Last Updated: 23rd January 2024
This General Data Protection Regulation (GDPR) privacy notice (this “GDPR Notice”) is included in our Privacy Policy and applies to the “personal data,” as defined in the GDPR, of natural persons located in the European Economic Area or otherwise subject to the protections of the GDPR (“Covered Individuals,” “you,” or “your”) processed by us in relation to the Website. Any capitalized terms or other terms not defined herein shall have the meaning given to them elsewhere in our Privacy Policy or, if not defined herein or elsewhere in our Privacy Policy, the GDPR.
To the extent of any conflict between this GDPR Notice and any other provision of the Privacy Policy, this GDPR Notice shall control only with respect to Covered Individuals and their personal data. If you are located elsewhere, please see our Privacy Policy here.
Controller Disclosure & Details: We are a data controller of personal data regarding Visitors for the purposes and under the legal bases described in the table below.
Data Subject Category | Purpose & Legal Basis of Processing |
---|---|
Visitors | Provide Our Website and Services: We will process Visitors’ personal information to provide our Website and our services, and will do so as necessary to enter into or perform our contract with you or as otherwise in our legitimate interest in providing our services to you. Information Security: Our web servers will log Visitors’ IP address and other information (e.g., browser information, operating system, request date/time, user agent string, referral and exiting URL) in order to maintain an audit log of activities performed. We use this information pursuant to our legitimate interests in tracking Website usage, combating DDOS or other attacks, and removing or defending against malicious Visitors. Email Communications: We will answer inquiries, such as those sent through a Contact Us (or similar) page, pursuant to our legitimate interest in answering such inquiries, ensuring prospective or Visitor satisfaction, and furthering business relationships. We will send e-mail marketing communications to Visitors based on their consent. Visitors may also have the option to consent to other e-mail-based communications that are not marketing-related. General Business Development: We have a legitimate interest in processing the personal data of Visitors to further business relationships and ensure Visitor satisfaction (e.g., by storing Business Contact information within a CRM or other file, answering inquiries per Email Communications above). Applicant Processing: For “career” or similar pages, we have a legitimate interest in processing the personal data of Visitors that submit resumes, CVs, and similar materials for eligibility purposes. Audience Analytics/Geolocation: We utilize web audience measurement tools such as Google Analytics pursuant to Visitors’ consent to understand how Site Visitors interact with our Website and optimize the Website and related services. Additionally, we may request consent for use of your geolocation to provide location-based services. Compliance With Applicable Law and Security and Business Integrity: We will process Visitors’ personal data pursuant to (a) our obligations under member state or Union law or (b) our legitimate interests in complying with applicable law generally. This includes responding to lawful governmental requests and establishing, exercising, or defending legal claims. It also includes protecting our company, our affiliates, our customers, and our services. We may also use information in order to comply with laws, regulations, court orders, or other legal obligations or to assist in an investigation, protect and defend our rights and property, or the rights or safety of third parties, enforce our Terms of Use, this Privacy Policy, or agreements with third parties, detect and prevent fraud or for crime prevention purposes. Other: We may process Visitors’ personal data for other purposes as otherwise disclosed to you (e.g., via “just-in-time” notices). |
Recipients: Our personnel process Visitors’ personal data for the purposes listed above. Such personal data is also disclosed to the following categories of recipients in relation thereto: Cloud storage and web hosting providers, distributors, technical assistance and security vendors, database management/back-up services, analytics services, email clients, digital marketing services (e.g., marketing automation), customer relationship management/CRM platforms, and customer service vendors. For clarity, we do not use job applicant information for marketing purposes.
Retention: We process Visitors’ personal data for as long as we have a legitimate business relationship with such Visitors or unless otherwise deleted upon request by such Visitors. The deletion of personal data shall be subject to any applicable laws which require us to maintain such personal data for a stipulated amount of time.
Your GDPR Rights: You have a right to: (i) request access to, correction and/or erasure of your personal data; (ii) object to processing of your personal data; (iii) restrict processing of your personal data; (iv) withdraw your consent where your personal data was being processed on the basis of your consent; and (v) request a copy of your personal data, or have a copy thereof sent to another controller, in a structured, commonly used and machine readable format under the right of data portability. You may exercise these rights and submit a GDPR complaint by contacting ir@highroller.com with the subject line “GDPR Notice.”
You also have the right to lodge a complaint about the processing of your personal data with an appropriate data protection authority, and, as applicable, to exercise third-party beneficiary rights under our Standard Contractual Clauses.
Contact details for the data protection authorities in the European Economic Area (EEA) can be found at: https://edpb.europa.eu/about-edpb/about-edpb/members_en. Contact details for the United Kingdom’s data protection authority, the Information Commissioner’s Office (ICO), can be found at: https://ico.org.uk/global/contact-us/.
Objecting to Legitimate Interest/Direct Marketing: You may object to personal data processed pursuant to our legitimate interest. In such case, we will no longer process your personal data unless we can demonstrate appropriate, overriding legitimate grounds for the processing or if needed for the establishment, exercise, or defense of legal claims. You may also object at any time to processing of your personal data for direct marketing purposes by clicking “Unsubscribe” within a marketing email. In such case, your personal data will no longer be used for that purpose.
Transfer of Personal Data To Outside the EEA: In the event that personal data is transferred outside of the EEA, within the High Roller Technologies, Inc. or to any of our business partners, we ensure to implement all appropriate safeguards to ensure that the same protection is afforded and the same standards are applied as would be within the EEA. You are entitled to receive a copy of such safeguards by contacting Us at the address below.
Governmental Access Requests: We may be required to disclose personal data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose personal data to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
Corporate Restructuring: In the event of a merger, reorganization, dissolution or similar corporate event, or the sale of all or substantially all of our assets, we expect that the information that we have collected, including personal data, would be transferred to the surviving entity in a merger or the acquiring entity.
Updates to this GDPR Notice: If, in the future, we intend to process your personal data for a purpose other than that which it was collected, we will provide you with information on that purpose and any other relevant information at a reasonable time prior to such processing. After such time, the relevant information relating to such processing activity will be revised or added appropriately within this GDPR Notice, and the “Last Updated” date at the top of this page will be updated accordingly.
How to Contact Us: Reach out to ir@highroller.com with the subject line “GDPR Notice” for any questions, complaints, or requests regarding this GDPR Notice.