Privacy Policy
About us
We, The National Online Self Exclusion Scheme Limited, a company incorporated in England and Wales with company registration number 10504973 and registered office at 3 Greengate, Cardale Park, Harrogate, HG3 1GY, are committed to protecting your privacy and personal information. This Privacy and Cookie Policy (Privacy Policy) details the steps we take to protect an individual's personal information when an individual (you) visit https://operator.gamstop.co.uk/ (our Portal). This Privacy Policy describes the personal information that we collect when you use our Portal, the purposes for which we use such information, and your choices regarding our use of it.
Our legal status under UK data protection law is that of a data controller and in this capacity we will securely store and process your personal information which you have provided to us. Data controller is a legal term which identifies the person who controls what to do with any given personal information. As data controller we have registered with the Information Commissioner's Office and our registration number is ZA247738.
The steps we take to protect your personal information and how you can review and correct your personal information are also covered here.
Changes to this Privacy Policy
We may occasionally update this Privacy Policy. When we do, we will revise the "last updated" date at the top of the Privacy Policy. Please ensure that you frequently check this Privacy Policy for any updates.
Collection of information
This Privacy Policy applies in respect of all personal information you provide to us and your use of our Portal.
The personal information we collect from you may include:
- any information you provide to us if you contact us; and
- information you submit when you log into our Portal, which may include your email address and password.
You are not required to provide any of this information, but if you do not, we may not be able to provide you with the requested services.
We may also observe your use of our Portal and derive certain information from this which may include personal data.
How is your personal information used?
We will use the personal information you provide to us to:
- check that your email address is a valid company email address for an operator licensed by the Gambling Commission of Great Britain;
- provide you with access to our Portal and provide our services to you;
- develop our services to enhance their usability and functionality and improve the user-experience; and
- contact you.
With whom is your personal information shared?
We may disclose personal information that we receive through our Portal with service providers retained by us in connection with the provision of our Portal and services, including in respect of the provision of technology services and website hosting. Access to your personal information by these service providers is limited to the information necessary for the service provider to perform its function on our behalf.
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006, which includes The Remote Gambling Association.
We may disclose depersonalised data (such as aggregated statistics) about the users of our Portal and services in order to describe our traffic patterns and other services information to prospective partners and other reputable third parties and for other lawful purposes, but these statistics will include no personally identifying information.
We may occasionally be required by law, court order or governmental authority to disclose certain types of personal information. Examples of the type of situation where this would occur would be:
- in the administration of justice; or
- where we have to defend ourselves legally.
Finally, in the event of a reorganisation, sale or takeover we may need to disclose personal information to new entities within the group or potential acquirers and their advisers, though we will do so on the basis that the information is kept in confidence and, if the reorganization, sale or takeover takes place, used only in accordance with applicable law and this Privacy Policy.
The requirements of data protection laws
We regard the lawful and correct treatment of your personal information by us as very important to our successful operation, and to maintaining confidence between us and our users. We ensure that our organisation treats personal information lawfully and correctly. To this end we fully endorse and adhere to the data protection principles set out in data protection legislation. In particular, without your consent or first amending this Privacy Policy to reflect any change in our usage of personal information:
- we will not use your personal information for any purpose that is incompatible with this Privacy Policy;
- we will only collect sufficient personal information for the uses set out above;
- we will endeavour to keep your personal information up-to-date;
- we will operate appropriate technical and organisational processes to protect your personal information against unauthorised or unlawful access or processing and against accidental loss or destruction. The measures we take are described elsewhere in this Privacy Policy; and
- we will not transfer your personal information to a country outside the European Economic Area unless safeguards are in place to protect your personal information to the standards that apply within the EEA.
Security
We are committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use, or disclosure.
For example, we store the personal information you provide on secure computer systems with limited access that are located in facilities to which access is limited.
Retention
We will hold your personal data for so long as we are providing services to you and for no more than one year after. We will endeavor to delete any personal data sooner where it is not necessary for us to hold this, but please be aware that we may hold personal data for longer if we are under a legal obligation to do so or where we have a reasonable belief that it is necessary to do so for business or legal reasons.
Your rights
You have the following rights in relation to your personal data:
- a right of access to a copy of the information comprised in your personal data;
- a right to access your personal data in machine-readable format and to request that we transfer this to a third party data controller;
- a right to object to decisions being taken by automated means;
- a right to object to processing that is likely to cause or is causing damage or distress;
- a right in certain circumstances to have inaccurate personal data rectified, blocked, erased or destroyed;
- a right to claim compensation for damages caused by a breach of data protection legislation; and
- a right to lodge a complaint to the Information Commissioner's Office in respect of our use of your personal data.
If you are unsure about your rights or are concerned about how your personal data may be processed you should contact the Information Commission's Office.
If you contact us in relation to your rights we will do our best to accommodate your request or objection. Please note, however, that not all rights are absolute. Sometimes other legal obligations or third party rights will take precedence.
If you request a copy of personal data that we hold about you, we may require ID.
You can help us to maintain the accuracy of your information by notifying us of any change.
Please email us if you would have any queries about, or would like to enforce, your rights set out above.
Subprocessors
We use or intend to use certain third party service providers in connection with providing the Portal and our services. The providers that may process personal data provided by you to us in order to enable us to provide the Portal and our services are:
- The Data Shed Limited; and
In turn, The Data Shed Limited also uses certain third party service providers, again in order to enable it to provide its services to us. These providers are:
- Okta, Inc
- Amazon Web Services
All such third party providers are required to provide their services in accordance with applicable data protection laws.
Links to other websites
Our Portal may contain links to other websites. We are not responsible for the content, security, practices or privacy policies employed by other websites. We encourage you to carefully review these sites' privacy policies so that you know how they will collect, use, and share your information.
Contact us
If you have questions regarding this policy or our handling of your personal information, please support@gamstop.co.uk. We will promptly address your concern and strive to reach a satisfactory resolution.
