1.2 Natural8 collects, Processes and retains Personal Data and ensures that the below steps are taken by us to protect such Personal Data.
“You” means the player, the ‘Data Subject’ who is using the services of Natural8.
“Visitor” means an individual other than a user, who uses the public area, but has no access to the restricted areas of the Site or Service.
This Policy is based on the following principles:
The Processing of Personal Data shall take place in a lawful, fair and transparent way; The collection, processing and retention of Personal Data shall only be performed for specified, explicit and legitimate purposes and no further processing will take place which is incompatible with those purposes; The collecting and retaining of Personal Data shall be adequate, relevant and limited to what is necessary in relation to the purpose for which they are Processed; The Personal Data shall be accurate and where necessary, kept up to date; Every reasonable step shall be taken to ensure that Personal Data that is inaccurate having regard to the purposes for which they are Processed, are erased or rectified without delay; Personal Data shall be kept in a form which permits identification of the Data Subject for no longer than it is necessary for the purpose for which the Personal Data is Processed All Personal Data shall be kept confidential and stored in a manner that ensures appropriate security; Personal Data shall not be shared with third parties except when necessary in order for them to provide services upon agreement in which case the Data Subject; Data Subjects shall have the right to request access to and rectification or erasure of Personal Data, or restriction of Processing, or to object to Processing as well as the right of Data Portability.
2. The Information we collect:
2.1 As part of providing you with the Services, we collect your Personal Data on registering an account. “Personal Data” means any information from which you can be personally identified or be identifiable, including but not limited to your name, surname, email address, home address, telephone number, mobile number, date of birth, government ID information, electronic location information and electronic device information – this covers passport/license, MAC address and IP address.
2.2 As part of providing you with the Services, we also collect information about the transactions you undertake, including details of payment cards used, details of the games you played and underlying gaming transactions.
2.3 Our payment service provider MoneyMatrix Limited, Level 3A, St Julians Business Centre, Triq Elija Zammit, St Julians STJ3155, Malta (hereinafter “MoneyMatrix”) is required by law to report any activity that raises suspicion of money laundering, funding of terrorism, or any other illegal activity. To enable MoneyMatrix to fulfil these obligations, we transmit the following data to MoneyMatrix: transaction data and KYC documents, your name and address. MoneyMatrix will only process the personal data for the above-mentioned purpose and in accordance with all applicable data protection laws.
3. How we will use your Personal Information
3.1 When providing our Services we collect, retain and process your Personal Data. We will Process your Personal Data to enable us to:
3.1.1 Set-up, administer and manage your Account and records (including processing deposits and withdrawals);
3.1.2 Provide and personalise the Services (including allowing you to wager and play our games);
3.1.3 Receive and respond to your communications and requests;
3.1.4 Notify you about updates to the Software and/or the Services;
3.1.5 Ensure that we are able to fulfil our regulatory obligations regarding your Account, including by verifying the accuracy of any information you give us;
3.1.6 Comply with our obligations under Applicable Laws and to Regulators in jurisdictions where we are licensed;
3.1.7 Investigate, and assist with the investigation of, suspected unlawful, fraudulent or other improper activity connected with the Services (including, where appropriate, dealing with requests from authorised entities/Authorities for the sharing of information);
3.1.8 Carry out market research campaigns;
3.1.9 Preparing statistics relating to the use of the Services by you and other customers;
3.1.11 Provided that you “opt-in” and don’t “opt-out” from this option, keep you informed on offers and promotions in relation to our products and services;
3.1.12 Support any other purpose necessary for performance of our contractual obligations or specifically stated at the time at which you provided your Personal Data. These are the “Purposes” for which we may collect your Personal Data.
3.2 If at any time you wish us to stop Processing your Personal Data for the above purposes, then you must contact us and we will take the appropriate steps to stop doing so. Please note that this may mean that your Account will be closed. You may contact us by firstname.lastname@example.org.
3.3 To ensure a good quality of service we may monitor any communication you have with us whether in writing or by electronic mail (“recordings”). Any recordings remain the property of Natural8 and will be used only for the purposes listed above.
3.4 In the event that the purposes for Processing change, then we will notify you by a Privacy Notice whereby we will inform you of the changes and seek any additional consent that may be required.
4. Disclosing your Personal Information
4.1 Except as described in this Policy, we will not intentionally disclose the Personal Data that we collect and/or retain on the Service to third parties without your prior explicit consent. We may disclose Personal Data to third parties in the following circumstances:
4.2 Any company within our Group (including to its employees and subcontractors) which assists us in providing the Services or which otherwise has a need to know such information;
4.3 Any third party which assists us in providing the Services, including (but not limited to) payment processors and marketing service providers;
4.4 Any third party which can assist us in verifying the accuracy of your Personal Data, including financial institutions and credit reference agencies (a record of the search may be retained by such third party. Security use/plan to use will fall under this category for ID and Document checks.
4.5 Any third party who assists us in monitoring use of the Services, including the detection and prevention of fraud and collusion;
4.6 Any contractors or other advisers auditing any of our business Processes or who have the need to access such information for the purpose of advising us;
4.7 Any law enforcement body which may have any reasonable requirement to access your Personal Data;
4.8 Any regulatory body or authorised entity which may have any reasonable requirement to access your Personal Data; and
4.9 Any potential purchaser of Natural8 or any investors in it or in any company within our Group (including in the event of insolvency).
4.10 We shall keep the Data Subjects informed and ensure that these trusted partners and/or third parties will abide with the mandatory data protection measures. During such data transmission we shall take all appropriate organizational, technical and legal protection measures. Any Personal Data transfers outside the EU/EEA will follow procedure as described in section 12.
4.11 The Company gives its customers the possibility to make use of “chat rooms” where players are able to communicate with each other. Whilst we will ensure that the players follow the terms as set in the “chat room policy”, we will not be responsible for any data breaches that might arise from the use of our chat rooms. Therefore, you accept responsibility and under no circumstance shall we be held responsible for any damages that might arise from any breach of data.
4.12 If at any time you wish us to stop Processing your Personal Data for the above purposes, then you must contact us and we will take the appropriate steps to stop doing so. Please note that this may mean that your Account will be closed. You may contact us email@example.com.
5. Contacting us
5.1 For full details about Natural8 Group members and where they operate please contact us on firstname.lastname@example.org.
6.1 Cookies are pieces of information that a website transfers to your computer’s hard disc for record keeping purposes. Cookies can make the web more useful by storing information about your preferences on particular sites, thus enabling website owners to provide more useful features for their users. They contain no name or address information or any information that will enable anyone to contact you via telephone, e-mail or any other means. Most browsers are initially set to accept cookies. If you prefer, you can set your browser to disable cookies or inform you when they are set.
6.3 Our Online poker service uses session cookies to establish and maintain your session with us. With cookies enabled, you shouldn’t notice any difference to the service. Natural8 requires your web browser to accept a session cookie before you can log on or register for the service. Session cookies only exist until you close down your web browser, as opposed to permanent cookies which your browser stores until they expire. If your browser is set to disable cookies, you may restrict your access to Natural8.
6.4 Natural8 web pages may contain electronic images, known as web beacons or spotlight tags. These enable Natural8 to count users who have visited certain pages on our website. Web beacons and spotlight tags are not used by us to access your personal information, they are simply a tool we use to analyse which web pages customers view, in an aggregated manner.
6.5 If you object to cookies or want to delete any cookies that are already stored on your computer, you should follow the instructions for deleting existing cookies and disabling future cookies on your web browser or equivalent software. Further information is available at aboutcookies. Please note that by deleting or disabling cookies you may not be able to access certain areas or features of the Website.
6.6 As part of the Website’s operation, and for our own statistical analysis of site traffic, our Website automatically logs internet IP addresses. We do not log any e-mail address of visitors to the Website. Our advertising system logs IP addresses to supply more accurate advertising features, such as language-specific banners.
6.7 While the Website may contain links to websites operated by parties other than us, we are not responsible for the privacy practices or content of such websites.
7. Minors and Children’s Privacy
7.1 Protecting the privacy of minors is especially important. Our Service is not directed to children under the age of 18, and we do not knowingly collect Personal Data from children under the age of 18.
7.2 If you are under 18 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Data has been collected on the Service from persons under 18 years of age, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 18 years of age has obtained an Account on the Service, then you may alert us at email@example.com and request that we delete your child’s Personal Data from our systems.
8.1 We take appropriate security measures to protect against loss, misuse and unauthorized access, alteration, disclosure, or destruction of your information. Natural8 has taken steps to ensure the ongoing confidentiality, integrity, availability, and resilience of systems and services Processing Personal Data, and will restore the availability and access to information in a timely manner in the event of a physical or technical incident.
8.2 Your winnings and cash-outs are kept strictly confidential, and winnings information is stored in secure operating environments. We do not provide winnings information to any third party unless such information is required to be disclosed by law, regulation or a similar governmental authority.
8.3 No method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Service, however, we shall ensure that adequate security mechanisms designed to protect Personal Data will be used to prevent Personal Data from being stolen, misused or abused, and to prevent Personal Data breaches. If you believe your Personal Data has been compromised, please contact us firstname.lastname@example.org
9. Data Breach
9.1 When we learn of a suspected or actual Personal Data breach, We shall perform an internal investigation and take appropriate remedial measures in a timely manner. Where there is any risk to the rights and freedoms of Data Subjects, we will notify the relevant Supervisory Authorities without undue delay and, when possible, within 72 hours.
9.2 In the event that a Personal Data breach is likely to result in a high risk to the rights and freedoms of the Data Subject, the DPO must ensure that all affected Data Subjects are informed of the breach without undue delay.
10. Privacy Settings
10.1 Although we may allow you to adjust your privacy settings to limit access to certain Personal Data, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users with whom you may choose to share your information. We cannot and do not guarantee that information you post on or transmit to the Service will not be viewed by unauthorized persons. We have taken the necessary steps to protect as much as possible your Personal Data in transit by utilising HTTPS on our Website and TLS 1.2 (a strong protocol), ECDHE_RSA with P-256 (a strong key exchange), and AES_256_GCM (a strong cipher).
11. Data Retention
11.1 Personal Data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
11.2 We only retain the Personal Data collected from you for as long as your account is active or otherwise for a limited period of time as long as we need it to fulfil the purposes for which we have initially collected it, unless otherwise required by law.
11.3 Retention periods may vary from a few months in relation to enquiries to over ten years to comply with our legal obligations and in line with our Data Retention Policy, resolve disputes, and enforce our agreements or in order to protect your vital interests or the vital interests of another natural person.
11.4 We shall ensure that all employees, agents, contractors, sub-contractors, suppliers and any other third party will abide by the retention periods set by us and will be appropriately trained to do so.
12. International Transfers
13.1 Our data representative who is responsible for matters relating to privacy and data protection at Natural8 can be reached at: email@example.com
13.2 In accordance with the applicable legal regulations governing the protection of Personal Data, each request/inquiry will be resolved without undue delay and at the latest within 30 days of receipt.
13.3 When contacting and posting such requests, we will invest reasonable efforts to confirm your identity and to prevent unauthorized Personal Data processing.
14.1 We shall be responsible for and be able to demonstrate compliance with the principles outlined above.
14.2 Natural8 shall perform Data Protection Impact Assessment (DPIA) periodically and/or for any changes to data Processing Activity according to the Data Protection Impact Assessment Guidelines.
15. Governing Law
15.1 This Policy is intended to comply with the laws and regulations in the place of establishment and of the country in which Natural8 operates. In the event of any conflict between this Policy and applicable laws and regulations, the latter shall prevail.
16.1 As the Company evolves, there may be the need to update this Policy to keep pace with changes to the website, software, services, business and Applicable Laws. We will however, always maintain our commitment to respect the Data Subject’s privacy. We will ensure that we will notify the Data Subjects with any material changes under this Policy by email (the most recent email provided by the Data Subject) or post any other revisions to this Policy along with their effective date, in an easy-to-find area of the website.