Search

Stride Customer Privacy Policy

This policy applies to applications which are operated by Daub Alderney Limited (‘Daub’) (Bailiwick of Guernsey) which is a company registered in Alderney and licensed by the Alderney Gambling Control Commission (AGCC) and by the UK Gambling Commission (UKGC) to provide its online gaming products and services to its customers. Daub is a data controller and is registered with the Office of the Data Protection Commissioner in the Bailiwick of Guernsey.

Daub is part of The Rank Group Plc group of companies (‘Rank Group’) which operates gaming venues in Europe and digital gaming sites, including the Bella Casino, Enracha, Grosvenor Casino, Luda Bingo and Mecca Bingo brands.

For the purposes of this Privacy Policy, ‘we’, ‘us’ and ‘our’ means Daub Alderney Limited (‘Daub’) (Bailiwick of Guernsey) and ‘you’, ‘user(s)’, ‘customer(s)’, ‘player(s)’, ‘individual(s)’ or ‘data subject(s)’ means the data subjects about whom we process personal data. We respect the privacy of all our customers and visitors and are committed to processing personal data in a transparent, accountable and consistent way.

In order to provide our products and services to our customers we need to process personal data about them. The processing activities that we may carry out in relation to your personal data include requesting it, collecting it, storing it, analysing it and sharing it.

Please read this Privacy Policy carefully. This Privacy Policy explains how we process personal data. It also explains the rights of individuals or data subjects about whom we process personal data. Any questions about personal data processed by us should be directed to our Data Protection Officer.

In this Privacy Policy we provide information on the following:

  • Collection of Personal Data
  • Collection of Special Categories of Personal Data
  • Legal Reasons for collecting Personal Data
  • Consent and the Withdrawal of Consent
  • Use of Information Collected
  • Marketing
  • Data Sharing
  • Automated Individual Decision Making and Profiling
  • International data transfers
  • Information technology and data security
  • Public forums
  • Child safety
  • Retention of personal data
  • Your rights
  • Exemptions to data subject rights
  • Cookies and pixels
  • How to contact us

1. COLLECTION OF PERSONAL DATA

Personal data is information about you and that identifies you or may reasonably identify you (in conjunction with any other information that we hold about you) for example, your name, e-mail address, address or telephone number, IP address, copies of ID, proof of address, etc.)

The personal data that we may collect, and process includes information within the following categories:

Personal data collected directly from data subjects:

  • Registration details: we will collect personal data from you when you register with us, for example, first and last name, email address, gender, birth data (date and place of birth), physical address, country of residence, city of residence, email address, phone number etc.;
  • Payment information: for billing arrangements payment information may be collected from you, such as your currency, bank account details, e-wallet details, PayPal account, Pay by Mobile etc.;
  • Identity and verification information: due diligence documentation including passport, identity card, bank statement, driving licence, utility bill, photograph, occupation, source of funds and wealth data etc.; and
  • Communications: communications you have with us by telephone, via email or on chat features, in games, competitions, promotions or surveys, when submitting queries, and when you report any user problems etc. This will include information which you provide to us on a voluntary basis.
  • Personal data collected from your use of our websites:
  • We will automatically collect information from you each time you visit or otherwise use our websites. This includes:
  • Technical and device information: connection details and information with regard to your device, software or hardware that may identify you such as unique identifiers, IP address, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, screen resolution, flash version, webpages browsed on Daub websites and geo-location data;
  • Gaming and account transactions: transactions, wins, wagers, deposits, withdrawals, bonuses, balances, bets etc. We also collect information from your patterns of transacting across our platforms and use this information, as required by applicable gambling/gaming legislation, in order that we may identify gambling problems or addictions and to ensure that we maintain a responsible gaming environment; and
  • Social networks:  registrations made through social network accounts (such as your Facebook account), will give us access to basic information from your social network account, such as name, date of birth, profile picture and friends list, as well as information that you make publicly available on such an account.

Personal data collected from other sources:

Occasionally, we may be provided with or request the provision of personal data by or from a third party or alternative source which is not the data subject. Examples include:

  • Verification data: information in order to verify the identity of a data subject in order to prevent fraudulent or illegal activity;
  • Service providers: personal data about a data subject from other sources including third party service providers of risk intelligence and other platform providers;
  • Credit agencies: information about a data subject’s credit history from credit agencies (but never full credit card information) and other financial information; and
  • Open-source: open source and publicly available sources such as the internet and social networks.

2. COLLECTION OF SPECIAL CATEGORIES OF PERSONAL DATA

Special categories of personal data are specific categories of personal data related to a person’s profile: race or ethnicity; political, religious or philosophical beliefs; sexual life or sexual orientation; health; genetic or biometric data; or trade union membership.

We process the following Special Categories of Personal Data:

  • Health data

We may process these special categories of personal information in order to comply with any legal, regulatory and social protection obligations to which we are subject.

3. LEGAL REASONS FOR COLLECTING PERSONAL DATA

We process personal data for a number of legal reasons or grounds which may include:

  • for the performance of our contract with you: for example, to set-up and register, manage and operate your account, to verify your identity and process payments;
  • the exercise of rights or obligations conferred on us, or the performance of or compliance with duties imposed on us, by applicable laws and regulations (for example, where we must assist the relevant authorities with the prevention, detection and investigation of crime, and where we are obliged to do so by the terms of our regulatory licences;
  • compliance with due process in connection with legal proceedings, the taking of legal advice or otherwise in connection with legal rights; and
  • for the furtherance of our legitimate interests in delivering customer focused and personalised content to our players and generally improving the content and delivery of our products and services.

Where the processing of personal data about you is necessary for the furtherance of our legitimate interests, that processing is conditional upon those legitimate interests not being overridden by your interests or by your fundamental rights and freedoms. You are entitled to request information from us concerning the decisions that we may have made to process your personal data for the purposes of our legitimate interests.

4. CONSENT AND THE WITHDRAWAL OF CONSENT

There are cases where in order to process your personal data, we need your consent to do so. However, we are under legal and regulatory obligations to obtain certain personal data from you before we can provide our products and services to you. Accordingly, while you may not be obliged to provide us with your personal data, if you do not do so, we may be unable to provide you with products and services.

Where the legal basis for processing personal data about you is your consent (for example, to send you marketing materials), then you may at any time withdraw your consent by contacting the website support centre for the application(s) concerned, by changing the settings in your account or changing the settings of your cookies. Where you withdraw your consent for us to process personal data about you, we may not be able to provide you, or continue to provide you, with certain products and services.

Where you have not provided consent and/or have withdrawn your consent to certain processing activities (for example, marketing activities) we may need to continue to process your personal data for other legal reasons which may include: other aspects of performance in relation to the contract between us, for a legitimate interest, or in connection with legal or regulatory obligations to which we are subject.

5. USE OF INFORMATION COLLECTED

We use personal data for the following purposes:

  • to register user accounts;
  • to update user accounts and perform business and administrative activities that support the maintenance of those accounts;
  • to provide users with access to the games and services available on our platforms;
  • to identify and authenticate user access to certain features for example, restricted access products and services on the platforms;
  • to communicate with our users and keep them informed of our latest services, updates and special offers;
  • to determine your VIP status;
  • to enhance user experience of our products and services and to continually improve those products and services;
  • to provide a responsible gaming environment to our users including monitoring to detect patterns of behaviour (for example, play, deposits and other variables) that may be an indication of problem gambling;
  • to collect monies, to allow you to place deposits and wagers, to enable withdrawal of funds;
  • to send you notifications about operational requirements, technical service issues, security issues, account balance information and promotional information;
  • to respond to queries, requests, complaints and provide customer support services;
  • for marketing analysis and to market our service including to provide you with promotional update communications by email, post, telephone, direct messaging, direct mail and other digital channels  (pop ups, push notification, banner advertising, etc.) about our products and services,  promotional materials,  as well as products, services, websites and applications which relate to products and services from companies within the Rank Group which we believe may interest you;
  • to understand customer needs and preferences in order to provide bespoke offers to our customers;
  • to process any requests for information;
  • to investigate and resolve disputes concerning our services;
  • to comply with the conditions of our regulatory licences and with other regulatory and/or legal requirements;
  • to conduct credit searches;
  • to improve user experience through data collected through analytics;
  • to carry out customer due diligence;
  • for monitoring user activity on the platforms in order to help us develop the platforms and the services offered on them;
  • to detect and prevent fraudulent, otherwise illegal or anti-social activities;
  • to investigate violations of our policies and user agreements;
  • to prevent money laundering and to prevent the financing of terrorism; and
  • where otherwise required to do so by law, regulation or other binding authority.
  • Research and statistical analysis

6. MARKETING

Subject to customer consent, we share personal data with carefully selected third parties engaged in the business of providing marketing and promotional services. We do this in order to improve customer experience of our products and services, to make additional and promotional products and services, to develop new and improved services, and to offer promotions and rewards.

Where you have provided your consent to further marketing activities you may receive advertisements and other promotional materials about the products and/or services of third parties which may be of interest to you. In order to ensure that we offer our users carefully selected additional products and services we use data analysis techniques, including profiling, in order to analyse your age, location, playing patterns and behaviour, preferences and interests. The conclusions that we make, having undertaken such customer analysis, enables us to ensure that you receive marketing, promotional and other additional material which is uniquely tailored to you.

You may at any time object to and/or withdraw your consent to the any further marketing activities by checking and updating your contact details within your account or selecting the ‘unsubscribe’ link at the end of our marketing and promotional update communications to you, or by contact us. If you decide to withdraw your consent for the use of your personal data for marketing purposes, we will cease to process personal data concerning you for such purposes.

7. DATA SHARING

The sharing of personal data about our customers between entities within the Rank Group is governed by a binding corporate agreement pursuant to which all members of the Rank Group have agreed to adhere to the standards of GDPR.

We may share personal data with other entities or third parties but will only do so in the circumstances described in this privacy policy and where the third parties concerned have agreed to adhere to the standards of GDPR. We will only provide these third parties with the specific information that they require in order to provide the services for which they are being engaged and they will be prohibited from using that information for any other purposes. When third parties have access to your personal data, we also require that they protect the confidentiality of your personal data. These third parties may include:

  • organisations providing website and data hosting services, storage and hosting providers, cloud provision services, fulfilment services, communications distribution services, marketing lists and support services, feedback services, IT support services, marketing and promotional services, including events services, promotional and advertising etc.;
  • credit reference agencies for the purpose of assessing credit scores where this is a condition of us entering into a contract with a customer, user verification and authentication services providers, and fraud prevention service providers and chargeback investigation providers;
  • payment processing providers who provide us with secure payment processing services and related banking services;
  • research, data analysists, technical and diagnostic services;
  • services concerned with maintaining responsible gaming practices;
  • accountants, auditors, lawyers, other experts and other professional service providers; and
  • licensing authorities, governmental and regulatory bodies if required to do so by law or regulation in connection with the licences under which we conduct our gaming business.

We may also be required to disclose personal data in certain circumstances which may include:

  • where we are required to do so by a court of law in connection with legal proceedings;
  • where we are required to do so by regulatory and/or supervisory authority in connection with any aspect of the regulated environment in which we conduct our online gaming services (such as law enforcement agencies, government agencies, the controllers of public registers, other regulators and supervisory bodies);
  • where we are required to so protect our legal rights and/or enforce our legal obligations for example, to our customers, employees and to members of the public;
  • in the event of an insolvent situation; and
  • in connection with a sale of or investment in one or more of the companies within the Rank Group, or a restructuring, refinancing, consolidation, dissolution or other corporate procedure concerning all or part of the Rank Group.

8. AUTOMATED INDIVIDUAL DECISION MAKING AND PROFILING

Automated individual decision making refers to a decision made solely on the basis of automated processing of your personal data, without human involvement. Profiling is defined as automated processing of personal data to evaluate certain things about an individual.

We conduct automated decision making to verify your identity before we allow you to play on our game sites. You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly affects you, as long as the decision is not necessary for entering into, or the performance of, a contract between you and us; or is not based on your explicit consent.

9. INTERNATIONAL DATA TRANSFERS

The Rank Group operates globally. The sharing of personal data about our customers between entities within the Rank Group is governed by a binding corporate agreement pursuant to which all members of the Rank Group, regardless of their geographic location, have agreed to adhere to the standards of GDPR. We need to transfer personal data within and between the Rank Group in order to provide and support the products and services that we provide to our customers.

It is the case that some countries outside of the European Economic Area (‘EEA’) may not protect personal data to standards equivalent to those applicable under GDPR. Where we need to transfer personal data outside of the EEA, we will take all appropriate steps to ensure that personal data is transferred only where subject to appropriate safeguards which are designed to ensure the protection of personal data and the enforceability of personal data rights. We will, for example, seek to rely on a recognised legal adequacy mechanism, on a binding and enforceable instrument or to transfer only on the basis of standard data protection clauses.

110 INFORMATION TECHNOLOGY AND DATA SECURITY

All personal data held by us is stored on secure servers. We use strict procedures and security features to maintain the security of our systems and the personal data and other information stored in them. We take cyber-security very seriously and implement multiple different layers of physical and technological controls to prevent unauthorised access and to ensure data security, integrity and privacy. Systems and controls include, but are not limited to:

  • firewalls, network segmentation, anti-malware scanning, intrusion detection and prevention systems;
  • penetration testing and vulnerability management and remediation;
  • security events and incident management program through a 24/7 security operations centre;
  • encryption for sensitive data in transit and at rest;
  • strict access controls and authentication procedures;
  • regular cyber-security audits;
  • TLS encryption for payment transactions; and
  • use of ISO27001:2013 accredited hosting and co-location facilities.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our applications you are responsible for keeping your password(s) confidential. We will never ask you to disclose your password to us and we would ask you not to share your password with anyone.

Our websites may contain links to external or third party websites. We are not responsible for content of such websites. You should carefully read the privacy policies and the terms of use for third party websites and/or services that you wish to visit or use particularly before providing any of your personal information to them.

11. PUBLIC FORUMS

The websites contain places that are public such as chat rooms, message boards, news groups and/or other forums. Any information that you disclose in these areas becomes public information. You should therefore exercise caution when using these public areas and avoid posting any personal data on them. Any information that you communicate in these public places may be viewed and utilised by third parties, for example to send you messages, to send you advertising or for any other purposes. We are unable to control the activities and behaviours of third parties in public areas. Accordingly, if you disclose personal data in public spaces, you do so at your own risk. We recommend that you review the privacy policies of any relevant third parties before disclosing your personal data on their websites or platforms.

12. CHILD SAFETY

Protecting the safety of children when they use the internet is important to us. Our websites are intended for use only by persons who are at least 18 years of age. By using the products and services available on the websites you confirm to us that you meet this minimum age requirement. If you are not at least 18 years old, then you should not use any of the products or services that we offer nor provide us with any of your personal data. We may verify personal data provided by you. If we are unable to verify minimum age of 18 years, we will deal with any information, including personal data that has been provided to us in accordance with applicable legal and/or regulatory obligations. If you have reason to suspect that a minor has transacted with us, please contact us.

13. RETENTION OF PERSONAL DATA

We retain personal data for as long as necessary for the purpose(s) for which the personal data was collected. For example:

  • for as long as you have an account with us, we need to retain your personal data in order to meet our contractual obligations to you;
  • to comply with our licence conditions and any other regulatory and legal requirements;
  • for a period after termination of a customer relationship with us in order to comply with ongoing legal and regulatory provisions (such as employment law and tax law); and
  • where there are compelling legitimate grounds to do so.

We may retain aggregate information for longer periods in order to conduct market research and to help us to continue to develop and improve our services. You cannot be identified from aggregate information retained or used for these purposes.

Periodically we review the personal data that we hold on all of our customers in order to ensure that we are not retaining it for any longer than is necessary.

14. YOUR RIGHTS

GDPR provides data subjects with a number of rights. We are significantly invested in protecting data subject rights and upholding the protections of GDPR. A data subject about whom we hold personal data may approach us at any time to request to review the personal data that we hold in relation to them, ask us to amend it, request that we erase it, ask us to cease using it, or request that it be transferred to another party. In summary, your rights in relation to your personal data may include the following rights:

  • to receive confirmation as to whether we are processing personal data about you;
  • to access the personal data about you held by us;
  • to be informed of the legal bases for the processing of your personal data by us;
  • to withdraw your consent to any processing of your personal data based solely on your consent;
  • to be informed of the recipients of any personal data that we have shared outside of the Rank Group;
  • to be advised of any retention periods applicable to the storage, by us, of your personal data;
  • to request the rectification of inaccurate personal data, to have incomplete personal data about you completed, or the erasure of your personal data if it is no longer required by us;
  • to restrict our processing activities in relation to your personal data;
  • to be advised of the source of personal data that we hold on you, where you are not the direct source of that personal data;
  • to have your personal data transferred to another controller, where technically possible, by automated means;
  • to object to the continued processing by us of your personal data;
  • the right to object to the processing of personal data which is based on the legitimate interests of the Rank Group; and
  • information on any profiling or automated decision making undertaken by us in relation to your personal data.

Any data subject who wishes to exercise rights under GDPR in relation to Daub should send their request to our Data Protection Officer in writing.

We will deal with your request within one month of receiving it, save that in certain circumstances we have the right to seek an extension to this period, and free of charge (unless your requests are for some reason repetitive, unfounded or otherwise excessive).

Where a data subject has reason to make a complaint in relation to the Daub’s  processing of their personal data or the protection of their data protection rights, they may make a complaint, in writing, to the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number.

GDPR provides for a data subject who has reason to complain about the handling of their complaint by a data protection authority to appeal to court where specified grounds exist.

15. EXEMPTIONS TO DATA SUBJECT RIGHTS

There are circumstances where certain data rights may not be applicable. These circumstances may include cases where to apply a data subject right may conflict with other legal obligations. For example, your right to erasure of personal data may not be applicable where we are under an obligation to retain the personal data concerned in order to comply with applicable legislation or regulation, to comply with a legal or a licensing requirement or in connection with legal proceedings. Further, we may be able to demonstrate compelling legitimate grounds for the processing of your personal data which override your personal data rights.

16. COOKIES AND PIXELS

Cookies are used on transactional websites in order to save customer log-in information. We use cookies to help us to customise your experience and to show you the most relevant information when you return to our websites. A cookie is an electronic information file that sits on your computer and remembers what you enter while you are browsing a website. Most browsers automatically accept cookies but, if you prefer, you can change your browser settings to prevent that from happening or to notify you each time a cookie is set. You can learn more about our use of cookies in our cookie policy.

We use pixel based tracking to track a visit or event on the websites and to track advertisements. You can learn more about our use of pixels in our cookie policy.

17. HOW TO CONTACT US

If you would like to contact us with any queries or comments concerning data protection, our contact details are as follows:

Data Protection Officer
Daub Alderney Limited
Turing House
Gibauderie
St Peter Port
Guernsey
GY1 1XN

Email: dataprotection@daubalderney.com

Telephone: 0845 565 2059

 

 

This Privacy Policy was last updated on 4 October 2019.