Data responsibility and contact information
Hoogstebonuscasino.nl is the data controller for the processing of the personal data that we obtain from you. Our contact details are the following:
You are welcome to contact us should you have any questions regarding our processing of your personal data.
We process the following data about you
We may process the following personal data about you:
- E-mail address
- Phone number
- Log files about your behaviour on the website, including pages you have visited on the domain.
- Time stamp
- Date of birth
- Other cookie date that may contain personally identifiable data.
Purpose and legal basis for processing
The purpse with our processing of your personal data is the following:
- To market offers that are presented on this website and to send newsletters, if you have given your consent.
- To process customer support related inquiries.
- Analysis of on-page activities and the visitors’ use of the website.
- To prevent hacker attacks.
When you use the website we collect personal data from you. You cannot use the website without us collecting some personal data about you, which you are noticed about in the pop-up consent form when you visit the website the first time. The personal data we collect from is your behaviour on the site. For example, which pages you visit, when, how long, and your IP-address. IP-addresses are collected to monitor any irregular traffic patterns and is an important tool for us in prevent hacker attacks. Furthermore we are able to block visitors if their IP-addresses show that they are in a location with gambling restrictions.
We only process your personal data in the scope necessary to fulfil the purposes described above, for which the data is collected.
We are obligated to inform you about the legal basis for processing your data, which is the following:
- That you have given consent to the processing, cf. Databeskyttelsesforordningen (Data Protection Regulation) article 6, paragraph 1, point a.
- That the processing of personal data is made in consideration of preventing hacker attacks based on a balancing of interests that precedes your basic rights and freedom right, cf. Databeskyttelsesforordningen (Data Protection Regulation) article 6, paragraph 1, point f.
Profiling is defined as “any form of automatic processing of personal data that consists of using personal data to evaluate certain personal data regarding the person’s work, economic situation, health, personal preferences, interests, trustworthiness, behaviour, geographical position or movements.”
We use automatic decisions, hereunder profiling to define target groups based on geographical locations and interests. The profiling is taking place based on you having expressed interest for gambling by visiting this website. Hereafter you can expect to be presented for banners on other websites, just as you may be presented for adverts on Facebook and other social media channels we use to reach our target audience(s). Furthermore it will be registered wherefrom you access this website, and the geographical location may influence how we create campaigns. We will target campaigns to specific geographic locations in the event we based on accumulative profiling data can conclude that there is a big interest for our marketing in specific cities/areas.
Where your personal data stems from
It is registered when you interact with us either by visiting this website directly or indirectly. This could be by interacting with our Facebook page or if you have signed up on the site’s mailing list. This can lead to you being presented with targeted marketing ads.
All data stems from the registered. In the case that you have interacted with our brand on Facebook then Facebook acts as an intermediary between the registered and us, because we receive the data through Facebook.
Facebook does not provide us with personally identifiable data about you when we use their platform other than the outlined types of personal data in paragraph 3, unless you actively interact with our brand on Facebook.
We transmit your data to third parties if we have received your explicit consent to do so or if it is necessary in order to fulfil a legitimate interest. These third parties are listed below: Authorities to the extent we are committed by legislation.
To be able to provide you the best service we use the following data processors:
- Google Ltd.
- Facebook Ltd.
- Campaign Monitor Ltd.
- Microsoft Ltd.
Transfer to a third country
We will transfer your personal data to recipients outside the EU and EEA.
The transfer will be to the following U.S.-based organizations: Facebook Ltd., Google Ltd., Sendgrid Ltd., Microsoft Ltd. and Campaign Monitor Ltd. Furthermore a transfer of personal data will happen to Innocraft Ltd. which is based in New Zealand.
The EU Commission has made a decision on the level of security of personal data and in this it appears that the level of security in the U.S. is not sufficient. However, the EU Commission has determined that organizations based in the U.S. are ’safe areas’, if they have joined the EU-U.S. Privacy Shield agreement.
The EU Commission considers New Zealand a safe third country.
We transfer data to following U.S.-based organizations that are part of the Privacy Shield agreement:
- Facebook Ltd.
- Google Ltd.
- Sendrgid Ltd.
- Microsoft Ltd.
The transfer of personal data to Campaign Monitor Ltd. is in accordance with the EU Commission’s Standard Contract.
Your personal data is only stored as long as it is necessary to fulfil the purpose unless other is demanded in accordance to legislation, hereunder especially the accounting law’s rules on storing accounting records for 5 years, as well as the current year.
Log files, including IP-addresses, is stored for 5 years before they are deleted. Google Analytics data is stored for 26 months before they are deleted.
Contact information, if you want to use your rights
- Right to insight (see personal data): You have a right to get insight in the personal data about you that we process as well as a number of additional information. The access to insight must not violate others’ rights and freedom rights.
- Right to correction: You have a right to get untrue personal data about you corrected.
- Right to deletion of personal data: In special cases you have the right to get personal data about you deleted before the general timeline of the deletion occurs.
- Right to restriction of processing: In some cases you have the right to get the processing of your personal data restricted. If you have the right to get the processing restricted, we may only process the data – except for storing – with your consent, or if legal requirements demand it, or to protect a person or important public interests.
- Right to transmit data (data portability): When our processing of your personal data is based on consent or a contract and the processing takes place automatically data portability is your right. This right entails that you have the right to get the personal data sent to you in a structured, normally applied and machine-readable format that you have the right to transmit to another service provider.
- Right to objection: In some cases you have the right to make objection against our otherwise legal processing of your personal data. You may as well object to our processing of your personal data to direct marketing.
- Right to withdraw consent: If we base our processing on your consent you have the right to withdraw your consent to us processing of your personal data completely or partially. The withdrawal of your consent will not influence the legitimacy of the processing that we have conducted before the withdrawal of consent. If you withdraw your consent it will only come into effect from the moment of the withdrawal.