Fair Processing Notice
Fair Processing Notice
Scope
All data subjects whose data is processed by Apsley.
Responsibilities
The Data Protection Officer is responsible for ensuring that this notice is placed in front of potential data subjects prior to Apsley collecting/processing their personal data.
All Employees/Staff of Apsley who interact with data subjects are responsible for ensuring that this notice is drawn to the data subject’s attention and their consent to the processing of their data is secured.
Fair Processing Notice
Apsley collect and process data as part of our activities. Some of this data is collected and processed based on your consent. Some of it is required in order to meet legal and contractual obligations. Some of it will be processed on the basis of Legitimate Interest.
We are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy. We may pass your personal data on to our service providers who are contracted to Apsley in the course of dealing with you. Our contractors are obliged to keep your details securely, and use them only to fulfil the service they provide. If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do so.
How Apsley uses your information
Apsley will process – that means collect, store and use – the information you provide in a manner that is compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date and not keep it for longer than is necessary. In some instances the law sets the length of time information has to be kept, but in most cases Apsley will use its discretion to ensure that we do not keep records outside of our normal business requirements.
Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information you provide will be subject to rigorous measures and procedures to minimise the risk of unauthorised access or disclosure.
Here are the types of information we collect:
● Email addresses
● Full Name
● Country
● Phone Numbers
● Transaction information
● User/Device ID/Internet Protocol Address
● Anonymised behavioural data regarding the way users interact with our websites/apps and their betting functionality.
● Information you provide during the registration process.
● Information which we may obtain about you from third parties (for example, because you have given third parties permission to share that information with us).
The information will be used for the following purposes:
● Tracking – which includes using data to improve our products and personalise your experiences.
● Business intelligence – to develop aggregate analysis and business intelligence that enables us to operate, protect, make informed decisions and report on the performance of our business.
● Fulfilment of the service – process the information in order to make payments, ship products, detect and prevent fraud, to resolve disputes and enforce our agreements.
● Communication – for example, informing you about your account, security updates and product information, where you have subscribed to our newsletter or have entered a competition you would have consented to us processing your data by submitting your personal data on this site.
● Marketing – we use data to help show more relevant ads, whether in our own products, or in the products offered by third parties; and inform you of offers that we think are of interest.
● Customer support – we use data to diagnose product problems, repair customers’ devices and provide other customer care and support services.
By consenting to this, you are giving us permission to perform this processing, where the basis is consent.
You may withdraw consent at any time by updating your cookie preferences, opting out of specific marketing/communication channels, or even raising a Subject Access Request with us.
Bear in mind, that where we will need to keep/process the data to fulfil legal, contractual or legitimate interest requirements, we will continue to do so.
What is Personal Data?
Under the EU’s General Data Protection Regulation:
Personal Data is defined as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
Special Categories of Personal Data & Minors
Certain data are classified under the Regulation as ”special categories”:
● Racial
● Ethnic origin
● Political Opinions
● Religious Beliefs
● Trade-union membership
● Genetic Data
● Biometric Data
● Health Data
● Data concerning a natural person’s sex life
● Sexual orientation
Apsley does not collect or process special categories of personal data, or the data of minors.
Invoking your rights under GDPR
Under the EU’s General Data Protection Regulation you have multiple rights including the right to find out what information we hold for you, request that it be updated, object to it being processed, ask that it be deleted, or restrict the processing.
If you would like to exercise any of these, you can easily do so by contacting sar@apsley.co.uk.