By clicking 'Accept All Cookies', you agree to the storing of cookies on your device to enhance site navigation, analyse site usage, and assist in our marketing efforts.See our Cookies Policy.
Protecting Your Personal Data
Genting Casinos UK
What’s new: Updated following our successful trial of Facial Recognition Technology at the Palm Beach Casino. See our Live Facial Recognition FAQs HERE.
The privacy of our customers is important to us - we are committed to protecting your personal data and processing it in compliance with all applicable data protection and e-privacy laws, including the UK General Data Protection Regulation and the Data Protection Act 2018.
This privacy notice provides information on how Genting Casinos UK Limited and its UK group companies collect, process and retain your personal data through your interactions with us and through your use of our websites and mobile apps. It also explains the lawful bases we rely on for that processing, and your rights in relation to your personal data.
We encourage you to read it so that you are fully aware of how and why we are using your personal data.
This privacy notice applies to the following Genting UK companies:
Any references to “Genting”, “we”, “us” or “our” are references to all of our UK casino brands and trading names including “Genting Casinos”, “Genting Clubs”, “Crockfords”, “Crockfords Cairo”, “Palm Beach”, “Forty-Five Kensington”, “Colony Club” and “Genting London Chinatown”.
Your personal data may also be processed by other companies within the Genting UK group of companies from time to time, most commonly by our parent company, Genting UK plc (company number 01519749) and its subsidiary company Genting Solihull Limited (company number 06601106) both with the registered office address of Genting Club Star City, Watson Road, Birmingham, B7 5SA.
These group companies may act as data processors on behalf of Genting Casinos UK Limited or Genting Casinos Egypt Limited, or as independent data controllers in their own right. Any processing carried out by these entities takes place further to intra-group arrangements to deliver IT infrastructure services, data security, marketing, finance and legal group services in support of our day to day commercial operations. All of the above Genting companies are also registered with the UK Information Commissioner’s Office (ICO).
If you have any questions about this privacy notice, your data protection rights or our data protection practices more generally, please contact our Data Protection Officer (DPO) on DPO@gentinguk.com. Our DPO works across all of Genting’s UK companies and will be able to assist with your queries.
The majority of the personal data that we use is collected from our direct interactions with you when you make use of our services. This includes where:
We outline the personal data that we collect and why we collect it later on in this notice.
Your Rights: You generally have a choice as to whether you provide us with your personal data, but we may be unable to offer you certain services or provide you with materials you have requested if we do not have the necessary information to do so.
Generally the amount of personal data that we collect, process and retain shall be limited as far as possible to what is strictly necessary in connection with the relevant purposes for which it is collected.
We may also collect personal data about you from third parties. This is usually to ensure that we comply with our legal and regulatory obligations and enable us to provide you with our services. We will protect this data in the same way that we protect the personal data that you provide to us directly and in line with any other requirements we are placed under either by the source of the data (where there is a contractual obligation to do so) or if we are required to by law. Examples of third parties who share personal data with us include:
Our legal basis for processing your personal data will vary depending upon the services that we provide you with and/or your choices.
Our main legal bases for processing your personal data are one or more of the following:
Special Category personal data consists of data about your race; ethnic origin; politics; religion; trade union membership; genetics; biometrics; health; sex life; or sexual orientation.
Where legally required we will ensure that we have asked for and received your explicit consent to us processing this type of data at the time that we collect it (or as soon as is possible if it is passed to us from a third party). We will explain to you why we collect this data and how long it will be retained at the time that it is collected.
We outline our specific legal basis for processing the personal data we collect from you against our categorised use of such data in a separate table in the section entitled ‘The personal data we collect’.
For more detailed information on your rights, please see the Your Rights section below.
We use your personal data for a number of different reasons, some of which may not be immediately apparent to you, therefore we have explained in detail how we use your personal data in the below table.
We outline our specific legal basis for processing the personal data we collect from you against our categorised use of such data a separate table in the section entitled ‘The personal data we collect’.
Purpose | Use and examples |
---|---|
Fraud prevention / Anti-money laundering | When you use our services we may need to process and verify your personal data to comply with fraud prevention and anti-money laundering requirements, regulators’ requirements (including the UK Gambling Commission and other industry standards. In some instances, we may share your personal information with third parties to conduct identification or verification checks and/or to enable financial transactions to be processed. Specific examples are:
If you would like to know more about gambling regulation and the obligations we are placed under as a licensed gambling operator, please visit the UK Gambling Commission’s website (www.GamblingCommission.gov.uk) In our view, our processing of your personal data under this category is essential to our ability to comply with legal and regulatory requirements, and to protect our business and customers. Should you object to our use of your data for these purposes your only option may be to terminate your membership and/or not use our services. Even if you do so we may retain some data for a period of time due to legal and/or regulatory obligations. |
Compliance with legal and regulatory obligations | We are subject to a number of laws and regulations and we are required to process and provide personal data requested by regulatory bodies, law enforcement agencies and the courts. Some of the legal and regulatory obligations we are placed under require us to use personal data collected for certain purposes and/or to retain it for a specified time period. We may also be required to share information with industry bodies. We have in place a number of safeguards and mitigations to ensure that your personal data is processed proportionately and safely when processed for these purposes. Specific examples are:
If you would like to know more about gambling regulation and the obligations it places Genting under, please visit the Gambling Commission’s website (www.GamblingCommission.gov.uk )
In our view, our processing of your personal data under this category is essential to our ability to comply with legal and regulatory requirements, and to protect our business and customers. Should you object to our use of your data for these purposes your only option may be to close your account and/or not use our services. Even if you do so we may retain some data for a period of time due to legal and/or regulatory obligations. |
General commercial operations | We use personal data to manage the day-to-day operation of our business and to enable us to provide you with our products and services. This includes management of customer preferences, suppliers, and other relationships, sharing information within the Genting group, implementing safety procedures and allocating resources. Specific examples are:
Processing identifiable personal data by anonymising/de-identifying/re-identifying/pseudonymising.
We may use cookies to facilitate our ability to personalise some of the services we refer to in this section. You can control this through your browser settings. Please see the Cookies Policy for more information on our use of Cookies and how to manage their settings. In our view, our processing of your personal data under this category is essential to our ability to ensure that we protect our commercial interests. Should you object to our use of your data for these purposes you have the option to close your account and/or not use our services. Even in these instances we may retain some data for a period of time due to legal and/or regulatory obligations. |
Marketing | We will process certain personal data to gather market intelligence, promote products and services, communicate offers to individual customers and monitor the use and take up of our loyalty and reward cards and points and promotions (for example, so that we will have an understanding of your interests so that we can send you offers more relevant to you). We may also provide aggregated and pseudonymised or anonymised data to third parties – where we do this we will ensure that these third parties take appropriate measures to secure any personal data that is provided, however we would look to anonymise / pseudonymise where possible. We will never pass your contact information to third parties for them to use for their own marketing purposes unless we have your consent. Where you have opted-in to receive direct marketing communications from us (or have not chosen to opt-out as the case may be) we may from time to time engage third party service providers to carry out direct marketing activities on our behalf. In such cases, our third party service providers are not permitted to use your details for their own direct marketing activities or to pass your data on to any other third parties for these purposes. Such arrangements are subject to contractual protections to ensure the safeguarding and integrity of your data in accordance with the relevant data protection laws. Specific examples of the marketing we will undertake are:
Preference CentreWe have created a preference centre within which you will be able to control how and why we contact you for the purposes of direct marketing. We will include a link to our preference centre in all of the communications that we send to you. We will only ever contact you in accordance with your contact preferences.
You can update your contact preferences or opt-out from the receipt of direct marketing in our preference centre, at reception, or by following the instructions in any marketing communications we send you. In App Data Collection / Use and Website MarketingIf you are a user of any of our mobile Apps or our Website, we may send you push notifications. You can disable these notifications independently through your devices settings and by following the prompts issued on download of mobile Apps.. We use services to review in-App events as part of your use of our mobile gaming Apps. These technologies collect information regarding in-App player activity such as new-user registrations, login and session times, device and IP data. Our third party partners do not process this data for their own purposes and provide only hosting and reporting solutions for Genting’s internal business activities. Data collected via these technologies allows us to analyse and improve our services, to offer you gaming experiences and marketing more tailored to your preferences and to measure the effectiveness of our advertising campaigns. You can manage data collection and Ads preferences via your device's privacy settings (e.g. Apple iOS Limit Ad Tracking , Opt-out of seeing personalised Ad on Android device/Google ). |
Profiling or segmentation | MarketingWe would like to be able to contact you about specific offers and promotions that we believe will appeal to you. In order for us to be able to approach our marketing in a socially responsible and non-invasive manner we need to fully understand your use of our services by carefully analysing your preferred products and average spend alongside the records that we hold about our other customers. We analyse your data by placing it into pre-determined segments based on the specific offer or promotion we are operating.
Social Responsibility / Anti-money laundering / Business recordsWe may also profile or segment your personal data to ensure that we act in socially responsible and lawful manner, and to enable us to produce anonymised transactional business reports. We will only share the results of this information externally if we are required to do so by law. Important Information
IF YOU DO NOT WANT US TO SEGMENT OR PROFILE YOUR INFORMATION FOR MARKETING PURPOSES, YOU WILL NEED TO OPT-OUT OF THE RECEIPT OF ALL MARKETING FROM US.
|
Sharing with, or processing by, third parties | We may need to provide your personal data to third parties in order to deliver certain aspects of our services to you and to generally run our day to day business operations. The majority of these third parties are our service providers or other companies within the wider Genting group of companies. Where we do this we will ensure that these third parties take appropriate measures to secure your data. Specific examples are:
We may in some instances have to share your data with third parties who provide services to us that are based in countries that are outside of the UK or permit these third parties to access our systems. Whenever we disclose your personal data to third parties, we will require that third party to have appropriate technical and organisational measures to safeguard your personal data. |
The data that we collect from you will vary depending upon the services that we provide you with and your choices (including your privacy settings). We outline the data that we may collect, our use of that data and our legal basis for processing that data in the table below.
Personal Data Collected | Use of Personal Data | Processing Condition |
---|---|---|
Name and other contact information (including title, date of birth, gender, nationality, address, telephone numbers, email address, customer/user ID and proof of identity information. |
|
|
Payment card or bank account information |
|
|
Closed circuit television (CCTV), photographs, or audio recordings of you | This information will only be collected when you visit our land-based casino premises.
Please note, Genting instructs third parties to provide security services at most of its casinos. Some of these third parties may make use of Body Worn Video devices from time to time – these devices are currently in use at our Birmingham Chinatown, Palm Beach and Resorts World casinos. Recordings collected from third party Body Worn Devices are not under the control of Genting and we do not receive or store copies of the footage. If you wish to obtain copies of Body Worn Video footage featuring you, our staff can provide you with the contact details of the relevant third-party security company so that you can submit your date access request directly to them. |
|
Live image streaming / biometric data created through use of Live Facial Recognition Technology |
Please see our LFRT FAQs for more information. |
|
Offences |
|
|
Technical / device information (including IP address, cookies, geo-location, browser information and operating system information) |
In the majority of cases we are not able to personally identify you from Cookies. See our Genting Casinos Cookies Policy for more information. |
|
Customer records relating to due diligence, gaming and responsible gaming (including occupation, passport and driving licence copies and proof of signature) |
|
|
General correspondence |
|
|
Medical conditions |
|
|
Social media account information |
|
|
Information regarding marketing preferences |
|
|
We will retain your personal data for as long as we need it in order to fulfil the purposes that are outlined in this Privacy Notice, provided that we have a valid legal reason to do so. Because these needs can vary depending upon the purpose of our processing the data, the length of time that we process the data can vary significantly.
In order to determine the length of time we will retain your data we consider the following factors:
When we no longer need to retain your personal data we will always ensure that it is deleted securely or anonymised by us and we will also require third parties with whom we have shared your personal data to have deleted it also.
In instances where we want to retain data for analysis purposes for a longer period than we are able to we will anonymise this data such that it can no longer be linked back to you. Where we do this the information will no longer be your personal data.
Please note that if you opt-out from the receipt of marketing from us, we may need to retain your contact information in order that we can ensure that you no longer receive such marketing.
We are committed to taking appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and also against accidental loss, destruction or damage. We use a variety of technologies to help to protect your personal data.
For example, we ensure that your personal data is stored on computer systems that have limited access and that are in secure controlled facilities, we ensure that appropriate protection is in place whenever we allow access to your personal data by third parties.
Under UK Data Protection Laws, you have a number of rights with regard to your personal data. Here is more information about them -
We are obliged to comply with, or respond to, any requests you make to exercise your rights free of charge and within 30 days of receipt of the request.
You have the right to complain to the UK data privacy regulator (the ICO) if you believe that we have infringed your data privacy rights or disagree with a decision we have made about your personal data. You can contact the ICO at www.ico.org.uk.
We may update this privacy notice from time to time as and when we make any material changes to how we process or look after your personal data. You can obtain a copy of the latest version at any time by contacting our Data Protection Officer via DPO@GentingUK.com or by visiting our website.
Last Reviewed: February 2023
Next Review Due: February 2025
Genting Casinos UK Limited