Double Diamond Gaming Ltd.’s – Privacy Policy

At Double Diamond Gaming Ltd TA Rainbow Casino, we take your privacy seriously. We are committed to protecting and respecting any personal data you share with us, and keeping it safe. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this privacy statement.

Our privacy principles

  • We take your privacy seriously
  • We are committed to protecting the security of your personal information
  • We comply with data privacy laws when using your information
  • We will explain your rights to control your personal information to you and how to use them

This policy explains how we promise to look after your personal data:

  • who we are
  • what information we collect
  • how and why we use it
  • how it is stored
  • who we share your information with
  • your rights with regard to any information you share with us.
Who We Are?

Double Diamond Gaming Ltd TA Rainbow Casino is a registered company (number 6896085). Our registered office if 1 Portland Road, Birmingham, B16 9HN.

We will use the information we collect about you in accordance with the General Data Protection Regulation (2018) (GDPR), and the Data Protection Act (2018).


What Personal Data Do We Collect?

Personal data is any data that can identify an individual. We may collect, use and store personal data when

  • you become a member (registration)
  • anti-money laundering limits and thresholds reached
  • register for mailing lists and promotions
  • update your details
  • request information with regards to a conference/ party booking or event
  • visit our offices or sites
  • use our website, social media pages or app
  • apply for a job
  • visit our restaurant and or book a conference/package or event
  • supporting the NHS Test and Trace where necessary to help stop the spread of COVID-19.
  • For customers, membership details will be used to support NHS Test and Trace
  • Under section 12 of the Health Protection (Coronavirus Restrictions) (No. 2) (Wales) Regulations 2020 the collection of details to help support Test and Trace at our Cardiff Casino is mandatory.
  • From 18th September 2020, it is mandatory to share our data with NHS Test and Trace at our Bristol Casino and Birmingham Casino
  • From 14th August 2020, it is mandatory for our Aberdeen Casino to collect Test and Protect data .
  • If any customer does not want to share their details at any of our casinos to support Test and Trace or Test and Protect, entry will not be allowed on the premises.
  • For visitors, the visitors signing in book will be used to support NHS Test and Trace. The primary function of this book is to comply with Health and Safety and Fire Risk Register. To support the company in helping to reduce the risk of the spread of COVID within the workplace, two additional questions have been added to the visitors sign in book, this is to support our Health and Safety.
We are required by law to comply with anti-money laundering and responsible gambling regulations/legislation, we may need to request proof of identify and source of funds documents


We may collect the following information from or about you:

  • Name, address, telephone number(s), date of birth, e-mail address, nationality, ethnicity, visits, occupation, interests, social media information
  • Identification, for example passport/driving license
  • Profile Information, this includes username and passwords, IP addresses of devices, MAC address of devices, interests and preferences
  • Play history, drop and win information, player tracking data
  • Payment transactions
  • Offences and reasons for refusal of entry
  • Use of our WIFI
  • Marketing preferences, including communication
  • Allergies and dietary requirements (for you or your party)
  • CCTV security recordings
  • Information that is publicly available
  • Consents, any permissions, consents or preferences that you give us
  • Reward schemes, details about reward schemes you may be part of
  • Data collated from participation in promotions or competitions
  • Information you provide to us by email, letter, telephone, social media, via our websites or apps, or in person
  • To prevent and detect fraud and crime (for example through the use of CCTV in our sites)

We may need to obtain sensitive information with regards to health information such as disability needs (e.g. to assist with seating for conferences or party packages), allergies (e.g. restaurant bookings/conferences or party packages).


Online Information

We receive and store certain details through “cookies”, through websites and apps. Cookies are small files containing text documents that are stored in your browser or hard drive of your device, and are used to transfer information.

We use social media to provide updates on our activities and to promote events and projects.

In order to help us track whether we are sending relevant information we may track and record vouchers, emails and text messages we send you or you collect.

We also use online tracking and analysis services such as Google Analytics, this helps with understanding how our websites are attracting new visitors, which marketing activities are working, this information enables us to enhance our online offering.


Data from third parties

We may also collect information about you from third party providers. This may include information with regards to age, source of funds and to reduce risk, fraud or illegal activities.

The providers we use for the above are

  • Accuris Intelligence Information Systems (formerly C6)
  • Publicly available sources
  • PlayingSafe and SENSE
  • COIN
  • Regulatory and Enforcement Agencies


How Do We Use This Information?

We will use your information for the purposes listed below on the basis of:

  • To fulfill a contract we have with you
  • When you consent to it
  • When it’s in our legal duty
  • When it’s in our legitimate interest

The following are the most commonly used reasons for using your data:

  • to ensure compliance with policies, procedures and laws
  • to manage our relationship with you
  • to develop new ways to satisfy our customers’ needs and expectations
  • to process a transaction and carry out completion of a purchase (your personal information and card details may be passed to third party service providers; card details will only be used in this way for the purpose of handling an individual transaction)
  • marketing campaigns and preferences, to ensure we know your preferred contact method
  • to ensure that the information we already hold is accurate and up to date
  • to improve our products, services and information in the future
  • to contact you if there is any important change to your booking or visit (conference or party package)
  • to assist us with reporting and analysis
  • to protect against fraud or unlawful activity
  • to share with approved suppliers (for instance direct mail)


Sharing your data with third parties

We share your information in very limited circumstances set out below:

  • Where we are required to do so (for example legal request)
  • When we need to work with a third party or integral service provider, for example, IT service provider, marketing communications provider, payment providers, system providers and Consultants. Each provider is carefully checked, we only pass on the information required for them to perform the agreed service on our behalf. Please be assured that they cannot use your data for any other purpose than agreed.
  • With our insurance brokers or insurers for claims or potential claims
  • Companies approved by you, if you log-in via your accounts with them
  • With NHS Test and Trace, Environmental Health or Health and Safety executives.


Sharing data outside the EU

On occasions we may need to transfer your data outside of the EEA. This will only be completed once we have ensured that there are appropriate safeguards in place to do so, for example the same policies are in place as if your data was inside the EEA.

If we use providers based in the US, we may transfer data to them if they are part of the EU- US Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.


How we keep your data safe

We are committed to keeping your data safe and secure and have put in place measures to prevent your data being accidentally lost, used or accessed in an unauthorised way, including: -

  • Restricted Access to data
  • Firewalls
  • Anti-virus/malware
  • Data destruction policies

We limit access to your data to those employees, agents and or contractors who have a business need to know. Your data will only be processed on our instructions.

If required by law (e.g. by police, regulatory bodies or legal advisers) we may need to disclose your details. We will ensure information is held securely, and only those who need access to it can see it. We will delete this information when we no longer need it.

We have policies and procedures to deal with any suspected personal data breach and we will inform you and, if applicable, the regulator of a breach where we are legally required to do so.


How Long Will We Keep Personal Data (Data Retention)

We will only retain your information for as long as is necessary to fulfil/provide the purposes we collected the information.

  • Factors used to determine the length of retention are:
  • If the information must be kept for our legitimate business interests, such as fraud prevention and security.
  • Whether we have a legal obligation to retain
  • If there is an outstanding issue, claim or, dispute requiring us to keep such information until the issue, claim, or dispute is resolved

With regards to anti-money laundering regulations, problem gambling and suspension details, we may hold your data for a longer time period, the time frame will be as we deem necessary.

We typically keep your personal data, including transactional history and complaints, for 5 year or 7 years if there are financial transaction attached to your record (debit card/cheques) after the last transaction? Our reasons for the length of data retention is to comply with regulations that apply to us, to enable us to respond to any questions, claims or complaints, to ensure that your records are kept up-to-date.


Your Rights

You have rights including the following:

  • The right to request personal data
  • The right to request correction of your personal data
  • The right to request erasure of your personal data
  • The right to object to processing of your personal data or to withdraw consent
  • The right to request restriction of processing your personal data
  • The right to request a transfer of your personal data to another service provider
  • The right to lodge a complaint with the Information Commissioner’s Office

Please note if you withdraw consent to use your data, we may not be able to provide you with certain products or services or inform you of promotions.

If you request us to no longer send you any marketing communications please allow 72 hours for your request to be processed in our system.


Subject Access Request/Right of Access

You may at any time exercise any of the above rights, including requesting a copy of your personal data as well as other supplementary information including what information we collect, how and why we use it, how it is stored and who we share your information with.

This right of access is commonly referred to as subject access request. To make a subject access request you can contact us in writing by post, email or by phone on the contact details below. Before responding to your request we may ask you to verify your identity, (either a valid passport plus proof of address or valid driving licence), to ensure that your data is kept secure and not disclosed to any person who does not have the right to receive it.

We will aim to respond to all legitimate requests within 30 days, if we request identification the 30 days will commence from receipt of satisfactory identification. However, if your request is particularly complex, we will contact you and extend the 30 day period.

You will not have to pay a fee to access your personal data, however we reserve the right to charge for reasonable administrative costs if your request is clearly unfounded, repetitive or excessive.


Changes to this policy

We may update or change this Policy from time to time, and any significant changes will be displayed on our website (https://rainbowcasino.co.uk/) or by contacting you directly at the casino. This policy was last updated on 17/09/2020.


Do you have any questions or concerns?

Email us: DPO@rainbowcasino.co.uk

Write to us: Data Protection Officer, Double Diamond Gaming Ltd, 10th Floor Cobalt Square, 83 Hagley Road, Edgbaston, Birmingham B16 8QG

Call us: 0121 454 0987


If you are not happy with the way in which we have dealt with your personal data or your enquiry with regards to personal data, you have the right to make a complaint to the data protection regulator/ICO..

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk