Please confirm if you consent to:
The use by BRC IT Lab of cookies for statistical purposes through analysis of aggregate data on traffic and manner of use of our websites.
1. WHO WE ARE AND HOW YOU CAN CONTACT US
We are BRC IT Lab LP registered in Republic of Ireland. Registration no: LP2547.
Registered Office: OFFICE 29, CLIFTON HOUSE, FITZWILLIAM STREET LOWER, DUBLIN 2,
IRELAND ZIP Code: D02XT91
2. PERSONAL INFORMATION WE COLLECT
We will comply with applicable data protection laws (including, the General Data Protection Regulation (EU) 2016/679, in the UK, the Data Protection Act 2018) in respect of the personal information you supply to us.
2.1. Personal Data
Personal Data means any information that identifies You as an individual or that relates to an identifiable individual.
Whenever it is not possible or feasible for Us to make use of anonymous and/or anonymised data (in a manner that does not identify any Users of the Site or customers of Our services), We are nevertheless committed to protecting Your privacy and the security of Your Personal Data at all times.
2.2. Data obtained from You
We collect from You, through interaction with You or through Your interaction with Us or our Services different kinds of personal data about you which we have grouped together follows:
a) Registration Data provided by you when you register and/or open Your Account including first name, last name, username or similar identifier, date of birth, gender, country.
b) Contact Data includes permanent address, email address and telephone numbers.
c) Identification and Verification Data (Anti-Money Laundering/Due Diligence/KYC data) that include your name, surname, permanent address and proof, age, nationality, KYC documentation (e.g. ID card, Passport).
d) Responsible Gambling Data (RG) including name, surname, Zip Code, email, phone number, country, date of birth, Identification and Verification Data.
e) Payments Data includes bank/payment account details, as well as information pertaining to a transaction such as currency, location, amount/value, client IP, user ID, token.
f) Log in Data includes internet protocol (IP) address, your logins (first log in last login, last failed login), duration of log ins, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Services.
g) Profile Data includes internal notes to your account, interests, preferences, feedback; Any bonus/cash back deals, or bonus preference you have been offered or benefitted from; Whether you have received any giveaways or, and your preferences regarding what type of gifts you would like to receive; Your preferences as to contact channels; information regarding your hobbies and interests;
i) Marketing Communications Data includes your preferences in receiving marketing from us (opt in/opt out), as well as your Contact and Registration Data.
j) Other Communication Data provided by you in communication with Us (via recorded calls, chats, email, or SMS) which may include various data such as your intentions, interests, complaints, preferences, as well as internal communication and notes.
k) Analytics data include various data provided by your observed with respect to your use of our Website and Services such as your player ID, language, location, browser data, campaigns utilised, channels used, device, payment provider, Transaction and Usage data and in case of online acquisition analytics also pages visited, postcards clicked, scroll depth. Certain information is collected using cookies and/or similar tracking technology – please see section “Cookies”.
2.3. Data from different sources
2.3.1. We collect information for AML/CFT purposes on the background of the player, which we source from third party providers (private companies working mostly with public sources), which includes information whether player is politically exposed person and whether any international and/or financial sanctions have been imposed and/or information on any corporate or property ownership, court judgements and/or insolvency and with respect to players also taxation information for the purpose of establishment of the source of funds and source of wealth during the AML risk monitoring and due diligence process. As for today we use CallValidate (TransUnion) service as outsource company. Please read and understand CallValidate (TransUnion) relevant privacy notice https://www.callcredit.co.uk/legal-information/bureau-privacy-notice.
2.3.2. Profile data (hobbies, interests) are also gathered by search of publicly available sources such as Facebook, LinkedIn, Twitter and Instagram, Google search.
2.3.3. In order to prevent and detect fraud and misuse of our systems (e.g. use of VPN), certain Log In Data, such as; IP address, device model/type, browser information, operating system and other device identification data are sourced and processed by Us utilizing a services of third-party fraud detection software provider.
2.4. Special Categories of Personal Data
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. However, from our experience, we may not exclude that You, at your own discretion, send us such data in communication with Us.
Please note that although ID cards are processed, images contained therein are not specifically technically processed to allow or confirm unique identification. Therefore, such data is not to be considered biometric data (special category of data).
2.5. If You Fail To Provide Personal Data
Where we need to collect personal data under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with Our Services).
Please make sure that your username does not contain any personally identifiable information. Please contact us if your user name contains your personally identifiable data, so we can make proper arrangements to protect your data and guide you as to how to change the username.
HOW DO WE USE YOUR PERSONAL INFORMATION?
3.1. We will only use your personal data when the law allows us to.
Most commonly, we will use your personal data in the following circumstances:
- To allow You to participate in gambling website with the use of our Product (Gambling Bot + Card) to provide ancillary services to You
- To allow You access and use of our website
- For legal and regulatory reasons, to comply with our legal obligations such as Anti-money laundering and responsible gaming.
- For identification and verification proposes
- For purposes that constitute a legitimate interest of BRC IT Lab regarding direct marketing of its own similar goods and services.
- For analytics purposes
3.2. Detailed purposes and legal basis
We have set out below, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. Please Contact us if you need details about the specific legal ground we are relying on to process your personal data.
- To register you as our customer, to identify you and verify you when you access your Account we use your Registration Data, Contact Data and Log-in-Data.
- To process and manage payment transactions we use your Payment Data and Transaction and Usage Data.
- For AML/CTF and due diligence purposes we will use your Registration Data, Contact Data, Profile Data, Other Communication Data, Transaction and Usage Data, Self-exclusion Data.
- To establish and investigate any suspicious behavior in order to protect our business from any risk and fraud we will use Registration Data, Contact Data, Identification and Verification Data, Log in Data, Payment Data, Other Communication Data.
- For Web Analytics we will use Analytics Data, Transaction and Usage Data
- For Social Media Marketing we will use your Contact Data
3.3. Direct Marketing Of Own Similar Goods And Services
3.3.1. Direct Marketing of Own Similar Products and Services via electronic mail: In accordance with applicable laws and in reliance on Regulation 9(2) of the Processing of Personal Data (Electronic Communication sector) Regulations (S.L. 586.01) and Recital 47 of the GDPR, BRC IT LAB may be informing You, from time to time, via electronic mail (email or SMS) about its own similar products or services (for example any changes on the Website, new products, own new services and promotions, bonuses and offers, loyalty program/VIP experience). You may opt out at any time and free of charge of such service, as applicable, either by:
- Contacting us, or
- Changing your Settings in your profile.
3.3.2. We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
3.3.3. Please note that even if You object to receiving direct marketing material from time to time We may still need to send You certain important communications from which You cannot opt-out.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
You can contact us
+353 1960 9697
or by e-mail email@example.com
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of EU.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
The Site is not intended for individuals under the age of 18.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at firstname.lastname@example.org
Last update 21/01/2020
ANTI-MONEY LAUNDERING POLICY AND PROCEDURES
These are the Anti-Money Laundering (ALM) Policy and Procedures adopted by “BRC IT LAB LP” (The Company) in compliance with Criminal Justice Money Laundering and Terrorist Financing Act 2010, as amended by Part 2 of the Criminal Justice Act 2013 (“the Act”), that transposes the EU’s Fourth Money Laundering Directive (2015/849).
The purpose of this policy is to set the high-level principles and standards of management of financial crime risks, including money laundering, and terrorist financing, for the Company.
The Company will actively prevent and take measures to guard against being used as a medium for money laundering activities and terrorism financing activities and any other activity that facilitates money laundering or the funding of terrorist or criminal activities.
To these ends:
- The identities of all new and existing clients will be verified to a reasonable level of certainty
- A risk-based approach will be taken to the monitoring of client tax and accounting affairs
- Any suspicious activity will be reported, and all AML activities recorded
- All staff that meet or contact clients and potential clients of this firm are required to acknowledge that the policy and procedures have been read and understood before meeting or contacting clients.
For the purpose of this Policy, the act of Money Laundering shall have the same meaning as provided in Article 1(3) of the EU AMLD, which provides that it, when committed intentionally, encompasses:
- the conversion or transfer of property, knowing that such property is derived from criminal activity or from an act of participation in such activity, for the purpose of concealing or disguising the illicit origin of the property or of assisting any person who is involved in the commission of such an activity to evade the legal consequences of that person's action;
- the concealment or disguise of the true nature, source, location, disposition, movement, rights with respect to, or ownership of, property, knowing that such property is derived from criminal activity or from an act of participation in such an activity;
- the acquisition, possession or use of property, knowing, at the time of receipt, that such property was derived from criminal activity or from an act of participation in such an activity;
- participation in, association to commit, attempts to commit and aiding, abetting, facilitating and counselling the commission of any of the actions referred to in points (a), (b) and (c).
Money laundering shall be regarded as such even where the activities which generated the property to be laundered were carried out in the territory of another Member State or in that of a third country.”
For the purpose of this Policy, the act of Terrorist Financing shall have the same meaning as provided in Article 1(5) of the EU AMLD, which provides that it encompasses; “the provision or collection of funds, by any means, directly or indirectly, with the intention that they be used or in the knowledge that they are to be used, in full or in part, in order to carry out any of the offences within the meaning of Articles 1 to 4 of Council Framework Decision 2002/475/JHA”.
For the purpose of this Policy the act of Terrorist financing refers to the provision or collection of funds, by any means, directly or indirectly, with the intention that they be used or in the knowledge that they are to be used, in full or in part, in order to carry out an act of terror, or that the funds will be used to support any terrorist group, persons or association.
CUSTOMER DUE DILIGENCE
The Company has established a Know-Your-Client (KYC) policy to ensure that the identities of all new and existing clients are verified to a reasonable level of certainty. This will include all individual clients. Identities will be verified either by email address confirmation or recognized by online identity verification agencies (such as Jumio®). These commercial agencies must have processes that allow the enquirer to capture and store the information they use to check and verify an identity.
The following documentation may be presented by the individual:
- Either a passport, driver’s license, or government issued document featuring a matching photograph of the individual, and a full name and date of birth matching those provided.
If the Company fails to verify the identity of a client with reasonable certainty it will not establish a business relationship or proceed with the transaction. If a potential or existing client either refuses to provide the information described above when requested, or appears to have intentionally provided misleading information, the business shall refuse to commence a business relationship or proceed with the transaction requested.
RISK ASSESSMENT AND ONGOING MONITORING
The Company shall take a risk-based approach in monitoring the financial activities of its clients. This will be carried out whilst preparing the accounts, or conducting any other business with the client.
The Company will actively not accept high-risk clients that are identified as follows:
- Clients with large one-off transactions, or a number of transactions carried out by the same customer within a short space of time.
- Clients based in or conducting business in or through, a high-risk jurisdiction, or a jurisdiction with known higher levels of corruption, organised crime or drug production/distribution.
- Unusual patterns of transactions that have no apparent economic or visible lawful purpose.
- Money received from areas known to have high levels of criminality or terrorist activity.
- The following are examples of changes in a client’s situation that may be considered suspicious:
- A sudden increase of purchases from an existing customer;
- Uncharacteristic transactions which are not in keeping with the customer’s known activities;
- Peaks of activity at particular locations or at particular times;
Whenever there is cause for suspicion, the client will be asked to identify and verify the source or destination of the transactions, whether they be individuals or company beneficial owners.
No action need to be taken if there is no cause for suspicion.
SUSPICIOUS ACTIVITY REPORTING
A Suspicious Activity Report (SAR) will be made to the Competent authorities as soon as the knowledge or suspicion that criminal proceeds exist arises.
Records of all identity checks will be maintained for up to 2 years after the termination of the business relationship or 2 years from the date when the payment has been completed.
Copies of any SAR, together with any supporting documentation filed will be maintained for 5 years from the date of tiling the SAR.
All records will be handled in confidence, stored securely, and will be capable of being retrieved without undue delay.
All affected employees are trained on their responsibilities in relation to money laundering legislation, and are aware of how to identify and deal with transactions that may involve money laundering.
The training and awareness programme is reflected in its usage by:
- mandatory AML learning training programme in accordance with the latest regulatory evolutions;
- brief academic AML learning sessions for all new employees.
This Policy must be reviewed by the Comapny at least annually. Any changes to the Policy must be approved by the key stakeholders.