MYCASINO’S PRIVACY POLICY
Valid from 1 September 2023
Your trust is important to us!
You’re playing it safe by gaming on mycasino. We respect your privacy and our top priority is to protect your data.
This privacy policy outlines what data we collect, why we collect it and how we further process it. Personal data is all information relating to an identified or identifiable natural person (such as your surname, first name, address, email, date of birth or phone number). Processing encompasses all handling of personal data (such as storage, transfer, procurement, deletion or retention).
The privacy policy forms a binding part of mycasino’s General Terms and Conditions. By using the gaming platform and by opening and logging into a player account, you accept this privacy policy. Please therefore read the privacy policy carefully.
If you provide us with personal data relating to other people (such as family members), please ensure that those people are aware of this privacy policy and only provide us with their personal data if you are permitted to do so and if the personal data is accurate.
By accessing this website and its pages, you agree to the following provisions. If you do not agree to these provisions, please refrain from accessing the website.
1. GENERAL INFORMATION
Grand Casino Luzern AG (hereinafter referred to as "GCL" or "the Organiser") has set itself the goal of providing the users (hereinafter referred to as "the Player") with a safe and socially acceptable, personalised online gaming experience. To be able to offer the range of games on the mycasino.ch website (hereinafter referred to as the "gaming platform") and the associated services, the Organiser must process the Player’s personal data. The Organiser protects the Player’s privacy and undertakes to protect their personal data.
The privacy policy applies to the gaming platform, the full range of games on offer and the associated services. Subject to the provisions set forth below and to a certain extent, the Organiser offers the Player the opportunity to control how the Organiser collects, uses and disseminates personal data in accordance with this privacy policy, the cookie policy and the settings available in the player account.
The Organiser complies with Swiss legislation, particularly the applicable laws and regulations concerning data protection, and especially the Swiss Federal Act on Data Protection (FADP). The Organiser is also certified by the "GoodPriv@cy®" and "ISO/IEC 27001 Information Security Management System" labels.
2. DATA CONTROLLER
Grand Casino Luzern AG is responsible for collecting and processing personal data. Grand Casino Luzern AG’s Data Protection Officer is also available to the Player as a contact for matters related to data protection.
Grand Casino Luzern AG
(Commercial register no. CHE-108.361.212)
Haldenstrasse 6
6006 Lucerne
Switzerland
Email: info@grandcasinoluzern.ch
Tel.: +41 (0)41 418 56 56
Data Protection Officer
Grand Casino Luzern AG
Haldenstrasse 6
6006 Lucerne
Switzerland
Email: datenschutz@grandcasinoluzern.ch
Tel.: +41 (0)41 418 56 56
3. LEGAL BASES FOR DATA PROCESSING AND DATA TRANSFER
As a licensed Swiss casino, the Organiser is particularly subject to the following Swiss laws and ordinances concerning gaming that require the casino to collect and process personal data:
Federal Act on Gambling (Gambling Act, GamblA)
Ordinance on Gambling (Gambling Ordinance, GamblO)
FDJP Ordinance on Casinos (FDJP Casinos Ordinance, CO-FDJP)
Federal Act on Combating Money Laundering and the Financing of Terrorism (Anti-Money Laundering Act, AMLA)
Ordinance of the Federal Gaming Board on the Diligence of Casinos in Combating Money Laundering (FGB’s Anti-Money Laundering Ordinance, AMLO-FGG)
To fulfil its legal obligations, and particularly to protect the Player from excessive gaming and to combat crime and money laundering, the Organiser processes the following data and may disclose the same to the supervisory authority:
Data collected during the Player’s online registration.
Data about the Player’s gaming behaviour and financial transactions.
Data about the Player’s personal, professional and financial situations.
Data about the Player’s suspension.
Player data is transferred in pseudonymised form to a data recording system located in Switzerland, which provides the Player data for the supervisory authority. See Para. 5 for the data retention duration.
If we ask for your consent to certain types of processing, we will provide you with separate information about the purposes of that processing. If you have consented to the processing of personal data for specific purposes, we will process your personal data within the scope and on the basis of that consent, unless we have another legal basis and we require such a basis. You can withdraw consent at any time with future effect by sending us a notification in writing (by post) or, unless indicated or agreed otherwise, by email; you will find our contact details in Para. 2 of this privacy policy.
To withdraw your consent to online tracking under this privacy policy, if you have a user account, you may be able to withdraw your consent or contact us via the website or other service if applicable. As soon as we receive your notification indicating the withdrawal of your consent, we will discontinue using your data for the purposes to which you originally consented, unless we have another legal basis. When you withdraw your consent, this does not affect the lawfulness of the processing carried out prior to the withdrawal of your consent.
4. COLLECTION AND PROCESSING OF PERSONAL DATA
4.1. Data that the Player provides to the Organiser
The Organiser collects personal data that the Player provides to the Organiser in connection with the player account. To be able to use the range of games on offer, the Player must have a player account on the gaming platform.
When opening a player account, the Player must provide personal information about themselves (first name, surname, date of birth, sex and nationality) and their residential address (street, postcode, town/city, country).
In the context of converting their account from a temporary player account to a final one, the Player will be asked to provide a copy of an official identification document (passport, identity card, driver’s licence) and proof of residence (e.g. bank/postal account statement or electricity, water, landline bill) to verify the personal details and residential address provided.
The Organiser collects the personal data that the Player provides to the Organiser for administration of the gaming platform, including the processing of payment transactions.
The Player will also provide the Organiser with data if they contact the Organiser, take part in the Organiser’s activities or otherwise transfer data to the Organiser.
The Organiser is entitled to demand salary statements, proof of assets or tax documents from the Player in order to fulfil the legal obligations to combat money laundering and the financing of terrorism or to be able to implement early detection measures to identify a possible gaming addiction.
4.2. Data that the Organiser collects from other sources
In addition to the data that the Player provides to the Organiser, the Organiser may collect and/or update personal data from third parties (e.g. public registers, credit agencies, subcontractors).
The data that the Organiser collects through third parties includes:
Identification details such as the first name, surname, date of birth and residential address details to ensure that the information provided by the Player is correct.
Data from game providers indicating whether the Player has committed fraud or otherwise breached the General Terms and Conditions, bonus regulations, game rules or applicable laws in the past. The Organiser also collects data on the Player’s playing behaviour, including segmented data, and profile data.
Data that the Organiser must check by law, e.g. to determine whether the Player is a politically exposed person in the context of the Federal Act on Combating Money Laundering and the Financing of Terrorism.
Data to prevent fraud, other criminal offences and improper conduct against the Organiser and/or other players. This includes checking devices connected to the internet to assess the risk of fraud and to determine whether fraudulent behaviour has occurred in the past.
4.3. Data that the Player generates through using the gaming platform
The Organiser collects data resulting from the use of the range of games on offer, including transactions to and from the player account. This means that the Organiser stores and processes data about how the Player uses the gaming platform. This information includes, for example, games that the Player plays, the services used, the promotions used, the events attended, the payment transactions made from/to external payment providers and correspondence between the Player and the Organiser.
5. PURPOSE OF PERSONAL DATA PROCESSING
5.1. Purpose: player account registration
Processing is necessary so that the Player can open a player account with the Organiser. The full range of games on offer requires the Player to register for a player account on the gaming platform.
Legal basis:
Player account – If you want to have access to an online range of gaming entertainment, you need to create a player account with the Organiser (Art. 47 GamblO).
5.2. Purpose: identity/address verification
To ensure that the Player exists and is a resident of or has their habitual abode in Switzerland, the Player’s details are checked with credit agencies when the player account is opened and a copy of an official identification document or an electricity, water or landline bill in the Player’s name is requested from the Player.
Legal basis:
Fulfilment of legal obligations – Personal data needs to be collected and processed to enable the Organiser to fulfil its legal verification obligations (Art. 47 et seq. GamblO).
5.3. Purpose: management of the range of games on offer and the Player’s data
Processing is necessary to provide the range of games on offer, including the transfer of funds between the player account, accounts held with external payment providers and the Organiser’s bank accounts, to manage customer funds and to manage the Player’s data. Data processing is also necessary to maintain the customer relationship between the Player and the Organiser.
Legal basis:
Compliance with legal due diligence obligations – Processing is necessary to fulfil one or more of the Organiser’s legal obligations (Arts. 3 and 13 AMLO-FGG).
5.4. Purpose: provision of an individual and personalised range of games
Processing is necessary to provide the Player with personalised content on the gaming platform, as well as specific offers and similar promotions.
5.5 Purpose: delivery and provision of good-quality customer service
The Organiser offers customer services by chat, email and phone. The Organiser uses the information that the Player provides to resolve problems and to investigate and respond to complaints concerning the gaming platform. The Organiser also records conversations with customers in accordance with the statutory regulations. Customers are given prior notice of the recording and can terminate the conversation at any time.
Legal basis:
In the event that a person who is not a customer contacts the Organiser’s customer service, processing is based on legitimate interests. Processing is necessary to protect the Organiser’s interests and the Player’s interests with regard to clarifying the matter.
5.6. Purpose: prevention of misuse of the gaming platform, plus prevention and investigation of violations against the Organiser and/or the Player
Processing is necessary to prevent and investigate fraud or other criminal offences. Processing is also necessary to prevent and investigate a) attempts to illegally log into player accounts, or b) other actions that are prohibited by law or the agreement between the Player and the Organiser and by the Organiser’s or the game provider’s game rules. Processing is also necessary to provide a safe gaming experience, to improve and further develop the Organiser’s IT environment and to protect the Player and their player account from attacks and intrusion.
Legal basis:
In cases where processing is not necessary to fulfil the agreement between the Player and the Organiser, such processing is based on a legitimate interest in protecting the gaming platform from misuse and violations against the Organiser or the Player.
5.7. Purpose: responsible gaming
Protecting the Player from gaming addiction and from making bets that are disproportionate to their income and assets.
Compliance with legal and regulatory requirements.
Offering functions and services that help the Player to control their gaming behaviour.
The Organiser processes personal data if the Player uses the following features and offers: Functions and services provided by the Organiser to allow the Player to make informed decisions about their gaming behaviour, such as deposit limits, temporary withdrawal from gaming or reminders regarding their own gaming activity. Questionnaires and/or self-tests and financial documents may be requested by the Organiser to obtain the necessary information to comply with legal obligations. The Organiser also processes data resulting from the use of the range of games on offer, including profiling of gaming behaviour, to identify, combat and prevent problematic gaming and to comply with legal obligations. The Organiser also processes personal data to ensure that the Player is not registered in a suspended persons register (veto register) and to respond to requests if the Player wishes to be excluded from the gaming platform. The Organiser is legally obligated to suspend a Player if it is suspected that the Player in question is insolvent, does not meet their financial obligations or takes risks by making bets that are disproportionate to their income and assets. The Organiser processes anonymised data to evaluate the effectiveness of the measures taken and to conduct research in the field of preventing addiction.
Legal basis:
Processing is necessary to fulfil one or more of the Organiser’s legal obligations (Arts. 76 to 81 GamblA and Arts. 87 to 91 GamblO). In cases where there is no legal obligation, the processing is done to protect the Player and is based on the Organiser’s legitimate interest in responsible gaming.
5.8. Purpose: management of events and other occasions, promotions, competitions and tournaments, including travel and award ceremonies
The Player has the opportunity to take part in promotions, competitions, tournaments and events organised by the Organiser. For the Player and any accompanying person to take part in these activities, their personal data needs to be processed to manage participation.
5.9. Purpose: marketing of the range of games on offer
The Organiser processes personal data to advertise its products, services and promotions as well as events. The Organiser also processes personal data through what is known as "profiling" to propose tailor-made offers and marketing measures to the Player. The Player may waive their right to receive personalised offers generated through the creation of profiles by changing their personalised marketing settings in their player account at any time. In the player account, the Player can also choose what communication channels they want to use to receive personalised offers.
Legal basis:
Legitimate interest – Processing is based on a legitimate interest in marketing the range of games on offer, including various events organised or sponsored by the Organiser.
5.10. Purpose: communication
The Organiser communicates with the Player through various communication channels such as email, mobile phone, gaming platform notifications, messages to their gaming platform inbox and other similar channels. Messages from the Organiser may contain information about the Organiser, about the availability and security of the gaming services, and also reminders and marketing announcements from the Organiser and its business partners. The Player can change their communication settings in their player account at any time. It must be noted that the Player may not unsubscribe from the Organiser’s service notifications containing customer information, safety notices and legal notices.
Legal basis:
Contract performance – Some notifications are necessary to enable the Organiser to meet its obligations under the agreement between the Player and the Organiser, such as the obligation to provide information on security and legal matters. Legitimate interest – Some notifications are based on a legitimate interest in being able to send information about the Organiser, its products and services, as well as its promotions.
5.11. Purpose: further development of the range of games on offer and conducting surveys as well as performing business analyses and statistical calculations
Processing is necessary to further develop and improve the range of games on offer and to make them user-friendly for the Player. Among other things, the Organiser analyses the usage behaviour of the range of games on offer to be able to take measures for improvement and development.
Legal basis:
Legitimate interest – Processing is based on a legitimate interest in improving and developing business activities, including the range of games on offer, and the interest in providing players with a user-friendly range of games.
5.12. Purpose: veto list (suspension)
If a Player would like to be suspended or has to be suspended for gaming, their personal data is added to a veto list. This list must also be consulted by other Swiss casinos and lotteries.
Legal basis:
Compliance with legal due diligence obligations – Processing is necessary to fulfil one or more of the Organiser’s legal obligations (Arts. 76 to 82 GamblA and Arts. 87 to 91 GamblO).
5.13. Purpose: fulfilment of the Organiser’s legal obligations in general
Processing is necessary to fulfil the Organiser’s obligations under law and the jurisdiction of courts and authorities. The Organiser is obligated to comply with the applicable laws, e.g. ensuring safe and transparent gaming operations, providing protection against gaming addiction, preventing crime and combating money laundering and the financing of terrorism.
Legal basis:
Compliance with legal obligations – Processing is necessary to fulfil one or more of the Organiser’s legal obligations.
5.14. Processing for other purposes
In principle, personal data is only processed for the purposes for which it was collected. However, personal data may also be processed for other purposes if they are compatible with the original purposes or if doing so is necessary for legal reasons.
6. DURATION OF DATA STORAGE
The Organiser does not store data for longer than is necessary for the stated purposes. In principle, the Organiser stores personal data for up to three years following termination of the customer relationship to comply with legal requirements and to support the Player if necessary and ensure business continuity if the Player returns to the Organiser. The data is then deleted or anonymised so that it can no longer be linked to the Player as a person. However, the Player may request that the Organiser anonymise their personal data earlier if the customer relationship is terminated and the Organiser does not need the personal data to comply with its legal obligations.
Depending on the purpose or the existing legal retention and documentation obligations, the Organiser may store personal data for less than three years following termination of the customer relationship. For example, the Organiser may store personal data if the Player has taken part in events, promotions, competitions or tournaments, including travel and award ceremonies, until such time that the same have been completed and the follow-up to the event in question has been completed.
The Organiser must also store some of the personal data for longer than three years following termination of the customer relationship to comply with legal, official and/or licensing conditions. For example, the Organiser is obligated to retain some of the personal data for an indefinite period of time if it relates to a voluntary or ordered suspension from gaming. A retention period of ten years following termination of the customer relationship applies to data relating to combating money laundering and the financing of terrorism (Art. 21 AMLO-FGG). This data includes:
List of all identified players
Copies of identification documents
Documentation relating to registered transactions
Players’ declarations of the beneficial owner
Documentation and notes relating to the results of specific clarifications
Documentation and notes relating to risk classification and to the results of the use of the risk characteristics
In such cases, the Organiser processes only those parts of the personal data that are required for these specific purposes.
The Organiser may also process personal data for more than three years following termination of the customer relationship if the personal data is involved in ongoing legal proceedings.
All documentation relating to reported money laundering is kept for five years following the reporting date and then immediately destroyed.
If customer conversations are recorded, the Organiser stores such recordings for 90 days.
In the event that the Player does not wish to receive information about the Organiser’s marketing activities or revokes their consent, the Organiser will stop processing personal data for this specific purpose.
7. AUTOMATED DECISIONS FOR INDIVIDUAL PLAYERS
We process your personal data in a partially automated manner in order to analyse certain personal aspects (profiling). We use analytics tools that enable us to tailor our communication and advertising to your needs.
We will notify you separately when if we use such processes in individual cases, insofar as it is required by law, and inform you of the associated rights.
To comply with the legal requirements, the Organiser checks some of the personal data and makes automated decisions on the basis of these checks. This also includes decisions concerning the Player’s right to use the games that the Organiser has on offer.
The Organiser applies other automated decisions regarding responsible gaming, which may include blocking players or transactions in the player account. The aim of these decisions is to prevent problematic gaming, identify gaming problems and draw the Player’s attention to their gaming behaviour.
The Organiser may also terminate a customer relationship or block a player account if a Player is inactive and it is likely that the Player in question will not use the range of games on offer.
8. DISCLOSURE AND TRANSFER OF PERSONAL DATA
8.1. Disclosure of personal data
The Organiser processes personal data in strict confidence and only discloses personal data in accordance with this privacy policy. The data will only be disclosed to persons who are entitled to process personal data and who have undertaken to maintain confidentiality or are subject to the corresponding legal confidentiality. Otherwise, the Organiser only discloses personal data to third parties if the Player has agreed to this.
The Organiser must disclose personal data if it is obligated to do so due to laws, requirements or the prompting of an authority (e.g. police, public prosecution department), which may also include disclosing the data in cases where the Organiser suspects that a criminal offence has been committed.
8.2. Data processors
To provide some of the range of games on offer, the Organiser works together with what are known as "data processors", i.e. companies that process personal data on behalf of the Organiser according to their instructions. The Organiser cooperates with the following data processors:
Games providers (in order to be able to offer a wide range of games).
IT companies that provide IT solutions for operation, technical support and customer service, as well as for maintaining the range of games on offer and other activities carried out by the Organiser.
Companies that offer payment solutions, such as banks, acquirers and other payment service providers, insofar as these companies do not act as independent data controllers.
Companies that provide services to combat and detect fraud, other criminal offences and/or other impermissible conduct.
Companies that engage in marketing, such as media and advertising agencies and affiliates.
Personal data will only be disclosed to data processors for purposes that are consistent with those for which the Organiser has collected personal data, e.g. to meet the Organiser’s contractual obligations.
The Organiser monitors and ensures that each data processor provides adequate safeguards with regard to the security, protection and confidentiality of personal data. The Organiser has concluded written agreements with all data processors that regulate the data processors’ obligations. These agreements obligate the data processors to, among other things, comply with the Organiser’s written instructions and the security requirements, restrictions and requirements applicable to personal data transfer.
8.3. Within the Organiser’s group of companies
For the purposes described in this privacy policy, personal data may be transferred to the Organiser’s parent company, affiliates and subsidiaries. Disclosure of personal data within the Organiser’s group of companies primarily serves to manage personal data and process various matters in connection with the range of games on offer.
8.4. Other companies (independent data controllers)
The Organiser discloses personal data to other companies that the Organiser cooperates with but which do not act as data processors. This means that these companies, being what are known as "independent data controllers", decide for themselves how personal data is processed. The Organiser discloses personal data to the following companies that are responsible for the personal data themselves:
Companies that offer payment solutions, such as banks, acquirers and other payment service providers.
Companies that offer booking services for travel, airlines, hotels, etc.
Companies that award prizes to players for taking part in an event/activity organised by the Organiser.
Certain game providers that deliver games to the gaming platform.
The Organiser transfers anonymised data to research institutes to contribute to research in the field of preventing gaming addiction.
In cases where personal data is disclosed to a company that processes personal data independently of the Organiser, the respective company’s privacy policies and regulations concerning the handling of personal data apply.
For further information about the companies that process personal data independently of the Organiser, the Player may contact the Organiser or the following authority: Independent data controllers.
8.5. Transfer of personal data
The Organiser places the highest value on data protection. The Organiser’s data protection management bears the internationally recognised GoodPriv@cy® certificate, which is awarded for the exemplary implementation of data protection. In line with the Organiser’s high quality standards, personal data is preferably processed within Switzerland, the European Union (EU) and the European Economic Area (EEA). A data centre for the Grand Casino Luzern AG in Switzerland and a data centre in the EU are primarily used to process personal data. In cases where it is necessary to transfer personal data outside of Switzerland or the EU/EEA, e.g. for the purpose of disclosing personal data to a data processor who, either themselves or through one of their subcontractors, stores personal data in a country outside of Switzerland’s borders or the EU/EEA or has its subsidiaries in a country outside of Switzerland’s borders or the EU/EEA, the Organiser takes the necessary and adequate legal, technical and organisational measures to ensure that the level of protection corresponds to that of Switzerland. When personal data is transferred to a country outside of Switzerland’s borders, the level of protection is determined either by the list of countries maintained by the Data Protection and PR Officer and containing countries with adequate data protection legislation, or by the fact that the company is linked to Switzerland via the "Swiss-US Privacy Shield Framework". Other suitable safeguards are approved codes of conduct in the recipient country and the application of internal, binding company guidelines.
9. RIGHTS OF PLAYERS AND OF DATA SUBJECTS
9.1. Rights of access
The Player is entitled to access their personal data that the Organiser processes about the Player. However, the Player’s access rights assume that a) such personal data does not jeopardise the rights and freedoms of third parties, b) access to personal data is not prohibited by legal provisions such as the Federal Act on Combating Money Laundering and the Financing of Terrorism, and c) the information does not jeopardise the outcome of a criminal or other investigation. In cases where it receives a request for information, it must be noted that the Organiser may request further information from the Player to guarantee effective processing of the request and disclosure of the data to the correct person.
9.2. Right to rectification and amendment
The Player has the right to have any incorrect personal data rectified and any incomplete personal data amended within the stated purpose. To do so, the Player contacts the Organiser’s Customer Service department and requests that the relevant rectification or amendment be made.
9.3. Right to be forgotten
The Player has the right to request that the Organiser erase or remove all or part of their personal data, e.g. if the personal data is no longer required for the purposes for which it was collected or was processed in another way.
It must be noted that the Organiser can reject the request to erase or anonymise the personal data if processing is carried out based on legal obligations applicable to the Organiser such as the Federal Gambling Act or the Federal Act on Combating Money Laundering and the Financing of Terrorism. The Organiser may also reject the request for erasure and anonymisation of the personal data if it has a legitimate interest in processing or if the Organiser requires such personal data to establish, assert or defend legal claims.
9.4. Right to restriction of processing
Under certain conditions, the Player has the right to request that the processing of their personal data be restricted. This may be the case, for example, if the Player disputes the accuracy of the personal data or the processing is unlawful and the data subject refuses erasure of the personal data and instead requests that use be restricted.
The Organiser is entitled to continue to store and process personal data for the duration of the restricted processing asserted by the Player to establish, assert or defend legal claims or to protect the rights of other natural or legal persons. The Organiser can also process this data if the Player has given their consent or if public interests require that this be done.
9.5. Right to object
The Player has the right to object to certain types of processing, e.g. the processing of personal data for direct marketing and other types of processing, if the Organiser has no legitimate interest in this regard.
The Player can choose which communication channels the Organiser may use to send advertising to the Player using the settings in their player account. If the Player does not wish to receive such notifications, the Organiser will stop sending such information to the Player and stop processing personal data for this purpose.
The Organiser may continue its processing of personal data that has been objected to if it asserts due cause or if the Organiser’s interests take precedence over the Player’s interests until such time that the situation is legally clarified. Otherwise, in the event the Player objects, the Organiser may only process the personal data to establish, assert or defend its own legal claims.
9.6. Revocation of consent
If the Organiser bases personal data processing on the Player’s consent, the Player may revoke such consent at any time and at no cost by contacting the Organiser’s Customer Service department.
The revocation of consent will not affect the lawfulness of the processing carried out up to that point in time.
9.7. Right of access
The right to request information from the Organiser as to whether we process data and to which data this refers.
9.8. Right to data portability
The right to receive certain personal data from us in a commonly used electronic format or to demand the transmission of the data to another controller.
10. COOKIE POLICY – ONLINE TRACKING AND ONLINE ADVERTISING METHODS BY THIRD-PARTY PROVIDERS
We use various methods on our website to enable us and third parties contracted by us to recognise you when you use the website and, under certain circumstances, track you across multiple visits.
This cookie policy contains a description of the cookies and third-party cookies used on the gaming platform, as well as instructions on how to disable the use of cookies on the gaming platform.
Cookies are small text files that are stored permanently or temporarily when a website is visited. Five types of cookies are used, two of which are third-party cookies:
Session cookies enable the Organiser to collect and store data during a Player’s visit to the gaming platform. Session cookies are not stored on the Player’s device for an extended period of time and are deleted when the web browser is closed. These cookies are often required for the website to work properly and are used to improve usability.
Persistent cookies enable the Organiser to save data (e.g. language selection) and to access this data the next time the Player visits the gaming platform.
Analysis cookies (third-party cookies) enable the Organiser to determine the number of visitors to the gaming platform. These cookies can be used to carry out statistical surveys on how the services are used. The aim is to improve the services offered. These cookies are also used to improve products, measure marketing activities and develop business.
Advertising cookies (third-party cookies) allow the Organiser to analyse player preferences and tailor marketing content to their interests. Thanks to these cookies, the Player can find out about current campaigns or offers through banner advertising on partner sites. These cookies are also used to specifically control and measure advertising on other websites.
10.1. Cookies
The website uses the following cookies:
__cf_bm:
The __cf_bm cookie is a cookie required to support Cloudflare Bot Management, which is currently in a private beta. As part of our bot management service, this cookie helps us to manage incoming data traffic that meets the criteria of bots.
__cfruid
This cookie is assigned to websites that use Cloudflare in order to identify trustworthy web data traffic.
AWSALB
AWS ELB Application Load Balancer
AWSALBCORS
This cookie is managed by AWS and is used to balance loads.
csrfToken
This cookie is associated with the Django web development platform for Python. It was developed to protect a website against a certain type of software attack via online forms.
Disabling cookies may have an impact on usability. For example, the functions and games on some parts of the gaming platform may be affected.
Cookies installed on the Player’s device can be allowed, blocked or deleted at any time using the web browser settings. All web browsers display information about cookies so that the Player can see what cookies are installed.
Modifications made within the web browser with regard to cookies may affect all websites visited, not just the gaming platform, unless cookies are individually disabled or removed.
Further information about the settings for cookies can be found under "Help" in the web browser’s main menu.
The website is currently unable to respond to the browser’s "Do not track" function.
If a Player remains on the gaming platform and/or continues to use the games without changing the cookie settings, the Player is deemed to have accepted the use of cookies on the gaming platform.
10.2. Use of third-party providers
We may integrate other third-party services into our website. Please note that when you click on a link to a third-party provider’s website (such as Google, social media or other websites), you will be redirected to a website that we do not control and to which our privacy policy does not apply. Any use of and interaction with another website is subject to the terms of use and privacy policies and notices of that third-party website. We recommend that you read the terms of use and privacy policies and notices of other websites carefully before you transmit personal data through that website. We are not responsible or liable for the information content or data processing on such third-party websites.
We currently use services from the following providers:
Adobe Typekit
We use Adobe Typekit from Adobe Inc., San Jose, California, USA to provide website fonts. To obtain these fonts, your browser connects to the servers of Adobe Inc., and your IP address is transmitted in the process.
We have no control over the retention period of the processed data, as this is determined by Adobe Inc. For more information, please refer to the privacy policy for Adobe Typekit at https://www.adobe.com/uk/privacy/policies/adobe-fonts.html.
Cloudflare Insights
We have incorporated Cloudflare Insights into our website. Cloudflare Insights is a service provided by Cloudflare, Inc., which develops cloud-based software that enables the operators of websites and applications to monitor the performance of their services. Cloudflare Insights makes it possible to generate statistical evaluations of the technical performance of our websites (such as the duration of a certain database enquiry, the stability and availability of our servers or the response times of our servers). For this purpose, application and browser data is collected and stored in the browser using cookies. In this case, the data is shared with Cloudflare, Inc. as the operator of Cloudflare Insights.
We have no control over the retention period of the processed data, as this is determined by Cloudflare, Inc. For more information, please refer to the privacy policy for Cloudflare Insights at https://www.cloudflare.com/privacypolicy/.
11. SOCIAL MEDIA PLUG-INS
Our website users the following social media plug-ins to improve our company’s visibility on those networks. You can identify each social media plug-in from the symbols on the website. We have configured these elements so that they are deactivated by default. If you utilise the services of these social networks independently of or in connection with our website or click on them to activate them, the social networks will evaluate how you use the plug-in. In this case, the plug-in will send information to the social networks. Your personal data will then be processed on the responsibility of that operator, in line with the operator’s privacy policy and with your consent. The operator does not share any information about you with us.
We currently use the following platforms; the identity and contact details of each platform operator can be found in their privacy policies:
Facebook
https://facebook.com
Privacy Policy: https://www.facebook.com/privacy/policy
Instagram
Instagram Threads
https://about.instagram.com/threads
Privacy Policy: https://privacycenter.instagram.com/policy
Youtube
Privacy Policy: https://policies.google.com/privacy?hl=de
Telegram
https://web.telegram.org
Privacy Policy: https://telegram.org/privacy
LinkedIn
https://linkedin.com
Privacy Policy: https://de.linkedin.com/legal/privacy-policy
Snapchat
https://snapchat.com
Privacy Policy: https://values.snap.com/privacy/privacy-policy
TikTok
https://tiktok.com
Datenschutzerklärung: https://www.tiktok.com/legal/page/eea/privacy-policy/en
Twitter / X
https://twitter.com
Privacy Policy: https://twitter.com/privacy
This list does not claim to be exhaustive.
12. DATA SECURITY
We have implemented appropriate security measures in order to safeguard the confidentiality, integrity and availability of your personal data, to protect it against unauthorised or unlawful processing and against the risk of loss, unintentional modification, unwanted disclosure or unauthorised access.
For example, the technical and organisational security measures may involve the encryption and pseudonymisation of data, logging, access restrictions, back-up copies, instructions for our employees, non-disclosure agreements and controls. We have appropriate encryption methods in place to protect data when it is being transmitted over our website. However, we are only able to secure areas that we control. We also oblige our data processors to implement appropriate security measures. However, security risks cannot be ruled out completely and elements of risk are unavoidable.
The Organiser takes adequate measures to protect personal data from unauthorised access and from unlawful or unauthorised processing, including theft, erasure, alteration, disclosure and transfer of such personal data. These measures include a) the greatest possible restriction of the group of persons authorised to access personal data, b) the restriction of the authorised persons’ ability to make changes, and c) technical obstacles to infringements, including encryption during transfer and storage, firewalls, strict password requirements and alert functions that report attempted infringements. The data will be pseudonymised if feasible to protect the Player’s privacy as much as possible.
13. MODIFICATIONS
The gaming platform, the range of games on offer and the associated services are constantly evolving and the applicable laws and regulations concerning data protection may change. The Organiser therefore reserves the right to modify the privacy policy at any time and without prior notice. The version published on the mycasino.ch website applies.