DATA PROTECTION POLICY (Updated 11.11.2014)
This policy sets out how Genting Casinos UK Limited (Company number 01519689), Genting Solihull Limited (Company number 06601106) and Coastbright Limited (Company number 05176386), of Genting Club Star City, Watson Road, Birmingham B7 5SA (together “Genting” / “we” / “our”) will use your personal data. For the purposes of this policy your “personal data” means data which relates to you and from which you can be personally identified.
We keep this policy under regular review. If we change this policy we will display the current version on this site and on our premises to ensure that you are aware of and consent to relevant changes. The policy as updated, from time to time, shall continue to apply in respect of the processing of your personal data and by providing your personal data to Genting and/or using our services you consent to the processing of your personal data as set out in the current version of this policy.
1. THE PERSONAL DATA WE COLLECT ABOUT YOU
1.1 We may collect personal data relating to you including, but not limited, to:-
1.1.1 name and date of birth;
1.1.2 postal address, email address, telephone number, credit or other card payment details;
1.1.3 copies of proof of identity / proof of address;
1.1.4 financial status and spend and Genting Reward point accrual and spend;
1.1.5 records of correspondence;
1.1.6 gender, nationality and ethnic origin;
1.1.7 CCTV and audio recordings and photographs;
1.1.8 Gambling activity and use of our services;
1.1.9 Your use of social media, the identifiers you use for those purposes (e.g. Twitter handles) and personal information you or others publish on social media channels.
1.2 We obtain this personal data:
1.2.1 from you directly, when you register with us in one of our casinos, visit our casinos or websites, participate in social media channels, participate in promotions and competitions we run
1.2.2 We may process personal data about you received from third parties, including but not limited to, “Genting Group Companies” (which means Genting Berhad and Genting Hong Kong Limited and their subsidiary companies, jointly controlled entities and associated companies), credit reference bodies, regulatory and law enforcement authorities, and other casino operators, for reasons including the prevention and detection of crime, for the delivery of our services (for example conducting appropriate checks and risk assessments to facilitate the provision of services), to maintain our regulatory accreditation, and/or to otherwise comply with our legal and regulatory obligations.
1.3 As an indication as to how your personal data is collected, we may collect and process the above personal data:-
1.3.1 when you fill in forms on our websites, enter our competitions or promotions, or join any marketing, loyalty, points, or rewards scheme;
1.3.2 when you contact us by email, letter or telephone call;
1.3.3 when you participate in our surveys (to enable us to improve the service we offer to you);
1.3.4 when you visit our websites including access and page history, or enter promotions on other websites operated or sponsored by us (see Cookies);
1.3.5 where you provide your personal details for promotions and competitions, whether in person, by direct correspondence with us, or through social media channels, for example via a facebook, twitter, or other social media group or competition page or through Apple and Android Casino Applications owned, operated or licensed by us;
1.3.6 where you provide information to us by any other means for the purposes set out within this policy;
1.3.7 we may also obtain personal information from third parties which we use for marketing purposes
2. HOW WE WILL USE YOUR PERSONAL DATA
2.1 We may process your personal data:-
2.1.1 to offer and provide services;
2.1.2 to verify your details, carry out security or financial (including credit) checks and to conduct risk assessments and/or for the provision of information to appropriate third parties for identification or verification checks and/or to facilitate the processing of your financial transactions;
2.1.3 to contact you by post, email, text, telephone, social media or other means, and including but not limited to social media channels, about existing or future services, products and promotional offers or loyalty incentives, or to inform you of service changes and Genting activities or those of Genting Group Companies;
2.1.4 to maintain our records, including but not limited to transaction records required for audit and regulatory compliance, and to monitor activity;
2.1.5 to compile and aggregate data for monitoring and analyzing casino and website, and loyalty card/points usage. We may also provide such aggregate personal data to third parties, but will ensure any such third parties take appropriate measures to ensure the safety and security of your data;
2.1.6 to customise services, products, communications (including marketing communications) and casino experiences to you, including through the use of ethnic origin data, financial (including loyalty and membership) details;
2.1.7 to make any disclosure required by law;
2.1.8 by providing your personal data to regulatory, judicial and enforcement authorities for security or safety reasons, the prevention and detection of crime, cheating, fraud, money laundering, and/or other impropriety;
2.1.9 by providing your personal data to other casino operators, service providers, banks, or financial institutions, the International Association of Casino Security and similar bodies or associations in the interests of security, good practice or safety reasons as well as the prevention and detection of crime, cheating, fraud, money laundering, or other impropriety or risk;
2.1.10 generally and on an ongoing basis to prevent fraud, cheating, money laundering or other financial risk, and/or to uphold gaming integrity;
2.1.11 by providing your personal data to our appointed customer service and marketing agencies for research and analysis purposes, so that we can improve and monitor the goods and services we provide, and tailor them to your preferences/activities;
2.1.12 by providing your personal data to our service providers who help us to provide you with services and marketing, for example a mailing house used to distribute promotional material;
2.1.13 by providing your personal data to Genting Group Companies, any of which may process your personal data in relation to services they provide, offer or consider providing to you and for any purpose which would be permitted under this policy if Genting undertook the processing of your personal data.
2.1.4 by providing your personal data (typically basic information such as your name and contact information) to social media operators including but not limited to Facebook and Twitter to facilitate Genting marketing to you via the social media channels you participate in. Use by those social media operators for that purpose will be subject to the privacy policies and terms they provide to you, and where applicable, the privacy settings you have selected on those channels and the consents you have given those operators in relation to the use of your personal data.
3 OPT OUT
3.1 You have the right at any time to “opt out” of the receipt of marketing communications from Genting and can tell us you wish to do this as follows:-
3.1.1 You can opt-out of email marketing updates/offers by clicking the “Unsubscribe” link in relevant email communications; or
3.1.2 You can opt out by informing Genting of your wish to opt out of the receipt of all or particular types of marketing communications by writing to;- Marketing Director, Genting Casinos UK Ltd, Genting Club Star City, Watson Road, Birmingham, England, B7 5SA; or
3.1.3 If you have previously registered with Genting in a casino you can opt out by changing your contact preferences at any Genting casino reception desk; or
3.1.4 If you use social media you may also be able to opt out or receipt of tailored marketing from the social media operator by adjusting your privacy settings or preferences on the relevant social media channel. You should check the relevant social media channel for details of how to do that.
4.1 Cookies are text files placed on your computer, tablet or phone, or third party site to collect standard Internet log data and visitor behaviour data. The data is used to track visitor use of the website and to compile statistical reports on website activity. For further information about cookies visit www.aboutcookies.org or www.allaboutcookies.org. You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser however, in a few cases some of our website features may not function if you remove cookies from your browser
5 HOW WE PROTECT YOUR PERSONAL DATA
5.1 We have put in place the following security procedures and technical and organisational measures to protect your personal data processed by Genting:-
5.1.1 all processing of personal data is protected using ISO27001 compliant procedures. Physical and logical security measures are deployed so as to strictly limit data access to authorised personnel, and include the use of firewall software and hardware, and a minimum of 256 bit encryption for all transfer of data. Physical access to our database servers is permitted only via fingerprint scanning for named personnel;
5.1.2 firewalls; the server upon which the data resides is protected by a firewall;
5.1.3 browser certification technology;
5.1.4 limited access; The internal procedures of Genting cover the storage, access and disclosure of your personal data.
5.2 We will use all reasonable efforts to safeguard your personal data. However, use of the Internet is not entirely secure and for this reason neither Genting nor Genting Group Companies can guarantee the security or integrity of any personal data which is transferred from you or via the internet (including in respect of third party websites and applications).
5.3 In the event that we transfer your data to third parties as set out in this policy, then we will take all reasonable steps to ensure that any third party takes appropriate measures to safeguard the safety and security of your personal data.
6 OVERSEAS TRANSFERS
6.1 Owing to the global nature of our services and the parties we engage to help Genting deliver those services from time to time, your personal data may be transferred to countries outside of the European Economic Area (“EEA”) or white listed jurisdictions, and/or to jurisdictions that do not have similar protections in place regarding your personal data and restrictions on its use as set out in this policy, (including but not limited to transfer to Genting Group Companies) In such instances we may transfer your personal data outside of the European Economic Area and / or white listed jurisdictions, subject to our taking reasonable steps to ensure that adequate protections are in place to ensure the security of your personal data. Genting Group Companies will process your personal data in accordance with ISO27001 compliant procedures.
7 ACCESS TO AND UPDATE OF YOUR PERSONAL DATA
7.1 You have the right to request a copy of the personal data that we hold about you. You may make a data subject access request by writing to: The General Counsel, Genting Casinos UK Ltd, Genting Club Star City, Watson Road, Birmingham, B7 5SA. We may make a small charge for this service. You should also be aware that any disclosure will be subject to the requirements of the Data Protection Act and we are not obliged in all instances to provide all personal data held, notwithstanding the request and/or payment of our nominal fee.
7.2 We want to ensure that your personal data is accurate and up to date. If any of the personal data that you have provided to Genting changes, including but not limited to your name, address, contact or financial details, then please inform Genting of your updated details by visiting your nearest casino, or by completing the “Contact Us” form at https://www.gentingcasinos.co.uk/contact-us/
8 OTHER SITES AND THIRD PARTY ORGANISATIONS
8.1 Our website(s) may contain links to other websites not owned or operated by Genting and we may also provide marketing communications to you through other websites (for example social media channels) or through the placement of marketing materials and links to our website on their website. This policy only applies to Genting’s use of your personal data, so when you access other websites you should read the terms and policies that apply in respect of those sites to understand how the operator of that website uses your personal data. Genting accepts no liability in respect of those sites and their operators’ use of your personal data.
8.2 We may offer you opportunities to agree to receive information directly from third party organisations which offer products or services that we feel may be of interest to you.
LAST UPDATED 11 November 2014