At Bingo.com, we are committed to protecting and respecting your privacy and maintaining the confidence and trust of our customers.
This Privacy Notice explains how and why your personal information is collected through the use of our website www.bingo.com and all variants thereof, including our mobile apps (the “Website”), and how it is kept secure.
Bingo.com is Trannel (International) Ltd, a company duly registered on 28 March 2000 under the laws of Malta, with Company Registration No. C 26127, and having its registered office and business address at Level 6 - The Centre, Tigne Point - Sliema, TPO 0001 – Malta, the “Data Controller” under this Notice. Bingo.com belongs to Kindred Group plc (“Kindred Group”). Kindred Group is listed on the Nasdaq OMX Nordic Exchange in Stockholm and is one of the largest listed online gambling operators in the European market. Founded in 1997, it has substantial expertise in the area of online gambling and is a leader in providing innovative solutions focusing on the protection of customers, increased transparency and a safer safe and secure player environment. You can find more information at www.kindredgroup.com
Kindred Group operates across different markets and jurisdictions, and has in its portfolio the following brands: Unibet, Bingo.com, Highrolling, MariaCasino, 32Red, Vlad Cazino, Casinohuone, Pokerihuone, Bingohuone, Kolikkopelit.
There are various ways you can contact us.
For general queries do not hesitate to get in touch with our Customer Service team via phone, email or live chat - please see our Contact us page.
If you have specific questions regarding your personal information or how we use it, please contact our Data Protection Officer.
We collect personal information when you interact with us and use our services (the “Services”). Sometimes, this information is provided to us by you – like when you register for the first time and when you make use of our products or get in touch with us. Sometimes third parties or publicly available sources provide us information about you.
Information you provide to us
At registration:
Through your use of Bingo.com’s Services:
Other sources of personal data
If you give us personal information about someone else (for example via a Refer a Friend scheme) then you should not do so without their permission. Where information is provided by you about someone else, or someone else discloses information about you, it may be added to any personal information that is already held by us and it will be used in the ways described in this Privacy Notice. This list of personal data types collected by Bingo.com is not exhaustive and further information may be requested from you when Bingo.com considers it fair and necessary to do so.
Special categories of data
Personal data collected by Bingo.com may include so called “special categories of data”, such as data revealing health (responsible gambling related) (see Section 5 D).
We have in place additional measures to protect your sensitive personal data and its confidentiality (see Section 11).
We recognise the trust and confidence our customers place in us as a service provider. In return, Bingo.com is open about why we collect your data. First and foremost, collecting your information is essential for providing you the services and products you want. In addition, your data is used to personalise and improve your experience using our services, and to contact you from time to time with important information. In some cases, we need to collect and use your information to comply with the law. Under data protection laws, we also need to identify a specified lawful basis upon which we are processing your personal information. We rely on different bases for different processing activities.
A) Under the contract – when it is necessary for the performance of a contract to which you are a party. Our T&Cs, which you have accepted at registration, set out the terms of the contract and the services we will provide:
To make our services available to you as part of our contract
B) Under legitimate interests - It is necessary to process your data for the purposes set out below, except where our interests are overridden by the interests, rights or freedoms of affected individuals (such as you). To determine if we can process your data on this basis, we shall consider a number of factors, such as what you were told at the time you provided your data, what your expectations are about the processing of the data, the nature of the data, and the impact of the processing on you.
To personalise your experience
To improve our services and products
To contact and interact with you
To make your game safer and more enjoyable
C) Under the legal obligation – when it is necessary in order to comply with mandatory legal obligations to which we are subject under EU or local laws:
D) Under your consent
Marketing and market research
We will send you relevant offers and news about our products and services in a number of ways including by email, sms, phone call, post, social media targeted advertising, but only if you have previously agreed to receive these marketing communications. When you register with us we will ask if you would like to receive marketing communications, and you can change your marketing choices online, over the phone or in writing at any time.
We may use information which we hold about you to show you relevant advertising on third party sites (e.g. Facebook, Google, Instagram, Snapchat and Twitter). If you don’t want to be shown targeted advertising messages from us, some third party sites allow you to request not to see messages from specific advertisers on that site in future. If you want to stop all personalised services from us, including targeted advertising messages on third party sites you can contact our Customer Service or our Data Protection Officer to disable personalisation. We also like to hear your views to help us to improve our services, so we may contact you for market research purposes. You always have the choice about whether to take part in our market research.
E) Special categories of data
We will only process such data if:
Bingo.com’s websites and Apps use cookies for various purposes.
We use cookies for the following purposes:
More information can be found in our Cookies Policy.
Kindred’s websites and apps use cookies for various purposes.
We use cookies for the following purposes, amongst others:
More information can be found in our {Cookie Notice|cookie_notice}
In certain circumstances, we share your personal data with other companies within the Kindred Group, with third parties that provide services on our behalf, and with other third parties to comply with our legal obligations. These third parties include companies such as Evolution, which provides live casino products; Microgaming, a gaming platform specializing in slots; Trustly, a payment provider; Oracle, which offers database software; Microsoft; Amazon Web Services; and Pragmatic, known for its casino products, including slot games and live casino offerings. We do not sell your personal data to marketing companies. When we use third parties for marketing services, your consent is required before your data can be processed. Other examples of when we might share your personal data include when we enter any kind of merger or business sale, as customers’ personal data is likely to be included in the sale/transfer. We will inform you prior to affecting such transfer of personal data. Even when it is shared, we ensure that your personal data will only be used for the purposes outlined in this Privacy Notice.
We may share the personal data we collect with other companies in the Kindred Group for purposes such as:
We may share personal data with third parties in the following circumstances:
Providing Products and Services
Regulatory Compliance and Legal Requirements
Legal Rights and Fraud Detection
Service Providers and Auditors
Business Transfers
Successors and Network Security
Fraud Prevention and Advertising Efficiency
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers: such as United States of America (USA), Australia, India. This can be the case for instance if we provide services globally, your data may in a few instances be processed in countries where we have operations or services providers. Further, for efficiency and reliability, we may use cloud services hosted in different countries. In certain cases, we might need to transfer data to comply with international legal obligations.
To ensure your personal data remains safe when transferred in this manner, we will take all reasonable steps to maintain a suitable level of protection in line with this notice.
Any transfer of your personal data to a location outside the EEA will processed/performed in accordance with applicable data protection laws, including the GDPR, and will be based on:
Should you have any questions regarding our transfers of personal data to countries outside the EU/EEA area, please contact us by using the contact details provided at the beginning of this Privacy Notice.
We appreciate that by law and subject to certain conditions, you have a number of rights concerning the personal information we hold about you. If you wish to exercise these rights, you should contact our Data Protection Officer using the details set out above in Section 3. These rights include the right to access, amend and erase the personal information we hold about you, the right to object to the processing of your data, the right to withdraw consent, and the right to data portability. You also have the right to complain to your data protection authority if you are concerned with how we process your information. In addition, you have certain rights relating to automated decision-making and ‘profiling’. Further information and advice about your rights can be obtained from our lead data protection authority, the Office of the Information and Data Protection Commissioner (“IDPC”) in Malta or from your country’s data protection regulator.
The personal information we ask for on registration is compulsory (unless indicated in the forms as optional) and we need it to be able to process your registration, contact you and comply with gambling and financial laws to which you are subject. Unfortunately, therefore, if you do not want to provide such personal information, you will not be able to use our services.”
Right to access and rectify the information we hold about you
You have a right to request a copy of the personal information we hold about you, known as a data subject access request. You also have the right to request that information we hold about you which may be incorrect, or which has been changed since you first told us, is updated or removed. These requests are free of charge and can be sent by email to our Data Protection Officer or by contacting Customer Services (see Section 3).
Right to delete your data
In some circumstances, you can ask us to erase personal information we hold about you (‘the right to be forgotten’). This includes when:
This right is subject to mandatory retention periods under EU/local laws.
Right to restrict processing
You have the right to ask us to restrict (‘block’ or ‘suppress’) the processing of your personal information. When processing is restricted, we can still store your information, but will not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in the future. This right is available to you when:
Right to Data Portability
You have the right to receive personal information you provide to us, in a ‘commonly used machine-readable format’. This allows you to obtain and reuse your information for your own purposes across different services. For example, if you decide to switch to a different provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability. This is not a general right however, and only arises when the processing of your information is:
Right to object
Based on your particular situation, you can object to the processing of your personal information, that is:
You also have the right to object to the use of your personal information for direct marketing purposes (including profiling), such as when you receive emails from us notifying you about other Kindred Group services which we think will be of interest to you.
Right to withdraw consent
When we rely on your consent as the basis to process your personal information – such as for sales and marketing communications (see section 5D) – you have the right to withdraw your consent at any time. We’ll always strive to make it easy for you to withdraw consent by choosing an “unsubscribe” option in every communication you receive from us. If you find this isn’t the case, then just get in touch with our Data Protection Officer the ways outlined above in Section 3, and we’ll try to fix things ASAP.
Rights related to automated decision making, including profiling
We sometimes use systems to make automated decisions based on your personal information. This helps us to make sure our decisions are quick, fair, efficient and correct, based on what we know. These automated decisions can affect the products, services or features we may offer you now or in the future, or the ability to use our services.
We may use automate decisions making in the following situations:
Data protection law seeks to safeguard individuals against harm that may arise from decision-making - including profiling - that takes place without human intervention. You have the right not to be subject to a decision - including profiling - when it is based on the automated processing of your personal information and it has a legal effect or a similarly significant effect on you.
Please note that the right does not apply when the processing is:
Any requests relevant to this Section must be addressed in writing to our Data Protection Officer.
We will respond to any of your requests relevant to this Section within one (1) month from their receipt. Upon prior notice, this period may be extended by a further two (2) months if necessary, taking into account the complexity of the request and the number of any other pending requests. In case of rejection of your request, we will provide relevant justification.
If your request does not meet the requirements of the data protection law, we reserve the right either to: (a) impose a reasonable fee, taking into account the administrative costs of providing the information or communicating or executing the requested action; or (b) reject your request.
Under the GDPR, you have a number of rights concerning the personal data we hold about you. If you wish to exercise these rights, you should contact our Customer service team or use our {GDPR Online Form|gdpr}. You also have the right to complain to your local data protection authority if you are concerned with how we process your information Further information and advice about your rights can be obtained from ICO We have also designated a lead data protection authority, the Office of the Information and Data Protection Commissioner (“IDPC”) in Malta which you can also contact for further information {dpa}
You have, under certain circumstances, the right to exercise the following rights:
>What is your right?
Be informed of the personal data we process about you and how we process it.
>How to exercise
By accessing this Privacy Notice we are informing you of your rights and the principles. Information may also be provided by us in connection with your provision of your personal information and/or in connection with your use of our services. More information can be found in our {Help centre|help_centre}
>What is your right?
You may request confirmation whether personal data about you is processed by us and, if that is the case you have a right to request a copy of the personal data we hold about you, known as a data subject access request.
>How to exercise
These requests can be made in our {Help centre|help_centre}
>What is your right?
In some circumstances, you can ask us to erase personal data we hold about you (‘the right to be forgotten’). This includes when:
>How to exercise
These requests can be made in our {Help centre|help_centre}
>What is your right?
You have the right to ask us to restrict (‘block’ or ‘suppress’) the processing of your personal data. When processing is restricted, we can still store your information, but will not process it further. This right is available to you when:
You can object to the processing of your personal data, that is:
>How to exercise
These requests can be made in our {Help centre|help_centre}
If you would like to not receive marketing emails, you can also unsubscribe / opt out of receiving them.
>What is your right?
You have the right to at any time withdraw your consent to the processing of personal data to the extent the processing is based on your consent.
>How to exercise
These requests can be made in our {Help centre|help_centre}
>What is your right?
This allows you to request and reuse your information for your own purposes across different services. For example, if you decide to switch to a different provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability. This is not a general right however, and only arises when the processing of your information is:
>How to exercise
These requests can be made in our {Help centre|help_centre}
If you would like to not receive marketing emails, you can also unsubscribe / opt out of receiving them.
We will respond to any of your requests relevant to this Section within one (1) month from their receipt. Upon prior notice, this period may be extended by a further two (2) months if necessary, taking into account the complexity of the request and the number of any other pending requests. In case of rejection of your request, we will provide relevant justification.
Restriction on data subject’s rights:
In certain circumstances, your rights as a data subject under GDPR, particularly your right to access personal data and the right to request the erasure of data, may be restricted or limited. Such restrictions may be necessary and proportionate for reasons such as ensuring compliance with legal obligations or to protect the rights and freedoms of others.
We will ensure that any restrictions on your rights are clearly justified
If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated by emailing DPO.officer@kindredgroup.com.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complaint to our lead data protection authority, the Office of the Information and Data Protection Commissioner (IDPC https://idpc.org.mt/ ) or your national data protection regulator.
We are committed to protecting the personal data you entrust to us. We take all reasonable steps to ensure that all information collected through our website is treated securely and in line with this Privacy Notice and strict data protection standards. Accordingly, we have adopted robust procedures and technologies to protect your data from unauthorised access and improper use.
After logging in all information sent to and from the |Website is encrypted using 128-bit Secure Socket Layer (SSL) technology. The SSL certificate used is issued and verified by Trustwave, click on the image for more information.
Your credit card details are encrypted and sent only once over the internet to Kindred. It is then stored encrypted in our secure systems. We are dedicated to protecting our customers’ confidential information and, as part of doing so, we are certified towards the Payment Card Industries Data Security Standard.
The security of our systems and applications are tested several times per year by third-party security experts. Furthermore, we have an Intrusion Detection System that monitors all network traffic 24/7 for signs of attacks or intrusions.
We have a dedicated fraud department and advanced systems in place to detect and prevent suspicious activity, to ensure that our websites remain a secure playing-field. Any account involved in suspicious activity will be suspended and investigated to the fullest extent. Should you as user have any doubts about the activity on your account, such as unrecognized transactions in the transaction history or surprising changes in the balance, please contact us immediately.
By using our Website and by providing your personal data, you acknowledge that you are required to provide your actual, accurate and complete data as requested by Bingo.com. Furthermore, you must inform us of any changes to your information so as to ensure it is kept up-to-date and accurate.
If you are found to be in breach of your obligations or if we have reasonable suspicion that the information you provide is false or incomplete or in any way contrary to Data Protection Law or this Notice, we retain the right to reject your application for registration or to suspend or terminate your account immediately without notice. In this case, you have no right to any compensation due to the rejection of your application, or the suspension or termination of your account.
This is version 1.6 of the Bingo.com Privacy Notice, last updated on 20/12/2022.