FITZWILLIAM STREET LOWER,
DUBLIN 2. Ireland
ZIP Code: D02XT91
Please confirm if you consent to:
The use by BRC IT Lab of cookies for statistical purposes through analysis of aggregate data on traffic and manner of use of our websites.
1. WHO WE ARE AND HOW YOU CAN CONTACT US
We are BRC IT Lab LP registered in Republic of Ireland. Registration no: LP2547.
Registered Office: OFFICE 29, CLIFTON HOUSE, FITZWILLIAM STREET LOWER, DUBLIN 2,
IRELAND ZIP Code: D02XT91
2. PERSONAL INFORMATION WE COLLECT
We will comply with applicable data protection laws (including, the General Data Protection Regulation (EU) 2016/679, in the UK, the Data Protection Act 2018) in respect of the personal information you supply to us.
2.1. Personal Data
Personal Data means any information that identifies You as an individual or that relates to an identifiable individual.
Whenever it is not possible or feasible for Us to make use of anonymous and/or anonymised data (in a manner that does not identify any Users of the Site or customers of Our services), We are nevertheless committed to protecting Your privacy and the security of Your Personal Data at all times.
2.2. Data obtained from You
We collect from You, through interaction with You or through Your interaction with Us or our Services different kinds of personal data about you which we have grouped together follows:
a) Registration Data provided by you when you register and/or open Your Account including first name, last name, username or similar identifier, date of birth, gender, country.
b) Contact Data includes permanent address, email address and telephone numbers.
c) Identification and Verification Data (Anti-Money Laundering/Due Diligence/KYC data) that include your name, surname, permanent address and proof, age, nationality, KYC documentation (e.g. ID card, Passport).
d) Responsible Gambling Data (RG) including name, surname, Zip Code, email, phone number, country, date of birth, Identification and Verification Data.
e) Payments Data includes bank/payment account details, as well as information pertaining to a transaction such as currency, location, amount/value, client IP, user ID, token.
f) Log in Data includes internet protocol (IP) address, your logins (first log in last login, last failed login), duration of log ins, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Services.
g) Profile Data includes internal notes to your account, interests, preferences, feedback; Any bonus/cash back deals, or bonus preference you have been offered or benefitted from; Whether you have received any giveaways or, and your preferences regarding what type of gifts you would like to receive; Your preferences as to contact channels; information regarding your hobbies and interests;
i) Marketing Communications Data includes your preferences in receiving marketing from us (opt in/opt out), as well as your Contact and Registration Data.
j) Other Communication Data provided by you in communication with Us (via recorded calls, chats, email, or SMS) which may include various data such as your intentions, interests, complaints, preferences, as well as internal communication and notes.
k) Analytics data include various data provided by your observed with respect to your use of our Website and Services such as your player ID, language, location, browser data, campaigns utilised, channels used, device, payment provider, Transaction and Usage data and in case of online acquisition analytics also pages visited, postcards clicked, scroll depth. Certain information is collected using cookies and/or similar tracking technology – please see section “Cookies”.
2.3. Data from different sources
2.3.1. We collect information for AML/CFT purposes on the background of the player, which we source from third party providers (private companies working mostly with public sources), which includes information whether player is politically exposed person and whether any international and/or financial sanctions have been imposed and/or information on any corporate or property ownership, court judgements and/or insolvency and with respect to players also taxation information for the purpose of establishment of the source of funds and source of wealth during the AML risk monitoring and due diligence process. As for today we use CallValidate (TransUnion) service as outsource company. Please read and understand CallValidate (TransUnion) relevant privacy notice https://www.callcredit.co.uk/legal-information/bureau-privacy-notice.
2.3.2. Profile data (hobbies, interests) are also gathered by search of publicly available sources such as Facebook, LinkedIn, Twitter and Instagram, Google search.
2.3.3. In order to prevent and detect fraud and misuse of our systems (e.g. use of VPN), certain Log In Data, such as; IP address, device model/type, browser information, operating system and other device identification data are sourced and processed by Us utilizing a services of third-party fraud detection software provider.
2.4. Special Categories of Personal Data
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. However, from our experience, we may not exclude that You, at your own discretion, send us such data in communication with Us.
Please note that although ID cards are processed, images contained therein are not specifically technically processed to allow or confirm unique identification. Therefore, such data is not to be considered biometric data (special category of data).
2.5. If You Fail To Provide Personal Data
Where we need to collect personal data under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with Our Services).
Please make sure that your username does not contain any personally identifiable information. Please contact us if your user name contains your personally identifiable data, so we can make proper arrangements to protect your data and guide you as to how to change the username.
HOW DO WE USE YOUR PERSONAL INFORMATION?
3.1. We will only use your personal data when the law allows us to.
Most commonly, we will use your personal data in the following circumstances:
3.2. Detailed purposes and legal basis
We have set out below, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. Please Contact us if you need details about the specific legal ground we are relying on to process your personal data.
3.3. Direct Marketing Of Own Similar Goods And Services
3.3.1. Direct Marketing of Own Similar Products and Services via electronic mail: In accordance with applicable laws and in reliance on Regulation 9(2) of the Processing of Personal Data (Electronic Communication sector) Regulations (S.L. 586.01) and Recital 47 of the GDPR, BRC IT LAB may be informing You, from time to time, via electronic mail (email or SMS) about its own similar products or services (for example any changes on the Website, new products, own new services and promotions, bonuses and offers, loyalty program/VIP experience). You may opt out at any time and free of charge of such service, as applicable, either by:
3.3.2. We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
3.3.3. Please note that even if You object to receiving direct marketing material from time to time We may still need to send You certain important communications from which You cannot opt-out.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below. You can contact us +353 1960 9697 or by e-mail email@example.com
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of EU.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
The Site is not intended for individuals under the age of 18.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e-mail at firstname.lastname@example.org
Last update 21/01/2020
ANTI-MONEY LAUNDERING POLICY AND PROCEDURES
These are the Anti-Money Laundering (ALM) Policy and Procedures adopted by “BRC IT LAB LP” (The Company) in compliance with Criminal Justice Money Laundering and Terrorist Financing Act 2010, as amended by Part 2 of the Criminal Justice Act 2013 (“the Act”), that transposes the EU’s Fourth Money Laundering Directive (2015/849).
The purpose of this policy is to set the high-level principles and standards of management of financial crime risks, including money laundering, and terrorist financing, for the Company.
The Company will actively prevent and take measures to guard against being used as a medium for money laundering activities and terrorism financing activities and any other activity that facilitates money laundering or the funding of terrorist or criminal activities.
To these ends:
For the purpose of this Policy, the act of Money Laundering shall have the same meaning as provided in Article 1(3) of the EU AMLD, which provides that it, when committed intentionally, encompasses:
Money laundering shall be regarded as such even where the activities which generated the property to be laundered were carried out in the territory of another Member State or in that of a third country.”
For the purpose of this Policy, the act of Terrorist Financing shall have the same meaning as provided in Article 1(5) of the EU AMLD, which provides that it encompasses; “the provision or collection of funds, by any means, directly or indirectly, with the intention that they be used or in the knowledge that they are to be used, in full or in part, in order to carry out any of the offences within the meaning of Articles 1 to 4 of Council Framework Decision 2002/475/JHA”.
For the purpose of this Policy the act of Terrorist financing refers to the provision or collection of funds, by any means, directly or indirectly, with the intention that they be used or in the knowledge that they are to be used, in full or in part, in order to carry out an act of terror, or that the funds will be used to support any terrorist group, persons or association.
CUSTOMER DUE DILIGENCE
The Company has established a Know-Your-Client (KYC) policy to ensure that the identities of all new and existing clients are verified to a reasonable level of certainty. This will include all individual clients. Identities will be verified either by email address confirmation or recognized by online identity verification agencies (such as Jumio®). These commercial agencies must have processes that allow the enquirer to capture and store the information they use to check and verify an identity.
The following documentation may be presented by the individual:
If the Company fails to verify the identity of a client with reasonable certainty it will not establish a business relationship or proceed with the transaction. If a potential or existing client either refuses to provide the information described above when requested, or appears to have intentionally provided misleading information, the business shall refuse to commence a business relationship or proceed with the transaction requested.
RISK ASSESSMENT AND ONGOING MONITORING
The Company shall take a risk-based approach in monitoring the financial activities of its clients. This will be carried out whilst preparing the accounts, or conducting any other business with the client.
The Company will actively not accept high-risk clients that are identified as follows:
Whenever there is cause for suspicion, the client will be asked to identify and verify the source or destination of the transactions, whether they be individuals or company beneficial owners.
No action need to be taken if there is no cause for suspicion.
SUSPICIOUS ACTIVITY REPORTING
A Suspicious Activity Report (SAR) will be made to the Competent authorities as soon as the knowledge or suspicion that criminal proceeds exist arises.
Records of all identity checks will be maintained for up to 2 years after the termination of the business relationship or 2 years from the date when the payment has been completed.
Copies of any SAR, together with any supporting documentation filed will be maintained for 5 years from the date of tiling the SAR.
All records will be handled in confidence, stored securely, and will be capable of being retrieved without undue delay.
All affected employees are trained on their responsibilities in relation to money laundering legislation, and are aware of how to identify and deal with transactions that may involve money laundering.
The training and awareness programme is reflected in its usage by:
This Policy must be reviewed by the Comapny at least annually. Any changes to the Policy must be approved by the key stakeholders.