marketing communications. Suppose You choose to withdraw Your consent for marketing purposes, which You may do at any time. In that case, We will inform the relevant marketing partner to stop sending You marketing communications upon receiving your request.
8. DATA TRANSFERS TO THIRD COUNTRIES
When We share Your personal data with third-party providers located outside of the European Economic Area (EEA), We will always ensure to have a similar degree of protection to transfer Your personal data. We only transfer to countries deemed to hold a sufficient level of data protection measures in place as per the European Commission and/or putting in place Standard Contractual Clauses in line with the European Commission.
9. FOR HOW LONG DO WE KEEP YOUR DATA?
We are obliged to retain some elements of Your personal data after Your account termination for a maximum period of up to 10 years to meet Our legal obligations regarding Anti-Money Laundering and Combatting Terrorist Financing laws and regulations.
Particularly as follows:
- For up to one (1) year from Your last account activity: Details of Your logins and visits to the Website, traffic data, weblogs, and communications to and from our Customer Support Team;
- For up to five (5) years from Your last account activity: Personal identification details and documents, Your communication details, contact information through the Website, whether by email, Live Chat or other media;
- For up to ten (10) years from Your last account activity: Financial accounts information and game transactions.
We will also keep Your personal data for more extended periods if We are required to do so by the relevant authorities. This is especially in case of litigation or a legal process which You, the relevant authorities or Us may be a party to due to Our Service provision to You.
10. YOUR RIGHTS
You have the right to:
- access Your personal data and information that We hold on You;
- request rectification of Your personal data that You consider not to be correct;
- request for restriction of processing of Your personal data;
- request erasure of Your personal data;
- file an objection about the processing of Your personal data;
- request to export Your personal data and information; and
- be informed about any automated individual decision-making that We have in place, including risk profiling; and
- object at all times to the processing of Your personal data and information and withdraw Your consent.
Your rights may only be exercised in accordance with the law. This might include restrictions on when You can exercise such rights listed above due to laws that supersede the GDPR. You can exercise these rights by contacting Us at firstname.lastname@example.org.
You also have the right to file a complaint with the Office of the Information and Data Protection Commissioner in Malta by visiting their Website at https://idpc.org.mt/. However, You may also decide to file a complaint with Your local Data Protection Authority, where You may find a list of their contact details by visiting this Website https://edpb.europa.eu/about-edpb/board/members_en.
11. CHANGES TO THIS PRIVACY NOTICE
This Privacy Notice is subject to changes from time to time. Any changes We may make in the future will be published on this page on Our Website. The changes will be effective from the date of publishing. You can request the previous versions of such Privacy Notice by emailing Us at email@example.com.