PRIVACY POLICY
VERSION 1.0, DATED 10/12/2024
1. Who are We?
Any references in this Privacy Policy to “Frenwall Limited” the “Company”, “We”, “Us”, “Data Controller”, or “Our” refers to Frenwall Limited, a company having registration number HE447452 and registered at Stasikratous 32, 3rd Floor, Flat/Office 301, P.C.1065, Nicosia, Cyprus being the Data Controller of Personal Data. Any references to “You”, “Your”, “Data Subject”, or “User” means any person who uses Our “Service(s)” provided on wizzspin.com, “Website”.
For the purposes of this Privacy Policy, 'Personal Data” refers to any information related to the Data Subject that can be used to directly or indirectly identify them.
In this Privacy Policy, We describe how We handle Your Personal Data. Any Personal Data You provide Us through Your use of this Website or the operation of Your account is kept strictly confidential by Us.
You can contact Us via Live Chat or by emailing [email protected]. We have appointed a Data Protection Officer, whom You may contact for any queries about this Privacy Policy or how We handle Your data by emailing [email protected].
When processing Personal Data, we follow the obligations stipulated in Regulation (EU) 2016/679 of the European Parliament and of the Council, referred to as “GDPR”.
2. Why do We collect and process Personal Data?
To provide You with Services and register an account on Wizz Spin Casino, We need to collect Your Personal Data. The provision of the Service by Us includes creating, operating, and managing Your account and allowing You to play games and perform relevant activities related to games. The legal basis for processing of Personal Data is GDPR article 6(1)(f), the legitimate interest of the Data Controller being to provide the Service to You.
The Personal Data that We collect from You when registering and operating Your account on Wizz Spin Casino is to comply with Our legal, licensing and regulatory requirements and obligations, including data protection obligations and those for the operation of Our license issued by the Estonians Tax and Customs Board and under its regulations and guidelines. And to meet Our obligations related to all other relevant competent authorities, when required to do so, to assist in any law enforcement investigation relating to fraud, money laundering, and/or terrorist financing, amongst others. We may terminate the relationship with You in case You fail to provide Us with the necessary Personal Data upon Our request. The legal basis for the processing of Personal Data in this case is GDPR article 6(1)(c).
Apart from having a legal obligation to collect Your Personal Data, We also have a legitimate interest in protecting Wizz Spin Casino from being misused for fraudulent and/or illegal activities. These include but are not limited to promotional abuse, fraudulent activities, money laundering and/or terrorist financing, and online security risks. We collect Personal Data to carry out identification and verification checks on You. We collect Personal Data to create User profiles for Anti-Money Laundering Risk Assessment purposes. To prevent Our Website's illegal use, We need to carry out profiling of Our Users and their activities using automated processes. However, any decisions taken based on these profiles are taken by natural persons. The legal basis for processing Personal Data is GDPR article 6(1)(f), the legitimate interest of the Data Controller being the ensuring the security, accessibility, and availability of Our Website's Service to You.
Sometimes, We may send You marketing communications, but only if You have consented to this, either during the registration process or by changing Your settings from Your account profile. These marketing communications will help You stay updated with the latest news about new games, products, bonuses, offers, and other related promotions. You have the right to change Your marketing preferences and withdraw Your consent at any time and at no cost by changing these settings from Your account profile, unsubscribing directly from the marketing communication, or contacting Our Customer Support Team on Live Chat or by emailing [email protected]. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. The legal basis for processing Personal Data is GDPR article 6(1)(a) or GDPR article 6(1)(f), the legitimate interest of the Data Controller to promote its sales activities.
We also collect your Personal Data regarding financial accounts’ information and aspects of Your financial transactions through the use of Your account on the Website. We collect Personal Data so You can place Your bets online, and so we can process online payments. The legal basis for the processing of Personal Data is GDPR article 6(1)(b).
In order to resolve issues related to the provision of goods and services by providing customer support, We collect Personal Data such as Live Chats and email correspondence with Our Customer Support Team. The legal basis for processing Personal Data is GDPR article 6(1)(f), the legitimate interest being the Data Controller’s legitimate interest to respond to Data Subject’s requests.
In order to be aware of and act accordingly regarding Your ability to participate in gambling, we may process special categories of Personal Data. This would be a situation where You inform Us that You have a gambling addiction. The legal basis for the processing of Personal Data is GDPR article 9(2)(e).
3. What categories of personal data do We collect?
The categories of Personal Data that We collect from You and process are as follows:
Personal identification and communication details are provided to Us when You complete the registration process to register for a Wizz Spin Casino account. This includes collecting Your details such as Your full name, date of birth, residential address, and communication details, including Your email address and phone number.
Your Personal Data may also be collected through other means like documentation or data You provide Us upon Our request. Documents are provided for identity, age, and address verification and payment verification purposes. However, We may request other documentation from You as part of Our legal and regulatory obligations and to maintain Your account with Us.
We record Your logins and visits to this Website, such as through geolocation information, traffic data, and weblogs, amongst other information. Moreover, all Live Chats and email correspondence held with Our Customer Support Team are recorded and maintained for security and training/educational purposes.
Although We do not regularly collect special categories of data, We may receive such data from You. For instance, if You inform Us that You have a gambling problem, We would treat such information as equivalent to a special category of Personal Data, i.e. health information.
4. Collection of information from Cookies
We use Cookies to collect information transferred to Your device (computer, mobile, tablet) by Your internet browser. Such Cookies help us to improve Our Website and to provide You with a superior experience. We obtain Your consent for those Cookies which are non-essential for the successful operation of the Website. However, for those Cookies which are essential for the Website to operate successfully, We are not obliged to seek Your prior consent.
For further information on Cookies, please read Our Cookies page or contact Us at [email protected].
5. Where do We keep Your Personal Data?
We ensure to take all the necessary security and standard precautions to keep Your Personal Data safe. Our servers are physically located within the European Union, and they may only be accessed online through encrypted connections by authorized persons. In following best security practices and standards, We only use third-party providers that follow and ensure an adequate security level similar to Ours.
We may also store Your Personal Data within our Group of companies. Because this may be located outside the EEA, We will still ensure adequate security measures are in place and that Your Personal Data is always protected. For instance, by having in place Standard Contractual Clauses as per the European Commission.
6. Who do We share Your Personal Data with?
Your personal data may also be exchanged with certain third-party providers to be able to carry out the following processes and provide Our Service to You:
- Payment processing
- Marketing, where Your consent was obtained
- Anti-Fraud, Anti-Money Laundering and/or Combatting Terrorist Financing checks
- Other Data Controllers
- Joint Controllers
- Data Processors.
A list of our third-party providers will be provided to You upon request.
Please note that We may be required to disclose Your personal details to such third-party service providers to satisfy Our regulatory obligations and legitimate interests.
Anti-fraud, anti-money laundering, and combatting terrorist financing checks are used to verify Your personal details. This is done via electronic means by matching Your details against third-party databases to assess whether:
- You may be a Politically Exposed Person (PEP) or a close associate of a PEP.
- You are subject to Financial Sanctions.
- Your personal details are close to or match people with adverse media results.
Where such information is requested by Our payment providers for fraud inquiries, We will provide such personal data on the basis that the request for information is to either protect Your rights or for a legitimate interest to protect Us against fraud.
We ensure that data transfers with any third-party service providers are covered with appropriate contracts and safeguards that are put in place between the Data Controller (Us) and the Data Processor (the third party) following the General Data Protection Regulation (GDPR). These contracts will include references to confidentiality, strict processing rules, security safeguards, breach notification requirements, and provision of assistance to Us so that Your rights are satisfactorily exercised.
In case of a change in the Data Controller, We will attempt to inform You about this and the new Data Controller's identity either by contacting You directly or by placing notices on this Website or using other communication methods.
We are also obliged to disclose Your personal data to the relevant regulatory authorities to satisfy Our legal obligations. These include, but are not limited to the:
- Estonian Tax and Customs Board
- Other relevant law enforcement entities
In disclosing to the relevant authorities, We are obliged to provide all personal details and documents, the payment and betting transaction history, the communication history, and any other information We hold about You. All personal data and records, including the documents, are transferred to the relevant authority through secure means, as may be prescribed by such authorities that are beyond our control.
In cases where We would need to supply Your personal data to third-party providers, such as for marketing purposes, We will provide You with a specific opt-in possibility where Your active consent is required to transfer your data to such third-party providers. Such marketing partners are limited to only receiving Your contact details, for instance, Your email address and/or mobile phone number, that is only when You consent to receive marketing communications. In case You choose to withdraw Your consent for marketing purposes, which You may do at any time. Then We will inform the relevant marketing partner to stop sending You marketing communications upon receiving your request.
7. Data transfers to third countries
When We share Your Personal Data with third-party providers that are located outside of the European Economic Area (EEA), We will always ensure to have in place a similar degree of protection to transfer Your Personal Data. We only transfer to countries deemed to hold a sufficient level of data protection measures in place as per the European Commission and/or putting in place Standard Contractual Clauses in line with the European Commission.
8. For how long do We keep Your data?
We are obliged to retain some elements of Your Personal Data after Your account termination for a maximum period of up to 10 years to meet Our legal obligations regarding Anti-Money Laundering and Combatting Terrorist Financing laws and regulations.
Particularly as follows:
- For up to one (1) year from Your last account activity: Details of Your logins and visits to the Website, traffic data, weblogs, and communications to and from our Customer Support Team
- For up to five (5) years from Your last account activity: Personal identification details and documents, Your communication details, contact information through the Website, whether by email, Live Chat, or other media
- For up to ten (10) years from Your last account activity: Financial accounts information and game transactions
We will also keep Your Personal Data for more extended periods if required to do so by the relevant authorities. This is especially true in litigation or a legal process that You, the relevant authorities, or Us may be a party to due to Our Service provision to You.
All Your Personal Data, details, information, and documentation are stored securely according to this Privacy Policy.
9. Your Rights
You have the right to:
- request access Your Personal Data and information that We hold on You;
- request rectification of Your Personal Data that You consider not to be correct;
- request for restriction of processing of Your Personal Data;
- request erasure of Your Personal Data;
- file an objection about the processing of Your Personal Data;
- request to export Your Personal Data and information; and
- request to be informed about any automated individual decision-making that We have in place, including risk profiling; and
- object at all times to the processing of Your Personal Data and information, and to withdraw Your consent.
Your rights may only be exercised in accordance with the law. This might include restrictions on when You can exercise such rights listed above due to laws that supersede the GDPR. You can exercise these rights by contacting Us at [email protected].
You also have the right to file a complaint with the Office of the Information and Commissioner for Personal Data Protection in Cyprus by visiting their Website here. You may also decide to file a complaint with Your local Data Protection Authority. You will find their contact details by visiting this Website here.
10. Changes to this Privacy Policy
This Privacy Policy is subject to changes from time to time. Any changes We may make in the future will be published on this page on Our Website. The changes will be effective from the date of publishing. You can request the previous versions of the Privacy Policy by emailing Us at [email protected].