If you are using a service offered under our UK License, EveryMatrix Software Limited acts in its capacity of data controller in terms of the EU Regulation 2016/679, determining the purposes and means of the processing of your personal data.
If you are using a service offered under our Malta License, EveryMatrix Limited acts in its capacity of data controller in terms of the EU Regulation 2016/679, determining the purposes and means of the processing of your personal data.
If you are using a service offered under our Curacao License, EveryMatrix N.V. acts in its capacity of data controller in terms of the EU Regulation 2016/679, determining the purposes and means of the processing of your personal data. Its representative inside the EU is EveryMatrix Limited.
Please see Section 7 for contact details of the Data Controllers.
There are two general categories of information we collect.
When using any of the Website’s products you will be asked to provide us with true, updated and accurate personal information that will allow us to identify you. We ask for and collect the following personal information about you when you use the Website. This information is necessary for the adequate performance of the contract between you and us and to allow us to comply with our legal obligations. Without it, we may not be able to provide you with all the requested services.
We collect your name and surname, date of birth, place of residence, postal code and email address that you provide upon registration. These data are processed for the purpose of player identification. The legal basis for this processing is our legal obligation to comply with the relevant Gambling Legislation.
In some cases, the Data Controller and the Payment Data Controller collect your ID document, proof of your address, proof of payment, SOW, date of birth, address, email address, phone number, you provide us with. These data are processed for the purpose of player verification and KYC. The legal basis for this processing is our legal obligation to comply with anti-money laundry regulations and Age Verification requirements of UKGC.
When you use the payment services, we need to collect certain financial information, like your (encrypted) payment card information, your email, phone, address, date of birth, as it is necessary to comply with applicable law, such as anti-money laundering regulations, and to process payments. Without it, you will not be able to use payment services.
When you communicate with us, we collect your name, your email and any information about your communication. These data are processed for the purpose of providing you a support service and in order to maintain accurate records of the information that we have received from you, given our legitimate interest in improving the Website and our users’ experience with it, and for the adequate performance of the contract with you.
When you use the Website and the payment service, we automatically collect information, including personal information, about the services you use and how you use them. This information is necessary for the adequate performance of the contract between you and us, to enable us to comply with legal obligations and given our legitimate interest in being able to provide and improve the functionalities of the Website and in preventing fraud.
When you access or use the Website, we collect information about your IP address and location based on that IP, to be able to comply with different Countries’ laws and regulations.
The Payment Data Controller collects information related to your payment transactions through the Website, including the payment instrument used, date and time, payment amount, payment instrument expiration date, email address, IBAN information, your address and other related transaction details. This information is necessary for the provision of the payment services, to comply with applicable law (such as anti-money laundering regulations) and to prevent fraud.
We use, store, and process information, including personal information, about you to provide, improve, and develop the Website, create and maintain a trusted and safer environment and comply with our legal obligations.
In particular, to:
· Conduct checks against databases and other information sources, including background or police checks, to the extent permitted by applicable laws and with your consent where required.
We process this information given our legitimate interest in protecting the Website, to measure the adequate performance of our contract with you, and to comply with applicable laws.
The Payments Data Controller uses the information collected to:
· Enable you to access and use the Payment Services.
· Detect and prevent fraud, abuse, security incidents, and other harmful activity.
· Conduct security investigations and risk assessments.
· Conduct checks against databases and other information sources.
· Comply with legal obligations.
· Enforce our Terms of Services and other policies.
The Payments Data Controller processes this information to comply with applicable laws (such as anti-money laundering regulations).
In some cases, we may use your data also to:
· Contact you in relation to promotions, products or services that you may be interested in from time to time, but only where you have consented to receive such marketing communications.
· Carry out certain profiling of you and your activity on the Website in order to personalise, measure, and improve our marketing and to send you more relevant marketing communications.
In such cases we will process your personal information for the purposes listed in this section given our legitimate interest in undertaking marketing activities to offer you products or services that may be of your interest. You can always opt-out of receiving marketing communications from us by following the unsubscribe instructions included in our marketing communications or changing your notification settings within your Account.
Our website incorporates privacy controls which affect how we will process your personal data. You can access the privacy controls via your Account settings.
We may disclose your information, including personal information, to courts, law enforcement or governmental authorities, or authorized third parties, if and to the extent we are required or permitted to do so by law or if such disclosure is reasonably necessary: (i) to comply with our legal obligations, (ii) to comply with legal process and to respond to claims asserted against us, (iii) to respond to requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability, (iv) to enforce and administer our Terms of Service, or (v) to protect our and our employees’ rights, property or personal safety. We may access and share your information with regulators, law enforcement or others in response to a legal request, if we have a good-faith belief that the law requires us to do so. We can also respond to legal requests when we have a good-faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction and is consistent with internationally recognised standards and/or we have a good-faith belief that it is necessary to: detect, prevent and address fraud, unauthorised use of the service, breaches of our Terms or Policies, or other harmful or illegal activity; to protect ourselves (including our rights, property or service), you or others, including as part of investigations or regulatory enquiries.
The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights and proper protection of our business against risks.
Where appropriate, we may notify you about legal requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law, or (ii) we believe that providing notice would be futile, ineffective, or create or increase a risk of fraud upon us. In instances where we comply with legal requests without notice for these reasons, we will attempt to notify you about the request after the fact where appropriate and where we determine in good faith that we are no longer prevented from doing so.
We use a variety of third party service providers to help us provide services related to the Website and the payment services. Service providers may be located inside or outside of the European Economic Area (“EEA”).
For example, service providers may help us: verify your identity or authenticate your identification documents, check information against public databases, conduct background or police checks, fraud prevention, and risk assessment, provide customer service, advertising, or payments services.
We may share some of your information with such third parties service providers in order to ensure the adequate performance of our contract with you, for our legitimate interest and to comply with our legal obligations. We will require your consent when needed.
For example, we provide your financial information to MoneyMatrix Ltd and other payment service providers (e.g. TSI-Transaction services international[AR1] ) for the provision of the payment services. Also, we share your personal data (like your name, surname, date of birth, address, email address, phone number) with our service providers for KYC checks, fraud prevention or player protection; we share some of your personal information like your name, date of birth, email address, country with our service providers for the provision of the games; we may share data such as your name, gender, age, language, marital status, mobile number, revenue amount, email, registered date with our service providers for marketing campaigns. We may share your personal data (like name, username, email address, address, phone number) with service providers who assist us in enhancing your user experience and in offering you a better service.
You can always contact us to receive the full list of our service providers which process your data.
4.3. CORPORATE AFFILIATE
We may share your information, including personal information, to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy.
We may also share aggregated information (information about our users that we combine together so that it no longer identifies or references an individual user) and other anonymized information for regulatory compliance, industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
4.5. BUSINESS TRANSFERS
Under the General Data Protection Regulation, you have the right to access, rectify, port and delete some of your data. You also have the right to object to and restrict certain processing of your data. This is a case-by-case determination that depends on things such as the nature of the data, why it is collected and processed, and relevant legal or operational retention needs.
You may exercise any of the rights described in this section before your Data Controller and Payments Data Controller by sending an email to firstname.lastname@example.org. Please note that we may ask you to verify your identity before taking further action on your request.
Please be aware that whilst we will try to accommodate any request you make in respect of your rights they are not absolute rights. This means that we may have to refuse your request or may only be able to comply with it in part.
You may access and update some of your information through your Account settings. You are responsible for keeping your personal information up-to-date.
You have the right to ask us to correct inaccurate or incomplete personal information concerning you (and which you cannot update yourself within your Account).
You have the right to access your personal data held by us and a right to receive certain personal data in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible).
We will retain your personal data for the period necessary to perform the contract between you and us and to comply with our legal obligations. Accordingly, the Data Controller and/or the Payments Data Controller shall maintain your personal data for up to 7 years following the closure of your Account (if applicable) or the last contact with us emanating from you. Where it is no longer necessary to process your personal data, it will be deleted. Please note, however, that we may be subject to legal and regulatory requirements to keep personal data for a longer period.
You have the right to have certain personal data erased where it is no longer necessary for us to process it, where you have withdrawn your consent pursuant to paragraph 5.5, where you have objected pursuant to paragraph 5.6, where your personal data has been unlawfully processed, or where erasing your personal data is required in accordance with a legal obligation;
Please note that if you request the erasure of your personal information:
a. We can retain and use your personal information to the extent necessary to comply with our legal obligations. For example, we may keep some of your information for tax, anti-money laundering reporting and auditing obligations.
b. We can retain some of your personal information as necessary for our legitimate business interests, such as fraud detection and prevention and enhancing safety.
c. Information that we receive about you (including financial transaction data) can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation or investigations of possible breaches of our Terms or Policies, or otherwise to prevent harm.
Where we have specifically requested your consent to process your personal data and have no other lawful conditions to rely on, you have the right to withdraw this consent at any time by changing your Account settings or by sending a communication to email@example.com specifying which consent you are withdrawing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal.
Additionally, applicable law may give you the right to limit the ways in which we use your personal information, in particular where (i) you contest the accuracy of your personal information; (ii) the processing is unlawful and you oppose the erasure of your personal information; (iii) we no longer need your personal information for the purposes of the processing, but you require the information for the establishment, exercise or defence of legal claims; or (iv) you have objected to the processing pursuant to next section and pending the verification whether the legitimate grounds of the Data Controller override your own.
You have the right to object to processing where lawful basis is that it is in our legitimate interests, but please note that we may still process your personal data where there are other relevant lawful bases or where we have compelling grounds to continue processing your personal data in our interests which are not overridden by your rights, interests or freedoms;
You also have the right to object to direct marketing, which can be done by opting-out of direct marketing either via your Account settings or by opting out via the communication itself. You also have a right to object to any profiling to the extent that it relates to direct marketing only.
You have the right to lodge complaints about the data processing activities carried out by the Data Controller and the Payment Data Controller before the competent data protection authorities. Please refer to Section 7 for further information.
For example, we might share your account data with our service providers in Ukraine and China. Such sharing is necessary for us given our legitimate interest availing ourselves of development services and to fulfil the contract you have entered into with us.
You can always contact us to receive the full list of our service providers outside of the EEA which process your data.
If you have questions about this Policy or our information handling practices, or If you are seeking to exercise any of your rights under the General Data Protection Regulation, please contact our Data Protection Officer at: firstname.lastname@example.org.
The Data Controller responsible for your information are:
EveryMatrix Limited, reg. no. C44411
EveryMatrix Software Limited, reg. no C51832
which you can contact online through our website “Contact Us” form” or by post at:
EveryMatrix Limited, Portomaso Business Tower, Suite 1A, Level 5, St. Julian’s, Malta.
EveryMatrix Software Ltd, Portomaso Business Tower, Suite 1A, Level 5, St. Julian’s, Malta.
If you are not satisfied with how we manage your personal data, you also have the right to lodge a complaint with your local Data Protection Authority.[AR2]