Privacy policy

Privacy Policy

At Sons of Slots (the “Website”), we want to assure that we provide you, as a user, with information and choice about our policies and practices. We do this so you may make informed decisions whether or not you want to use our Website and how you choose to use it.

Please read this Privacy Policy (the “Policy”) carefully before using this Website. When you use the Website, you consent to the terms and conditions and the practices described in this Privacy Policy.

This Policy governs the processing of your personal data (hereinafter shall be also referred to as “data”) when you visit or use the Website or communicate with the Website's administration via available contact details.

This Policy explains the reason for the processing of your personal data, the way we collect, handle and ensure protection of all personal data provided, how that information is used and what rights you have in relation to your personal data. It also specifies the communication channels through which you may exercise your rights.

The Website, and the products, services and advertising made available through it, are not intended for use by children under the age of 18. We do not intentionally collect any information from children under 18 years of age. We will undertake to delete any details from such users where a parent or guardian has notified us that any such details have been obtained.

About us

The Website is operated by L.C.S Limited, a limited liability company, registered in Malta with registration number C-64070, having its registered address at Office 3, Level 2, Sterling Building Enrico Mizzi Street, TA' XBIEX XBX 1453, Malta, and its subsidiaries and affiliates ("Company" or "We" or “Us” or “Our”). The Company respects your privacy and commits to protecting it through Our compliance with the practices described in this notice. We will be clear and open about why we collect your data and how We use it. Where you have choices or rights, we will explain these to you.

The Company is considered a “Controller” of your data which, in accordance with the General Data Protection Regulation 2016/679 (hereinafter the "GDPR"), is a person or company who determines how and why your data is used.

This Privacy Policy describes our practices for collecting, using, maintaining, protecting, and disclosing the data we may collect from you or that you may provide when you visit the Website. This Privacy Policy applies to the data collected through our Website, regardless of the country where you are located.

The Website may include links to third-party websites, plug-ins, services, social networks, or applications. Clicking on those links or enabling those connections may allow the third party to collect or share data about you. We do not control these third-party websites, and we encourage you to read the privacy notice of every website you visit.

Please read this Privacy Policy carefully to understand our policies and practices for processing and storing your personal data. By engaging with our Website, you accept and consent to the practices described in this Privacy Policy.

This Policy may change from time to time, and your continued engagement with our Website after any such revisions indicates that you accept and consent to them, so please check the Privacy Policy periodically for updates.

If you have any concerns about the way in which we process or protect your personal data or would like to contact us about any aspect of this policy, please get in touch through the contact details at the bottom of this Privacy Policy.

Why and how do we process your personal data?

We process personal data, because it is important for us to know our users. There are many different reasons for us to need your data in order to be able to provide our services while complying with applicable legislation.

Before you start playing in the Website, for example, we will require some information about your identity and your age, as well as your address, your contact information, and the payment methods you will use.

Your data will even be used in procedures related to the prevention and detection of crime and other irregular activities.

We need your personal data to provide you with customer support, to improve our services, to ensure our systems are secure and updated, and to meet our legal and regulatory obligations which include, but are not limited to, anti-terrorism laws, anti-money laundering, anti-fraud rules and responsible gambling duties.

We have an obligation to identify those at harm from gambling as early as we can and help them stop gambling by placing certain limits on their accounts. In order to meet these obligations, we analyze our customer’s transactions and evaluate their behavior or financial status across our products and brands, which may lead us to make decisions on their account.

Sometimes we can also process the data for marketing purposes, to invite you to participate in surveys and competitions or to learn about our promotions, but you can choose to stop receiving direct marketing communications at any time.

On what legal ground(s) do we process your personal data?

We will only use your personal data when the law allows us to. Most commonly we will use your personal data in the following circumstances:

• To fulfil our contractual obligations to you, or in order to take steps, based on your request, prior to entering into a contract with you.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
• To comply with a legal obligation.
• When processing is necessary in order to protect your vital interests or of another natural person.

To the extent we process your personal data for any other purposes, we ask for your consent in advance or require that our partners obtain such consent.

What are the sources of personal data?

We will collect personal data about you:

• When you register for an account with us.
• When you visit our Website.
• Through surveys you complete.
• When you communicate with us (by email, mail, phone, or through chat or social media).
• When we undertake analysis of your interaction with us.
• From our other group companies for internal reasons, primarily for business and operational purposes.
• From public sources of information such as public records or social media postings.
• From cookies and tracking devices on your devices where you have permitted their use.
• From third parties' databases to comply with our legal and regulatory obligations.
• From online vendors and service providers such as financial and shared liquidity services, and from customer lists lawfully acquired from third-party vendors.

Which personal data do we collect and further process?

The information we may collect from you include:

Identity Data: name, address, date of birth, gender, identification documents, proof of address documents, photos.

Contact Data: email, phone number, billing address.

Financial and Transaction Data: credit and debit card details, game transactional information, payment methods, transaction history, bets, winnings and losses, deposits and withdrawals, affordability checks which may include obtaining data from other sources such as public domain information or credit history.

Technical Data: IP address, MAC address, device type, apps, location.

Profile Data:  username and password (log in information), purchases or orders made by you, your interests, preferences, feedback and survey responses.

Usage Data: information about how you use our Website and services, the games played, risk scores, profile classifications, screenshots of playing activity.

Marketing Data: your preferences in receiving marketing from us and our third parties.

Communication Data: any information shared through our communication channels, such as the history of messages on our customer support chat, or emails history, including customer’s wellbeing data.

The table below allows you to better understand what are the reasons behind the processing of each kind of personal data, and the legal basis in each case.

Identity and Contact Details Verification:

• Personal Data Involved: Personal identifiers, gambling activity, financial information, social security information, connection information, localization information.
• Possible Consequences of Failure to Provide the Personal Data: Account suspension/closure, unavailability to log in, withdrawal request unavailable.
• Legal Basis: Regulatory/legal obligation.

Registration:

• Personal Data Involved: Personal identifiers, contact details, tax identifiers, social security identifiers, financial information, connection information, location information.
• Possible Consequences of Failure to Provide the Personal Data: Failed registration.
• Legal Basis: Contract performance.

Communications with Customers, Newsletters, and Campaigns:

• Personal Data Involved: Personal identifiers, contact details.
• Possible Consequences of Failure to Provide the Personal Data: Unavailability of receiving newsletters and general marketing campaigns.
• Legal Basis: Consent.

Transactions Management:

• Personal Data Involved: Personal identifiers, financial information.
• Possible Consequences of Failure to Provide the Personal Data: Account suspension/closure, withdrawal request freezing and/or cancellation.
• Legal Basis: Regulatory/legal obligation.

Crime Prevention:

• Personal Data Involved: Personal identifiers, contact details, gambling activity, tax identifiers, social security identifiers, financial information.
• Possible Consequences of Failure to Provide the Personal Data: Account suspension/closure, unavailability to log in, withdrawal request unavailable.
• Legal Basis: Regulatory/legal obligation.

Responsible Gaming:

• Personal Data Involved: Personal identifiers, gambling activity, financial information, social security information, connection information.
• Possible Consequences of Failure to Provide the Personal Data: Account suspension/closure, unavailability to log in.
• Legal Basis: Regulatory/legal obligation.

Business Development:

• Personal Data Involved: Personal identifiers, gambling activity, financial information, social security information, connection information, localization information.
• Possible Consequences of Failure to Provide the Personal Data: N/A.
• Legal Basis: Legitimate interest (internal reporting & business development).

Personalized Offers, Bonuses, and User Interface:

• Personal Data Involved: Personal identifiers, gambling activity, financial information, social security information, connection information, localization information.
• Possible Consequences of Failure to Provide the Personal Data: Unavailability of receiving offers and bonuses. Not customized gambling experience.
• Legal Basis: Consent.

Promotions and Offers:

• Personal Data Involved: Personal identifiers, contact details.
• Possible Consequences of Failure to Provide the Personal Data: Unavailability of the relevant promotion, offer, etc.
• Legal Basis: Consent.

Enquiries, Complaints & Troubleshooting:

• Personal Data Involved: Personal identifiers, contact details, gambling activity, connection information, localization information, financial information.
• Possible Consequences of Failure to Provide the Personal Data: N/A.
• Legal Basis: Legitimate interest (optimal experience for our customers and troubleshooting of issues).

Reporting to Regulatory/Law Enforcement Authorities:

• Personal Data Involved: Personal identifiers, gambling activity, financial information, social security information, connection information, localization information, tax identifiers.
• Possible Consequences of Failure to Provide the Personal Data: Account suspension/closure, unavailability to log in.
• Legal Basis: Regulatory/legal obligation.

Quality Assurance and Staff Training Through Call Recording and/or Educational Material Presentation:

• Personal Data Involved: Personal identifiers, contact details, gambling activity.
• Possible Consequences of Failure to Provide the Personal Data: Unavailability of callback/phone customer service.
• Legal Basis: Legitimate interest (optimal experience for our customers and quality assurance of our customer service).

Creditworthiness and Solvency Checks:

• Personal Data Involved: Personal identifiers, gambling activity, financial information, social security information, connection information, localization information.
• Possible Consequences of Failure to Provide the Personal Data: Potential restrictions web site usage in cases of detection of malpractices.
• Legal Basis: Legitimate interest (assurance of accuracy and legal nature of information provided).

How long do we keep your personal data?

We only keep your personal data for the time necessary to fulfil the purpose of collection or further processing, namely for providing you with the requested services.

Any personal data that is no longer needed by the Company, as per the applicable laws and regulations, will be immediately deleted.

For all purposes explained before, your data will be retained for a minimum of a five-year period, after the termination of the customer relationship. In some cases, however, some personal information may be retained beyond that time period due to potential legal obligations, legitimate interest purposes, etc. Such reasons would be issues related to money laundering, taxation, players protection, civil and penal law or any other legal issues.

How do we protect and safeguard your personal data?

The security of your personal data is very important to us. In order to protect your personal data, we have put in place a number of technical and organizational measures. Technical measures include appropriate actions to address online security, risk of data loss, alteration of data or unauthorized access, taking into consideration the risk presented by the processing and the nature of the personal data being processed. Organizational measures include restricting access to the personal data solely to authorized persons with a legitimate need to know for the purposes of this processing operation.

Whenever you register, connect, make payments, or send sensitive information, we use SSL / TLS standard that encrypts your data before being sent from your computer to be only decrypted by our servers. In the same way, the web pages that the user browses are encrypted by our servers so that they can only be decrypted by the user of the computer. Indicatively, browsers like Chrome, Firefox, or Opera use AES-256 bits encryption, while our servers will not accept any browser connections that do not meet the minimum security requirement of a 128-bit encryption. The webpages’ security can be verified by the presence of the padlock symbol in the browser.

Who has access to your personal data and to whom is it disclosed?

Access to your personal data is provided to the Company’s employees responsible for carrying out the processing operation according to the "need-to-know" principle.

When necessary, we may share your personal data with the following institutions, always in compliance with the provisions of applicable laws:

• Public authorities, especially Law enforcement bodies at the countries we operate;
• Members of our corporate group (subsidiaries, holding company and affiliates);
• Regulatory gaming authorities (MGA);
• Sport governing bodies (e.g. FIFA, IOC);
• Anti-Money Laundering / Counter Terrorism Financing (AML/CTF) agencies;
• Credit reference agencies and banks;
• Legal advisers;
• Third parties, as casino content providers, payment providers and other business partners that are contractually required to respect confidentiality;
• Other selected third parties when necessary for the provision of our services.

What are your rights and how can you exercise them?

You have specific rights as a ‘data subject’ under the GDPR, such as the right of access to, rectification or erasure of your personal data and the right to restrict the processing of your personal data. Please see the table below for more detailed information on your rights:

To be informed – Our company has the obligation to inform you, in a very clear way, about how we use your data and why. This is the main purpose of this Policy.

Access – You can ask us to give you access to your data and documents by sending us a Data Subject Access Request Form (SAR). You can ask for a SAR form for you to fill through our customer service communication channels.

Rectification – You might ask us to correct some of your data in case there is a mistake, or to add information if the data is incomplete.

Erasure – This can also be called the “right to be forgotten”, and it means that you, in certain circumstances, can demand the removal of your personal data from our organization. In some situations, however, we will need to keep the data in order to comply with laws and regulations.

Restrict processing – We might need to restrict the processing of your data while we analyze your claims, for example, a claim to correct your data.

Data portability – It allows you to move, copy or transfer their personal data online, in a safe way, without affecting its usability, and it means our company needs to provide your data in a commonly used format.

Objection – You can disagree with the way your data is being processed in some circumstances, and you can complain about that. For example, you can object the use of your data for marketing purposes.

Avoid automated decision making – You have the right not to be subject to a decision based solely on automated processing, including profiling. When communication with us about your data, you have the right to request human intervention.

Complaint – In accordance with Article 77 of the GDPR, you have the right to complain to the relevant Data Protection Supervisory Authority, in particular in the Member State of your habitual residence, place of work or place of an alleged infringement.

You can exercise your rights by contacting us directly through the channels informed on the end of this Policy. However, in order to request access, rectification, erasure, or a copy of your data, you may send us a Data Subject Access Request Form (SAR). You can ask for a SAR form, for you to fill, through our customer service experts. If you wish to exercise your rights in the context of one or several specific processing operations, please provide their description.

Where there are reasonable doubts regarding your identity, you might be asked to provide a copy of an identification document as a means to authenticate your identity.

How can I opt out of marketing correspondence?

If you do not wish to receive any offers, promotions, information on events and tailored communications based on your account activity, you can request to be made un-contactable by:

• Using the “unsubscribe” option provided in any marketing communication you receive
• changing your preferences on your account settings
• contacting our Customer Support department.

Please consider this will not prevent any essential customer correspondence.

Contact information

If you have any questions about this Policy or would like further information about your rights, please contact Our Data Protection Officer (DPO) through the following email address:

dpo@sonsofslots.com.