Any references in this Policy to “Game Lounge” , “Us”, “We” or “Our” relate to the Data Controller, namely, Game Lounge Limited , a Maltese company bearing registration number C 53144 and having its registered address at Level 5, Spinola Park, Triq Mikiel Ang. Borg, St Julians, SPK 1000, Malta and which is the owner of the website www.betnj.com .
The DPA and the GDPR shall hereafter be collectively referred to as the“Data Protection Laws”.
Game Lounge determines the means and purposes of the processing of Personal Data and therefore acts as the “Data Controller” in terms of the applicable Data Protection Laws.
“The Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“The Data Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
“Personal Data” means any information that identifies You individually or relates to an identified or identifiable natural person.
Game Lounge stores Your Personal Data digitally on encrypted hard drives.
Personal Data held by Us is protected using the highest industry standard security processes and systems. Our commitment to protect personal data is not merely through quality and high standards but also through the best and most efficient application of the law. We are bound to only process personal data if such processing is based on a genuine and legitimate reason to do so on the basis of one of the legal grounds established in the GDPR.
A legitimate interest exists when We have a business or commercial reason upon which personal data will be processed. In such a case We undertake to protect any and all of Your personal data and the manner in which such data is processed and to ensure that such processing would not be unfair to You or to Your interest.
If and when We decide to process Your personal data on the basis of legitimate interest, We will inform You of such, what said legitimate interest are and provide a process whereby You will be able to raise any questions and/or objections which You way have in relation to such processing. It is important to note that Game Lounge is not obliged to stop processing if the grounds for processing over-ride Your right to object.
Consent is not the only ground we may be permitted or obliged to rely on to process Your personal data. We will only process personal data on the basis of Your consent where we cannot or otherwise choose not to rely on any ulterior legal ground (such as compliance with a legal obligation or legitimate interest). Where we process Your personal data on the basis of Your consent, you shall have the right to withdraw your consent at any time and in the same manner as it had been previously provided by Yourself. In the case that You exercise Your right to withdraw consent, we would then determine whether we are able (or obliged) to process Your personal data on the basis of any other legal ground other than consent. If this is the case We will notify You accordingly. Any such withdrawal of Your consent will not invalidate any processing operations carried out prior to You having withdrawn Your consent.
For the avoidance of all doubt, We would like to point out that in those limited cases where We cannot or choose not to rely on another legal ground (for example, Our legitimate interests), We will process Your Personal Data on the basis of Your consent.
In those cases where We process on the basis of Your consent ( which We will never presume but which We shall have obtained in a clear and manifest manner from You), YOU HAVE THE RIGHT TO WITHDRAW YOUR CONSENT AT ANY TIME and this, in the same manner as You shall have provided it to Us.
Should You exercise Your right to withdraw Your consent at any time (by writing to Us at the physical or email address below), We will determine whether at that stage an alternative legal basis exists for processing Your Personal Data (for example, on the basis of a legal obligation to which We are subject) where We would be legally authorised (or even obliged) to process Your Personal Data without needing Your consent and if so, notify You accordingly.
When We ask for such Personal Data, You may always decline, however should You decline to provide Us with necessary data that We require to provide requested services, We may not necessarily be able to provide You with such services (especially if consent is the only legal ground that is available to Us).
Just to clarify, consent is not the only ground that permits Us to process Your Personal Data. In the last preceding section above We pointed out the various grounds that We rely on when processing Your Personal Data for specific purposes.
We may be required to use and retain personal information for; loss prevention; and to protect Our rights, privacy, safety, or property, or those of other persons in accordance with Our legitimate interests.
We retain data for limited periods when it needs to be kept for legitimate business or legal purposes. We try to ensure that our services protect information from accidental or malicious deletion. Because of this, there may be delays between when you delete something and when copies are deleted from our active and backup systems. Should you need further information please contact us on email@example.com
When any such personal data has to be transferred outside of the EEA – European Economic Area, We ensure that all the necessary and appropriate safeguards are in place. We may also disclose personal information to other companies within associated or subsidiary companies and to business partners, or successors in title to Our business. The manner in which data transfer outside the EEA is handled is detailed below. Your Personal Data will never be shared with third parties for their marketing purposes (unless You give Your consent thereto).
Any such authorised disclosures will be done in accordance with the Data Protection laws (for example, all Our processors are contractually bound by the requirements in the said Data Protection Laws, including a strict obligation to keep any information they receive confidential and to ensure that their employees/personnel are also bound by similar obligations). The said service providers (Our processors) are also bound by a number of other obligations (in particular, those established in Article 28 of the GDPR).
Your Personal Data will never be shared with third parties for their marketing purposes (unless You give Your consent thereto).
You will be aware that data sent via the Internet may be transmitted across international borders even where sender and receiver of information are located in the same country. We cannot be held responsible for anything done or omitted to be done by You or any third party in connection with any Personal Data prior to Our receiving it including but not limited to any transfers of Personal Data from You to Us via a country having a lower level of data protection than that in place in the European Union, and this, by any technological means whatsoever (for example, WhatsApp, Skype, Dropbox etc.).
Moreover, We shall accept no responsibility or liability whatsoever for the security of Your data while in transit through the internet unless Our responsibility results explicitly from a law having effect in Malta.
All reasonable efforts are made to keep any Personal Data We may hold about You up-to-date and as accurate as possible. You can check the information that We hold about You at any time by contacting Us in the manner explained below. If You find any inaccuracies, We will correct them and where required, delete them as necessary. Please see below for a detailed list of Your legal rights in terms of any applicable data protection law.
Links that We provide to third-party websites are clearly marked and We are not in any way whatsoever responsible for (nor can We be deemed to endorse in any way) the content of such websites (including any applicable privacy policies or data processing operations of any kind). We suggest that You should read the privacy policies of any such third-party websites.
Your personal data will only be transferred outside of the EEA or any other non-EEA country which has been deemed by the European Commission to offer an adequate level of protection (also referred to as “white-listed countries” – listed here https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en ) in the following circumstances: When You have expressly consented Us to do so; when it is necessary to constitute or execute a contract entered between You and Game Lounge; or to be compliant and in line with any and all legal obligations or duties.
In the event that personal data is transferred outside of the EEA, within Game Lounge or to any of Game Lounge’s business partners, We ensure to implement all appropriate safeguards to ensure that the same protection is afforded and the same standards are applied as would be within the EEA. You are entitled to receive a copy of such safeguards by contacting Us at the address below.
Contracts containing the EU Standard Contractual clauses (EU Model Clauses) will be used which require the entity receiving the personal data to use the same standards as they would be subject to within the EEA. Should any data be transferred to the USA and the entity receiving the data is registered with Privacy Shield (a framework that ensures personal data protection) it will be taken that the same level of protection as approved by the European Commission.
Game Lounge undertakes to assist You in the best way possible should You choose to exercise any of Your rights with respect to Your personal data. In certain cases We might need to verify Your identity prior to acceding to Your request to exercise any relevant right.
You have a right to ask Us whether We are processing any personal data which concerns You and if this is the case, You shall have the right to access that personal data as well as the following information:
You have a right to ask us to have any inaccurate or incomplete personal data relating to You rectified and/or completed.
You have the right to ask Us to delete Your Personal Data and We shall comply without undue delay but only where:
In any case, We shall not be legally bound to comply with Your erasure request if the processing of Your Personal Data is necessary to comply with a legal obligation imposed on Us.
You have the right to ask Us to restrict the processing of Your personal data. However, You are only able to exercise this right where:
Should You successfully exercise this right, We would only be in a position to process Your personal data:
You have the right to ask Us to provide You with Your personal data which You would have previously provided to Us. We will provide You such data in a structured, commonly used, machine readable format, or (where technically feasible) We may have the data sent directly to another Data Controller, provided this does not adversely affect the rights and freedoms of others. You may only exercise this right where:
For detailed information on this right, refer to “ PROCESSING ON THE BASIS OF CONSENT ” section, above.
In certain instances, You have the right to object to the processing of Your personal data. Where we are only processing Your personal data on the basis of one of the following purposes:
The processing shall only cease where the Data Controller has not provided compelling and legitimate grounds which outweigh the objections raised by You in such a request and which require the processing to continue.
Where Your data is being processed for direct marketing purposes, You have the right to object to the processing of Your personal data at any time.
In all other instances apart from those listed above, this general right to object shall not subsist.
As a Data subject You may at any time lodge a complaint with any relevant Data Protection Supervisory Authority should You feel that any of Your rights have been impinged by Game Lounge. The Competent Supervisory Authority in Malta is the Office of the Information and Data Protection Commissioner (‘IDPC’).
Notwithstanding this right, We kindly ask You to please attempt to resolve any issues You may have with Us prior lodging a complaint with the IDPC.
It is important to note that notwithstanding such rights, Game Lounge may still refuse such request if it can reasonably justify such decision. Such refusal does not prohibit You from lodging a complaint with the relevant data protection authority.
If You have any questions/ comments about privacy or should You wish to exercise any of Your individual rights, please contact our DPO at: firstname.lastname@example.org or by writing to the address above.