We may collect and process the following data about you:
1. In accordance with general practice, certain information will be automatically logged even prior to an individual registering as a player. This information will comprise (a) name or network address of the computer; and (b) the date and time of connection. This information may be utilised for system administration, bug tracking and producing usage statistics.
2. Information that you submit to us, including information submitted via our Website and/or our mobile portal and app at the time of registering to use the website or when you report a problem. This information includes but is not limited to your name, email address, date of birth and telephone number. We will always indicate which personal data requests are necessary and those which are merely additional. We will require your basic personal data (such as for instance your name, surname, date of birth etc.) for us to be able to provide you with the service. We will ask you for additional information, over and above the basic information which we require for us to be able to provide you with a service. In such cases we will make it clear that this information is ‘extra’, and hence such information need not be given to us.
3. Details of transactions you carry out through the website, including but not limited to your Ewallet address or number.
4. Details of your visits to our Website (including, but not limited to, traffic data, location data, weblogs and other communication data) and the resources that you access.
5. Information you submit when responding to our surveys or customer research that we carry out.
1. We will collect information about your use of the website, including where available your IP address, operating system, and browser type, for system administration and reporting purposes
2. We may obtain information by using a cookie file which is stored on the hard drive of your computer. Cookies help us to improve our website and to deliver a better and more personalized service. They enable us to identify you, monitor your usage of the website and to recognize you when you return to it.
A. Session Management – to enable you to use and navigate properly through the site.
B. Functionality – to remember your preferences and improve your experience
C. Fraud prevention- The cookies store information which assist us with identifying fraudulent activity.
D. Tracking- to record the way you reached our site and identify the source of this traffic.
E. Analysis- to identify and count the number of users visiting our site, the pages they visit and their actions. Such analysis can help us with improving our site.
We will therefore make use of tools which will help us to profile you better. Profiling entails the analysis of information gathered about players and the process of making predictions about players and what is most likely of interest to a subset of players falling within the same profile, based on the mentioned information gathered. This allows us to target the marketing material best suited for our players (if you have consented to this). This is the only form of automated decision making which Thrillsy will resort to.
The "Purposes" for which we may collect personal data are:
1. Creating and managing your account and records
2. Administrative operation of your account
3. Providing you adequate service when you have a request or complaint
4. Personalizing our service
5. Carry out customer research, surveys and analyses
6. Notifying you about any updates to our software and/or services
7. Notifying you about new promotions or dedicated offers
8. Fulfilling our legal obligations and regulatory duties
9. Identifying irregular activity, cheating and money laundering
2. We capture your personal data over a secure link using recognized industry standard Secure Sockets Layer (SSL) technology which encrypts the data whilst passing it over the internet.
Your personal data will be kept as long as you are a Thrillsy customer.
Once you stop being our customer, we will keep your data for the minimum period of time required for the purposes for which it was collected and to comply with the relevant legal and regulatory obligations.
There are different factors which we take into consideration prior to determining the length of time for which we decide to retain different types of personal information. These include for instance, regulatory, anti-money laundering obligations and taxation regulations. When we no longer have a valid legal reason to keep the data, we will delete the information securely.
Having in mind the global environment this site is working in, it is sometimes necessary to have the data transmitted on an international basis to some of the data processors we work with, which may be based outside of the European Economic Area (EEA).
• the contractual Model Clauses adopted by the European Commission or a relevant data protection authority; or
• an adequacy decision from the European Commission, confirming that the third country provides adequate protection for your personal information; or
• Privacy Shield when transferring to the US (this is a form of certification which ensures that your data is handled in a way that is compatible with the strong EU protections); or
• Your consent, or another legal basis on which we are entitled to make the transfer.
You have a right to access the personal data we hold in our records. Depending on the Subject Access Request (SAR) you send to us, we will:
i. Confirm that data about you is being processed, and/or
ii. Provide you with a copy of your personal data undergoing processing, and/or
iii. Provide you with supplementary information, such as information on appropriate safeguards in place when transferring data.
We may decide not to comply with your request for information if we feel that your request goes beyond your right to request access to information.
2. Right to be forgotten or Right of Erasure: You may at any time request us to erase all of your data. Obviously enough, this will however bring about a situation wherein we will no longer be able to provide you with the service we promised you. Furthermore, we will only be able to comply with your request if we do not have a legal obligation to actually retain that specific data, such as in the case of certain data pertaining to self-excluded players. Any such requests should be submitted to [email protected]
3. Rectification and erasure: Though we strive to ensure that your data is up-to-date all of the time, there may be situations wherein we fail to do so – for instance, if such information is not provided to us. In that respect, Thrillsy takes no responsibility or liability for the accuracy or correctness of the data provided. Nevertheless, you may, at any time, request us to correct any inaccuracies. We will respond to your request for rectification within a maximum of one month period.
4. Restriction of processing: You may, at any time, submit a request to restrict the processing of your data.
5. Right to Data Portability: Upon your request, we shall:
i. Forward to you the personal data which we have received from you, in a structured, commonly used and machine-readable format; and
ii. Transmit those to a data controller which you specify, where it is technically feasible for us to do so.
Such requests will be adhered to without undue delay and in any event within one month of receipt of the request.
6. Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data that concerns you. You have the right to request that the processing of your personal data is limited. We will accede to your request, unless we feel that we have compelling grounds not to do so, which grounds override your interests and right, or if we feel that such an approach needs to be adopted for us to be able to defend our legal claims.
7. Right to opt out of having your information used for marketing:
You have the right to withdraw your consent of having your information used for direct marketing at any time. This may be done by sending an email to our Customer Support ([email protected]) or by clicking on the ‘unsubscribe’ option provided in each marketing email you receive.
If we decide that we have a valid reason not to comply with any of your requests which are based on any of the above rights, we will inform you that we will not accede to your request. In such circumstances, as per Article 77 of the General Data Protection (GDPR) (Regulation (EU) 2016/679) you will always be able to lodge a complaint with the Maltese Information and Data Protection Commissioner, the latter being the supervisory authority to which Thrillsy is subjected to.
All phone calls to our Customer Contact Centers are used for customer training and security purposes and can be recorded. This is a part of our policy to serve you better.
Should you have further question or concerns about these matters, please refer to our “24/7 support” page. Our staff will be more than glad to assist you further.