• Privacy

Newaleabet ensures that the processing of personal data is made confidentially by the Company or third parties endowed with our own high standards of data protection, to allow gambling account management, user profiles creation and ensure security of the Website in the use of our services. The User is required to carefully read the following privacy policy in order to make informed decisions.

Table of contents

 

  1. Data Controller
  2. Purpose of the processing
  3. Legal Basis and consequences of a failure to provide personal data
  4. Categories of personal data
  5. Recipients of personal data
  6. Place of data processing
  7. Transfer of personal data abroad
  8. Retention period of Personal data
  9. Rights of the Data subject
  10. Processing based on Automated decision-making and/or profiling
  11. Security measures
  12. Cookie
  13. Changes and updates
  1. Data Controller

The Data Controller of your personal data is Ulisse GmbH, registered in Austria (FN 427806b) and subject to Austrian law, with registered office at Salurner Straße 12, -6020 Innsbruck (AT)
mail: [email protected]

  1. Purposes of the processing

Users’ personal data will be mainly processed by the Concessionaire to allow the performance of gambling and betting activity and to supply products/services offered on the websites. Data processing is therefore necessary for the fulfilment of the contractual obligations assumed by the Concessionaire towards customers, for the fulfilment of the obligations required by law, by a regulation or by EU legislation and for the exercise of their rights.

In particular, these main purposes include:

  • creation and management of a profile and a gambling account (execution of a contract or pre-contractual measures);
  • execution of money transactions by means of payment managed by third parties (e.g. credit institutions);
  • management, maintenance and technical assistance related to games and services, including websites;
  • management of complaints and/or disputes in any judicial offices and any other Authority offices;
  • fulfilment of the obligations established by law (e.g. Anti-Money Laundering, repression/prevention of fraud and any illegal activity)
  • execution of communications related to the performance of the contractual relationship or in the pre-contractual phase;
  • statistical processing (in aggregate and anonymous form where possible, mainly for risk control).
  1. Legal basis and consequences of a failure to provide personal data

Your personal data will be processed exclusively for the purposes listed above; whose legal basis can be found:

  1. a) in the fulfilment of a contractual and/or pre-contractual obligation for the use of the Gambling services offered by the website;
  2. b) in the fulfilment of the legal obligations to which the Data controller is subject for the prevention of any illegal and fraudulent activity;
  3. c) in the pursuit of the legitimate interest to protect a Legal Claim and to handle complaints and/or disputes;

With particular reference to letter b) personal data is collected to allow the Data controller to fulfil the customer due diligence obligations pursuant to D. Lgs. 231/07 as integrated by D. Lgs. 90/2017 and D. Lgs. 4 october 2019, n. 125 in implementing European Directives concerning Anti-Money Laundering – (UE) 2018/843 (known as the 5th AML Directive).

The communication of your data is necessary to be able to use our services. You can at any time choose not to provide your personal data, but in case of failure to provide them we will not be able to provide our services; therefore, the concessionaire will not be able to establish a contractual relationship. However, it is without prejudice to the possibility that the website may be browsed and viewed by non-registered users.

4 Categories of personal data

By “Personal Data” we mean any information concerning a natural person/individual who, due to the processing may be identified or identifiable.

As for the categories of processed personal data, they are represented by:

  • Common personal data: name, surname, date and place of birth, telephone number, email address, any images of identification documents, website registration details (e. g. email address and password)
  • Browsing data: IP addresses, time and method used to make requests to the server, numerical code about the status of the response made by the server;
  • Bank/financial details: including the details of the debit/credit card and In particular, the Data controller will know only the last four digits of the credit card, except when acquiring the entire number directly from the data subject for any checks on the transaction.

All data acquired by the Data controller is provided voluntarily by the data subject, it is forbidden for anyone to transmit data of third parties, regardless of any actual authorisation given by the same subjects to divulge them.

  1. Recipients of data

To pursue the purposes of providing services and products related to the contract, the Concessionaire avails itself of internal employees and collaborators and may communicate personal data outside, to the following third parties:

  • parties who maintain relationships with the Concessionaire, to pursue statutory or contractual purposes for organising, managing, advertising, promoting or collecting bets. In particular, among others, suppliers from whom the Data controller acquires services for its gaming platform;
  • persons, companies or professional offices, that provide assistance, advice or collaboration to the Data controller in accounting, administrative, legal, tax and financial matters;
  • Companies that perform management and maintenance of electronic communications equipment (including websites) and the related following obligations on behalf of the Concessionaire;
  • third-party service providers to whom communication is necessary to perform the services covered by the contract.
  • judicial and police authorities or other public administrations for the fulfilment of legal obligations;
  • credit institutions for the purpose of money transactions in the performance of the Contractual relationship.
  • all natural and legal persons in cases where communications are necessary for the primary purposes of the processing;
  1. Place of data processing

Personal data are processed on the premises of the Data controller in Innsbruck and Malta, as well as on IT support by means of the software made available by the various partners and the devices made available to the subjects authorised to process and protect data.

  1. Transfer of personal data abroad

Your personal data will not be transferred abroad as the servers used by the Data controller are located within the European Union, with the required high levels of data protection.

  1. Retention period of Personal data

The Data will be stores, pursuant to article 13, paragraph 2, letter (a) of the Regulation, according to the time parameters dictated by civil, fiscal and anti-money laundering and counter terrorism financing regulation; that is for a maximum of 10 years from the last legally relevant fact that refers to them

  1. Processing based on Automated decision-making and/or profiling

In accordance with the legislation on anti-money laundering and counter terrorism financing your data may be subject to automated processing or profiling in order to determine the lawfulness of the operations you performed. In the event that suspicions of money laundering arise, the Concessionaire is obliged to notify the competent authorities and provide them with all related information.

  1. Rights of the Data subject

As a data subject, you may at any time make use of the faculties and rights provided by the Regulation.

In particular, you have:

  • the Right to obtain confirmation of the existence or not of your personal data;
  • the Right to access to and have communication of your data upon a simple request;
  • the Right to rectification, i.e. modification and updating data;
  • the Right to object which provides the possibility to object the processing of personal data for legitimate reasons.
  • the Right to be forgotten, i.e. the right to have your data erased.
  • the Right to restriction of processing, which minimise the use of data processing to the extent necessary for its purpose.
  • the Right to data portability of data provided by the data subject which allows the latter to receive personal data relating to him in a commonly used format.

Please be informed that the processing is not subject to your consent, therefore you cannot exercise the right to revoke the consent. In addition to the rights listed above please be informed that you always have the right to lodge a complaint with the Authority for the Protection of personal data.

The exercise of rights is not subject to any restrictions and it is free of charge; the rights may be exercised by submitting a request to the Data controller by means of the email address mentioned above.

  1. Security measures

The processing of personal data is guaranteed by the application of suitable and preventive security measures, that make it possible to reduce the risk of destruction or loss of data, even when accidental, unauthorised access or processing not allowed or not compliant with the purpose of collection. The security system identifies organizational choices and operating procedures regarding security matters in the processing of personal data, in particular with regard to:

  • list of personal data processing;
  • exclusive and specific access to authorized personnel based on the purpose of processing;
  • exclusive access to the indicated places of processing;
  • analysis of the risk to which data is exposed;
  • measures to be taken to ensure data integrity and availability;
  • description of the criteria and methods for restoring data availability in case of destruction or damage;
  • Planning of training/educational interventions for the persons in charge of data processing, to make them aware of the risk to which data could be exposed, of the measures available to prevent harmful events, of the part of the legislation on data protection that most affect the related activities, of the resulting responsibilities and the different methods for being updated on the minimum measures taken by the Data controller;
  • description of the criteria to be taken to ensure the adoption of minimum-security measures in case of processing of personal data entrusted outside the premises of the Data controller or transferred abroad.

The user, where registered, is committed to keep his/her personal access credentials confidential and not to share them with third parties. The user also commits, once logged into the website of the Data controller with his/her own credentials, not to leave the related terminal unattended. The Data controller shall not be responsible for the unlawful use of said access credentials, except, obviously the case in which the abuse is due to his own responsibility.

  1. Cookie

The site uses technical and analytics cookies. Technical cookies are used to browse or provide a service requested by the user. They are not used for other purposes and are normally installed directly by the owner of the website. These cookies are useful because they can make browsing and use of the website faster, intervening to facilitate certain procedures; therefore, without the use of these cookie, some operations could not be performed or would be more complex and/or less secure.  Cookie analytics are also considered technical if they are used for the purpose of optimizing the site directly by the owner of the site itself, who can collect information in aggregate form on the number of users and how they visit the site.  We hereby inform you that, for these types of cookies, the processing is not subject to your consent. The website works optimally if cookies are enabled. However, you can decide not to allow the enabling of cookies on your computer. Enabling or disabling cookies is very simple and there are special settings that allow you to do it in every browser.

  1. Changes and updates

This privacy policy may be subject to future change and additions.

Users will be able to view the updated version of the policy on our website.

Last update: 10/12/2019