Privacy Notice

Version: 1.0

Date of last revision: May 25, 2018


This Privacy Notice tells you what to expect us to do with your personal information when you use our website ( including any mobile or a device-specific version of the website and any related applications (together the “Website”) or any other products or services we provide (together the “Services”).

We understand that you are aware of and care about your privacy interests, and we take that seriously. This Privacy Notice describes our policies and practices regarding its collection and use of your personal data, and sets forth your privacy rights.

This Privacy Notice is layered. So, if you wish, you can easily select the section you interest and see what we do with your personal information.

We will tell you:

  • Our contact details
  • Data Protection Officer
  • How we collect your personal information
  • What happens if you do not give us your data?
  • How we use your personal information
  • When and how we share information with others
  • Transferring personal data from the European Economic Area
  • Data subject rights
  • Security of your information
  • Data storage and retention
  • Changes and updates to the Privacy Notice

Our contact details

References in this Privacy Notice to “we”, “us” or “our” relate to Faro Entertainment N.V., a company incorporated in Curaçao, and having its registered address at Kaya Richard J. Beaujon Z/N, Curacao, P.O. Box 6248, and Faro Entertainment Europe Limited, its wholly-owned subsidiary, and having its registered address at 35, Room 1A, Salvu Psaila Street, Birkirkara BKR 9072, Malta.

We control the ways your personal information is collected and the purposes for which it is used, acting as the data controller.

More details can be seen below.

Our postal address:

35, Room 1A, Salvu Psaila Street

Birkirkara BKR 9072


Our email address:

References to “you” and “your” shall refer to the person using our Website and providing personal information to us.

Data Protection Officer (DPO)

We have appointed a data protection officer for you to contact if you have any questions or concerns about our personal data practices. The data protection officer’s contact information is as follows:

How we collect your personal information

  1. Personal information you give to us
    • Identity Information: When you create an account, we collect information about you including (but not limited to) your name, username, date of birth, password, email address, mailing address and mobile phone number.
    • ID Documents: In certain instances, you will be required to provide a copy of a governmental-issued ID, bank statement, tax invoice, and/or utility bill. Please note that this information is required for the identity verification process and compliance with anti-money laundering (“AML”) regulatory requirements.
    • Communication Information: If you communicate with us by email, postal service, chat or phone, we may retain such communication and the information contained in it and use it to respond to your inquiry, improve our Services and comply with our responsible gaming obligations.
  2. Additional information collected
    • Payment Information:You may choose to deposit and withdraw the funds from the Website using different payment methods. Typically, payment methods details are provided directly by users, via the Website, into the PCI/DSS-compliant payment processing service to which we subscribe, and we, itself, store deposits and withdraws history and the limited payment information (for example, the last four digits of your credit card or your user ID).
    • Gaming Information:When you use our Services, we record information related to your account such as your balances, bets, bonuses, and winnings.
    • Device and Connection Information: We collect specific types of connection details (e.g., your logins) and information with regard to your device, including protocol (IP) address, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of the Website.
    • Activity Information: When you respond to communications with us or otherwise interact with the Website, we may collect additional information such as open/click on our emails, links, history of the pages you view, amount of time spent, online browsing and other activities on the Website.
    • Profile Information: Based on your activity on the Website and communication with us, we may make internal notes concerning your interests, favourite games, preferences, etc.
  3. Personal information we get from third parties
    From time to time, we receive personal information about individuals from third parties. For example, we may receive information from AML service providers, analytical and marketing service providers, national self-exclusion scheme operators to comply with our legal and regulatory obligations, offer Services, to help us maintain data accuracy and provide and enhance the Services.
  4. Personal information we collect from publicly available resources
    To comply with licence conditions and legal requirements, we may receive personal data about you from various public sources, for example, public databases, social networking platforms, search engines, etc.).
  5. Cookies
    We and our service providers may cookie information. “Cookies” are small text files that are delivered by the Website on your device. They help us to maintain security whilst you are logged in to your account. Sometimes they may collect information about your preferences while navigation the Website, to help you access your preferred Services easier.

What happens if you do not give us your data

You cannot enjoy many of the Services without giving us your personal data. Some personal information is necessary to perform a contract with your or to comply with our legal obligations so that we can supply you with the Services you have purchased or requested, and to authenticate you so that we know it is you and not someone else.

How we use your personal information

We process your personal information for the following purposes:

  1. Providing Services and features
    We use personal information to provide, personalize, maintain and improve our Services. This includes using the data to:
    • Create and manage users’ accounts;
    • Provide access to the Services and process gaming activities;
    • Enable participation in competitions;
    • Offer, process, or facilitate payments for the Services;
    • Notify of changes in the Website, Services, Terms and Conditions.
    We rely on the fulfilment of a contract as the lawful basis for processing your data for such purposes.
  2. User support
    We process personal data to provide user support, including to:
    • Respond to your inquiries and questions;
    • Improve our support processes.
    We rely on a legitimate interest basis for collecting, storing and processing this information.
  3. Safety and security
    We use personal information to help maintain the safety, security, and integrity of our Services and users. This includes:
    • Ensuring network and information security;
    • Preventing unauthorised access to electronic communications networks and stopping; damage to computer and electronic communication systems.
    We have a legitimate interest in maintaining personal information for safety and security purposes.
  4. Responsible gaming
    As a responsible gambling operator, we need to process personal information to comply with our legal obligations, including to:
    • Carry out age verification;
    • Enable you to self-exclude from gambling;
    • Protect you from irresponsible gambling;
    • Minimise the gambling-related harm.
    We use the data described above as necessary to comply with our legal obligations and as necessary for our (or others’) legitimate interests, including our social responsibility.
  5. Legal and regulatory obligations
    We use personal data as required by licence conditions and relevant legislation. This includes:
    • Verifying the identity of our users for Know Your Customer (KYC) compliance;
    • Prevention of money laundering and terrorist financing;
    • Minimising the risk of fraud.
    We process such kind of personal information to comply with our legal obligations. When this information is processed for protecting our business from illegal activity, we rely on legitimate interest.
  6. Research and development
    We may use the data we collect for testing, research, analysis, product development to improve the user experience. This helps us to improve and enhance the Services, marketing campaigns, user relationships, to develop new features and products, and facilitate insurance and finance solutions in connection with our Services.
    We have a legitimate interest in understanding how you use the Website. This assists us in providing more relevant Services, and with providing appropriate staffing to meet member and customer needs.
  7. Marketing
    We may use the data we collect to market our Services, in particular to:
    • Personalise our offers;
    • Make suggestions and recommendations concerning your preferences;
    • Assess the effectiveness of our marketing campaigns;
    • Carry out promotions (bonuses, loyalty programs, VIP management).
    We have a legitimate interest in processing personal information for marketing purposes. However, we send you marketing communications only if you explicitly consent to marketing. You may manage your marketing preferences and you may opt-in or opt-out of receiving marketing communication at any time.
    If you ask us not to contact you with marketing communication, we will retain a copy of contact details on our “do not send” list in order to comply with your no-contact request.
  8. Automated decision making and profiling
    We are subject to strict licence conditions and legal requirements. As a responsible gambling operator, we must monitor your activities to prevent fraud, money laundering, and other illegal activities on the Website. For this reason, our automated system tracks and flags suspicious activity and behavior on the Website. A final decision regarding a user is taken by an authorized specialist.
    We divide our users into different segments to carry out our loyalty program, offer tailored Services and games. This segmentation is performed without human intervention and does not produce legal effects concerning you. When the results of this segmentation are intended to significantly affects you, the decisions are reviewed by a human before any action is taken.

When and how we share information with others

The personal information we collect from you is stored in one or more databases hosted by third parties located in the EU. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval.

We do not otherwise reveal your personal data to third parties unless the information is provided to:

  • Our agents, vendors or service providers who perform functions on our behalf including for customer support, information technology, payments, marketing, data analysis, games, identity verification, AML, lawyers, accountants, and other professional service providers;
  • Comply with the law (for example, to comply with a search warrant, subpoena or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others;
  • Address disputes, claims, or to persons demonstrating legal authority to act on your behalf;
  • Third party which will assume the rights and obligations hereunder when we are involved in a merger, acquisition, or sale of assets, or if the owner or operator of the Website changes;
  • Third party when you request or give consent to such disclosure.

We may also engage anti-fraud and AML service providers, which act as independent controllers of personal data stored in their databases. These databases may contain information about you. We have entered into appropriate data processing agreements with corresponding obligations providing for enforceable and effective rights for you.

Transferring personal data from the European Economic Area

Personal information we collect from you may be processed outside the European Economic Area (EEA). We rely on the following methods for transfers of personal data outside the EEA:

  • Adequacy: We may transfer personal data to a third country when the European Commission has decided that such third country ensures an adequate level of protection;
  • Appropriate safeguards: Several possible mechanisms may be suitable for our purposes, namely model data protection clauses, binding corporate rules, approved code of conduct. We enter into data processing agreements and model clauses with our vendors whenever feasible and appropriate;
  • Derogations: When one of the other transfer mechanisms is not available, we may rely upon certain derogations to the prohibition on transfers outside the EEA such as explicit consent of the data subject, performance of a contract involving the data subject, important public interest reason based in European Union law, legal claims or defenses.

Data subject rights

The European Union’s (EU) General Data Protection Regulation and other countries’ privacy laws provide certain rights for you. To process your request, we will ask you to verify your identity.

You may request:

  • Confirmation that we are processing your personal data, and, where that is the case, access to the personal data and the information about: the purpose of the processing, the categories of personal data concerned, who else might have received the data, what the source of the information was (if you didn’t provide it directly to us), and how long it will be stored;
  • Rectification the record of your personal data maintained by us if it is inaccurate;
  • Erasure your data, subject to certain exceptions which allow us to decline your requests to the extent that processing is necessary: for compliance with a legal obligation which requires processing by EU or member state law to which we are subject or for the establishment of, exercise of or defence against legal claims;
  • Objection against processing of personal data which is carried out on grounds related to our legitimate interest or performance of a task carried out in the public interest. You may object against using your data for direct marketing purposes without any limitation;
  • Restriction of processing in certain circumstances prescribed by law;
  • Transfer the information you gave us to another organisation, or give it to you when technically feasible. The right only applies if we are processing information based on your consent or under or in talks about entering into a contract, and the processing is automated.

In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how we process your personal data.

If you wish to exercise any of these rights, please contact us by email, chat or phone. You can use the contact information listed below.

Additionally, to exercise the right to withdraw consent or to object against the processing of your personal information for direct marketing, you may use the marketing preferences tool available in your account or follow opt-out instructions contained in our messages. It can take up to 48 hours for your request to be fully carried out.

To enable/disable push notifications, please use your device settings.

You are not required to pay any charge for exercising your rights.

We have one month to respond to you.

If access cannot be provided within a reasonable time frame, we will provide you with a date when the information will be provided. If for some reason the request is denied, we will provide an explanation as to why your request has been denied.

Security of your information

To help protect the privacy of data, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees and vendors who need to know that information to provide benefits or Services to you. Also, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information.

Data storage and retention

Your personal data is stored by us on our servers, and on the servers of third-party providers we engage, located in the EU.

We retain data for the duration of the user’s business relationship with us and for a period of time thereafter provided that retaining such information is necessary for our legal obligations, such as fraud prevention and record keeping, responsible gaming reasons, resolving or exercising claims regarding potential disputes, and where we are guided to do so by the applicable supervisory authority.

These periods for data retention can vary significantly because of our regulatory and legal responsibilities. For example, we retain certain elements of personal data for a period of up to 10 years after the closure of your account to meet company and taxation record-keeping obligations.

When we are no longer required to retain your information, we will ensure that it is deleted.

Changes and updates to the Privacy Notice

As our Website and Services change from time to time, this Privacy Notice is expected to change as well. We reserve the right to amend the Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice at this Website. We may email users of material changes thereto, but you should check our Website frequently to see the current Privacy Notice that is in effect and any changes that may have been made to it.