Our use of your personal data table

Last updated: May 2018

Purpose Use and examples
  • Fraud prevention / Anti-money laundering
  • When you use our services we may need to process and verify your personal data to comply with fraud prevention and anti-money laundering requirements, regulators’ requirements (including the Gambling Commission) and other industry standards.  In some instances we may share your personal information with third parties to conduct identification or verification checks and/or to enable financial transactions to be processed.
     
    • Specific examples are:
      • Sharing and validating your data with credit reference agencies, fraud prevention agencies or for age verification purposes.
      • Sharing and validating your data against databases or with commercial organisations which identify potential illegal activity or related indicators of the same.
      • Sharing your data with law enforcement agencies.
      • In order to ensure that illegal activity, including fraud and anti-money laundering, is prevented and detected, we may have cause to work with and share your data with other gambling operators. We will ensure that any data we share or receive for this purpose is shared or received lawfully and in line with industry guidelines.
      • Monitoring your interactions with us for crime prevention purposes, for example cheating at gambling.
         
    • If you would like to know more about gambling regulation and the obligations we are placed under as a licensed gambling operator, please visit the Gambling Commission’s website (www.GamblingCommission.gov.uk).

In our view, our processing of your personal data under this category is essential to our ability to comply with legal and regulatory requirements, and to protect our business and customers. Should you object to our use of your data for these purposes your only option may be to close your account and/or not use our services. Even if you do so we may retain some data for a period of time due to legal and/or regulatory obligations.

 

  • Compliance with legal and regulatory obligations
  • We are subject to a number of laws and regulations and we are required to process and provide personal data requested by regulatory bodies, law enforcement agencies and the courts.
  • Some of the legal and regulatory obligations we are placed under require us to use personal data collected for certain purposes and/or to retain it for a specified time period.
  • We may also be required to share information with industry bodies. 
  • We have in place a number of safeguards and mitigations to ensure that your personal data is processed proportionately and safely when processed for these purposes.

    Specific examples are:
    • Carrying out checks during the course of your relationship with us to ensure that you are gambling legally. These checks may include the securing of a copy of identification, for example a copy of your passport.
    • Carrying out checks, monitoring your play, and segmenting or profiling the data we hold about you and your gambling with us to ensure that you are gambling responsibly and to enable us to identify and intervene when we think you may be at risk of problem gambling;
      In some instances we may ask third parties to assist us with this segmentation or profiling. In instances where we do this, we will ensure that any data we share with them has been anonymised or pseudonymised such that you cannot be identified by anyone other than us.
    • Conducting checks against the Gamstop national self-exclusion database or the Sense national self-exclusion scheme so that we can apply your chosen restrictions to services we provide to you.
    • Compliance with requests for disclosures by law enforcement agencies, regulatory bodies (such as the Gambling Commission) or the courts.
    • Using records held for other audit, legal and regulatory compliance purposes.

If you would like to know more about gambling regulation and the obligations it places Genting under, please visit the Gambling Commission’s website (www.GamblingCommission.gov.uk). 

  • On occasion you may indirectly provide us with sensitive information, such as your ethnicity (for example if you provide us with identification documentation). We will only use this information for the specific purpose for which it is provided.
  • You may also provide us with sensitive information about your psychological or physical health, in particular if you were to talk to us about problems with gambling. We understand the sensitivities surrounding such disclosures and will only ever use this information to provide you with support or to ensure we comply with legal or regulatory obligations. 

In our view, our processing of your personal data under this category is essential to our ability to comply with legal and regulatory requirements, and to protect our business and customers. Should you object to our use of your data for these purposes your only option may be to close your account and/or not use our services. Even if you do so we may retain some data for a period of time due to legal and/or regulatory obligations.


 
  • General commercial operations 
  • We use personal data to manage the day-to-day operation of our business and to enable us to provide you with our products and services. This includes management of customer preferences, suppliers, and other relationships, sharing information within the Genting group, implementing safety procedures and allocating resources.

    Specific examples are:
    • Facilitating the creation of your membership or account, or our provision of services to you.
    • Responding to queries we receive from you (for example by email, text, social media etc).
    • Using technical information about your device, such as browser version, operating system, and location to ensure our websites or Apps are functioning correctly and that you are presented with the correct version.
    • Contacting you about important service matters (non-marketing).
    • To maintain our records, including transactional, financial and player records.
    • To monitor and analyse activity in our casinos and online to enable us to personalise your experiences with us. For example by personalising the layout and content of our websites to according to your preferences so that your preferred games are easily visible. 
    • To conduct internal analysis of our customers to enable us to understand why and how you use our services and what we can do to improve them. For example we may monitor the busiest times in our premises so that we can ensure we have the requisite number of staff available or we may consider the broad demographic groups who use our services at different times and in different locations so that we can offer appropriate facilities and services to those sites. 
    • To share information with other members of the Genting group.
    • Administering your responsible gambling controls.
    • Reporting management information.
    • Monitoring physical access to offices, visitors, conducting CCTV operations and audio recordings.
    • To monitor your use of our products and services for business intelligence purposes (for example to enable us to monitor the performance of our products or services) and in order to protect our interests. For example we may monitor your use of our services to ensure that you act in line with our terms and conditions so that we can identify activity that may be prejudicial to our commercial interests (for example fraudulent activity) and take requisite action such as by restricting the services we provide to you.
    • Managing third party relationships.
    • Conducting market research.
    • Processing identifiable personal data by anonymising/de-identifying/re-identifying/pseudonymising it.
    • To enable you to participate in interactive features of our services when you choose to do so.
    • To keep our services, websites and Apps safe and secure.
    • To improve our products and services through troubleshooting, testing, analysis, and research activities.
    • For information, system, cyber and network security. For example we will use personal data you provide to us to monitor, detect and protect our business , its infrastructure, networks, computer systems, information, intellectual property and other rights from unwanted security intrusion, access, disclosure of and acquisition of information, data and software breaches, hacking, industrial espionage and cyberattacks.
       
  • Specific examples are:
  • We may use cookies to facilitate our ability to personalise some of the services we refer to in this section. You can control this through your browser settings. Please see the cookies policy  for more information.

In our view, our processing of your personal data under this category is essential to our ability to ensure that we protect our commercial interests. Should you object to our use of your data for these purposes you have the option to close your account and/or not use our services. Even in these instances we may retain some data for a period of time due to legal and/or regulatory obligations.

  • Marketing
  • We will process certain personal data to gather market intelligence, promote products and services, communicate offers to individual customers and monitor the use and take up of our loyalty and reward cards and points and promotions (for example, so that we will have an understanding of your interests so that we can send you offers more relevant to you). We may also provide aggregated and pseudonymised or anonymised data to third parties – where we do this we will ensure that these third parties take appropriate measures to secure any personal data that is provided, however we would look to anonymise/pseudonymise where possible. We will never pass your contact information to third parties for them to use for marketing purposes unless we have your consent.

    Specific examples of the marketing we will undertake are:
    • Direct marketing by email, SMS, telephone, push notification, whatsapp.
    • Targeted advertising on social media.
    • Marketing by post. 
  • When you purchase a product or service from us (for example from Genting Hotel, Park Lane Mews Hotel or Santai Spa), become a registered member of our online or land based Casinos, or register a Vortex Gaming card, we will contact you by email and/or SMS for the purposes of direct marketing about similar products and services automatically. In these circumstances we will provide you with a simple means of refusing our use of your personal data for these purposes both at the time we collect your details and in each subsequent communication we send to you.
  • In addition, you can opt-out of marketing at the time that you open an account, become a member or initially transact with us, at any point by accessing our preference centre , by clicking on the link included in our marketing communications, by contacting our customer services, or by asking at any of our reception desks.
Preference Centre
  • We have created a preference centre within which you will be able to control how and why we contact you. We will include a link to our preference centre in all of the communications that we send to you.
  • We will only ever contact you in accordance with your contact preferences.
    • Our main means of contact will be by post, email, SMS, telephone, Whatsapp and push notification. From time to time we may contact you by other means (for example via social media).
    • Matters we may contact you about include existing or future services, products, promotional offers, loyalty and rewards incentives, service changes and other of our activities and those of our group companies which we think may be of interest to you. 

You can update your contact preferences or opt-out from the receipt of direct marketing by clicking here  or by following the instructions in any marketing communications we send you.

In App and Website Marketing

  • If you are a user of any of our Apps or our Website, we may send you push notifications. You can disable these notifications independently through your devices settings. If you have opted-out to the receipt of all direct marketing we will not send you push notifications.
  • Profiling or segmentation
Marketing
  • We would like to be able to contact you about specific offers and promotions that we believe will appeal to you. 
  • In order for us to be able to approach our marketing in a socially responsible and non-invasive manner we need to fully understand your use of our services by carefully analysing your preferred products and average spend alongside the records that we hold about our other customers. 
  • We analyse your data by placing it into pre-determined segments based on the specific offer or promotion we are operating.
  • Our segments are identified using information such as:
    • Product (to ensure that we only contact you about your preferred products);
    • Spend (to ensure that we only bring offers to your attention that correlate with your preferred spend and that we act in a socially responsible manner);
    • Location (to ensure that we only contact you about offers that are realistically accessible by you from a geographical perspective);
  • We will never use any special category personal data that we hold about you for marketing profiling purposes unless we have your explicit consent to do so. 

Social Responsibility / Anti-money laundering / Business records

  • We may also profile or segment your personal data to ensure that we act in socially responsible and lawful manner, and to enable us to produce anonymised transactional business reports.
  • We will only share the results of this information externally if we are required to do so by law.

Important Information

  • Our only purposes for profiling or segmenting your data are those which we have outlined here. We do not profile or segment your data for any other purpose.
  • We will only profile or segment your personal data if you have told us you are aged over 18. The data we collect when Vortex Gaming Cards are registered is segregated and this data is not profilied.
  • We strongly believe that our customers would rather marketing information that is relevant to their preferences. Our ability to segment or profile the information that we hold is essential if we wish to ensure this occurs. All of our marketing is tailored in this way.

    IF YOU DO NOT WANT US TO SEGMENT OR PROFILE YOUR INFORMATION FOR MARKETING PURPOSES, YOU WILL NEED TO OPT-OUT OF THE RECEIPT OF ALL MARKETING FROM US.

     
  • You can opt-out of marketing at the time that you open an account, become a member or initially transact with us, at any point by accessing our preference centre, by clicking on the link included in our marketing communications, by contacting our customer services, or by asking at any of our reception desks.
  • If you have opted-out to the receipt of marketing we may still segment your data for the sole purpose of ensuring you do not receive marketing information from us. We will continue to personalise our online services. Please see the cookies policy  for more information about this and how to control our use of cookies.
  • Sharing with, or processing by, third parties
  • We may need to provide your personal data to third parties in order to deliver certain aspects of our services to you. The majority of these third parties are our service providers. Where we do this we will ensure that these third parties take appropriate measures to secure your data.

    Specific examples are:
     
  • Providing your data to other gambling operators, service providers, banks, financial institutions, the National Casino Forum, the International Association for Casino Surveillance and similar bodies or associations in the interests of security, good practice or safety, for the purposes of the prevention and detection of crime, cheating, fraud, money laundering, other impropriety, and in order to uphold gaming integrity.
  • Providing your personal information to our service providers, software suppliers and game suppliers who help us to provide you with services (for example, a software service used to confirm services, bookings or payments).
  • Providing your personal data to other Genting Group Companies (for example Genting Malaysia Berhad) in relation to services they provide, offer, or consider providing to you and for any other purpose which would be permitted under this policy if we undertook the same processing of your data.
  • Providing your personal data (typically basic information such as your name and contact information) to social media operators including (but not limited to) Facebook and Twitter to facilitate our marketing to you via the social media channels that you participate in. Use by those social media operators for that purpose will also be subject to the privacy policies that such operators provide to you, and where applicable, to the contact preferences, consent and privacy settings that you have given those operators in relation to their use of your personal data. Please note that your preference centre settings will not be reflected in our marketing via these third parties; they only apply to marketing sent directly by us.
  • Sharing your device, content and log Information with our service and analytics providers in order to enable them to analyse website and App performance, improve our services, or tailor web and landing pages to any identified preferences.
  • Sharing your data with market research agencies for research and analysis purposes.
  • Sharing your data with credit reference agencies.
  • Sharing your data with prospective buyers in the event of the proposed sale or restructuring of any part of our business.
  • We may in some instances have to share your data with third parties who provide services to us that are based in countries that are outside of the European Economic Area (this being the European Union and Iceland, Liechtenstein and Norway (“the EEA”)) or permit these third parties to access our systems. Whenever we disclose your personal data to third parties we will require that third party to have technical and organisational measures that reflect those within the EEA are in place.