PARIMATCH
PRIVACY NOTICE
Welcome to Parimatch’s Privacy Notice. We value your privacy and ask that you please read it carefully before using our website, services or products.
This website is operated by BV Gaming Limited (trading as “Parimatch”), a company registered in Gibraltar (company registration number 42734).
Which data do you collect for me?
We may collect, use, store and transfer different kinds of personal data about you. Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Identity Data | First name, last name, username or similar identifier, title, date of birth and gender |
Contact Data | Residential address, email address; and telephone numbers |
Financial Data | Bank account, alternative payment methods, payment card details, investments and business interests, affordability checks, other assets, other sources of income and salary |
Marketing and Communications Data | Includes your preferences for receiving marketing from us, our third parties and your communication preference |
Profile Data | Username, products used by you, your interests, occupation/employment, preferences, feedback, and survey responses |
Transaction Data | Details about payments to and from you and other details of products you have used on the Website. |
Technical Data | Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Website |
Usage Data | Information about how you use the Website and its products. You can click here to read more information for the Usage Data. |
How do you collect my personal data?
We use different methods to collect data from and about you including through:
Direct interactions | You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
|
Third parties or publicly available sources | We may receive personal data about you from various third parties and public sources as set out below:
|
Technical Data | We may receive technical data from the following third parties:
|
How do you use my data?
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
a) Where we need to perform the contract, we are about to enter into or have entered into with you;
b) Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
c) Where we need to comply with a legal or regulatory obligation; and/or
Types of lawful basis that we will rely on to process your personal data:
Requests for Information from Law Enforcement, Courts or our Regulators;
For the Detection and Prevention of Crime
For the protection of the integrity of Professional Sports
For compliance with Anti-Money Laundering Regulations
d) Where we have your consent:
To share your personal data with any company outside Parimatch for marketing purposes, we will get your express opt-in consent before we share your personal data;
To use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products and offers may be relevant for you (we call this marketing). You will receive marketing communications from us if you have requested information from us or used our services, or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have opted in to receiving that marketing.
We have set out below, in a table format, a description of all the ways we use your personal data, and which of the legal bases we rely on to do so
Purpose/Activity | Type of Data | Lawful Basis for Processing |
To register you as a new customer and to manage our ongoing relationship with you: | (a) Identity; (b) Contact (c) Profile; (d) Marketing and Communications; (e) Financial; and (f) Usage | Performance of a contract with you; Necessary to comply with a legal or regulatory obligation; and/or Necessary for our legitimate interests |
To process your deposit of funds and store your provided credit/debit card details so that you can use the products on the Website | (a) Identity; (b) Contact; (c) Financial; and (d) Transaction | Performance of a contract with you; and Necessary for our legitimate interests |
To manage our ongoing relationship with you: | (a) Identity; (b) Contact; (c) Profile; (d) Marketing and Communications; and (e) Financial | Performance of a contract with you; Necessary to comply with a legal or regulatory obligation; and/or Necessary for our legitimate interests |
To enable you to partake in a prize draw, competition or complete a survey | (a) Identity; (b) Contact; (c) Profile; (d) Usage; and (e) Marketing and Communications | Performance of a contract with you; and/or Necessary for our legitimate interests |
To administer and protect our business and the Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) | (a) Identity; (b) Contact; and (c) Technical | Necessary for our legitimate interests Necessary to comply with a legal or regulatory obligation |
To deliver relevant Website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you | (a) Identity; (b) Contact; (c) Profile; (d) Usage; (e) Marketing and Communications; and (f) Technical | Necessary for our legitimate interests |
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences | (a) Technical; and (b) Usage | Necessary for our legitimate interests |
To make suggestions and recommendations to you about goods or services that may be of interest to you | (a) Identity, (b) Contact, (c) Technical, (d) Usage, and (e) Profile | Necessary for our legitimate interests |
You can find more information in relation to the legitimate purposes by clicking here.
With who do you share my data?
We may have to share your personal data with:
Internal Third Parties | Other companies in the Parimatch group of companies acting as joint controllers or processors and who are based in the United Kingdom, Hungary and Gibraltar and provide IT and system administration services, customer marketing and profiling services and undertake leadership reporting. |
External Third Parties |
|
Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Notice
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
If you are resident in the United Kingdom the personal information, we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found by here.
Do you transfer my data internationally?
Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection (adequacy decision) for personal data by the European Commission.
Where we use certain service providers, we may use specific contracts and/or clause wording approved by the European Commission which gives personal data the same protection it has in Europe.
Where is my data stored?
We store data in the jurisdictions where we are regulated.
How do you keep my data secure?
We have implemented appropriate technical and organisational controls to protect your data against unauthorized processing, and against accidental loss, modification or disclosure.
Our site has been developed with your personal privacy and security as our prime concern, employing sophisticated means to protect your data, including the strong SSL (Secure Sockets Layer) encryption to protect data going to and from the site, including personal details and any debit/credit card information provided to us. Encryption is used on all of our pages as can be verified by seeing the padlock symbol in the browser address bar. The padlock symbol indicates that SSL is being used and all information sent to and from the site is encrypted.
Several layers of firewalls are in place, together with DDoS mitigation, intrusion protection and prevention mechanisms, anti-malware, data-loss-prevention, anti-spam filters, together providing strong layers of defence to prevent unauthorized access to our servers.
We also deploy Google reCAPTCHA v3 to fight and prevent spam and abuse. The use of reCAPTCHA v3 is subject to the Google Privacy Policy and Terms of Use. By accessing or using the reCAPTCHA APIs, you agree to the Google APIs Terms of Use, Google Terms of Use and to the Additional Terms.
Our security landscape is constantly evolving to ensure the highest levels of protection are maintained.
When creating your account with us, choose a secure password. You should keep this password confidential and you should choose a password that you do not use on any other site. You should not share your password with anyone else, including anyone who works for us. You can further protect your account by enabling two factor authentication (2FA), providing an additional mechanism to prevent unauthorized access.
For how long do you retain my data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
By law we must keep basic information about our customers after they cease being customers with respect to their Personal Data: 5 years, save for where a customer has self-excluded from the Website, in which case we are required to retain the personal data for seven (07) years from the end of the self-exclusion period, at which point the five (05) year retention period begins. In addition, we retain personal data for longer where required for a legal investigation or litigation.
What rights do I have?
Right to be informed | You have the right to be informed about the collection and use of your personal data. This is a key transparency requirement under the GDPR. |
Right of Access | You have the right to access your personal data. This is commonly referred to as Data Subject Access Request. |
Right to Rectification | You have the right to have inaccurate personal data rectified or completed if it is incomplete. |
Right to Erasure | You have the right to request that any Personal Data that we hold about you is erased once it is no longer required for the purposes for which it was collected. The right to erasure is also known as ‘the right to be forgotten’. |
Right to Restrict processing | You have the right to request the restriction or suppression of your personal data. This is not an absolute right and only applies in certain circumstances. Click here to read more. |
Right to Data Portability | You have the right to request that we transfer a copy of your Personal Data to another company. Note that the portability right does not extend to personal data which is inferred or derived by the data controller. |
Rights related to Automated Decision-making including Profiling | If a fully automated decision is made on your account, you have the right to request that this decision is reviewed by a person and present any evidence that you believe may make your situation unique. |
Right to Object | You have the right to object to the processing of your personal data in certain circumstances. You have the absolute right to stop your data being used for direct marketing. |
How do you protect children?
This Website must not be used by anyone aged under eighteen (18) years old: Therefore, we do not knowingly collect data relating to children.
Do you use cookies?
As you interact with the Website, we automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this technical data by using cookies, server logs and other similar technologies. Our third parties may also receive Technical Data about you if you visit other websites employing our cookies. Please see our cookies notice for further details.
Who is your Data Protection Officer?
We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this Privacy Notice.
Title of DPO: Director of Business Process and Procurement
Data Protection Registration Number in Gibraltar: DP 011819.
How can I contact you and how may I exercise my rights?
If you have any questions about this Privacy Notice, including any requests to exercise your legal rights please contact the DPO using the details set out below:
By email: [email protected] for the attention of the Data Protection Officer
By post; Data Protection Officer, Parimatch, Suite 2:01, World Trade Center, Bayside Road, Gibraltar, GX11 1AA
We will respond to you within 30 days from the reception of your request.
How may I raise a complaint?
You have the right to make a complaint at any time to the Gibraltar Regulatory Authority (GRA), the Gibraltar supervisory authority for data protection issues. Click here to find more information.
Third-party links
The Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Website, we encourage you to read the Privacy Notice of every website you visit.
Changes to the Privacy Notice
We keep our privacy notice, under regular review, and we will update you accordingly through our website. Last update took place on the 23/09/2021.
Popular Pages
Parimatch Site | Virtual Sports | Sports | Casino | Football