Name of the register: Sangal Gaming Group B.V.
Controller: User data file of Sangal Gaming Group B.V.
Address: Kabelweg 57 1014BA Amsterdam, Netherlands
When and why do we process your personal data?
We may collect data of you when you:
- use and/or access the Online Services;
- subscribe to newsletter(s);
- place orders in our online store; or
- otherwise provide us with your personal data.
The purpose and legitimate grounds for processing are as follows:
- fulfilment of a possible agreement concluded between Sangal and you, as necessary e.g. relating to the processing, delivery and invoicing of your orders from our online store;
- legitimate interest of Sangal, such as managing and developing our customer relationship, business functions and communications;
- complying with our legal obligations; and
- in some cases, we may process your personal data based on your consent for e.g. conducting direct marketing relating to our Online Services.
We may include your personal data in our customer register. Such register is necessary for us as it enables efficient and customer-oriented marketing, sales activities and delivery management as well as ensures that we can establish and maintain a good customer relationship with you. We use your personal data for offering and improving our services at our Online Services as well as contacting you, customising and personalising your user experience at our Online Services, conducting marketing and research and creating reports to our internal use.
We only use your personal data for direct marketing purposes if you have provided us your consent to do so (opt-in). You may opt-out of receiving promotional e-mails from us by following the instructions in those e-mails or by contacting us. If you opt-out, we may still send you non-promotional emails, such as e-mails about your account or our on-going business relations.
What personal data do we collect about you?
The collected data may include the following:
- Contact information (first name, last name, e-mail address, postal address, phone number);
- User name and/or account identifier;
- Automatically saved and collected data (such as IP address and cookies, browser, used device, location, ISP); and
- Demographical information and data on the use of services and user habits at the Online Services (such as your use of the website, your preferences, interests or consumer profile data, information relevant to customer surveys, offers and similar).
We do not collect or process any personal data that is categorized as sensitive data under the GDPR.
Who do we share your personal data with?
Your personal data may be disclosed as follows:
- We may disclose your personal data to our auditors, insurance companies and different governmental authorities for the sole purposes of their regulatory tasks. Such disclosure of data will be carried out in accordance with the Applicable Data Protection Regulation.
- We may engage other companies or individuals to perform tasks on our behalf, e.g. Paytrail, Stripe or Pay Pal to process the payments at the Online Services. Such third parties may have access to your personal data, however, solely in accordance with our instructions and under our supervision for the purposes specified by us.
- We may share aggregate or anonymous information about you with advertisers, publishers, business partners, sponsors, and other third parties. It is impossible to identify individuals from the anonymised data in question and it is therefore no longer considered as personal data.
Our Online Services and our services or parts thereof may also be hosted, as well as we may use service providers located outside of the European Economic Area (meaning all European Union countries as well as Norway, Iceland and Liechtenstein, together the “EEA”), which means that we may transfer any personal data which is submitted by you to service providers located in the United States or other territories outside the EEA.
Personal data in the European Union is protected by data protection laws but other countries do not necessarily protect your personal information in the same way. However, we strive to ensure that when your personal data is transferred outside of the EEA by our service providers and hosting providers, appropriate measures and controls are in place to protect that information in accordance with the Applicable Data Protection Regulation. In each case, such transfers are made in accordance with the requirements of the GDPR and may be based on the use of the European Commission’s Standard Model Clauses for transfers of personal data outside the EEA.
How long do we store your personal data?
How do we secure your personal data?
We will store your personal data by using the best practices of the industry in secure operating environments that are not available to the public. The personal data is accessible only by named persons bound by appropriate confidentiality obligations and whose tasks require accessing to such data.
We will take all reasonable technical and organizational measures to protect your personal data from unauthorized access or against loss, misuse or alteration by third parties. However, we cannot fully eliminate security risks associated with personal data and therefore, we cannot be held liable for any unauthorized access to or use of your data.
You can set your browser not to accept cookies, however if you disable cookies you may find that this affects your ability to use certain parts of our Online Services. To disable cookies, you can turn them off in your browser’s settings.
We use Google Analytics, a web analytics service provider by Google that tracks and reports on traffic passing through our website in order to improve the functionality of our site. For an overview of Google Analytics, please visit Google Analytics. You can prevent data from being collected and processed by Google Analytics here.
Social media plug-ins
We have social media plug-ins on our Online Services. These include links to our Facebook, Instagram, Twitter and YouTube websites. When you click on a link to visit such site, your browser connects to that social media server. At the same time the service provider of such social media website knows that you visited our Online Services before going on their website. Therefore, be aware that if you were registered on that social media providers services, your visit will be linked to your social media user account. If you want to prevent linking to an existing user account, you must sign out of the social media website in question before you visit our Online Services.
Your rights as a data subject
As a data subject, you have the following rights regarding your personal data:
Right to access your data. You have a right to access your personal data collected by us. If you wish to receive a copy of such personal data, please send us an e-mail by using the controller’s contact information. We may charge a small fee for this service.
Right to rectification. If your personal information changes, or if you find your personal data to be inaccurate, you may correct, update, or delete inaccuracies by making the change by contacting us.
Right to withdraw consent. You have a right to withdraw your consent regarding the processing of your personal data and require us to erase such data we have processed based on your consent. We will retain and use such information only if we have a legitimate and lawful purpose to do so, e.g. to comply with our legal obligation or resolve possible disputes.
Right to erasure. You have the right to have us erase your personal data if (a) such data is no longer necessary for the purposes for which it was collected or processed, (b) there is no justified reason for us to process your personal data or (c) your personal data has otherwise been processed unlawfully. If you would like to have your personal data erased, please send us an e-mail by using the contact information below.
Right to restriction. You have a right to request us to restrict the processing of your personal data for example when you are waiting for our response for your request to access or erase your data.
Right to data portability. You have a right to receive your personal data you have provided us in a structured, commonly used and machine-readable format and, if you so desire, have your data transmitted to another controller, when technically feasible.
Right to lodge a complaint. If you feel our processing of your personal data is in breach of the GDPR or you are not satisfied for any other reason, please send us an e-mail by using the controller’s contact information. You also have a right to lodge a complaint with a local supervisory authority.
How to contact us?
If you have any questions or concerns about our data privacy practices, or if you have any requests for resolving issues with your personal information, please contact us:
By e-mail: email@example.com
Date of compilation: 23 June 2023