1. PRIVACY POLICY

This Policy explains how Crazy Rewards (“We”, “Us”) uses personal data relating to you. This Privacy Policy was updated in May 2018. Updates will occur from time to time and in case of significant changes, which could affect you, you will be informed by email. The previous version of this policy can be found here. We will process any personal information provided to us relating to you in accordance with this Privacy Policy.

By giving your consent to this Privacy Policy you confirm that you accept and understand the processing of your personal information as described in this policy. If you are unable to accept the terms in this Privacy Policy, you are not able to use our services.

  1. WHO ARE WE?

We are Crazy Rewards, and throughout this Privacy Policy, ‘we’, ‘our’, ‘Crazy Rewards means companies within the Global Gaming Group. All companies within the group are Joint Controllers in relation to the personal data that we process about you.

  1. HOW AND WHY DO WE COLLECT, STORE AND PROCESS YOUR DATA?

Site visitor

When you access one of our sites we collect information from the devices you use. Information such as: IP address, hardware, software, operating system, settings, network information, location data, server logs and the third-party site or app you were using prior to visiting our site. Crazy Rewards is the Controller for the processing carried out by its employees relating to our site visitors and is at the same time the processor.

Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser that enables the sites or service providers systems to recognize your browser and capture and remember certain personal information about you whenever you use our websites. We use cookies to help us remember and process the requests you make and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. We contract with third-party service providers to assist us in better understanding our site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.

Personal Data is collected based on your usage of our site. Our Cookie Policy describes which cookies are being used and which information is collected and how to change your browser settings in regard to cookies. When visiting our site you will be presented with a pop-up where you can give your consent to the usage of cookies in accordance with our cookie policy.

The purpose of this is to produce statistics to improve and develop the site. Examples of what the statistics provide us with answers to are: how many people visit different pages, how long the visit lasts, what sites users are coming from and which browsers are used. The information is processed in anonymised and aggregated form. Your data will not be shared with third parties, except Personal Data collected using Google Analytics (including your IP address). This Data may be sent and stored on servers in the US or if a sub-processor is used by the on the service provider’s behalf or if required by law.

How long the data is stored depends on which cookie has been used to collect the information, for example so called session cookies are stored for as long as the browser is open whereas other cookies are saved for up until 2 years. If you would like more information on how to disable cookies or change your privacy settings, please visit www.allaboutcookies.org.

Existing External Partners

In case you are a representative from an existing external party; service provider, business partner etc we may collect, store and process Personal Data about you. Global Gaming is the Controller for the processing carried out by its employees relating to external parties and is at the same time the processor.

The Personal Data we will handle during this processing are name, title, employer and contact details (address, telephone number and email), notes and summaries relating to meetings we have had with you (outside of what we have through our existing business relationship). We do not process sensitive personal data (e.g. race or ethnicity, political standpoint, philosophical or religious belief, union membership, health or sexual preferences).

The Personal Data is given to us by, or on behalf of, you through our site or in other way or through third parties or collected by us contacting external parties or from private or public registers or other sources. The Personal Data may be processed to for example administrate and fulfil obligations relating to the existing business relationship.

Potential External Partners

In case you are a representative from an external party whom we do not have a business relationship with; potential service provider, potential business partner etc we may collect, store and process Personal Data about you. Crazy Rewards is the Controller for the processing carried out by its employees relating to external parties and is at the same time the processor.

The Personal Data we will handle during this processing are name, title, employer and contact details (address, telephone number and email). We do not process sensitive personal data (e.g. race or ethnicity, political standpoint, philosophical or religious belief, union membership, health or sexual preferences).

The Personal Data is given to us by, or on behalf of, you through our site or in other way or through third parties or collected by us contacting external parties or from private or public registers or other sources.

  1. YOUR PRIVACY RIGHTS

Your right to have any inaccuracies in your personal information corrected

Should any of your personal information be inaccurate you have the right to have this personal data corrected, without undue delay.

Your ‘right of objection’ to certain processing and the right to limit the processing

You have the right to object, on grounds relating to your situation, at any time to processing of personal data that concerns you. You have the right to request that the processing of your personal data is limited.

Your right to Data portability

You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us.

Your right to be forgotten

You have the right to have your personal data deleted in certain situations. ‘Right to be forgotten’ is in support of freedom of expression. If you want to have your personal data deleted, you should contact us at data.protection@crazyrewards.com and we will respond to you within a month. If we agree to erase your data we will also notify any relevant third party, where possible, and inform you who they are. Should your request be denied, you will be informed why, and you have the right to complain to the supervisory authority.

Your right to complain to the supervisory authority

Should you believe that we have infringed on your privacy rights, you have the right to complain to the supervisory authority. You are recommended to initiate contact with the regulator in the country of residence.

  1. SECURITY

We take all reasonable steps to protect your data from unauthorised access and improper use in accordance with this Policy and security standards. Accordingly, we have taken rigorous steps in becoming ISO27001 compliant.

We implement a variety of security measures to ensure that your information is kept safe. A secure server is made use of, and all sensitive/credit information supplied is transmitted via Secure Socket Layer (SSL) technology. The database is only accessible by individuals having special access rights to such systems.

Any transfer of your personal information to a location outside the EEA will be based on:

  • the contractual Model Clauses adopted by the European Commission or a relevant data protection authority; or
  • an adequacy decision from the European Commission, confirming that the third country provides adequate protection for your personal information; or
  • Privacy Shield when transferring to the US (this is a form of certification which ensures that your data is handled in a way that is compatible with the strong EU protections); or
  • Your consent, or another legal basis on which we are entitled to make the transfer.
  1. THIRD PARTY PRIVACY POLICIES

Our site will provide links to third parties and these parties will have their own privacy policies which will not be the same as ours. 

  1. UPDATES OR AMENDMENTS TO THE PRIVACY POLICY

We reserve the right to amend or revise this Privacy Policy. The date of the most recent revisions will appear on this page and if significant changes will be made to the Privacy policy we will in such cases inform you by email. You will need to re-confirm acceptance of the privacy policy prior to using our service.

  1. CONTACT US

Should you have any issues or concerns or simply would like to know in depth how we process your personal data, you can contact us through data.protection@crazyrewards.com