Integrated Casino Resorts Cyprus Limited – Privacy Policy

Purpose and Scope

This Privacy Policy provides an overview of how Integrated Casino Resorts Cyprus Limited (“ICR”) processes your personal data. ICR is a member of the worldwide Melco group, which is active in the gaming industry across various locations. “Personal data” refers to any information relating to you that ICR obtains from you or about you from other parties.

We are committed to protecting your privacy – in this Privacy Policy, we set out how we collect your personal data, how we use it, and what rights and choices you have in relation to the personal data we hold and process.

Who decides why and how we process your personal data?

ICR determines why and how we process your personal data and is the Data Controller and responsible for your personal data (collectively referred to as "Company", "we", "us" or "our" in this Privacy Policy.

What personal data might we collect about you?

We collect different types of personal data for different reasons – this may include:

• Identity Data includes first name, maiden name, last name, username or similar identifier (e.g. patron number), marital status, title, date of birth and gender.
• Contact Data includes billing address, delivery address, email address and telephone numbers.
• Financial Data includes bank account and payment card details.
• Transaction Data includes data necessary for us to check your eligibility based on your loyalty points of the Rewards Club or process payments and implement fraud prevention measures, including patron number, credit / debit card numbers, security code numbers and other such relevant billing details.
• Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
• Location Data includes data necessary for the provision of the service (e.g. GPS coordinates of the driver for the successful completion of your journey).
• Profile Data includes your username and password for platforms maintained by the ICR (where you have access to any), purchases or orders made by you, loyalty points of your Rewards Club account, your interests, preferences, feedback and survey responses.
• Usage Data includes information about how you use our website, products and services.
• Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
• Compliance data includes personal data we may collected on you for the purposes of complying with our legal obligations.

When do we collect your personal data?

We may collect personal data about you in various cases, such as for example:

• When you seek our products or services or use any of our services, including but not limited to online services and setting up an account or making a booking through our websites;
• When you make an enquiry through our website, in person, over email or over the telephone;
• When a corporate entity engages us to provide services and you hold an office or an interest in or have certain relationships with that entity (e.g. as a director or employee);
• When you provide us with feedback;
• When we receive personal data such as Contact, Location, Financial and Transaction Data from third party providers of technical, payment and delivery services.

How will we use your personal data?

We will use your personal data, for the following purposes (“Permitted Purposes”):

• Where we need to perform the contract we are about to enter into or have entered into with you.
• To provide you with services or other similar services you may have requested, including complimentary services or online services, as instructed or requested by you;
• To manage and administer your relationship with us, including processing payments, accounting, billing and collection or support services;
• For compliance with our legal or tax obligations (such as regulatory or tax reporting);
• To analyse and improve our services;
• To process complaints in relation to our services and products;
• To comply with court orders and exercises and/or defend our legal rights;

Driver Location Data

The driver's mobile phone transmits GPS location data to us during a ride, enabling us to map the entire journey to ensure that the service was successfully completed in a timely manner and in accordance with our service standards.

Legal grounds for processing

Depending on which of the above Permitted Purposes we use your personal data for, we may process your personal data on one or more of the following legal grounds provided for under applicable data protection legislation:

• Where processing is necessary for the provision of a service to you or the performance of a contract with you.
• Where we need to comply with a legal or regulatory obligation.
• Where it is necessary for our or our contractors’ (where applicable) legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
• When we have your consent to do so, where you have expressly given this to us.

How might we share your personal information?

We may disclose your personal data where we may instruct service providers within or outside ICR (including affiliates and group companies), domestically or abroad, e.g. IT services or server providers, to process personal data for the Permitted Purposes on our behalf and in accordance with our instructions only. In certain case, this may also mean that your personal data may be transferred to locations outside the EU or EEA. ICR will retain control over and will remain fully responsible for your personal data and will use appropriate safeguards as required by applicable law to ensure the integrity and security of your personal data when engaging such service providers;

We will otherwise only disclose your personal data when you direct us or give us permission to do so or otherwise as required by law, such as for meeting legal and tax obligations.

Website third-party links

The ICR and Melco websites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

Can you refuse to share your personal data with us?

In general, we receive your personal data where you provide this on a voluntary basis, and there will typically be no detrimental effect for you if you wish not to provide this or otherwise withhold your consent for it to be processed. However, there are certain cases where we will unfortunately be unable to act without receiving such data, for example your contact details and information on pick up and destination locations.

How do we keep your personal data safe?

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach in accordance with applicable legal procedures.

Personal data we receive from you about other people

Where you provide us with the personal data of other people, you must ensure that you are entitled to disclose that personal data to us and furthermore that, without being required to take further steps, we can collect, use and disclose that data in the manner described in this Policy.

How long do we keep your personal data for?

We delete your personal data once it is no longer reasonably necessary for us to keep it for the Permitted Purposes, or, where we have relied on your consent to keep your personal data, once you withdraw your consent for us to do so, and we are not otherwise legally permitted or required to keep the data. We will in any event not keep your personal data for longer than three years.

Importantly, ICR will keep your personal data as necessary for the purposes of defending or making legal claims until the end of the period during which we may retain the data and otherwise until the settlement of any such claims, as relevant.

For further information on how long we may keep your data for please get in touch at dpo@melco-resorts.com.cy.

What rights do you have?

Subject to certain circumstances under applicable legislation, you have the right to:

• Request a copy of the personal data which we hold about you or in certain cases request us to transfer the data we hold about you to another provider;
• Have any inaccurate data we hold about you corrected;
• Object or restrict our use of your personal data, including but not limited to object to our use of automated decision making in certain cases;
• Submit a complaint if you have concerns about the wat in which we are handling your data;
• Request that we delete the personal data we hold on you;
• Where we have relied on consent to process your personal data, to withdraw your consent.

To do any of the above, please contact us at dpo@melco-resorts.com.cy. To enable us to process your request, we may require that you provide us with proof of your identity, such as by providing us with a copy of a valid form of identification – this is to protect the personal data we hold from unauthorised access requests and comply with our security obligations.

We may charge you a reasonable administrative fee for any unreasonable or excessive requests we may receive, and for any additional copies of the data you may request.

Corrections, updates and complaints

Where any personal data you have provided us with has changed, or where you believe the personal data we hold is inaccurate, or where you wish to make a complaint regarding our handling of your personal data, please let us know at dpo@melco-resorts.com.cy or send us a letter addressed at:

Data Protection Officer
Zavos Pavilion Tower
2nd Floor, Suite 202
Corner of Pafou & Omonoias Avenue No.50
3052 Limassol

In relation to complaints, we will promptly respond to your requests and complaints. In the event that you are unhappy with our response, you may submit a complaint to the relevant privacy regulator. We can provide details of the relevant privacy regulator upon request.

Cookies

We may store cookies on your devices for the purposes of delivering a better user experience for you – please see our Cookie Policy.

Get in touch

We would be happy to hear your views about our website and this Privacy Policy – please let us know any questions, comments or clarifications you may have at dpo@melco-resorts.com.cy or send us a letter at:

Data Protection Officer
Zavos Pavilion Tower
2nd Floor, Suite 202
Corner of Pafou & Omonoias Avenue No.50
3052 Limassol

Changes to our Privacy Policy

We have the right to update the contents of this Privacy Policy from time to time to reflect any changes in the way in which we process your personal data or to reflect legal requirements as these may change. In case of updates, we will post the revised Privacy Policy on our website. Changes will take effect as soon as the revised version is made available on our websites.

You can request a hard copy of the Privacy Policy in Greek at dpo@melco-resorts.com.cy

 

 

Terms and Conditions

|

Cookies Policy

|

Privacy Policy

|

Contact Us 25 08 88 88

www.cypruscasinos.com