Personal Data Processing

General Provisions

This document sets out the principles and procedures governing the collection, use, storage, transfer, and protection of personal data by the Operator in accordance with the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR).

The Operator is committed to ensuring the confidentiality, integrity, and lawful processing of personal data received from users in the course of providing services through this site.

Definitions

The following terms shall have the meanings ascribed below for the purposes of this Policy:

  • “Personal data” means any information relating to an identified or identifiable natural person, as defined under the Data Protection Act 2018 and UK GDPR.
  • “Data subject” refers to any individual whose personal data is processed by the Operator.
  • “Processing” denotes any operation performed on personal data, including collection, recording, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure, erasure, or destruction.
  • “Controller” is the entity that determines the purposes and means of processing personal data.
  • “Processor” is a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the Controller.

Legal Basis for Processing

The Operator processes personal data based on one or more of the following legal grounds:

  1. Performance of a contract or steps taken at the data subject’s request prior to entering into a contract.
  2. Compliance with legal or regulatory obligations.
  3. Legitimate interests pursued by the Operator or a third party, provided that such interests do not override fundamental rights and freedoms of the data subject.
  4. Where required by law, consent provided by the data subject.

Categories of Personal Data Processed

The Operator may process the following categories of personal data:

  • Identification data (e.g., full name, date of birth, nationality)
  • Contact data (e.g., residential address, email address, phone number)
  • Account information (e.g., username, registration details, transaction history)
  • Verification documents (e.g., copies of ID, proof of address, source of funds)
  • Technical data (e.g., IP address, device identifiers, browser type)
  • Other data provided by users in the context of service provision

Purposes of Personal Data Processing

Personal data is processed by the Operator for the following purposes:

  • User identification and authentication
  • Fulfilling contractual obligations and providing services
  • Conducting anti-money laundering and fraud prevention checks
  • Compliance with licensing, statutory, and regulatory requirements
  • Managing user accounts and processing payments
  • Communication with users regarding services or legal matters
  • Record keeping and dispute resolution
  • Ensuring security of the website and IT systems

Personal Data Storage and Retention Periods

Personal data is stored securely and retained for the period necessary to fulfill the purposes for which it was collected, or as required by applicable law and regulatory requirements. The retention period may vary depending on the type of data and specific legal or operational requirements, after which data will be securely erased or anonymized.

Data Transfer and Disclosure

Where necessary, personal data may be transferred within the United Kingdom or to third parties, including:

  • Regulators, law enforcement agencies, and public authorities where required by law
  • Payment service providers for transaction processing
  • Third-party service providers acting on the Operator’s behalf as data processors

All transfers of personal data are conducted in accordance with UK GDPR requirements. Sufficient safeguards are implemented to protect data when transferring to third parties.

Rights of Data Subjects

Data subjects have the following rights in respect of their personal data under the Data Protection Act 2018 and UK GDPR:

  • Right to access personal data
  • Right to rectification of inaccurate or incomplete data
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent (where processing is based on consent)
  • Right to lodge a complaint with the Information Commissioner’s Office (ICO)

Requests concerning the exercise of these rights may be directed to the Operator via the contact details provided below.

Data Security Measures

The Operator implements appropriate technical and organisational measures to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include, but are not limited to, access controls, encryption, firewalls, and continuous monitoring of IT systems.

Contact Information

For all enquiries or to exercise rights pertaining to personal data, users may contact the Operator’s Data Protection Officer at:

Data Protection Officer

Example Gambling Ltd.

123 St James’s Square

London SW1Y 4LB

United Kingdom

Email: [email protected]

Telephone: +44 (0)20 7123 4567

Amendments

This Policy may be updated periodically to reflect changes in legislation or operational requirements. Any amendments will be published on this page with immediate effect upon publication.

Date of last revision: 18 June 2024

Winorio Casino official website provides safe login, bonuses, games and promotions
Winorio €7000 Welcome Bonus and 250 Spins
Bonus