This Privacy Notice explains how and why your personal information is collected and how it is kept secure.
2 Who are we?
Toto2 is a trademark of ET Marketing Ltd, responsible of marketing the services through toto2.com (the Site). ET Marketing Ltd is a company incorporated in Malta and registered under company number C 80111 with its registered address at Fort Business Centre, Mriehel Bypass, Birkirkara BKR 3000, Malta (hereinafter referred to as “White Label”). White Label are operating on the platform pertaining to Bethard Group Limited, a Maltese Company bearing registration number C 69565 with registered address Triq Paceville no. 6, St Julians STJ 3106, Malta.
Whereas personal data is hosted in information repositories and systems of Bethard Group Limited and is managed as described hereinbelow, it is brought to your attention that White Label therefore has and requires constant full access to personal data hosted by Bethard Group Limited for it to operate its business through toto2.com. All personal data obtained through this website will be processed by White Label. All references to "we", "our" and "us" within this document are references to Bethard Group Limited or White Label and pertain to each single entity related action towards the collection, the storage and processing of the personal data matter of this documentation.
You will receive communications directly from the White Label and any permissions pertaining your personal data related management granted herein are therefore bequeathed to the White Label.
If you have specific questions regarding your personal information or how we use it, please contact our Data Protection Officer directly by email – firstname.lastname@example.org
3 What information we collect
Certain personal information is collected when you use our site. Information can be provided to us by you upon registration and when you make use of our products or get in touch with us. It may also be the case that other third parties or publicly available sources provide us with information about you.
At registration, you provide us with your personal details such as name, surname, mobile number, gender, date of birth, email address and the country of residence.
During the course of play, we may also request you to provide us with photographic identification, proof of address documents (to carry out due diligence) and banking and financial details (to establish the source of funds where a transaction is involved).
Through the use of our services we obtain information about how you interact with our products, your online browsing habits and devices used (such as model, operating system, IP address, browser type, mobile device identifier).
We also collect data from other organizations, such as companies providing verification and credit reference services.
When contacting us via phone, we may record phone calls to address and resolve queries and issues you may have and for regulatory purposes.
In cases where data may be considered as sensitive, we have in place additional measures to protect it and its confidentiality.
4 Basis of collecting Data.
Upon registering an account and accepting our terms & conditions you accepted to receive genuine and exceptional remote gaming services from us. Unless you request otherwise under legitimate interests, we will process your data for certain purposes including marketing offers, analysis & evaluation and service administration purposes, such as password reminders, service messages etc.
We collect data to contact you and inform you about our services. Contact can be made via phone, email, sms, in account and social media. If you do not want to receive these services you can unsubscribe from marketing offers by contacting customer support or sending an email to our DPO email@example.com
It must be noted that as a licensed gambling operator we have certain legal obligations when it comes to storing data. In particular this is needed for ensuring that we offer our services to eligible persons, crime & fraud detection, AML purposes and to identify any potential risks to assist in the prevention of problem gambling.
Cookies are essential to keep certain parts of our websites functioning correctly and securely. We also use them to make our site quicker, easier and more personal for you.
To achieve this, cookies collect some personal information about you whenever you use our websites. You can choose whether to accept or reject some or all types of cookies and control this through your device’s browser settings. We will make you aware of this by showing you our cookie banner when you visit our site.
Please refer to our cookies policy for more information.
6 When do we share your personal information?
On occasions, we share certain data with third parties. In order to mitigate certain risks we carry out checks to ensure that the companies we work with will give your information the same level of care and protection as we do. Both we and they are obliged to handle your information in accordance with data protection law and to put in place contractual measures reinforcing those obligations. Circumstances in which we share data with third parties are listed below:
- Notifying you about important changes or developments to the features and operation of those products and services.
- When ordered to do so by any regulatory body.
- In order to establish, exercise or defend our legal rights.
- For fraud detection and control purposes in cases where Bethard has reasonable grounds to suspect irregularities with the account.
- With service providers to enable us to provide our services.
- With external auditors.
7 Retention of data period
We will only retain your information for as long as is reasonably necessary to carry out the purposes outlined above and to satisfy our legal obligations. When you cease using our services, we will normally still retain your personal information for a period of time.
Normally data is stored for ten years after you stop using our services.
8 Your rights & choices over your personal information
It is your data and you have several rights which you can exercise, namely;
Right to access information
You have a right to request a copy of the personal information we hold about you, known as a data subject access request. If you wish to do this, kindly contact customer support or our DPO on firstname.lastname@example.org
Right to be forgotten
In some circumstances, you can ask us to erase personal information we hold about you. It must be noted that this does not exonerate us from mandatory retention periods under other laws.
You can request the right to be forgotten when:
- the information is no longer necessary in relation to the purpose for which it was collected (as explained in our privacy notice)
- you have previously given consent to the use of your information, but decide to withdraw it and we cannot justify another legal ground for using it under data protection law
Right to opt out
We rely on legitimate interest as the basis to process your personal information, such as for sales and marketing communications. However, you always have the right to withdraw your consent at any time.
Within each and every communication we give you the right to opt out easily from the footer of the communication but if you wish to opt out manually, you can do so by contacting customer support.
Right to Data Portability
You have the right to receive personal information you provide to us, in a ‘commonly used machine-readable format’. This allows you to obtain and reuse your information for your own purposes across different services.
Right to object
Based on your particular situation, you can object to the processing of your personal information, i.e. you also have the right to object to the use of your personal information for direct marketing purposes (including profiling).
9 Security of your data
We treat your data very carefully and with the strictest manner. We are committed to protect the personal information you entrust to us. We take all reasonable steps to ensure that all information collected through our sites is treated securely and in line with this policy and strict data protection standards.
As much as possible, we try to adhere to ISO27001 principles. On a quarterly basis we also undergo information security audits in order to confirm our integrity.
10 Contact us
If you wish to raise a complaint regarding how we have handled your personal data, you can contact us to have the matter investigated by emailing email@example.com
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can complain to our lead data protection authority - the Office of the Information and Data Protection Commissioner - or your national data protection regulator.
This policy was last updated on the 24th of May 2018