General Statement of Betfinal’s Duties and Scope:

Betfinal is required to collect, safe and processes relevant personal data regarding it´s web-based services and will take all reasonable steps to do so in accordance with this Policy.

Data Protection Controller

Betfinal has appointed the Head of customer operations as the Data Protection Controller (DPC) who will endeavour to ensure that all personal data is processed in compliance with this Policy and the Principles of the Data Protection Act 1998. The Freedom of Information Act 2000 and the Protection of Freedoms Act 2012 are also relevant to parts of this policy.
Betfinal recognizes and complies with The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) adopted 27 April 2016.

The Principles

Betfinal shall so far as is reasonably practicable comply with the Data Protection Principles (the Principles) contained in the Data Protection Act to ensure all data is:

  • Fairly and lawfully processed
  • Processed for a lawful purpose
  • Adequate, relevant and not excessive
  • Accurate and up to date
  • Not kept for longer than necessary
  • Processed in accordance with the data subject’s rights
  • Secure
  • Not transferred to other countries without adequate protection

Lawful purpose for processing

Legitimate Interest:

In case we have a business or a commercial reason to process your Personal Data this is referred to as a legitimate interest. Your Personal Data is still protected and we must not process it in a way that would not be fair towards your interests.

If we do use legitimate interests as a reason to process your Personal Data we will tell you that we are doing so, what our legitimate interests are and provide you with a method to raise any questions or objections you may have. However, compelling grounds for processing such information may override your right to object.

Definitions

  • Betfinal is incorporated by:
  •  
    Final Enterprises N.V.
    Dr. M.J.
    Hugenholtzweg z/n,
    Curaçao.

  • Data Subject: An individual who is the subject of the personal data.

Personal Data

Personal data covers data that identifies an individual, his address and contact details. Furthermore it includes information necessary for the use of our services.

Collection and Processing of Data

Personal data is not processed in states outside the area of application of the European data protection directive (95/46/EG). In ordert o take full advantage of our services a user must register as a member. Betfinal will then collect further personal data from the user, store this in the long term and process and use it in connection with our services to the user. In order to be able to provide the contractual services, we will regularly require the users name, date of birth, address and contact data. We collect this data in order to clearly identify the user, to comply with minor protection directives and to communicate with the user and we only use it where this is necessary in order to provide the service. If the user makes use of paid services then we will collect data that is necessary for their use, depending on the payment and payout options chosen. For example bank account and credit card data. Betfinal processes some personal data for direct marketing. Data subjects have the right to request an opt-out for these activities, which must be respected. Betfinal saves access data in a log file on the server in our computer centre every time a guest visits our website. For each server request these comprise the client IP address, the URL, the time stamp, the browser version, the operating system version and possibly also the referrer. The data is used in order to determine faults in our system and the misuse of our product.

Application of Cookies

Betfinal uses “cookies”, i.e. small text files, that are filed on a users computer and that the users internet browser stores. They can also be used to recall certain information in order to expedite navigation on a website. We use Cookies for making our online offers user-friendly, effective and safe. The storing of Cookies can be prevented on computers through adjusting the settings of the Internet browser. However, by doing so, the functional range of our offers may be limited.

Rights of Access to Information

Data subjects have the right of access to information held by Betfinal, subject to the provisions of the Data Protection Act 1998 and the Freedom of Information Act 2000. Any data subject wishing to access their personal data should put their request in writing to the DPC at helpdesk@betfinal.com. Betfinal will endeavour to respond to any such written requests as soon as is reasonably practicable and in any event, within 40 days for access to records and 21 days to provide a reply to an access to information request. The information will be imparted to the data subject as soon as is reasonably possible after it has come to Betfinals attention and in compliance with the relevant Acts.

Exemptions

Certain data is exempted from the provisions of the Data Protection Act which includes the following:

  • Prevention or detection of crime
  • Where the processing is necessary to exercise a right or obligation conferred or imposed by law or the regulating entities upon Betfinal, including prevention of terrorism funding and Money Laundering.

The above are examples only of some of the exemptions under the Act. Any further information on exemptions should be sought from the DPC.

Accuracy

Betfinal will endeavour to ensure that all personal data held in relation to all data subjects is accurate. Data subjects must notify the data processor of any changes to information held about them. Data subjects have the right in some circumstances to request that inaccurate information about them is erased. This does not apply in all cases, for example, where records of mistakes or corrections are kept, or records which must be kept in the interests of all parties to which they apply.

Enforcement

If an individual believes that Betfinal has not complied with this Policy or acted otherwise than in accordance with the Data Protection Act, Betfinals DPC shall be notified immediately.

Data Security

Betfinal will take appropriate technical and organisational steps to ensure the security of personal data.
All employees will be made aware of this policy and their duties under the Act.
Betfinal and therefore all employees are required to respect the personal data and privacy of others and must ensure that appropriate protection and security measures are taken against unlawful or unauthorized processing of personal data.
An appropriate level of data security must be deployed for the type of data and the data processing being performed. In most cases, personal data must be stored in appropriate systems and be encrypted when transferred. Other personal data may be for publication or limited publication on our website, therefore having a lower requirement for data security.

External Processors

Betfinal is entitled to transfer the customers settlement data to a third party entrusted with collection or processing of payments. Otherwise the transfer of data is only carried out strictly within the framework of the legal foundation.

Secure Deletion

When data held in accordance with this policy is erased, it must be deleted securely in accordance with best practice at the time of deletion.

Retention of Data

Betfinal may retain data for differing periods of time for different purposes as required by statute or best practices, individual departments incorporate these retention times into the processes and manuals. Other statutory obligations, legal processes and enquiries may also necessitate the retention of certain data.

Betfinal may store some data such as full name, date of birth and email address indefinitely in its database.

Where a data subject can be identified, images must be processed as personal data.

Author: Head of customer operations
Date: March 2018
Review: March 2019