Privacy Policy


Casinocodes.com is owned by GSH Online Media and therefore enforces the company’s privacy policy.

At GSH Online Media (“GSH”, “we”, “us”), we process personal data about our customers and visitors on our websites (“you”). We make efforts to handle your personal data with care, keep it secure and comply with data protection laws.

We are engaged in performance marketing and lead generation online.


How This Policy Works


The purpose of this Policy is to explain when, why and how we process information that may relate to you (“personal data”). It also provides important information on your statutory rights. This Policy is not intended to override the terms of any contract you have with us, nor rights you might have under data protection laws.


Who Is Responsible for Looking After Your Personal Data?


GSH Online Media having its registered address at str Titus 16, Bucharest is principally responsible for looking after your personal data (your Data Controller). For the sake of clarity, its representative inside the EU is GSH Online Media. Data Controller means the company that determines the means and purposes of processing personal data.

You should be aware that although we are principally responsible for looking after your personal data, information may be held in databases that can be accessed by other companies. When accessing your personal data, all companies will comply with the standards set out in this Policy.


What Personal Data Do We Process?


We may process the following personal data about you:

  • IP address
  • Location data
  • Website usage
  • Personal preferences and opinions


What Do We Use Your Personal Data for & When Do We Process Your Data?


We will collect information directly from you when you use our services or visit our websites.


We use your personal data to:

  • send out promotional emails relating to products and services. See also the Section below on Direct marketing.
  • analyse information in our systems and databases to improve the way we run our business and websites according to user preferences, to provide a better service and user experience.
  • improve and target advertisements that you receive from us.
  • register you for a chat forum or community, if we make it available, in which you can provide comments.
  • meet or exercise any of our legal obligations or rights.

We will only process your personal data for the purposes set out in this Section 3 and where we are satisfied that:

  • you have provided your consent to us using the data in that way, or
  • our use of your personal data is necessary to support “legitimate interests” that we have as a business (for example, to improve our products, or to carry out analytics across our datasets), in a way that is proportionate and respects your privacy.

Who Do We Share Your Personal Data with?


We work with many third parties, to help manage our business and deliver services. These third parties may from time to time need to have access to your personal data. In addition, we may share your information, including personal information, to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes, and on the legal basis, set out in this policy.

We may also share aggregated information (information about our users that we combine together so that it no longer identifies or references an individual user) and other anonymized information for regulatory compliance, industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.

If we undertake or are involved in any merger, acquisition, reorganization, sale of assets, bankruptcy, or insolvency event, then we may sell, transfer or share some or all of our assets, including your information in connection with such transaction or in contemplation of such transaction (e.g., due diligence). 

In this event, we will notify you before your personal information is transferred and becomes subject to a different privacy policy.

We may disclose your information, including personal information, to courts, law enforcement or governmental authorities, or authorized third parties, if and to the extent we are required or permitted to do so by law or if such disclosure is reasonably necessary:

  • (i) to comply with our legal obligations
  • (ii) to comply with legal process and to respond to claims asserted against us
  • (iii) to respond to requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability.

The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights and proper protection of our business against risks.


International Transfers


To facilitate our global operations, we may transfer, store, and process your information within our family of companies inside or outside Europe for the purposes described in this Privacy Policy.

If we do transfer your Personal Data outside of the EEA, we will take all reasonable steps to ensure that adequate measures are in place to keep your personal data as secure as it is within the EEA and in accordance with this Privacy Policy.


Direct Transfers


We will use your personal data to send you direct marketing communications regarding products and services that we and our partners offer regarding for example online casinos, sports betting and financial services. 

This may be in the form of email or targeted online advertisements. In some cases, our processing of your personal data for marketing purposes will be based on our legitimate interests (see Section 3 above). When required by law it will be based on your consent.

You always have a right to say no to further direct marketing, at any time. You can use the opt-out link that you find in all direct marketing communications, or by contacting us (see Section 8).

We take steps to limit direct marketing to a reasonable and proportionate level and to send you communications that we believe may be of interest or relevance to you, based on the information we have about you.


How Long Do We Keep Your Personal Data?


We will retain your personal data for as long as reasonably necessary for the purposes listed in Section 3 of this Policy.

In some circumstances, we keep your personal data during a certain period to meet for example legal, tax or accounting requirements.

We maintain a data retention policy for personal data in our care. Where your personal data is no longer required we will ensure it is either securely deleted or made anonymous.


What Are Your Rights?


You have a number of rights in relation to your personal data. More information about each of these rights can be found by referring to the table set out further below.

To exercise your rights, you may contact us by sending an email to [email protected].

Please note the following if you wish to exercise your rights:


Acces


You can ask us to:

  • confirm whether we are processing your personal data;
  • give you a copy of that data;
  • provide you with other information about your personal data, for example, what data we have, what we use it for, who we disclose it to, whether we transfer it outside the EU and how we protect it, how long we keep it for, what rights you have, how you can make a complaint, where we got your data from and whether we have carried out any Automated Decision Making or Profiling, to the extent that information has not already been provided to you in this Policy.


Rectification

  • You can ask us to rectify inaccurate personal data.
  • We may seek to verify the accuracy of the data before rectifying it.

Erasure


You can ask us to erase your personal data, but only where:

  • it is no longer needed for the purposes for which it was collected; or
  • you have withdrawn your consent (where processing was based on consent); or
  • following a successful right to object (see ‘Objection’ below); or
  • it has been processed unlawfully; or
  • to comply with a legal obligation.


We are not required to comply with your request to erase your personal data if the processing of your personal data is necessary:

  • for compliance with a legal obligation; or
  • for the establishment, exercise or defence of legal claims;

There are certain other circumstances in which we are not required to comply with your erasure request, although these two are the most likely circumstances in which we would deny that request.


Restriction


You can ask us to restrict (i.e. keep but not use) your personal data, but only where:

  • its accuracy is contested (see Rectification), to allow us to verify its accuracy; or
  • the processing is unlawful, but you do not want it erased; or
  • it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
  • you have exercised the right to object, and verification of overriding grounds is pending.


We can continue to use your personal data following a request for restriction, where:


  • we have your consent; or
  • to establish, exercise or defend legal claims; or
  • to protect the rights of another natural or legal person.


Portability


You can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it ‘ported’ directly to another Data Controller, but in each case only where:


  • the processing is based on your consent or on the performance of a contract with you; and
  • the processing is carried out by automated means.

Objection


You can object to any processing of your personal data which has our ‘legitimate interests’ as its legal basis if you believe your fundamental rights and freedoms outweigh our legitimate interests.

We have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.


International Transfers


You can ask to obtain a copy of, or reference to, the safeguards under which your personal data is transferred outside of the European Economic Area.

We may redact data transfer agreements or related documents (i.e. obscure certain information contained within these documents) for reasons of commercial sensitivity.


Supervisory Authority


You have a right to lodge a complaint with the responsible local supervisory authority about our processing of your personal data.

We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

Last update: December 2021