1. Who is the personal data controller?
Golden Palace Waterloo nv and the entities of the Golden Palace Group (hereinafter "Golden Palace" or the "Data Controller") process your personal data in your capacity as a user of the www.goldenpalace.be website (hereinafter the "Site").
When opening a player account on the Site, you provide us with personal data (hereinafter the "Data").
Golden Palace processes each User's Data in accordance with Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data of 27 April 2016 (hereafter "GDPR") and applicable law.
2. How do you contact the Golden Palace data protection officer (DPO)?
In accordance with Article 37 of the GDPR, a data protection officer has been appointed in the person of Mr Serge Sacré.
If you have any questions concerning the processing of Data, the Data Protection Officer will be pleased to answer you by telephone on 02/201.11.77 or by e-mail at the following address: firstname.lastname@example.org
3. What data are processed by Golden Palace?
The data we process include:
- your last name, first name
- your place and date of birth
- your Belgian national register number
- your postal address
- your telephone number
- your email address
- your IP address
- your bank details for deposits and withdrawals on the Site
- a photocopy of your identity card for withdrawals on the Site
- your gaming and transaction history
4. What type of processing does Golden Palace carry out on your data?
The processing carried out by Golden Palace consists of:
- and any other operations made necessary or useful by virtue of the legal and regulatory provisions described above.
The processing may also consist of the transfer of personal data:
- to judicial and administrative authorities, such as, in particular, the Gaming Commission or the Financial Information Processing Unit.
- to Golden Palace's suppliers, whose services are inseparable from the use of the Site.
5. For what purpose does Golden Palace process your data?
Golden Palace will determine the purposes and means of data processing.
1) The processing of data by Golden Palace is necessary to comply with the following legal obligations:
- Golden Palace is required to identify its Users and to keep its Data in accordance with the law of 7 May 1999 relating to games of chance, betting, establishment games of chance and player protection.
- Golden Palace must also transmit this Data to the Belgian Gaming Commission (www.gamingcommission.be).
- Golden Palace must deploy all means to prevent and detect money laundering and to participate in the fight against terrorism. Therefore, Golden Palace must keep personal identification data and financial transaction data of all its players.
- Golden Palace is obliged to report any suspicious transaction to the Financial Information Processing Unit (www.cfi.be).
2) The processing of data by Golden Palace is necessary for the performance of the contract to which the User is a party by opening a Player Account and accepting Golden Palace's general terms and conditions.
3) Golden Palace processes the Data in order to respond to Users' requests, to check whether the Bonus Policy is applicable, etc.
4) Processing is necessary for the legitimate interests of Golden Palace.
5) Golden Palace also processes User Data on the basis of a legitimate interest, proportional to the User's rights, in order to offer its services, to ensure the proper functioning of the services and to improve the services offered to meet the needs of Users.
6) Data processing by Golden Palace fulfils the purposes of promoting, advertising, marketing, participating in contests and promotional offers, including the communication of winners and developing new games and betting offers:
- In order to optimise your gaming experience, the Operator provides you with interesting information about products and services through newsletters, both generalised and personalised.
- To do so, the Operator uses your personal identification data, transactional data and cookies.
- b. Different communication channels will be used to send you our offers and newsletters, namely, email, SMS and push notification.
- c. You can easily opt-out (or re-open when you wish to start receiving our information again) of any form of direct marketing in your personal preference centre when you log in to your user account.
7) The User has consented to the processing of his/her Data.
8) The User has the right to revoke his/her consent at any time by changing the option on his/her personal account or by sending a request to the email address email@example.com.
6. Are your data transferred to partner companies, especially outside the European Union?
Users' data can be communicated:
- to Golden Palace service providers for the purposes of operating the Service;
- to potential commercial partners after obtaining the User's consent;
- to the Gaming Commission;
- to administrative or judicial authorities.
Golden Palace agrees that User Data, including that transmitted to potential commercial partners, will not be transferred outside the European Union, unless the User has given prior permission to do so.
The User declares that Golden Palace has fully informed him/her of the rules relating to the use of the Site and its Services.
Golden Palace recommends that the User refrain from communicating his/her Personal Data by email or fax, unless expressly requested by the Operator. It is the User's responsibility to carefully check beforehand that the Operator is the source of such requests.
7. How long will Golden Palace keep your data?
The personal data of Users is kept by Golden Palace for a period of 10 years for all the purposes mentioned in Article 5.
In particular, Golden Palace reserves the right to retain Users' personal data for any purpose required by law, as a result of its online gaming and betting activities.
Users declare that they are thus informed and consent that, with reference to the Royal Decree of 15 December 2004 relating to the register of access to the gaming rooms of class I and II gambling establishments, Golden Palace is required to keep the photocopy of the identity card or document used to identify the User for at least ten years from the last activity of the player on the Site.
8. What are your rights as data subjects in relation to the processing of your personal data?
The User has certain rights under the GDPR. These rights are as follows:
1) Right of access
You have the right to obtain confirmation from Golden Palace that the Data concerning you are or are not being processed and to have access to such Data as well as to the information mentioned in article 15 of the GDPR, namely:
- the identity and contact details of the data controller
- the contact details of the Data Protection Officer
- the personal data processed
- the purposes of the processing operation for which the personal data are intended and the lawful basis of the processing operation
- the recipients or categories of recipients of the personal data, if applicable
- the fact that the controller intends to carry out a transfer of personal data to a country outside the European Union
- the possibility to object to automated processing of their data, such as profiling, unless there are good reasons that make such processing by Golden Palace necessary
- the possibility to object to any processing of their personal data for canvassing purposes
2) Right to rectification
In accordance with Article 16 of the GDPR, you have the right to have your inaccurate data rectified as soon as possible and to have incomplete data completed.
3) Right to erasure of data ("right to be forgotten")
You have the right to request that Golden Palace delete your Data as soon as possible and Golden Palace has the obligation to delete your Data in accordance with Article 17 of the GDPR when one of the following situations occurs:
- the personal data processed are no longer necessary for the purposes for which they were collected or processed
- The User withdraws the consent on which the processing is based and there is no other lawful basis for the processing
- The User objects to the automated processing of his/her Data (profiling) and there is no compelling legitimate reason for the processing or the User objects to the processing for canvassing purposes
- The data has been processed unlawfully
- The Data has to be deleted in order to comply with a legal obligation under EU law or the law of the Member State to which Golden Palace is subject
However, this right may not apply when the processing is necessary, in particular:
- In order to comply with a legal obligation which necessitates processing under Union law or the law of the Member State to which Golden Palace is subject
- For the establishment, exercise or defence of legal claims
4) Right to restrict processing
You have the right to obtain restricted processing of your Data by Golden Palace when:
- The data is inaccurate
- The processing is unlawful and you object to the deletion of the data and, instead, demand the restriction of the use of such data
- Golden Palace no longer needs the Data for processing purposes, but it is still necessary to enable you to ascertain, exercise or defend legal claims
- You have objected to the processing when verifying that the legitimate reasons pursued by Golden Palace take precedence over yours.
5) Right to request the transfer of your data to another data controller
You can request that your Data transmitted to Golden Palace be transferred to another data controller without Golden Palace being able to prevent this, in accordance with Article 20 of the GDPR.
6) Right to object to the processing of your data
You can at any time to object to the processing of your Data, which is necessary for the performance of a mission of public interest or necessary for the purposes of legitimate interests pursued by Golden Palace.
You can at any time object to the processing of your Data for canvassing purposes, particularly for profiling.
Golden Palace informs each recipient to whom the Data has been communicated of any correction, deletion or limitation of the processing of the Data, unless such communication proves impossible or requires a disproportionate effort.
9. What are the procedures for exercising the rights mentioned in Article 9?
The aforementioned rights can be exercised by means of a written request addressed to the following address: firstname.lastname@example.org and accompanied by a copy of the User's identity document.
Golden Palace will do its utmost to respond to requests concerning the User's rights within one month of receipt of the request, provided that the User can be identified.
By using the Golden Palace Site, in any capacity whatsoever, the User manifests his/her free, specific, informed and unequivocal desire to expressly authorise Golden Palace to process personal data in accordance with the GDPR, within the limits and for the purposes defined above.
Furthermore, the User is informed that the personal data communicated by the User is recorded in a controlled register, which remains at all times under the responsibility of Golden Palace.
In addition, the User benefits from the rights, including the right to withdraw his/her consent at any time.
11. Probative value
The User acknowledges that the electronic documents exchanged and the electronic data collected in the context of his/her registration or use of the Site have the same evidential value as if these documents and data had been communicated or collected on paper.
In particular, the User shall not dispute the weight or probative value of these documents due to their electronic nature.
12. How do you contact the Data Protection Authority and lodge a complaint?
In accordance with the GDPR, the User has the right to request additional information or lodge a complaint with the Data Protection Authority.
The Supervisory Authority is the Commission for the Protection of Privacy, whose contact details are as follows:
Address: Rue de la Presse, 35, 1000 Bruxelles
Phone: +32 (0)2 274 48 00
Fax: +32 (0)2 274 48 35 Email: email@example.com
13. What are Golden Palace's commitments to guarantee the security of your data?
In accordance with the GDPR, Golden Palace shall take all necessary measures, in view of the nature of the data and the risks linked to their processing, to preserve the security of the User's Data and, in particular, to prevent such Data from being modified or accessible to unauthorised third parties.
The technical measures involve, among other things, anonymisation, and the organisational measures involve internal audits.
When Golden Palace uses data processors to carry out processing, they must provide sufficient guarantees as to the implementation of technical and organisational measures.