Updated: 19th November 2018
Under the Data Protection laws, Fesuge Limited “we” (Registration Number 127822C) are classified as data controllers, which means we determine the purposes and means of processing your personal information. Our registered offices are located at PO Box 227, Clinch’s House, Lord Street, Douglas IM99 1RZ.
• The personal information we collect about you and why
• What we do with your information
• Who your information might be shared with
• Your rights
• What is personal data and special category data?
Under GDPR, personal data is defined as any information relating to an identified or identifiable natural person. It can include obvious identifiers like your name but also identification numbers, online identifiers and/or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
Special category data includes data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and genetic data, biometric data, data concerning health or data concerning a person’s sex life or sexual orientation.
What information do we collect, for what purpose, and the legal basis for collection
We collect and process personal data based on one or more of the following legal bases:
• Consent: the individual has given clear consent for us to process their personal data for a specific purpose
• Contract: the processing is necessary for a contract we have with the individual or their organisation, or because they have asked us to take specific steps before entering into a contract
• Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations)
By using our websites or by contacting us by phone, email, or in writing, you may be providing us with the following information:
• Your name
• Current address and proof of address
• Proof of identity
• Email address
• Mobile and telephone numbers
• Financial credit and debit card information (in line with current Payment Card Industry Data Security Standard)
• Recordings of telephone calls.
The above information is also provided to us when you open an account and interact with our gaming platform.
When you visit our websites, we may automatically collect the following information:
• Technical information used to connect your computer to the internet
• Login information, your geographic location, browser type and version
• Browser types operating system and platforms
• Information about your visit
• Financial transactions
• Your gaming activities.
Information may be obtained from third parties (such as financial institutions, identification verification agencies, credit providers, credit reference agencies) for us to follow legal gaming requirements (e.g. to identify you, Anti-Money Laundering, Anti-Fraud, prevention of terrorist financing). These third parties have all been thoroughly vetted as part of our Information Security Controls, which we are required to follow as part of gaming requirements.
You can learn more on cookies by visiting http://www.allaboutcookies.org/
Why do we use your information?
We require your information to:
• Set up, manage and administer your account
• Provide you with our services (make/settle/pay Bets, playing games, etc.)
• Improve the quality or service and gaming experience for you
• Comply with obligations as set out in our terms and conditions (contractual obligations)
• Comply with licensing and regulatory requirements.
Your personal data may also be used by the Group for customer modelling, statistical and trend analysis, with the aim of developing and improving our products and services. If your data is used in this way, then it will be anonymised.
We only collect and have access to information that you have voluntarily given us. If further information is required for processing, we will contact you to collect this information.
We will only contact you about our products and services if we have an accurate record of your recent and freely given consent to do so. You can withdraw your consent at any time by contacting www.138.com or by logging into your account and changing your settings.
There are times when it is not practical to obtain and record consent. At those times, we will only process personal information if that processing would meet a legal obligation. In which case we would only process in accordance with the law’s strict rules on processing.
Do we share your information?
We may share the personal data we hold about you across the Group to enable us to better understand your needs and run your accounts in the efficient way that you expect.
To ensure we follow legal obligations set by the gaming industry, we may be required to disclose information with specific third parties (e.g. to identify you, Anti-Money Laundering, Anti-Fraud, prevention of terrorist financing). As detailed above, these third parties have all been thoroughly vetted as part of our Information Security Controls, which we are required to follow as part of gaming requirements.
We will not share/sell your information outside of the Group (e.g. to other gaming companies, or unrelated companies), as this is not part of our scope of business.
We may need to disclose your information to a third party if required by law. In this case, we would follow the law’s strict rules on sharing information.
If you use a debit or credit card to deposit or withdraw funds, Wirecard will process your card payment for you. In this capacity, Wirecard acts as a ‘controller’ and will process your personal data. For further details on Wirecard and GDPR, please visit the link below:
How long do we retain your information?
We will ensure personal data is not kept for longer than is necessary. We will always follow the below controls to ensure that the storage of personal data conforms to this:
• Review the length of time personal data is retained
• Review and consider the purpose for retaining the personal data
• Securely delete personal data which is no longer required
• Ensure personal data held is updated and, when appropriate, is archived securely.
What do we do with your information?
We are the owners of the information collected and will only use your information to respond to you. We will take all steps reasonably necessary to ensure that your data is treated securely.
Your information and transactions are transmitted using encryption technology and securely stored in line with our Information Security Policies. For certain pieces of information, we are required to retain hard copy records, which are also stored in line with our Information Security Controls.
If you are required to send us your credit or debit card information, your card details will always be transmitted securely. Any credit or debit card information stored by us are in an encrypted form and can only be viewed by employees with the appropriate level of security clearance.
The data collected from you (including recorded calls) will be transferred, processed and stored at our dedicated secured offices and data centres. By submitting your personal data, you agree to this transfer, processing and storing.
Where we have given you a password which enables you to access certain parts of any of our websites, you are responsible for keeping this password confidential, including not sharing it with other persons.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to any of our websites. In addition to the steps that we take to protect your personal data, you should take steps to help protect yourself against Internet fraud.
Your rights as a data subject
You have the right to access information held about you through a Subject Access Request. We will respond to such a request within one month and we may require your identification to be verified prior to release. If this information is incorrect, or you wish to have it removed, you have the right as an individual to request it to be rectified or erased. Any such requests should be made in writing, using the contact details below.
Your information provided by us, on your request, will be communicated to you in a way which can be transferred to another party if required.
Please ensure you inform us of any changes to your information to ensure accuracy is maintained. You can do this by contacting our customer services team at email@example.com.
If you object to the processing or feel that the personal information retained by us is inaccurate or is being unlawfully processed, please inform us and we will stop processing the information until the matter has been investigated and corrected.
If you have a query regarding your personal data or you wish to submit a Subject Access Request, you can do this:
• On Live Chat
• By E-mail to firstname.lastname@example.org, or
• In writing, to:
2nd Floor Athol House
21a-23 Athol Street
Isle of Man
You also have the right to contact The Information Commissioners Office should you wish to complain regarding the processing of your information.