Privacy Policy
Valid from: 01.04.2025
1. GENERAL
1.1 This notice explains the processing of website visitors’ personal data on the website and the rights in relation to the processing of personal data.
1.2 The joint data controllers are Olybet Latvia SIA, registry code 44103143645, address Rēzeknes iela 5E, Latvia, +371 67878147, latvia@oc.eu, SIA AHTI, registry code 40003420708 (address Rēzeknes iela 5E, Latvia, +371 67878147, latvia@oc.eu), and SIA Olympic Casino Latvia, registry code 40003264397 (address Rēzeknes iela 5E, Latvia, +371 67878147, latvia@oc.eu) (hereinafter “Joint data controllers”) which are part of the same group, which process personal data for the purposes of maintaining the website, analysing traffic on the website, and to conduct promotional activities, such as raffles and promotions, including accepting participation in the promotions and contacting the winners, and to send direct marketing to consenting data subjects about Olybetsportsbar.
1.3 The contact details of the Data Protection Officer of the Joint data controllers are the following: dataprotectionofficerlatvia@oc.eu, Rēzeknes iela 5E, Latvia.
1.4 The Joint data controllers implements appropriate technical and organisational measures to protect personal data from unauthorised access, unlawful disclosure, accidental loss, alteration, destruction or other unlawful processing. We also require our cooperation partners, to whom we transfer personal data in accordance with this Privacy Notice, to implement the necessary organisational, physical and IT security measures. However, please note that even by using all technical and organisational measures to protect personal data, some risks, such as human error, cyber-attack, loss of electricity, software error or malicious actions of an individual, still remain. Upon discovering such breach, we shall take all reasonable steps to mitigate the risk to our website visitors.
1.5 Provisions on the processing of personal data may also be included in contracts between the website visitor and the Joint data controllers, such as the Terms and Conditions of any campaigns organised on the website. In such a case, in the event of a conflict of provisions, the provisions agreed upon in such terms and conditions shall apply.
1.6 If we amend the notice on the processing of personal data, it will publish the updated version on this website.
2. DATA SUBJECT RIGHTS
2.1 The website visitor has the right to be informed on whether the Joint data controllers process their personal data and, if so, to receive a copy of the aforementioned data.
2.2 The website visitor has the right to request the rectification of inaccurate personal data concerning them.
2.3 The website visitor has the right to withdraw their consent to the processing of personal data at any time (e.g. direct marketing consent), if the processing is based on consent. Withdrawal of consent does not affect the lawfulness of the processing which took place prior to the withdrawal.
2.4 The website visitor has the right to demand the erasure of their personal data. The Joint data controllers may delete data processed on the basis of consent or legitimate interest, if the Joint data controllers ’ interests do not outweigh the interests of the website visitor. The right to erasure does not apply to data that is processed for the fulfilment of legal or contractual obligations, as long as the legal or contractual obligation is valid.
2.5 The website visitor has the right to object to the processing of their personal data (especially based on legitimate interest) and to restrict the processing of their personal data where justified.
2.6 The website visitor has the right to receive their personal data, which they have submitted on the basis of consent or to perform a contract, in a structured and machine-readable format (if technically feasible) for transmission to other companies.
2.7 The website visitor has the right to lodge a complaint about the processing of personal data with the Latvian Data Protection Inspectorate of by e-mail to pasts@dvi.gov.lv or in person at Elijas iela 17, Rīga, LV-1050.
3. CATEGORIES OF PERSONAL DATA
3.1 The Joint data controllers process the following website visitor personal data:
3.1.1 Marketing Data: name, e-mail, contact data, consent to direct marketing.
Source: website visitor when entering their data on the form on the website
3.1.2 Website Data: IP address (including location based on IP address), Internet service provider, referrer URL, date, time, access token, session key, web browser type and version, operating system, amount and status of data transmitted, MAC address;
Source: website visitor’s web browser when navigating our website
3.1.3 Cookie data: the Joint data controllers use cookies on its websites to optimise the websites and their functions. Cookies may collect personal data. For more information, please consult Olybetsportsbar Cookie Notice.
Source: website visitor’s web browser when navigating our website
3.2 The Joint data controllers do not process special categories of personal data related to the website visitor (data concerning racial or ethnic origin, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about health and genetic and biometric data).
3.3 Depending on the purpose and nature of the processing, The Joint data controllers collect personal data related to the website visitor from the website visitor, website visitor’s browser by cookies and the website visitor’s Internet service provider.
4. LEGAL BASIS AND PURPOSES
4.1. The legal basis and purposes for data processing are outlined below:
| Purpose | Legal basis | Categories of data |
|---|---|---|
| Direct marketing of Olybetsportsbar content | Consent | Marketing Data |
| Conducting consumer games, such as raffles | Performance of contract | Marketing Data |
| Maintenance and improvement of the website | Legitimate interest | Website Data, Cookie Data |
| Management of resources, including intra-group data transfers | Legitimate interest | All collected data |
| Data sharing within the group for the organisation of joint campaigns | Legitimate interest | Marketing Data |
4.2 In the case of data processing for the performance of legal or contractual obligations, the website visitor is obliged to provide such personal data. Failure to provide such data will prevent the Joint data controllers from fulfilling its contractual or legal obligations and will limit the website visitor’s ability to use the services offered.
4.3 Where the Joint data controllers process personal data on the basis of legitimate interest, the Joint data controllers have assessed that its legitimate interest in processing personal data for certain purposes outweighs the interests and rights of the website visitor.
4.4 Where the personal data is processed based on the website visitor’s consent, then this consent can be withdrawn by contacting the data protection officer, whose contact details can be found in clause 1.3, or by clicking at the unsubscribe link at the end of every marketing message.
5. PROFILING AND AUTOMATED DECISION-MAKING
5.1. Profiling is not used on this website.
5.2. Automated decision-making which produces legal effects or otherwise significantly affects the website visitor is not used on this website. However, we may use several randomness generators in order to determine the winners of the raffles. These are always done by a human, based on Marketing Data on those customers who have accepted to participate in the campaign.
6. TRANSMISSION OF PERSONAL DATA
6.1 In order to provide services and/or to fulfil its legal obligations, the Joint data controllers use partners as personal data processors, who process data based on and to the extent of the instructions given by the Joint data controllers.
6.2 When processing personal data, Joint data controllers will transfer your personal data to the following recipients, which may be either data controllers or processors: its own group companies, public authorities, courts, banks, auditors and legal advisors, insurance companies, analytics service providers, fraud detection and prevention service providers, survey service providers, archiving service providers, information transmission and communication service providers.
6.3. Generally, the Joint data controllers’s partners are located in the European Economic Area. If the Joint data controllers’s partner processing the data is located outside the European Economic Area, the safeguards to be used for the transmission of personal data are: an adequate level of data protection in the recipient country in accordance with the European Commission’s decision, or the use of standard contractual clauses for data protection developed by the European Commission in the cooperation agreement (click on the relevant link for more information).
DATA RETENTION
6.4 The personal data of a website visitor is retained until the purposes of the processing have been fulfilled or until the obligations arising from the legislation have been fulfilled as follows:
6.4.1 Marketing Data is retained until the withdrawal of the marketing consent.
6.4.2 If Marketing Data is also used for participating in the raffles or other campaigns, then this data is retained for a period of 3 years after the winners of the raffle have been determined, unless specified otherwise in the terms and conditions of a particular raffle or other campaign from time to time.
6.4.3 Website Visit Data (if containing personal data) and Cookie Data is retained in accordance with the retention times stated in the Cookie Notice. This depends on different types of cookies that are used.
