PRIVACY NOTICE

Last updated 18th December 2024 Version 1.0.

1. INTRODUCTION

Welcome to the LeoSafePlay's privacy notice relating to provision of its responsible gaming services provided via leosafeplay.com (“Site”, “Website”), where Personal Data may be processed by the same relating to You.
The LeoVegas Mobile Gaming Group (“The Group”) respects your privacy and is committed to protecting your personal data and processing it in compliance with the applicable laws, in particular, any data protection legislation or instrument as applicable in the territory where our establishment is located or as may apply by virtue of territorial or extra-territorial scope in those territories where our services are made available.
If you are already using a product or service offered by The Group brands, your data will be processed according to the applicable data protection terms you have accepted upon sign-up. For further information please contact dpo@leovegasgroup.com.
Alternatively, if you are not using any of our products or services the following data protection terms shall apply.

2. IMPORTANT INFORMATION AND WHO WE ARE

2.1 Purpose Of This Privacy Policy

This privacy policy aims to give you information on how We collect and process your personal data through or in conjunction with your use of this website.
This Privacy Policy stipulates details and conditions of collecting and processing your Personal Details and provides you with information in accordance with the transparency principle and requirements under the applicable data protection laws.

2.2 Controller

LeoVegas Gaming Plc is the controller responsible for your personal data (referred to as "the Controller", "We", “we”, “Us”, "us", “Our” or "our" in this Privacy Policy).
We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise rights please contact Us or the DPO using the details set out below.

2.3 Contact Details

Although Our goal is to always be as clear and transparent as possible, if You need any clarification on this Privacy Policy or a specific legal basis We are relying on to process Your Personal Data for a specific processing operation, We would be happy to provide You with any such information You may need.
Our full details are:
General email address: privacy@leovegas.com
DPO email address: dpo@leovegas.com
Postal address: LeoVegas Gaming Plc, Level 7, The Plaza Business Centre, Bisazza Street, Sliema SLM 1640, Malta

2.4 Changes To The Privacy Notice And Our Duty To Inform You Of Changes

We reserve the right, at Our complete discretion, to change, modify, add and/or remove portions of this Privacy Policy at any time. You shall be notified by Us periodically, in case of material changes made to this Privacy Policy (together with other terms and conditions relevant to the Site).

2.5 The Data We May Collect About You

Personal Data: means any information that identifies You as an individual or that relates to an identifiable individual.
Data obtained from You: When filling out Our Self-Assessment Form, We may collect from You, at your own choice, Your email address. The results of your Self-Assessment Form will be anonymous.

2.6. Special Categories of Personal Data

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).

3. WHY AND HOW WE USE YOUR PERSONAL DATA

3.1 Purpose of Processing

We will only use your personal data when the law allows us to. We will use your personal data in the following circumstances:
For analytics purposes; and
For Responsible Gaming purposes.

3.2 Legal Basis for Processing

We rely on Your Consent to process Your personal data.

4. RETENTION

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
We typically keep your personal data for a maximum of 90 days following the date you filled the Self-Assessment Form or your latest communication with our representative. Once this period has elapsed, or if your personal data is no longer needed by us even before the end of this retention period, we will securely delete or anonymize the relevant personal data.
If you are already using a product or service offered by The Group brands, and the data you explicitly provide us relates to your use of our products or services, your data will be retained according to the applicable data protection terms you have accepted upon sign-up.

5. RECIPIENTS OF YOUR PERSONAL DATA

Your Personal Data is not shared with any third parties but may be shared with other Companies within The Group to provide certain services/support with functions of the Controller.

6. INTERNATIONAL TRANSFERS

Your Personal Data will not usually be transferred outside the European Economic Area (EEA),so however in the case that we transfer your personal data out of the EEA, we ensure that a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• Transfer of your personal data is performed to countries, territories, or subject to arrangements or mechanisms that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see here
• Where we use service providers which are not subject to an adequacy mechanism, we will ensure that additional safeguards and measures are put in place as required (including by incorporating specific contracts approved by the European Commission). For further details, see here

Please Contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

7. DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In order to comply with the applicable data protection legislation, various technical controls ensure data and information are always encrypted during transit and at rest using industry standard encryption techniques at all other times. This ensures confidentiality and integrity at all times. At an organisation level, the handling of all information is governed by our comprehensive Information Security Policies. This is complemented by an Information Security Awareness Programme designed specifically to ensure we embrace security best practices whenever it comes to handling information.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a need-to-know business requirement. They will only process your personal data on our instructions or subject to a lawful ground, as well as their duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. YOUR RIGHTS UNDER THE DATA PROTECTION LAWS

8.1 Your Right of Access

You may, at any time, with reasonable intervals, request Us to confirm whether or not We are processing personal data that concerns You and, if We are, you shall have the right to access that personal data and to the following information:

• what personal data We have,
• why We process them,
• who We disclose them to,
• how long We intend on keeping them for (where possible),
• whether We transfer them abroad and the safeguards We take to protect them,
• what Your rights are,
• how You can make a complaint,
• where We got Your personal data from and
• whether We have carried out any automated decision-making (including profiling) as well as related information.

8.2. The Right to Rectification

Although all reasonable efforts will be made to keep Your Personal Data updated, you are kindly requested to inform Us promptly of any changes.

8.3. The Right to Erasure (The Right to be Forgotten)

You have the right to ask Us to delete Your personal data and We shall comply without undue delay.

8.4 The Right to Data Restriction

You have the right to ask Us to restrict (that is, store but not further process) Your personal data.

8.5. The Right to Data Portability

You have the right to ask Us to provide Your personal data (that You shall have provided to us) to You in a structured, commonly used, machine-readable format

8.6 Right to withdraw consent

Where We process Personal Data on the basis of Your consent (which We will never presume but which We shall have obtained in a clear and manifest manner from You), YOU HAVE THE RIGHT TO WITHDRAW YOUR CONSENT AT ANY TIME.

8.7 The Right to lodge a Complaint

You also have the right to lodge complaints with the appropriate Data Protection Supervisory Authority. Since our main EU establishment is based in Malta, our Lead Supervisory Authority is the Maltese Information and Data Protection Commissioner (IDPC). We kindly ask that You please attempt to resolve any issues You may have with Us first (even though, as stated above, You have a right to contact the competent authority at any time).

8.8 What We May Need From You

When exercising your rights by contacting us, we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

8.9 Time Limit To Respond

We try to respond to all legitimate requests within one month (unless a shorter period is required by law). Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

9. COOKIES

Our site uses cookies, for further information on what cookies are, which cookies we use, how and why we use cookies, and how you can control which cookies are dropped, please read our Cookies Notice.