Privacy Statement

1. INTRODUCTION

This privacy statement serves to inform visitors to our websites about data processing when using NOVOMATIC AG websites.

NOVOMATIC AG Group sets particular store by protecting your personal data and we would like you to be able to visit our websites without any concerns. In most cases it is possible to use our website without providing personal information. The following privacy statement provides an overview of how NOVOMATIC AG Group guarantees the protection of your personal data, along with which types of data are collected for which purpose.

Name and contact details of the data controller:

Your trust is very important to us. Should you have any further questions regarding the processing of your personal data while viewing this website, please contact the data controller in writing at:

NOVOMATIC SPORTS BETTING SOLUTION GMBH
Novomaticstraße 18
2352 Gumpoldskirchen
Österreich
E-mail: info@n-sbs.com

Privacy contact: datenschutz@admiral.at

2. IP ADDRESS

The IP address is transmitted on every server request to let the server know where the response has to be sent. Your Internet Service Provider (ISP) gives you an IP address as soon as you connect to the Internet, and the ISP can retrace which IP address was assigned to which of its customers at any given time. For as long as the IP address is saved, it is theoretically possible to identify the owner of the Internet connection via the ISP. For this reason, we and our statistics providers do not save the IP address permanently but only temporarily for session recognition and for security reasons (for example to ward off hacker attacks). The IP address is then immediately deleted, so that any collected data are made anonymous and it is no longer possible to identify the user, not even via the ISP.

3. COOKIES

3.1. Legal basis for the use of cookies

We use cookies in accordance with the statutory provisions of the Austrian Telecommunications Act (TKG) 2003 as well as the General Data Protection Regulation. The legal basis is your consent given by you to us via our cookie banner. You can revoke your consent at any time by opening the cookie banner again and clicking on “Reject cookies”, without this resulting in any disadvantages for you or restricting the use of our website.

In addition to these, there are certain cookies that are absolutely necessary in order to provide a service requested by you. The solely purpose of these cookies is to protect our website against unauthorized access and attacks. This means that no consent needs to be given for these cookies.

3.2. Required cookies

When you log on to our website with your user name and password, a session cookie containing a unique identification number is stored on your device. This cookie is required for our website to ensure that you have properly signed in, which means that does not need your consent in our cookie banner.

The session cookie is used exclusively to protect your content against unauthorized access and thus to ensure the security of our website. It is automatically deleted as soon as you end your session, i.e. close the browser.

4. INFORMATION TO BE PROVIDED

We hereby inform you about the personal data processed within the framework of this website or within the framework of a (pre-) contractual business relationship and the privacy claims and rights to which you are entitled.

4.1. Categories of personal data

Personal data that you enter yourself when filling in the forms for "Information request”, "Application" and "Contact us" are processed. NOVOMATIC AG Group processes your personal data exclusively in the context of the purpose for which you voluntarily provided your data in exercising your right to informational self-determination. This consent to the processing your personal data for the stated purposes remains valid until you revoke it, at any time, within the scope of the data protection regulations.

4.1.1 Categories of data subjects

Customers and suppliers as well as interested parties
If you have a (pre-) contractual relationship with NOVOMATIC AG Group, the personal data you provide or request will be processed for the purpose of the (pre-) contract. This also includes master data and, if applicable, payment data and correspondence data.

Purpose of the processing: Data processing is carried out for the purpose of processing an existing or prospective business relationship.

Legal basis of the data processing: Art. 6 para. 1b GDPR in conjunction with the agreement. In a legal case, data may also be processed within the scope of a legitimate interest as defined by Art. 6 para. 1 f GDPR, which must be submitted to legal representatives and courts in the event of an existing business relationship or, after termination of a judicial dispute, which is necessary for the legal proceedings.

Storage period or criteria for determining the period: The storage period is subject to the statutory storage and limitation periods of the Austrian Federal Fiscal Code (BAO) and the Austrian Commercial Code (UGB).

Transmission to third parties: The data resulting from the contractual relationship may be transmitted to tax authorities, courts or other public bodies. A statutory obligation exists here. The data will also be transmitted to our tax advisors, auditors, legal representatives, banks and insurance companies, as required.
You can find details about your rights as a data subject in accordance with Chapter III GDPR below.

4.2. Right of access to personal data

In accordance with the provisions of the GDPR, you have the right to information at any time about the data processed in the NOVOMATIC AG Group to your person, their origin as well as possible recipients of transmissions and the purpose of the data use. Information can be obtained, based on your written request, from the data controller, listed under point 1. If all legal requirements for the processing of your request for access to personal data have been met, we will comply with it and grant you the relevant access to your personal data within a period of 1 (one) month.

4.3. Right to erasure

In accordance with the provisions of the GDPR, you have the right at any time to the erasure of your personal data which were processed by NOVOMATIC AG Group, provided that your request for erasure does not conflict with any potential statutory retention periods or other legal obligations. If all preconditions for implementing your request for erasure have been met, we will comply with it and erase your data within a period of 1 (one) month.

4.4. Right to object

In accordance with the provisions of the DSGVO, you have the right - insofar as the processing of your personal data is not provided for by law - to object to the violation of your overriding confidentiality interests, which are worthy of protection. If these preconditions have been met, we will delete your data within a period of 1 (one) month, taking into account any legal retention periods.

4.5. Right to restriction of processing

In accordance with the provisions of the GDPR, you have the right to restrict processing of personal data under certain conditions. If all statutory preconditions have been met, we will restrict the processing of your personal data within a period of 1 (one) month.

4.6. Recipient categories and automated decision making

The data will not be passed on to recipients who use this data for their own purposes. No transfer to recipients in a third country (outside the EU) or to an international organisation is envisaged. There is no automated decision-making process.

4.7. Right to data portability

In accordance with the provisions of the GDPR, you have the fundamental right to receive the personal data provided by you in a structured, common and machine-readable format.

4.8. Revocation of consent

In accordance with the provisions of the GDPR, you have the right to revoke your consent to the processing of your personal data at any time, without stating any reasons. In this case, we will not process your data further and will erase them, taking into account any statutory retention periods, within a period of 1 (one) month.

4.9. Complaining to the Data Protection Authority (DPA)

In accordance with the provisions of the GDPR and the Austrian Data Protection Act (DSG), you have the right to lodge a complaint with the Data Protection Authority (www.dsb.gv.at) if you believe that the processing of your personal data is in violation of the GDPR or the DSG.

5. PRIVACY POLICY

The NOVOMATIC AG Group regards privacy (data protection), information security and reliability as the basis for stable and successful customer relations. We would therefore like to take this opportunity to inform you about the Privacy Policy we have in place for the entire NOVOMATIC AG Group.

5.1. Privacy Principles

Protecting privacy and safeguarding your personal data is very important to us.

All data applications operated by NOVOMATIC SPORTS BETTING SOLUTIONS comply with the provisions of the General Data Protection Regulation of the European Union (GDPR for short) and the Austrian Data Protection Act (DSG for short) as well as other industry-specific regulations. In accordance with Art. 5 para. 1 of the GDPR, all employees are obliged to process your personal data lawfully, in good faith and in a manner that can be understood by you, and to comply with the rules on data confidentiality as defined in Section 6 of the Austrian Data Protection Act (DSG).

Compliance with the data protection and data security regulations is guaranteed across the entire Group by the following binding measures:

  • Privacy Concept
  • Privacy Policy
  • Privacy Program
  • Privacy Management System

5.2. Privacy Concept

The Privacy Concept lays down the desired level of data protection security (the protection requirements) as defined by the legal representatives of the NOVOMATIC AG Group. This serves as the basis for the development of the demands on Privacy Policy and on the continuous privacy improvement process within the entire NOVOMATIC AG Group.

5.3. Privacy Policy

On account of the assessment of privacy-related processes and the relevant data protection legislation, a written Privacy Policy was drawn up for the NOVOMATIC AG Group to serve as a basis for the implementation of the Privacy Program and the establishment of the Privacy Management System.

5.4. Privacy Program

As part of the Privacy Program, data protection goals are continuously being specified and the measures to be implemented are defined in the form of a work program and provided with corresponding implementation deadlines.

5.5. Privacy Management System

The Privacy Management System defines the rules, policies, measures, resources, methods, responsibilities, procedures and organization structures for implementing and monitoring the Privacy Program.

Modeled on the international standards ISO 9001:2015 and ISO/IEC 27001:2017, our Privacy Policy was designed along the lines of the PDCA (Plan, Do, Check, Act) model to achieve continuous improvement.

5.6. Processing activities

In accordance with Article 30 GDPR, NOVOMATIC SPORTS BETTING SOLUTIONS maintains a so-called "record of processing activities" in which the data applications operated by it as well as the relevant processing activities are documented. This existing record should always be kept up-to-date in accordance with the data protection provisions of Article 30 GDPR.

5.7. Special categories of personal data

NOVOMATIC SPORTS BETTING SOLUTIONS does not process any special categories of personal data within the meaning of Article 9(1) GDPR on its website.

5.8. Guaranteed Data Protection

In principle, we do not process your personal data without your consent or within the framework of the existing contractual relationship with you and for the agreed purpose. We store your personal data in accordance with the applicable prescribed statutory time periods.

5.9. Transferring and Surrendering Data

Any transfer of personal data to third parties is made only with your consent. Excepted from this are data transfers that are necessary due to a legal obligation or for fulfilment of a contract. The transfer of personal data to processors (service providers) shall, in principle, be limited to those undertakings providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing the personal data complies with the requirements of the GDPR and ensures the protection of the rights of the data subject.

5.10. Data Security

The technologies employed by the NOVOMATIC AG Group to process your personal data (hardware, software, network, infrastructure) comply with state-of-the-art security technologies. Appropriate technical and organisational measures have been set for these procedures, in order to comply with the requirements of the GDPR.