Privacy policy - Admiral

Luxury Leisure Talarius Customer Care Portal Privacy Notice

Who we are:

Luxury Leisure Talarius, owned by Novomatic Group, is always committed to protecting your privacy. We aim to respect any personal information you share with us, or that we receive from others, and keep it safe. This Privacy Notice sets out our data processing practices and your rights and options regarding the ways in which your personal information is collected and used.

Luxury Leisure Talarius refers to the companies operating under the control of Luxury Leisure and Talarius Ltd and includes RAL Ltd. Luxury Leisure company number 02448035 and Talarius Ltd company number 05382157.

We are registered as a data controller at the UK Information Commissioner’s Office under number Luxury Leisure Z3574301 Talarius Limited Z9448809

We are an Operator of Adult Gaming Centres and / or Licenced Bingo premises in Great Britain. We refer to these premises as Venues.

We are responsible for the processing of personal data that we have received in accordance with the UK General Data Protection Regulation and the DPA 2018.

Luxury Leisure Talarius is the controller for the personal information we process, unless otherwise stated.

What is the Customer Care Portal?

The Customer Care Portal is a web-based portal to allow our customers to search and view solutions to any possible service or support issue related to one of our Venues.

The portal allows you to submit support issues to us, and view and reply to responses from us.

You can also submit a support issue by visiting one of our Venues.

Our Customer Care Portal Provider

We contract with IHL Tech Ltd, who provide us with multiple products and solutions, including the provision of the Customer Care Portal. IHL Tech Ltd acts as a processor of your personal data.

Our role in your privacy

If you are providing Personal Data to us to enable us to manage and respond to any issues you have with one of our Venues, this Privacy Notice applies to you.

Our responsibilities

Our responsibilities as a Data Controller
Whilst you are completing or have completed a request for support, we act as a ‘Data Controller’ of your data. This means we will determine why and how your Personal Data is processed to enable us to provide support to you.

Our relationship with IHL Tech Ltd
IHL Tech Ltd, act a ‘Data Processor’ of your data. This means they have been instructed by us as a ‘Data Controller’ to process your data in accordance with the purpose it has been collected.

[INSERT IMAGE]

When we collect personal information

We collect personal information about you:

When you give it to us directly, for example, personal information that you give to us when you communicate with us by email, telephone or letter etc.

Lawful basis

Under the GDPR, the lawful bases we rely on for processing this information are:

a. Where necessary to comply with a legal obligation (for example, where we are obliged to share your personal information with regulatory bodies which govern our work and services).

b. Where necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering a contract.

c. Where there is a legitimate interest in us doing so.

d. Where you have provided your consent for us to use your personal information.

Our lawful basis for collecting your data for the purpose of the Customer Care Portal will be Consent.

Types of data we may collect when you are registering for support

Contact Data
Required Data
Name
Email Address
Issue Details
Depending on the issue, this may require you to provide supporting information that will assist us in supporting your issue. This may include Personal Data that will enable us to prove your identity.

Types of data we DO NOT collect

Any special category data including any personal data relating to racial or ethnic origin.

Purposes for which we process your personal information

We collect your data solely for the purpose of providing and managing your support request. This includes the sending of emails and texts that may contain information relating to gambling support services and organisations.

Please note:

We do not use any personal data you provide in the Customer Care Portal for marketing purposes.

We also do not take any responsibility for any inappropriate material or content posted. Inappropriate material includes content which falls outside the scope and terms of reference for the platform. For example, this would include sexually explicit material as well as offensive language and hate speech – all of which can contribute to online harm.

How and why we use your personal information

Data protection law requires that we only use your data for certain reasons and where we have a lawful basis to do so. Here are the reasons why we process your data:

Providing support to you
Processing of your Personal Data to enable us to provide support to you.
In this context, our lawful basis for processing your personal data is the contract we have with you.

Your privacy choices and rights

Your choices

You can choose not to provide us with personal data
If you choose to do this, you can continue to use the Customer Care Portal and browse its pages, but we will not be able to provide support without personal data.

You can turn off or amend your cookie settings by:
Blocking cookies by activating a setting on your browser allowing you to refuse cookies. You can also delete cookies through your browser settings.
If you turn off cookies, you can continue to use the website and browse its pages, but the website and certain services within will not work effectively.
You can also change your cookie consent by clicking the ‘Change your Consent’ link found within the cookie policy on our website.

Your rights

Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. You also have the following rights:

a. Right of access – you have the right to ask us for copies of your personal information. You can contact us to ask for confirmation of what personal information we hold on you and to request a copy of that personal information. Provided we are satisfied that you are entitled to see the personal information requested and we have successfully confirmed your identity, we will provide you with your personal information subject to any exemptions that may apply.

b. Right of erasure – at your request we will delete your personal information from our records as far as we are required to do so.

c. Right of rectification – if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated. You also have the right to ask us to complete information you think it is incomplete.

d. Right to restrict processing – you have the right to ask for processing of your personal information to be restricted if there is disagreement about its accuracy or legitimate usage.

e. Right to object – you have the right to object to processing where we are (i) processing your personal information on the basis of our legitimate interests, (ii) using your personal information for direct marketing or (iii) using your information for statistical purposes.

f. Right to data portability – to the extent required by the GDPR, where we are processing your personal information either (i) by relying on your consent or (ii) because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contract, and in either case we are processing using automated means (i.e. with no human involvement), you may ask us to provide the personal information to you in a machine-readable format.

g. Rights related to automated decision-making – you have the right not to be subject to a decision based solely on automated processing of your personal information which produces legal or similarly significant effects on you, unless such a decision (i) is necessary to enter into/perform a contract between you and us/another organisation; (ii) is authorised by EU or Member State law to which Luxury Leisure Talarius is subject (as long as that law offers you sufficient protection); or (iii) is based on your explicit consent.

Please note that some of these rights only apply in limited circumstances.

If you have any questions or concerns, or you wish exercise any of your rights this can be done by sending an email to GroupGDPR@Luxury-Leisure.co.uk

You can also complain to the ICO if you are unhappy with how we have used your data

The ICO’s address:

Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

How secure is the data we collect?

Data collected during your support request is fully hosted and managed by IHL Tech Ltd

IHL Tech Ltd have physical, technical and organisational procedures in place to appropriately safeguard and secure the data we collect.

All data is stored in a secure ISO 27001 facility by AWS (Ireland).
All data traffic is encrypted with SHA-256 RSA Encryption.
Always-On Network Flow Monitoring is enabled.
DDos protection services provided by AWS are enabled, including Automated Mitigation and all APIs are protected using a Throttling middleware.
IP Attack Prevention in the form of Rack Attack Preventative is implemented.

However, please remember:

You provide personal data at your own risk: unfortunately, no data transmission across the internet is guaranteed to be 100% secure.

If you believe your privacy has been breached, please contact us immediately on GroupGDPR@Luxury-Leisure.co.uk

Where do we store the data?

The data we collect is processed online, in our Venues, and in our Head Office

The Customer Care Portal provided by IHL Tech Ltd, is hosted in AWS, Ireland and processed in IHL Tech Ltd’s offices in Northampton (UK), Nottingham (UK) and Withernsea (UK) and also in any data processing facilities operated by the third parties identified below.

By submitting your data, you agree to this transfer, storing or processing by us. If we transfer or store your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this Privacy Notice.

How long do we store your data?

We will delete any personal/identifiable information about you 1 year after the closure of your support request.

Other Third parties who process your data (Non-Partners)

Businesses often use third parties to help them host their application, communicate with customers, power their emails etc. We contract with third parties who we believe are the best in their field at what they do.

When we do this, sometimes it is necessary for us to share your data with them in order to get these services to work well.

Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Notice.

If third party providers (processors) are established outside of the EU/EEA, we shall ensure that we contract only with third-party providers that are located in countries that ensure adequate levels of protection based on the European Commission's adequacy decision or that IHL Tech Ltd has entered into agreements with corresponding Standard Contractual Clauses or an International Data Transfer Agreement (IDTA) that ensure adequate safeguards with respect to the protection of the privacy and fundamental rights and freedoms of individuals.

Here are the details of our main third-party service providers, and what data they collect or we share with them, where they store the data:

IHL Tech Ltd provide our Customer Care Portal
IHL Tech hosts the Customer Care Portal in an Amazon Web Services (AWS) Data Centre in Ireland.

Cookies

We use cookies on the Customer Care Portal, please refer to our cookie policy for more information.