When you interact with us through our website (or otherwise) you may provide, or we may collect, certain information from which you are personally identifiable (which is referred to as personal data). For the purposes of the General Data Protection Regulation or “GDPR” (and all other laws relating to the use your personal data), we are the “data controller”, meaning that we are responsible for deciding how your personal data is used and more importantly, for keeping your data safe and only using it for legitimate reasons.
WHAT THIS POLICY TELLS YOU
1. What types of personal data you provide to us (or which we collect from you) when using our website or when you directly interact with us on other occasions;
2. How and why we use this data and the reasons we are legally allowed to do so;
3. Who we share your data with;
4. Your rights over your data and how you can exercise those rights; and
5. How to contact us if you have any issues or want to find out more.
WHAT INFORMATION DO WE COLLECT AND WHAT DO WE USE IT FOR?
You may provide us with the following types of personal information when you register with LootPit or otherwise when you directly interact with us (when using our website or otherwise):
- Identity – first name, surname, LootPit log-in information (password), country of residence
- Contact – email address, telephone numbers and address
- Financial – payment card details, billing address, purchase information, payment history
- Profile – your preferences for marketing, other website preferences and feedback on your LootPit experiences through reviews and surveys
- Social – if you choose to open a LootPit account using your Facebook, Twitter or Google account, we will use your contact information used for the relevant account to help populate your LootPit registration page
We may collect the following types of information from you when you use our website (using Cookies or other tracking technologies):
- Usage – information about how you use our website, including time spent on page, click-throughs, download errors
- Technical – IP address, browser type, hardware type, network and software identifiers, device information, operating system and system configuration
The table below sets out how we use your personal data and our lawful basis for doing so. We may process your personal data for more than one lawful basis depending on the specific purpose for which we are using it. Importantly, we will only use your personal data when the law allows us to.
|Reason why we use the data||What data||Legal ground for using the data|
|Register you as a LootPit customer||Identity, Contact, Profile, Social||Performance of a contract with you|
|Enable you to log-in to your LootPit account||Identity, Contact, Social||Performance of a contract with you|
|Enable you to participate in a LootPit competition||Identity, Contact, Financial, Surprise||Performance of a contract with you|
|To process payments which you make through our website||Identity, Contact, Financial||Performance of a contract with you|
|Arrange for the delivery of your prize if you have won a competition||Identity, Contact, Surprise||Performance of a contract with you|
|For internal administration and record keeping purposes||All||Performance of a contract with you
Necessary to comply with a legal obligation
Necessary for our legitimate interests (for effective business administration and service provision)
Necessary to comply with a legal obligation
|Answer your enquiries which may involve contacting you by post, e-mail or phone||Identity, Contact||Performance of a contract with you
Necessary for our legitimate interests (to ensure our customers are informed and satisfied with our services)
|Get in touch with you about relevant LootPit competitions, products and services||Identity, Contact, Profile||Necessary for our legitimate interests (to develop our business, including our competitions, products and services)
|Contact you about third party products and services which we believe may be relevant to you or pass your details on to third parties to contact you directly about the same (in each case, only where you have indicated you would like to hear about these)||Identity, Contact, Profile||Consent|
|Improve and personalise your experience of the LootPit website by delivering more relevant content and advertising whilst you browse||Identity, Contact, Profile, Usage, Technical||Necessary for our legitimate interests (to develop our business, improve our website and overall user experience and inform our marketing strategy)|
|Administer the LootPit website, including website trouble shooting, testing and analysis and to enable you to participate in interactive features of our website||All||Performance of a contract with you
Necessary for our legitimate interests (to ensure that our website is fully functional and operating in the most effective way for you)
|Verify your identity and detect fraud and security issues||All||Necessary for our legitimate interests (to prevent and detect fraudulent activity, security incidents and criminal activity)|
|Give you the opportunity to provide us with feedback through reviews and surveys||Identity, Contact, Profile, Usage, Technical||Necessary for our legitimate interests (to develop our business, promote new products and services, obtain feedback from customers to improve our services)|
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
In addition to the above, we may also anonymise and aggregate your personal data in a way which means you cannot be identified. This may be helpful to us for testing our internal systems, carrying out research and general customer data analysis. Because this is not personally identifiable, we can use this for any purposes.
WHO DO WE SHARE YOUR DATA WITH?
Importantly, we do not pass your personal data onto any third parties for them to market their products/services to you. If in the future we decide that we want to, we will only do so if we have your consent.
We do however share your personal data with third parties to help us deliver our products and services to you in the most effective way possible. These include third parties who assist us with:
- Delivering relevant LootPit email and text marketing (to the extent you have not unsubscribed)
- Our customer reviews and surveys
- Personalising the content on our website to ensure a tailored user experience
- Delivering relevant targeted and re-targeted advertising to keep you up to date with our services
- Detecting fraud or criminal activity
- Creating your LootPit account (being your social media companies who you have used to provide log-in information as part of the sign-up process)
- Running our competitions, such as our auditors, judges, professional advisors
- Other aspects of our service delivery, such as hosting our website and processing customer payments
In addition to the above, we may also be required to share your personal data with third parties if required by law or regulation. In such circumstances, we will make sure that the disclosure is only to the extent required by law or regulation.
DO WE SEND ANY OF YOUR DATA OUTSIDE OF THE EEA?
The European Economic Area or “EEA” is deemed to have good standards when it comes to data privacy. As such, we consciously limit the occasions when we may need to transfer or handle your data outside of the EEA. Where we do, for example where our service providers are based outside of the EEA, we make sure that your data is still treated fairly and lawfully in all respects (including making sure we have a legal ground for sending your data outside the EEA and putting in place all necessary safeguards for such arrangement).
Where relevant, you will have the right to see a copy of any safeguards we put in place for international transfers of your data. Just get in touch with us if you would like to find out more.
HOW WE KEEP YOUR DATA SECURE?
We adopt industry standard security processes to ensure your data is kept safe and secure and to prevent unauthorised access or use or loss of your data. By way of example, we use secure server software (EV SSL) which encrypts all information you input before it is sent to us. We also make sure that third parties who need to handle your data when helping us to deliver our services are subject to suitable confidentiality and security standards.
Despite the security measures we implement, please be aware that the transmission of data via the internet is not completely secure. As such, we cannot guarantee that information transmitted to us via the internet will be completely secure and any transmission is at your own risk.
HOW LONG DO WE KEEP YOUR DATA FOR?
We will keep your data for as long as you hold a LootPit account and/or where you are still happy to hear from us about our latest news, products and services. Once you no longer wish to be engaged with LootPit we may still need to keep hold of your data if there is a legal reason for doing so (such as for tax purposes where you have made purchases to play in our competitions or where we need to resolve any disputes with you).
LINKS TO THIRD PARTY WEBSITES
In certain situations, you are entitled to:
- access a copy of your personal data;
- correct or update your personal data, which you can do yourself by logging into your account or if you would prefer, please contact us and we can help you out;
- erase your personal data;
- object to the processing of your personal data where we are relying on a legitimate interest (as set out in the above table);
- restrict the processing of your personal data;
- request the transfer of your personal data to a third party; or
- where you have provided your consent to certain of our processing activities, in certain circumstances, you may withdraw your consent at any time (but please note that we may continue to process such personal data if we have legitimate legal grounds for doing so).
If you want to exercise any of these rights, please Contact Us. You don’t have to pay a fee to exercise your rights, unless your request is clearly unfounded, repetitive or excessive (in which case we can charge a reasonable fee). Alternatively, we may refuse to comply with your request in these circumstances. Where your request is legitimate, we will always respond within one month (unless there is a legal reason to take longer, such as where your request is particularly complex). We may also need you to confirm your identity before we proceed with your request if it is not clear to us who is making the request.
In addition to the above, you may get in touch with the ICO (Information Commissioner’s Office) if you are concerned about the way in which we are handling your personal data. However, where possible, we would really appreciate you speaking with us first if you have any concerns.
HOW TO OPT-OUT OF LOOTPIT MARKETING
You can opt-out of any LootPit marketing at any time either by Contacting Us or by using the opt-out function detailed in the relevant marketing email. Please note that we may still need to send you service notifications by email, such as advising you of updated privacy terms or terms of play.
We do not pass your data onto any third parties for their marketing purposes. However, if we ever wish to do so in the future we will always get your consent. You can then opt-out from any third party marketing at anytime following the same process as above.
If you would like to discuss anything in this policy or if you want to exercise your rights, please get in touch:
LAST UPDATED: JUNE 2018