36Gaming Ltd Privacy Policy

Effective Date: 10-03-2025

1. Introduction and Scope

This Privacy Policy explains how 36Gaming Ltd ("we," "us," or" our") collects, uses, discloses, and protects your personal information when you visit our websites https://36vegas.co.uk and https://36gaming.co.uk (the "Site") and use our online gambling, betting, and casino services (together, the "Services"). We are committed to safeguarding your privacy and ensuring that your personal data is processed by the General Data Protection Regulation (GDPR) and all other applicable data protection laws.

2. Who We Are

Data Controller:
36Gaming Ltd ICO Number ZB883775 is the data controller responsible for your personal data.

Registered Office:
The Old Convent,
Llanbadarn Road,
Aberystwyth, Ceredigion,
Wales, SY231EY,
United Kingdom.

If you have any questions about this Privacy Policy or our data practices, please use the details provided in Section 13 to contact our Data Protection Officer (DPO).

3. What Information We Collect

We collect a variety of personal information necessary to provide you with our Services, including:
3.1. Personal Identification Information
- Examples: Name, date of birth, gender, and contact details (e.g., email address, telephone number, postal address).

3.2. Account and Transaction Data
- Examples: Username, password, account activity, betting and gaming history, deposits and withdrawals, and transactional details.

3.3. Verification and Regulatory Data
- Examples: Documents for identity verification (such as passports or driving licenses),proof of address, source of funds, and information required under anti-money laundering (AML) and know your customer (KYC) procedures.

3.4. Device and Usage Information
- Examples: IP addresses, browser type, operating system, device identifiers, and similar technical data collected through cookies and other tracking technologies.

3.5. Marketing Data (Based on Consent)
- Examples: Preferences and behavioural data used for direct marketing, where you have provided explicit consent.

4. How We Use Your Personal Information

We process your personal data for the following purposes:

4.1. To Provide and Manage Our Services
- Account Management: To set up, manage, and secure your account.
- Customer Verification: To comply with legal obligations (e.g., KYC and AML requirements), verify your identity, and assess the source of funds.
- Service Delivery: To operate our betting, gaming, and casino services, including processing bets and settling winnings.
- Transaction Processing: To process deposits, withdrawals, and other payments.

4.2. For Regulatory and Legal Compliance
‍- Legal Obligations: To fulfil obligations under UK laws, AML, and KYC regulations, as well as report requirements to regulatory bodies.
- Record Keeping: To maintain accurate records as required by law and for audit purposes.

4.3.For Marketing and Promotional Purposes
‍- Direct Marketing: With your explicit consent, we will send you promotional offers, newsletters, or other communications about our Services.
- Preference Management: To tailor marketing communications to your interests.

4.4.For Website and Service Improvement
‍- Analytics: To analyse how customers use our Site and Services so that we can enhance their experience.
- Security: To monitor and protect our Site and Services from fraud, unauthorised activity, or security breaches.

5. Lawful Basis for Processing

We process your personal data on several lawful bases under the GDPR:

Contractual Necessity: We need to perform our contract with you (e.g., provide the Services you have requested).
- Legal Obligation: To comply with statutory and regulatory obligations (e.g., AML,KYC, and other legal requirements).
Consent: This is for processing related to direct marketing or other non-essential purposes for which you have provided your explicit consent.
- Legitimate Interests: For purposes such as improving our Services, enhancing security, and performing internal risk management—provided that your fundamental rights and freedoms are not overridden.

Where processing is based on your consent, you can withdraw that consent at any time.

6. How We Share Your Information

6.1. With Service Providers
- Third-Party Providers: We may share your information with trusted third-party service providers (such as payment processors, IT service providers, KYC/AML verification consultants, and direct marketing agencies) to facilitate our Services.

6.2. With Regulatory and Law Enforcement Authorities
‍- Legal Compliance: We may disclose your personal data to regulatory authorities or law enforcement agencies where required.

6.3. For Business Transfers
‍- Mergers and Acquisitions: In connection with any merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

6.4. International Transfers
- Outside the EEA: Should your data be transferred outside the European Economic Area (EEA), we ensure it is afforded adequate protection consistent with EU standards.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with our legal, regulatory, and business obligations. Specific retention periods may vary based on the nature of the data and the applicable legal requirements (e.g., AML and KYC regulations).

8. Data Security

We employ appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include encryption, secure servers, regular security reviews, and staff training.

9. Your Rights Under the GDPR

You have the following rights regarding your personal data:

-Right to Access: You can request copies of our personal data.
-Right to Rectification: You may request corrections to any inaccurate or incomplete information.
- Right to Erasure ("Right to be Forgotten"): Subject to certain conditions, you can ask for your personal data to be erased.
- Right to Restrict Processing: Under certain circumstances, you can request the restriction of processing of your data.
- Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transfer it to another controller.
- Right to Object: Where applicable, you may object to certain types of processing, including processing based on legitimate interests or direct marketing.
- Right to Withdraw Consent: Where we process your data based on your consent, you can withdraw it at any time without affecting the lawfulness of any processing carried out before the withdrawal.

To exercise any of these rights, please use the details provided in Section 13 to contact us. We will respond to your request within the timeframes required bylaw.

10. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to ensure its proper operation and enhance your experience. From the point of registering or logging in, all cookies used on our Site are necessary for its core functionality. These cookies are:

- Essential Cookies:
These cookies are critical for the secure operation of our Site. They enable you to log in, maintain your session, process transactions, and use other essential features of our Services.

- Operational Use:
Due to the nature of our Services, all cookies set during registration or login are mandatory. They allow us to protect your account, securely manage your session, and provide the features on which our Services depend.

You cannot disable these essential cookies through our Site. However, you may manage or delete cookies via your browser settings. Please be aware that disabling these cookies may impair the functionality of the Site and your ability to use our Services.

11. Direct Marketing

Where you have provided explicit consent, we may use your personal data for direct marketing purposes, including sending you newsletters, promotional emails, and special offers. You may opt out of receiving such communications at any time by following the unsubscribe instructions in our emails or contacting us directly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time in response to regulatory changes or to reflect changes in our data practices. When we do, we will update the "Effective Date" at the top of this policy and notify you through the Site or other appropriate means.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please get in touch with us:

Data Protection Officer (DPO):
Balazs Balint

36Gaming Ltd
The Old Convent,
Llanbadarn Road,
Aberystwyth, Ceredigion,
Wales, SY231EY,
United Kingdom.

Email: cco@36gaming.co.uk
Postal Address: The Old Convent, Llanbadarn Road, Aberystwyth, Ceredigion, Wales, SY231EY, United Kingdom.

If you wish to exercise your rights under the GDPR or require further clarification about our processing of your personal data, please use the above details to contact us.