The purpose of this Privacy Policy is to inform you how EGT DIGITAL EOOD handles your personal data and what type of personal data we collect, for what purpose, for what period and what rights you have in that respect.
Information about EGT DIGITAL EOOD
EGT DIGITAL EOOD, UIC 205689811, having its seat and registered office in Sofia 1766, Vitosha District, 6 Panorama Sofia Str., Richhill Business Center, Block А („EGT Digital”/„We“), phone: 02/890 24 29; e-mail: [email protected]
Contact details of our Data Protection Officer:
Mrs. Desislava Dimitrova, e-mail: [email protected].
How we treat your personal data
We collect and process personal data under strict compliance with the local and European legislation. The security of your data is important for us. Therefore, we protect your personal data by applying all available appropriate technical and organizational measures in order to prevent unauthorized access, unlicensed or malicious use, loss or early deletion of information.
What kind of personal information do we collect and why
We may collect your personal data when you use our corporate website or selecting our services. In most cases we require your personal data for the purpose of signing an agreement, meeting a statutory obligation or protecting our legitimate. Of course, for some of our services you provide this information by selecting and agreeing to send your personal data. Without such data we would not be able to provide the respective services.
If you do not provide identification data you would not be in position to conclude a contract for certain product or service. Depending on the services you use we could collect and process the following personal data:
Business partners
Personal data that could be processed:
- Names, date and place of birth, country of residence, email, phone number, number and passport data or any other valid identity document;
- Information about beneficial owners and legal representatives of companies becoming our contractual partners;
- Information about beneficial owners and legal representatives of companies becoming our contractual partners;
- Letters and electronic mails received from you in the course of our communication process.
Third parties
In some cases, based on an agreement with online gambling operators using our platform, we could act as data controller when managing the risk of Operator’s bookmaker services and detecting and avoiding fraud. In such cases, we could process the following personal data of gambling operators’ end customers:
- IP addresses;
- User ID;
- Device ID.
Video surveillance
Visitors of EGT Digital’s premises, the entry and exit points, and the common areas on the office premises of the company are subject to video surveillance.
Purpose of personal data protection
We process the collected personal data mostly for the following purposes:
Data processing required for the conclusion or performance of contracts:
- Identification of customers and their legal representatives and beneficial owners through all commercial channels;
- Preparation of offers, agreements and any other contractual documen
- For the purpose of service provision;
- Notifications related to products and services offered by the company.
Data processing required for the compliance with statutory obligations:
- Obligations under the Accounting Act and the Tax Insurance Procedure Code, as well as other laws and regulations related to the proper and legitimate bookkeeping;
- Obligations for provision of information to all governmental commissions and regulatory authorities;
- Provision of information to the courts and the law enforcement authorities.
Data processing based on your consent:
- For direct marketing of our products and services;
- Upon provision of your additional data in the client/supplier questionnaires, as well as information about politically exposed persons, or verdicts and violations.
Data processing based on legitimate interest:
- Customer satisfaction surveys with respect to our products and services;
- The purpose of the video surveillance with respect to data processing: provision of safety for employees and visitors by means of security measures; protection of tangible assets; prevention and detection of offences and establishing of facts, and improvement of the quality of the offered services;
- Upon management of the risk of Operator’s bookmaker services and detection and prevention of fraud.
Whom we share your personal data with?
We engage third parties to provide assistance for certain contractual activities where your personal data could be shared. For the purpose of risk assessment or other contractual activity, your personal data could be shared with companies from the corporate group of EGT Digital as subcontractors, especially with Euro Games Technology OOD. EGT Digital will not share your personal data with third parties if there is no assurance that all technical and organizational data protection measures have been taken, and attempts to strictly control personal data sharing.
Some of potential personal data recipients are:
- Accounting and legal firms, banks, persons entrusted with maintenance of equipment, software and hardware used for personal data processing; hosting companies etc.
Personal data sharing is sometimes mandatory in order to comply with legal requirements such as:
- Regulatory authorities, including governmental commissions; institutions and agencies; State Agency for National Security, National Revenue Agency; National Social Security Institute; courts of justice; state attorneys etc. whom we are obliged to provide personal data by virtue of applicable laws and regulations;
- Joint controllers with which we provide risk management of Operator’s bookmaker services and detection and prevention of fraud with such as Sprortradar AG;
- The access to video records is restricted based on the “need to know” principle, and only particular employees have the access to such data. If required for the purpose of crime investigation or criminal prosecution, access may be granted to the law enforcement authorities.
Use of cookies
We may collect and process personal data via the functionality of the cookies, more information you can find at our Cookie Policy available on our website.
Why and how we use automated algorithms?
We do not use automated decision making systems.
Security
We apply measures for personal data protection against incident loss and unauthorized access, use, modification or disclosure. We implement policies and procedures intended to protect the information from loss, misuse and unauthorized disclosure. Furthermore, we have applied additional security measures, including access control, strict physical protection, as well as reliable practices for the collection, storage and processing of information.
On the other hand, we apply technical measures such as encryption and pseudonymization of collected personal data, where possible.
How long do we store your personal data?
Your personal data will be stored within the statutory deadlines. (including as provided for in the Commercial Law, Law on Obligations and Contracts, Accounting Act etc.). We do not store your personal data forever.
We store your personal data related to the conclusion and fulfillment of agreements in general terms for a period of 5 years after contract termination and fulfillment.
In case of data processing based on consent, personal data will be processed until withdrawal of the consent.
Data transfer outside EU/EEA
Your personal data will not be transferred outside EU. If such transfer becomes necessary, data will be transferred in compliance with the provisions of Regulation 2016/679 – GDPR.
Your rights with respect to your personal data
- Right to be informed: you can request information on the porpoises of processing personal data, terms, legal grounds, categories recipients and other.
- Right of access: you are able to receive a copy of your personal data stored by us, and to check the legal grounds for data processing.
- Right to rectification: under this right you are entitled to have your personal data rectified if inaccurate or incomplete.
- Right to erasure: under this right you are entitled to request removal or deletion of your personal data where there is no legal ground for the continued processing. You are also entitled to have your data deleted or removed if you have objected the processing.
- Right to obzject: you are entitled to object the processing of your personal data based on our legitimate interest.
- Right to restrict processing: under this right you are entitled to temporarily restrict the processing of your personal data when, for example, you request from us to verify the accuracy of data or the grounds for data processing.
- Data portability: this right only applies where you have provided your data for the performance of a contract and you are entitled to have your data provided to a third party in a machine readable format.
- You are entitled to withdraw, at any time, your consent for collection, storage and use of your personal data. However, such withdrawal will not affect any data legitimately processed prior to the consent withdrawal.
Any of your rights, such as data deletion or object to processing may be restricted by the applicable law. Requests to exercise any right must be sent personally or by your expressly authorized proxy acting on the grounds of express written power of attorney. Request may be also sent by electronic means following the provisions of the Electronic Document and Electronic Signature Act.
Please be informed that if your data is processed illegitimately, under the applicable law you are entitled to address the Commission for Personal Data Protection at Sofia 1592, 2 Prof. Tsvetan Lazarov Blvd. or www.cpdp.bg.
Changes in this Data Protection Policy:
This Data Protection Policy may be amended from time to time. Such amendments will become effective as of their publication. Regular visits of this website will provide you with updated information on what data we collect, how and for what purpose we use this data, and under what circumstances (if any) we share the collected data with other parties.
If you have any questions with respect to data protection, you could reach the Data Protection Officer via email: [email protected].
This Data Protection Policy was last updated on 01.01.2021.