GGPoker is concerned with protecting the privacy of any Personal Data that you may choose to provide to us (“Personal Data”). GGPoker will ensure that the Processing of your Personal Data is compliant with the General Data Protection Regulation, (“GDPR”), (Regulation (EU) 2016/679). Accordingly, GGPoker issues this Policy to inform you of our use of your Personal Data.
This Policy applies to the company and its group of companies conducting business within the European Union (EU) European Economic Area (EEA) or processing the Personal Data of Data Subjects within EU/EEA.
1.1 This Privacy Policy sets out the way in which GGPoker (“we” or “us”), a company which is operated by NSUS Malta Limited., a company incorporated in Malta with its registered office in Level 3 (Suite No: 2386), Tower Business Centre, Tower Street, Swatar, Birkirkara BKR4013, Malta, which in turn forms part of NSUS Group.
1.2 GGPoker collects, Processes and retains Personal Data and ensures that the below steps are taken by us to protect such Personal Data.
1.3 By utilising our Services, you acknowledge that you have read the terms of this Privacy Policy. If you do not wish to provide your Personal Data on the basis set out in this Privacy Policy, you should not enter the relevant information on the Website or provide your Personal Data to us otherwise. However, if you do not provide your Personal Data, you may not be able to use all of the Services.
1.4 Capitalised terms not defined in this Privacy Policy shall be as defined in the Terms & Conditions.
This Privacy Policy is incorporated into, and forms part of, the Terms & Conditions.
1.5 Definitions:
The following terms “Anonymisation”, “Controller”, “Processor”, “Data Subject”, “Data Portability” “Personal Data”, “Processed/Processing”, “Pseudonymisation”, “Cross-Border processing of Personal Data”, “Supervisory Authority” used in this document shall have the same meaning as in the GDPR:
“Group” means the NSUS group companies, namely GGN Europe Limited (Malta), NSUS Limited (Ireland), NSUS Group Inc. (Canada) and NSUS LAB Korea (South Korea).
“You” means the player, the ‘Data Subject’ who is using the services of GGPoker.
“Visitor” means an individual other than a user, who uses the public area, but has no access to the restricted areas of the Site or service.
1.6 Principles:
This Policy is based on the following GDPR principles:
2.1 As part of providing you with the Services, we collect your Personal Data on registering an account. We collect, use, store and transfer the following kinds of Personal Data about you:
2.2 As part of providing you with the Services, we also collect information about the transactions you undertake, including details of payment cards used, details of the games you played and underlying gaming transactions.
2.3 We also collect, use and share aggregated data such as statistical data for any purpose. Aggregated data could be derived from your personal data but it is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate data relating to the use of the Services by you and other customers. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.
2.4 We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, and genetic and biometric data), except for information that you might provide about your health – gambling or other addictions.
3.1 When providing our Services we ensure that we collect, retain and process your Personal Data in accordance with the GDPR. We have set out below, in a table format, a description of how we will use your personal data and the lawful basis we rely on to do so.
Purpose | Second Head |
---|---|
To set-up, administer and manage your account and records (including processing deposits and withdrawals) | Performance of a contract with you. |
To provide the Services (including allowing you to wager and play our games) | Performance of a contract with you. |
To personalise the services | Necessary for our legitimate interest (to offer incentives, such as bonuses and promotions to increase player engagement). |
To receive and respond to your communications and requests | Performance of a contract with you, if communication relates to the use of our services. Necessary for our legitimate interest (manage our relationship with you and keep our records updated). |
To fulfil our regulatory obligations regarding your Account, including by verifying the accuracy of any information you give us | Legal Obligation. |
To comply with our obligations under Applicable Laws and to Regulators in jurisdictions where we are licensed (including the UK Gambling Commission) | Legal Obligation. |
To comply with our obligations under Applicable Laws and to Regulators in jurisdictions where we are licensed (including the Malta Gaming Authority) | Legal Obligation. |
To identify, investigate, and assist with the investigation of, suspected unlawful, fraudulent or other improper activity connected with the Services (including, where appropriate, dealing with requests from authorised entities/Authorities for the sharing of information) | Legal Obligation/Legitimate interests to ensure safe gaming environment |
To carry out market research campaigns | Necessary for our legitimate interest (to grow our business). |
To provide you with information about, and support for, the Services, including changes to the Services, technical updates and changes to the Terms & Conditions (including this Privacy Policy) | Legitimate interests to obtain professional advice for legal and business needs |
To share your information with other members of the Group to receive assistance in providing the services | Necessary for our legitimate interest (to grow and manage our business) |
To share your information with our professional advisors, such as lawyers and consultants, and online/live event partners | Legitimate interests to obtain professional advice for legal, business needs, and to prevent fraud & cheating |
To keep you informed of offers and promotions in relation to our products and services | Consent |
To share your information with other members of the Group to receive assistance in providing the services | Legitimate interests to allow us to provide services |
To comply with any limits, such as deposit, bet/spend/loss limits that you have set | Consent |
To keep you informed of offers and promotions in relation to our products and services | Consent |
To ensure we are able to fulfil our regulatory obligations for identity verification, affordability checking, fraud prevention, anti-money laundering, and tracing. | Legal Obligation |
To record telephone calls to and from, and live chats with, our customer services for security and regulatory purposes | Legal Obligation |
To ascertain sources of funds and wealth, and to determine the ability to afford the amount you spend | Legal Obligation |
To monitor gambling patterns and to identify possible responsible gambling concerns | Legal Obligation |
To provide your personal information, including the information referred to in section 2.1, to any competent authority upon its request and as we may be legally obliged | Legal Obligation |
3.2 If at any time you wish us to stop Processing your Personal Data for the above purposes, then you must contact us and we will take the appropriate steps to stop doing so. Please note that this may mean that your Account will be closed. You may contact us by data-protection@ggpoker.eu
3.3 To ensure a good quality of service we may monitor any communication you have with us whether in writing or by electronic mail or telephone calls (“recordings”). Any recordings remain the property of GGPoker and will be used only for the purposes mentioned above.
3.4 We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for new purposes is compatible with the original purpose, please contact us.
3.5 In the event that we need to use your Personal Data for an unrelated purpose, then we will notify you by a Privacy Notice whereby we will inform you of the changes and seek any additional consent that may be required.
4.1 We may disclose your Personal Data to the following third parties:
4.2 We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with instructions.
4.3 The Company gives its customers the possibility to make use of “chat rooms” where players can communicate with each other. Whilst we will ensure that the players follow the terms as set in the House Rules, we will not be responsible for any data breaches that might arise from the use of our chat rooms. Therefore, you accept responsibility and under no circumstance shall we be held responsible for any damages that might arise from any breach of data.
5.1 Companies within our Group and some of our external third parties are based outside the EU/EEA so their processing of your Personal Data will involve a transfer of data outside the EU/EEA
5.2 Whenever we transfer your personal data out of the EU/EEA, we ensure a similar degree of protection is afford to it by ensuring at least one of the following safeguards is implemented:
5.3. In accordance with Art. 45 of GDPR we provide your personal data to our inter-company recipients, other third parties and suppliers in the following countries:
In accordance with art 46 (2) of GDPR we may provide your personal data to our identity verification and mailing system services suppliers, and partners in prevention of fraud/ cheating in the following countries based on Standard Contractual Clauses:
6.1 We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Services. Under certain circumstances you have rights under data protection laws in relation to your Personal Data.
Your principal rights under the GDPR are:
6.2 If you wish to exercise any of the rights set out above, you may contact us by email: data-protection@ggpoker.eu. We will retain your information for as long as your account is active, as needed to provide you services, or to comply with our legal obligations, resolve disputes and enforce our agreements as described in section 11.
6.3 You may also update, correct, or delete your Account information and preferences at any time by accessing your Account settings page on the ‘My Account’ tab in the Cashier. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so. Where appropriate and possible we shall apply Anonymisation or Pseudonymisation to Personal Data to reduce the risks to the Data Subjects.
6.4 You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
6.5 We may need to request specific information from you to help us confirm your identity and ensure your rights to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask for further information in relation to your request to speed up our response.
6.6 Should we fail in abiding with the required data protection obligations, you shall have the right of complaint to the Information and Data Protection Commissioner’s Office (IDPC).
7.1 For full details about GGPoker Group members and where they operate please contact us at data-protection@ggpoker.eu.
7.2 If at any time you believe that we have not adhered to this Privacy Policy, please contact us at data-protection@ggpoker.eu and we will seek to promptly determine and correct the problem.
8.1 You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see https://en.ggpoker.eu/cookie-policy/.
9.1 Protecting the privacy of minors is especially important. Our Service is not directed to children under the age of 18, and we do not knowingly collect Personal Data from children under the age of 18. If you are under 18 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Data has been collected on the Service from persons under 18 years of age, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 18 years of age has obtained an Account on the Service, then you may alert us at data-protection@ggpoker.eu and request that we delete your child’s Personal Data from our systems.
10.1 We take appropriate security measures to protect against loss, misuse and unauthorized access, alteration, disclosure, or destruction of your information. GGPoker has taken steps to ensure the ongoing confidentiality, integrity, availability, and resilience of systems and services Processing Personal Data, and will restore the availability and access to information in a timely manner in the event of a physical or technical incident.
10.2 Your winnings and cash-outs are kept strictly confidential, and winnings information is stored in secure operating environments. We do not provide winnings information to any third party unless such information is required to be disclosed by law, regulation or a similar governmental authority.
10.3 No method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Service, however, we shall ensure that adequate security mechanisms designed to protect Personal Data will be used to prevent Personal Data from being stolen, misused or abused, and to prevent Personal Data breaches. If you believe your Personal Data has been compromised, please contact us at data-protection@ggpoker.eu
10.4 Although we may allow you to adjust your privacy settings to limit access to certain Personal Data, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users with whom you may choose to share your information. We cannot and do not guarantee that information you post on or transmit to the Service will not be viewed by unauthorized persons. We have taken the necessary steps to protect as much as possible your Personal Data in transit by utilising HTTPS on our Website and TLS 1.2 (a strong protocol), ECDHE_RSA with P-256 (a strong key exchange), and AES_256_GCM (a strong cipher).
11.1 Personal Data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
11.2 To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
11.3. In terms of personal data that relates to your financial transactions we are obliged by the applicable prevention of money laundering and financing of terrorism laws law to keep your data for five years following termination of the business relationship. The said period may be extended to ten years if and when a competent government authority has required the information to be kept for this extended period for any investigation purposes, or as may be otherwise required for judicial purposes, including for us to defend ourselves against any claim.
In relation to personal data kept for tax reporting purposes, such as player ID and transaction information, we shall keep the said data for ten years from the last transaction.
12.1 Our data protection officer who is responsible for matters relating to privacy and data protection at GGPoker can be reached at: data-protection@ggpoker.eu
12.2 In accordance with the applicable legal regulations governing the protection of Personal Data, each request/inquiry will be resolved without undue delay and at the latest within 30 days of receipt.
12.3 When contacting and posting such requests, we will invest reasonable efforts to confirm your identity and to prevent unauthorized Personal Data processing.
13.1 As the Company evolves, there may be the need to update this Policy to keep pace with changes to the website, software, services, business and Applicable Laws. We will however, always maintain our commitment to respect the Data Subject’s privacy. We will ensure that we will notify the Data Subjects with any material changes under this Policy by email (the most recent email provided by the Data Subject) or post any other revisions to this Policy along with their effective date, in an easy-to-find area of the website.
14.1 GGPass is a service offered to provide You with a Single Sign-On (SSO) for enhanced onboarding and account management across other platforms within the GGNetwork.
14.2 By utilising GGPass to facilitate access to other platforms within the GGNetwork, You agree to the transferring of your data to a third party. The legal basis for the transferring of that data is your Consent. However, the third party acts as a separate Data Controller, and any data processing performed by it, is done independently of Us. If You use GGPass to facilitate the onboarding and account management with a third party, that third party becomes a Data Controller of your Personal Data.
14.3 User information that will be transferred through the GGPass service includes the following (where available):
14.4 By utilizing GGPass, you expressly consent to the processing of your personal data as described herein, authorizing and ratifying the transfer of such data to Group entities for the provision of GGPass services, or to third parties, as chosen by You.
This document was updated on 28 June 2024 and is effective from that date.
Contact: Data Protection Officer
Email: data-protection@ggpoker.eu
Company Address: Level 3 (Suite No: 2386), Tower Business Centre, Tower Street, Swatar, Birkirkara BKR4013