Date of last revision: December 06, 2022
This Privacy Notice tells you what to expect us to do with your personal information when you use our website (https://spin.city/) including any mobile or a device-specific version of the website and any related applications (together the “Website”) or any other products or services we provide (together the “Services”).
We understand that you are aware of and care about your privacy interests, and we take that seriously. This Privacy Notice describes our policies and practices regarding collection and use of your personal data, and sets forth your privacy rights.
We will tell you:
- Our contact details
- Data Protection Officer
- How we collect your personal information
- What happens if you do not give us your data?
- How we use your personal information
- When and how we share information with others
- Transferring personal data from the European Economic Area
- Data subject rights
- Security of your information
- Data storage and retention
- Changes and updates to the Privacy Notice
Our contact details
References in this Privacy Notice to “we”, “us” or “our” relate to Faro Entertainment N.V., a company incorporated in Curaçao, and having its registered address at Kaya Richard J. Beaujon Z/N, Curacao, P.O. Box 6248, and Faro Entertainment Europe Limited, its wholly-owned subsidiary, and having its registered address at 12 Demostheni Severi Ave., office 601, 6th floor, Nicosia, 1080, Cyprus.
We control the ways your personal information is collected and the purposes for which it is used, acting as the data controller.
More details can be seen below.
Our postal address:
Faro Entertainment N.V.
Kaya Richard J. Beaujon Z/N,
Curacao, P.O. Box 6248
Faro Entertainment Europe Limited
12 Demostheni Severi Ave.,
office 601, 6th floor,
Our email address:
References to “you” and “your” shall refer to the person using our Website and providing personal information to us.
Data Protection Officer (DPO)
We have appointed a data protection officer for you to contact if you have any questions or concerns about our personal data practices. The data protection officer’s contact information is as follows:
How we collect your personal information
1. Personal information you give to us
- Identity Information: When you create an account, we collect information about you including (but not limited to) your name, username, date of birth, password, email address, mailing address and mobile phone number.
- ID Documents: In certain instances, you will be required to provide a copy of a government-issued ID, bank statement, tax invoice, and/or utility bill. Please note that this information is required for the identity verification process and compliance with anti-money laundering (“AML”) regulatory requirements.
- Communication Information: If you communicate with us by email, postal service, chat or phone, we may retain such communication and the information contained in it. Please note that we record phone calls and retain communications to and from our customer support team in order to improve the quality of support services (for example, to train our staff), ensure security (e.g. to identify you), protect our business (for instance, to establish, exercise or defend against legal claims.) and comply with regulatory requirements (e.g. to monitor responsible gaming calls).
2. Additional information collected
- Payment Information: You may choose to deposit and withdraw the funds from the Website using different payment methods. The Website uses SSL encryption that ensures the confidentiality of your information in the transmission of data. The payment operations are carried out entirely through the secure server of the payment gateway. However, we may store your deposit and withdrawal history and the limited payment information (for example, the last four digits of your credit card, bank issuer, etc.).
- Gaming Information: When you use our Services, we record information related to your account such as your balances, bets, bonuses, and winnings.
- Device and Connection Information: We collect specific types of connection details (e.g., your logins) and information with regard to your device, including protocol (IP) address, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of the Website.
- Activity Information: When you respond to communications with us or otherwise interact with the Website, we may collect additional information such as open/click on our emails, links, history of the pages you view, amount of time spent, online browsing and other activities on the Website.
- Profile Information: Based on your activity on the Website and communication with us, we may make internal notes concerning your interests, favourite games, preferences, etc.
3. Personal information we get from third parties
From time to time, we receive personal information about individuals from third parties. For example, we may receive information from AML service providers, analytics and marketing service providers, payment service providers, national self-exclusion scheme operators to comply with our legal and regulatory obligations, maintain data accuracy, provide and enhance the Services.
4. Special categories of personal data and data relating to criminal convictions and offences
We may also process certain special categories of personal data for specific and limited purposes, such as to detect and prevent fraud, money laundering, to comply with legal and regulatory requirements or to make our Services available to you. This may include information about your health (for example, when you voluntarily send such data in communication with us).
Where permitted by law, we may process data relating to criminal convictions or offences and alleged offences for specific and limited activities and purposes, such as to perform checks, to prevent and detect crime and to comply with laws relating to money laundering, fraud, terrorist financing. This information is not collected by us in the ordinary course of business but only in exceptional circumstances.
5. Personal information we collect from publicly available sources
To comply with licence conditions and legal requirements, we may receive personal data about you from various public sources, for example, public databases, social networking platforms, search engines, etc.).
We and our service providers may collect cookie information. “Cookies” are small text files that are delivered by the Website on your device. They help us to maintain security whilst you are logged in to your account. Sometimes they may collect information about your preferences while navigation the Website, to help you access your preferred Services easier.
What happens if you do not give us your data
You cannot enjoy many of the Services without giving us your personal data. Some personal information is necessary to perform a contract with your or to comply with our legal obligations so that we can supply you with the Services you have purchased or requested, and to authenticate you so that we know it is you and not someone else.
How we use your personal information
We process your personal information for the following purposes:
1. Providing Services and features
We use personal information to provide, personalize, maintain and improve our Services. This includes using the data to:
- Create and manage users’ accounts;
- Provide access to the Services and process gaming activities;
- Enable participation in competitions;
- Offer, process, or facilitate payments for the Services;
- Notify of changes in the Website, Services, Terms and Conditions.
- We rely on the fulfilment of a contract and legitimate interests (for example, ensuring account functionality, processing of payments) as the lawful bases for processing of your data.
2. User support
We process personal data to provide user support, including to:
- Respond to your inquiries and questions;
- Improve our support processes.
We rely on a legitimate interest basis (e.g. to solve issues and any problems) for collecting, storing and processing this information.
3. Safety and security
We use personal information to help maintain the safety, security, and integrity of our Services and users. This includes:
- Ensuring network and information security;
- Preventing unauthorised access to electronic communications networks and stopping damage to computer and electronic communication systems.
We have a legitimate interest in maintaining personal information for safety and security purposes. We also use your data for compliance with legal obligations.
4. Responsible gaming
As a responsible gambling operator, we need to process personal information to comply with our legal obligations, including to:
- Carry out age verification;
- Enable you to self-exclude from gambling;
- Protect you from irresponsible gambling;
- Minimise the gambling-related harm.
We use the data described above as necessary to comply with our legal obligations and as necessary for our (or others’) legitimate interests, including our social responsibility.
5. Legal and regulatory obligations
We use personal data as required by licence conditions and relevant legislation. This includes:
- Verifying the identity of our users for Know Your Customer (KYC) compliance;
- Prevention and detection of money laundering, terrorist financing and other illegal activities;
- Minimising the risk of fraud.
We process such kind of personal information to comply with our legal obligations. When this information is processed for protecting our business from illegal activity, we rely on legitimate interest.
6. Research and development
We may use the data we collect for testing, research, analysis, development, improving user experience. This helps us to improve and enhance the Services, marketing campaigns, user relationships, to develop new features and products, and facilitate finance solutions in connection with our Services.
We have a legitimate interest in understanding how you use the Website. This assists us in providing more relevant Services, and in providing appropriate staffing to meet user needs.
We may use the data we collect to market our Services, in particular to:
- Personalise our offers;
- Make suggestions and recommendations concerning your preferences;
- Assess the effectiveness of our marketing campaigns;
- Carry out promotions (bonuses, loyalty programs, VIP management).
We have a legitimate interest in processing personal information for marketing purposes. However, we send you marketing communications only if you explicitly consent to marketing. You may manage your marketing preferences at any time.
If you ask us not to contact you with marketing communication, we will retain a copy of contact details on our “do not send” list in order to comply with your no-contact request.
8. Automated decision making and profiling
We are subject to strict licence conditions and legal requirements. As a responsible gambling operator, we must monitor your activities to prevent fraud, money laundering, and other illegal activities on the Website. For this reason, our automated system tracks and flags suspicious activity and behavior on the Website. A final decision regarding a user is taken by an authorized specialist.
We divide our users into different clusters to carry out our loyalty program, offer tailored Services and games. This clustering is performed without human intervention and does not produce legal effects concerning you. When the results of this segmentation are intended to significantly affects you, the decisions are reviewed by a human before any action is taken.
When and how we share information with others
The personal information we collect from you is stored in one or more databases hosted by third parties located in the European Union (“EU”). These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval.
We do not otherwise reveal your personal data to third parties except cases specified below.
1. Service providers
We provide your personal data to the following categories of service providers:
- Identity verification and AML;
- Payment processing;
- User support;
- Safety and information security;
- Data analytics;
- Legal, auditing, accounting and other professional services.
2. Fraud prevention and anti-money laundering
We have to comply with many regulations and legal obligations. That is why, we will share your personal data with third-party service providers (such as anti-fraud and AML service providers, payment service providers, banks, financial institutions and similar third parties) for checking your identity, monitoring your gaming behaviour on our Website, anti-money laundering purposes, protecting our Website against any illegal activities.
These service providers act as independent controllers of personal data, as their databases may contain certain information about you. We have entered into appropriate data processing agreements with corresponding obligations ensuring that the level or protection of personal data guaranteed by the data protection legislation applicable to us is not undermined.
3. Other disclosures
In addition to the disclosures for the purposes identified above, we may disclose your personal information to third parties:
- To comply with the law (for example, to comply with a search warrant, subpoena or court order);
- To comply with a request for information from a governmental body such as law enforcement (police) or other public authorities;
- To enforce our Terms and Conditions;
- To address disputes, claims, or to establish, exercise or protect our rights, property or safety or the rights, property or safety of others;
- To comply with a regulatory investigation from a relevant gambling authority (e.g. Curaçao eGaming) or a relevant data protection authority (e.g. the Office of the Commissioner for Personal Data Protection in Cyprus); and/or
- While negotiating or in relation to a business transaction, such as a merger, change of control, sale of assets, or bankruptcy.
Transferring personal data from the European Economic Area
Personal information we collect from you may be processed outside the European Economic Area (EEA). We rely on the following methods for transfers of personal data outside the EEA:
- Adequacy: We may transfer personal data to a third country when the European Commission has decided that such third country ensures an adequate level of protection. You can see more details on the European Commission official website;
- Appropriate safeguards: Several possible mechanisms may be suitable for our purposes, namely model data protection clauses, binding corporate rules, approved code of conduct. We enter into standard model clauses with our vendors whenever feasible and appropriate. For more information, please see the European Commission official website;
- Derogations: When none of the other transfer mechanisms are available, we may rely upon certain derogations to the prohibition on transfers outside the EEA such as explicit consent of the data subject, performance of a contract involving the data subject, important public interest reason based on European Union law, establishment, exercise or defence of legal claims.
Data subject rights
The EU General Data Protection Regulation and other countries’ privacy laws provide certain rights for you. To process your request, we must confirm your identity before any actions are taken. For security reasons, we would need to request additional details regarding your identity. Once we receive the relevant information, we will handle your request within the legal timeframe.
You may request:
Confirmation that we are processing your personal data, and, where that is the case, access to the personal data and the information about: the purpose of the processing, the categories of personal data concerned, who else might have received the data, what the source of the information was (if you didn’t provide it directly to us), and how long it will be stored;
Rectification the record of your personal data maintained by us if it is inaccurate;
Erasure your data, subject to certain exceptions which allow us to decline your requests to the extent that processing is necessary: for compliance with a legal obligation which requires processing by EU or member state law to which we are subject or for the establishment of, exercise of or defence against legal claims;
Objection against processing of personal data which is carried out on grounds related to our legitimate interest or performance of a task carried out in the public interest. You may object against using your data for direct marketing purposes without any limitation;
Restriction of processing in certain circumstances prescribed by law;
Transfer the information you gave us to another organisation, or give it to you when technically feasible. The right only applies if we are processing information based on your consent or under or in talks about entering into a contract, and the processing is automated.
In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how we process your personal data.
If you wish to exercise any of these rights, please contact our customer support team by email, chat or phone. You can use the contact information listed at the bottom of this page. You can also exercise your rights by contacting us at [email protected]
Additionally, to exercise the right to withdraw consent or to object to the processing of your personal information for direct marketing, you may use the marketing preferences tool available in your account or follow opt-out instructions contained in our messages. It can take up to 48 hours for your request to be fully carried out.
To enable/disable push notifications, please use your device settings.
You are not required to pay any charge for exercising your rights.
We have one month to respond to you.
If your request cannot be handled within one month, we will provide you with a date when the request will be processed. If for some reason the request is denied, we will provide an explanation as to why your request has been denied.
Security of your information
To help protect the privacy of data, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees and vendors who need to know that information to provide benefits or Services to you. Also, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information.
Data storage and retention
Your personal data is stored by us on our servers, and on the servers of third-party providers we engage, located in the EU.
We retain data for the duration of the user’s business relationship with us and for a period of time thereafter provided that retaining such information is necessary for our legal obligations, such as fraud prevention and record keeping, responsible gaming reasons, resolving or exercising claims regarding potential disputes, and where we are guided to do so by the applicable supervisory authority.
These periods for data retention can vary significantly because of our regulatory and legal responsibilities. For example, we retain certain elements of personal data for a period of up to 6 years after the closure of your account to meet anti-money laundering regulations and for the purposes of the establishment, exercise and defence of legal claims.
When we are no longer required to retain your information, we will ensure that it is deleted.
Changes and updates to the Privacy Notice
As our Website and Services change from time to time, this Privacy Notice is expected to change as well. We reserve the right to amend the Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice at this Website. We may email users of material changes thereto, but you should check our Website frequently to see the current Privacy Notice that is in effect and any changes that may have been made to it.