Privacy Policy

Introduction

Privacy Policy dated 03.07.2018

This Privacy Notice (the “Notice”) sets out how Funstage Spielewebseiten B.m.b.H registered in Austria with address at Wiedner Hauptstraße 94, 1050 Vienna, Austria, (the “Company” or “we”) collects and processes through the mobile application available on our homepage www.gametwistcasino.com (the “App”) the Player’s (“Player”, “user” or “you”) personal data. Personal data means any information from which the Player can be directly or indirectly identified such as a name, location, online identifier, gender, financial data, etc., (“Personal Data”). This Notice provides also the Players’ rights related to their Personal Data.

You should read this Notice before using the App. If you use the homepage and/or register via the App, or submit a query to us via the App or other means, including telephone or e-mail, you accept this Notice. If you do not accept this Notice, please do not use the App and/or our homepage.

The Notice is integral part and applies together with the App General Terms and Conditions (the “GT&C”). The terms not defined here shall have the same meanings as defined in the GT&C. The terms not defined here shall have the same meanings as defined in the GT&C. Therefore you will need to read and understand the GT&C in addition to this Notice.

We are highly committed to preserving your privacy and delivering secure and legally compliant services. This Notice has the following sections:

Who controls the data?
How can I send queries on personal data protection?
What kind of Personal Data does the Company process?
For what purposes is the Personal Data processed?
On what legal basis is the Personal Data processed?
What is the data retention period?
Security and privacy measures
Who can have access to the Personal Data?
Is Personal Data transferred abroad?
What are the Players’ rights on Personal Data?
Notice modifications

Who controls the data?

The Company controls the processing of your Personal Data. This activity is supervised by the Austria Data Protection Authority.

How can I send queries on personal data protection?

Please read first our FAQ section and this Notice. In all cases, you can send the queries related to this Notice in the following e-mail address support@gametwist.com. Our teams and Data Protection Officer (DPO) shall address them with the due attention.

What kind of Personal Data does the Company process?

Depending on your activities and services chosen on the Apps, we shall process all or part of the following data:

Guest user activity data that may include but are not limited to: device data, user number, gaming transactions, online payments number. These data are processed in anonymous mode;
Data provided by Facebook with your consent during the registration of an App account via Facebook. They may include, but are not limited to: name, middle name, surname, profile picture, gender, e-mail address, Facebook user ID and friends’ list
Data provided by you in case you decide to contact our customer support services e.g. via e-mail and/or phone;
Data that may be provided by government authorities or authorized third party companies in order for us to deliver the GT&C, fulfill the regulatory obligations and exercise our legal rights; and
Data collected via cookies when accessing our homepage and/or App (if applicable). As a rule the data processed via cookies are in anonymous mode. For more information about cookies and how to manage them please see our Cookies Policy;
Data provided by third parties who have obtained in advance your permission to share the data with us for certain services e.g. various mobile and/or marketing applications (where applicable).

For what purposes is the Personal Data processed?

We process your data for the following purposes:

administer the App, including setting up and operating your guest or registered account;
ensure the accuracy of your data for the purposes of age verification, preventing fraud, cheating, reducing business risks and protecting the integrity of our games. These activities may include a degree of semi-automatic profiling, based on your registration and gaming activity data;
fulfil the App GT&C;
process online payments with third party payment providers and/or financial institutions;
provide you with customer support, including (where applicable) via telephone;
comply with laws, regulatory obligations or respond requests from government authorities. These are mainly set in financial laws;
protect our rights, including our related parties. In some cases we may believe that it is necessary, including in good faith, to record and disclose data to: (i) protect, enforce, or defend our legal rights, privacy, safety or property, (ii) protect your and public safety, privacy and security, or (iii) for business risk management;
improve the security, services, marketing offers and features provided by the App. This may include research, surveys, ask for your optional feedback, internal trainings and Affiliates services;
complete potential merger or sale of assets. If we sells all or part of the business or assets, or are involved in a merger or transfer, we may disclose and transfer your data to the other party(s);
further to your specific and optional consent provide direct marketing communications that are of generic nature via: email, instant messages, and (where applicable) chats, SMS and telephone.

We shall inform you in case the data may be processed for other purposes and parties.

On what legal basis is the Personal Data processed?

The processing of data for the purposes of:

The above sections from (1) to (5) are necessary for the execution of the App GT&C and therefore are mandatory;
The above section (6) is required by law and therefore it is also mandatory;
The above section (7) to (9) are based on our legitimate interest, and include business risk management, development and protection of our products integrity. They are adequately balanced with your interest since the data processing is performed within the limits strictly necessary for these activities. You can object this processing at any time as provided in this Notice;
The above section (10) is optional. Without your consent we shall not provide generic marketing communications.

What is the data retention period?

These periods and criteria will apply, unless a different period is required or permitted by law, or we have reasonable belief that it is necessary:

data collected for the purposes of the above sections from (1) to (9) is retained during the execution of the App GT&C. Plus the retention periods set or allowed by specific laws, after the termination of the services;
data collected for the purpose of the above section (10) is retained during the execution of the App GT&C and/or until you have required their deletion.

In case of further queries you may contact us at the email address indicated in this Notice.

Security and privacy measures

We process the data with partially or fully automated electronic means and protect them with adequate security measures. We use appropriate legal, administrative, technical, personnel and physical measures to safeguard the data against loss, theft and unauthorized use, disclosure or modification. The App may contain links to and from partner networks or third party websites/apps e.g. Facebook. If you follow a link to any of these websites/apps, note that they have their own privacy policies and terms. We do not accept any responsibility for their content. Please check such policies and terms before accepting and submitting any information to them.

Who can have access to the Personal Data?

The data shall be processed by recipients located within or outside of the European Economic Area (EEA) in compliance with these limits:

our employees who are responsible for processing and safekeeping the data;
our parent company, some sister companies and third party providers to offer the GT&C services, e.g. marketing services or our legitimate interest. This may include employees, associates, agents, sub-contractors and product providers;
government authorities to comply with legal obligations.

Third parties access to your data is limited only to the information necessary to perform their function on our behalf or as required by law. They shall be made subject to confidentiality and data protection obligations provided by law and as considered necessary by us.

Is Personal Data transferred abroad?

We shall not transfer your data outside the EEA unless the due safeguards are in place.

Some non-EEA countries are recognized by the European Commission (EC) as providing an adequate level of data protection. The list is available at: http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm

In case of data transfers to countries not considered adequate by the EC, We will put in place appropriate safeguards to protect the data and in compliance with the data protection laws, such as standard contractual clauses adopted by the EC as per the EU General Data Protection Regulation 2016/679 (the “Privacy Regulation”).

What are the Players’ rights on Personal Data?

You can at any time:

obtain confirmation of the existence of personal data. This information is primarily provided in your App account and this Notice;
know the origin, purposes and method of data processing and the logic applied to electronic processing. This information is provided in this Notice and when you use the App features.
request to update, correct or integrate further relevant data;
revoke at any time the data processing consent. It does not affect the lawfulness of the data processing based on the previously given consents. This is offered via specific tools e.g. opt-outs;
request to restrict the data processing. This request may result in the termination of the services provided to you;
object the data processing. This request may result in the termination of the services provided to you;
request the erasure of data without undue delay. This request may result in the termination of the services provided to you;
receive an electronic copy of the provided data, if you like to port them to a different service provider; and
lodge a complaint with the data protection authority.

Unless otherwise provided, these services are offered by sending a written request to our customer service. They are free of charge however in certain circumstances we may apply a reasonable fee. We shall accommodate your requests to the extent applicable to the services and type of data processed by us.

Your requests shall be handled within one month of receipt. This may be extended by two further months based on the complexity and number of the requests.

Notice modifications

This Notice is valid from the date indicated in its header. We could make further modifications due to business developments or legal and regulatory changes. You shall be notified in advance in case of significant changes.