Integritetspolicy

Information about the processing of personal data of online customers

Approved: 24.05.2018

  1. For personal data processing the controller is Olympic Casino Eesti AS (hereinafter - “Company”) with address Pronksi 19, 10124 Tallinn, Estonia, +372 667 1250, estonia@oc.eu.
  2. Company data protection officer is Aare Reinsalu (Pronksi 19, 10124 Tallinn Estonia, +372 667 1072, estonia@oc.eu).
  3. Customer has a right to obtain confirmation from the Company as to whether or not his/her personal data are being processed and to obtain access to his/her personal data.
  4. If personal data are not collected from the data subject, then he/she has the right to know the source of the personal data.
  5. Customer has a right to obtain the rectification of inaccurate personal data.
  6. Customer has the right to withdraw his/her consent to personal data processing at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  7. Customer has a right to stop his/her personal data processing for direct marketing purposes.
  8. Customer has a right to obtain the erasure of his/her personal data.
  9. Customer has a right to obtain the restriction and objection of the processing of his/her personal data.
  10. Customer has a right to receive the personal data, which he/she has provided to a controller, in a structured, commonly used and machine-readable format.
  11. For providing a service the Company can share customer data with other Olympic Entertainment Group companies.
  12. Customer has a right to lodge a complaint to the Estonian Data Protection Inspectorate by sending an application to info@aki.ee or visiting Väike-Ameerika 19, 10129 Tallinn, Estonia.
  13. Data subject’s processing details

13.1

Registering account in online casino

Basis

Legal obligation: Gambling Act §53 (1) 2)

Specification

The possible consequence in case of failure to provide such data is that the Company will refuse to register the account

Categories of recipients

Customer support employees, Casino Operations manager, Risk manager, Marketing department employees, IT department employees

Retention

7 years from customer last login


13.2

Verifying customer account in online casino

Basis

Legal obligation: Gambling Act §53 (1) 2)

Specification

The possible consequence in case of failure to provide such data is that the Company will refuse to register the account

Categories of recipients

Customer support employees, Casino Operations manager, Risk manager, Marketing department employees, IT department employees

Retention

7 years from customer last login


13.3

Customer login to online casino

Basis

Legal obligation: Gambling Act §53 (1) 3)

Specification

The possible consequence in case of failure to provide such data is that the customer does not have the opportunity to enter the online casino

Categories of recipients

Customer support employees, Casino Operations manager, Risk manager, Marketing department employees, IT department employees

Retention

7 years from customer last login


13.4

Customer personal data check from Tax Office self-exclusion registry

Basis

Legal obligation: Gambling Act §39 (8)

Specification

The possible consequence in case of failure to provide such data is that the customer is not allowed to participate in gambling

Categories of recipients

Customer support employees

Retention

Query data is not stored


13.5

Customer personal data check from company ban registry

Basis

Legal obligation: Gambling Act §33 (1) and §35 (4)

Specification

The possible consequence in case of failure to provide such data is that the customer is not allowed to participate in gambling

Categories of recipients

Customer support employees, Casino Operations manager, Risk manager, Marketing department employees, IT department employees

Retention

7 years from customer last login


13.6

Identification and registration politically exposed persons

Basis

Legal obligation: Money Laundering and Terrorist Financing Prevention Act §20 (1) 5)

Specification

 

Categories of recipients

Customer support employees, Casino Operations manager, Risk manager, Marketing department employees, IT department employees

Retention

7 years from customer last login


13.7

Customer feedback registration and handling

Basis

Legal obligation: Gambling Act §35 (1) 5)

Specification

The possible consequence in case of failure to provide such data is that feedback is not recorded or resolved

Categories of recipients

Customer support employees, Casino Operations manager, Risk manager, Marketing department employees, IT department employees

Retention

7 years from customer last login


13.8

Money transfer to online customer bank account

Basis

Legal obligation: Gambling Act §53 (1) 6)

Specification

The possible consequence in case of failure to provide such data is that the Company refuses to execute the transaction

Categories of recipients

Customer support employees, Accounting department employees, IT department employees

Retention

7 years


13.9

Transfer of funds from a payment service provider or from a bank to an online customer account

Basis

To fulfil the contract

Specification

The possible consequence in case of failure to provide such data is that the transaction cannot be executed

Categories of recipients

Customer support employees, Accounting department employees, IT department employees

Retention

7 years


13.10

Playing on online casino, poker or sports betting

Basis

Legal obligation: Gambling Act §53 (1) 4)

Specification

The possible consequence in case of failure to provide such data is that the customer is not allowed to participate in gambling

Categories of recipients

Customer support employees, Casino Operations manager, Risk manager, Marketing department employees, IT department employees

Retention

7 years from customer last login


13.11

Starting €2000 operation registration to fulfil AML requirements

Basis

Legal obligation: Money Laundering and Terrorist Financing Prevention Act §23 (2) 3)

Specification

The possible consequences in case of failure to provide such data is that  the customer is not allowed to participate in gaming and that the Company will refuse to pay out winnings

Categories of recipients

Risk manager, IT department employees

Retention

7 years from customer last login


13.12

Collection personal data of potential customers in public events

Basis

Data subject consent

Specification

 

Categories of recipients

Employees participating in the event, Marketing department employees, System administrator

Retention

Until customer consent withdrawn


13.13

Sending marketing info to customer through email

Basis

Data subject consent

Specification

 

Categories of recipients

Marketing department employees

Retention

1 year


13.14

Share gaming data of affiliate customers with affiliated partners

Basis

To fulfil the contract with affiliated partner

Specification

 

Categories of recipients

Online helpdesk employees, Affiliate manager, System administrator

Retention

7 years