Sochi live poker events Privacy Policy

Introduction

The purpose of this Privacy Policy is to provide you with information about how Rational Live Events (Malta) Limited (RLEM) uses your personal data. This Privacy Policy may be updated from time-to-time so we recommend that you review it regularly, however where we make material changes, we will make sure to alert you to this. This Privacy Policy applies in respect of RLEM-branded Sochi events only.

Who is the Controller?

The controller of your personal data is Rational Live Events (Malta) Limited of Villa Seminia, 8, Sir Temi Zammit Avenue, Ta’ Xbiex, Malta, XBX10111. This is who we refer to when saying "RLEM", "we", "our" and "us" etc. Please be aware that Limited Liability Company "DOMEIN" (Casino) will also be a controller of your personal data and you should refer to their privacy notice to understand how it will process your personal data.

And, what about the Data Protection Officer, or is it DPO?

Yes, RLEM has appointed a Data Protection Officer (DPO). Our DPO can be reached at dpo@starsgroup.com.

What is meant by the “Group”?

Reference to the Group within this Privacy Policy means Flutter Entertainment plc and all or any of its direct or indirect subsidiary undertakings, joint venture partners, and their related companies wherever located in the world as may exist from time to time.

How RLEM collects your personal data?

RLEM receives your personal data as part of your participation in live events where we are the partner. RLEM will receive your personal data from the Casino. 

How will we use your personal data?

In accordance with data protection laws, we will only process your personal data when we have a lawful basis for doing so. We process your personal data if: (i) you have given your consent; or, (ii) it is in our legitimate interests to process your personal data, provided that none of these interests prejudice your own rights, freedoms and interests.  

The following is a list of the purposes for which RLEM processes your personal data, and the lawful basis on which it carries out such processing:

PurposeLawful Basis
Tournament reporting   Legitimate interests to better understand our role in the event
Use of image/likeness/name on blogs, webcasts, media alerts, press releases, Pokerstars channels (social media and websites), Pokerstars promotional materials (online and offline), Pokerstars advertising (online and offline) and media/tv channels Legitimate interests to promote our events and brand and where you would not feature prominently
Use of image on trade media sites Legitimate interests to promote our events and brand and where you would not feature prominently
Research purposes   To better understand the events that we partner with
Use of image/likeness/name in promotional materials and campaigns where you feature prominently   Consent  

In addition to the purposes set out above, we may also process your personal data for other purposes that we deem compatible with those listed above. We will update this Privacy Policy accordingly, when we do this.

Intra-Group Sharing

RLEM is part of the Group and there will be instances where your personal data is shared with other members of the Group. This will occur in the following circumstances:

  • to enable us to identify and replicate responsible gambling measures (such as self-exclusion) to players across the Group (necessary to comply with a legal/regulatory requirement);
  • to assist with account management, identification and verification of our customers as well as other regulatory checks (necessary to comply with a legal/regulatory requirement);
  • to help ensure that customer information is up-to-date and accurate (necessary to comply with a legal/regulatory obligation);
  • to identify customers who have committed or are suspected of fraud, money-laundering or other criminal acts (necessary to comply with a legal/regulatory requirement);
  • to identify customers who have breached Terms and Conditions (legitimate interests);
  • to send cross-brand marketing materials where customer has requested this (consent); and
  • to analyze and better understand our business, customers, products and services across the group (legitimate interests).

We may also in the future share personal data with other members of our Group for purposes that are related to and compatible with those set out above. Finally, where we are required by law or regulation to share personal data throughout our Group for reasons beyond those set out above we will be required to do this. 

Please check this Privacy Policy frequently to learn of any updates to our intra-group sharing.

Disclosing your personal data

In addition to the purposes involving the sharing of your personal data listed above, we will also disclose your personal data to processors we engage. We will have a contract in place with each such processor to ensure your personal data is kept secure. 

We may also disclose your personal data in the following circumstances:

  • when required by applicable law or regulation (disclosure to a governmental, regulatory or enforcement authority);
  • in order to defend ourselves legally and/or in relation to legal proceedings; and
  • whilst negotiating a takeover, purchase or merger, and pursuant to the same.

Transferring your personal data outside of the EEA

We store your personal data in the Isle of Man, a territory that has received an Adequacy Decision from the European Commission regarding its suitable data protection laws. Your personal data may also be accessed by members of the Group who are located outside of the European Union and in such cases we have implemented standard contractual clauses to ensure adequate protection of your personal data. 

We will receive your personal data from the Casino. We may also share your personal data with third parties outside of the European Union and in all such cases we will ensure that standard contractual clauses or an Adequacy Decision is in place to protect your personal data.

Security

We will take appropriate security, technical and organizational measures to ensure that your personal data is kept secure and to prevent the theft, loss or unauthorized access to your personal data. It is important to understand however that security can never be guaranteed and you will not hold us liable save where the security of your personal data is compromised due to our negligence.

Marketing

If you have signed up to services offered by RLEM we may send you direct marketing in relation to other services offered by RLEM or its Group provided that you have given your consent to receive such marketing.

At any time you can manage your marketing consents via your user account. You can also unsubscribe by using the tools in any marketing communication you receive. Please note that if you unsubscribe from marketing it may take up to 5 days for this to take effect.

Social Media Marketing

We may also use information you provide to us to show you relevant advertising and personalized content about our Group’s services on certain third party social media platforms (Social Media Sites), including sharing with Social Media Sites, made available to us through relevant service providers (e.g. Facebook, Twitter). If you do not wish to see these advertisements you can change your settings on the Social Media Sites. If you do not want us to share this information with Social Media Sites you can contact us directly. 

Cookies

In this Privacy Policy, we use the expression ‘cookie’ to refer to cookies and similar technologies we use to store information (such as web beacons). A cookie is a simple text file that is stored on your computer or mobile (or other) device by a website’s server, and only that server will be able to retrieve or read the contents of that cookie. Each cookie is unique to your web browser. It will contain some anonymous information, such as a unique identifier and the website name and some digits and characters.

Almost all websites and applications you visit, including our website, will use cookies in order to improve your user experience by enabling that website and/or application to ‘remember’ you, either for the duration of your visit (using a ‘session cookie’) or for repeat visits (using a ‘persistent cookie’).

Cookies are used to improve your use of a website or application, for example through letting you navigate between pages efficiently and storing your preferences. Cookies make the interaction between you and the website faster and easier. If a website or application doesn’t use cookies, it will think you are a new visitor every time you move to a new page on the website. Cookies can also be used to enable targeted advertising and analyzing your browsing of a website. 

You can learn more about cookies generally and how to disable them on your browser here.

You can learn more about what advertising cookies exist on your device and you can disable them directly by clicking here.

Retention of your personal data

We retain your personal data for seven years. Seven years is calculated from the closure of your user account or where your user account has been dormant for this period. There are some exceptions to this retention period, namely:

  • If you self-exclude from any of our services, we will retain this information indefinitely.
  • If you are under investigation or we have identified possible fraud, money-laundering, criminal activity we may retain your personal data for longer.
  • If there is a legal dispute, we will retain your personal data for the duration of the dispute and for seven years thereafter.

Updating your personal data

You can update some of your personal data at any time via your user account. We request that when your personal data changes you update your user account as soon as possible. If you are unable to change your information via your user account, please contact customer support.

Your rights

You have the following rights in relation to your personal data:

  • a right to access your personal data held by us (also known as a subject access request);
  • a right to receive certain personal data in machine-readable format;
  • a right to have inaccurate or out-of-date personal data rectified;
  • where we have specifically requested your consent to process your personal data and have no other lawful conditions to rely on, you have the right to withdraw this consent;
  • a right to have certain personal data erased where it is no longer necessary for us to process it, if you have withdrawn your consent pursuant to the paragraph above, where you have objected pursuant to the paragraph below, where your personal data has been unlawfully processed, or where erasing your personal data is required in accordance with a legal obligation; 
  • a right to object to the processing if the lawful basis is that it is in our legitimate interests to process your personal data, but please note that we may still process your personal data if there are other relevant lawful bases or if we have compelling grounds to continue processing your personal data in our interests which are not overridden by your rights, interests or freedoms;
  • a right to request an explanation of the logic involved if we make decisions about you solely through automated means; and
  • a right to object to direct marketing, which can be done by opting-out of direct marketing either through your user account or by opting out via the communication itself. You also have a right to object to any profiling to the extent that it relates to direct marketing only.

If you are unsure about your rights or are concerned about how your personal data may be processed, you should contact customer support or your national data protection supervisory authority. 

If you would like to exercise any of your rights then you can do so by contacting customer support. Please be aware that while we will try to accommodate any request you make in respect of your rights, they are not absolute rights. This means that we may have to refuse your request or may only be able to comply with it in part. 

When you make a request in respect of your rights, we will require proof of identification. We may also ask that you clarify your request. We will aim to respond to any request within one month of verifying your identity, but it may take longer (we will notify you if this is the case). If we receive repeated requests, or have reason to believe requests are being made unreasonably, we reserve the right not to respond. 

Supervisory authorities

If you have any complaints you have the right to contact your own national data protection supervisory authority (for example, in the UK this will be the Information Commissioner’s Office) however we do ask that you contact us in the first instance to allow us the opportunity to address your concerns. 

Contact us

If you have any questions regarding our use of your personal data, or you would like to exercise any of your rights, please contact our customer support in the first instance. You can also contact our Data Protection Officer at dpo@starsgroup.com.

Privacy Policy last revised: 12 July, 2021