1. Introduction | 2. Collection of Personal Data | 3. Types and usage of information we collect | 4. Disclosure of Personal Data | 5. How long we keep your data | 6. Profiling | 7. Your data privacy rights | 8. Security | 9. Cookies | 10. Changes to our Privacy Notice | 11. Contact us | 12. Glossary
This Privacy Notice is intended to help you understand why we collect your personal data and how we use them. We hope you all take the time to read it carefully.
1.1 Who we are
STOIXIMAN LTD, an entity based in Flat B8, The Atrium, West Street, Msida, MSD1731, Malta and registration no. C 95597 (hereafter the “Company”), which maintains a branch in Greece, at the address Neratziotissis 111, Marousi t.c. 151 24, is the owner and administrator of the current site. The Company belongs to a group of companies (”Kaizen Gaming Group”) that offer a wide range of services, from software development to optimum online gaming services to customers in multiple jurisdictions around the world, i.e. Greece and Cyprus under the Stoiximan brand, and Germany, Portugal, Romania, Czech Republic, Bulgaria, Brazil, Chile, Ecuador, Peru, Nigeria, Ontario and Rest of Canada under the Betano brand.
1.2. Mission Statement
Recognizing the fast pace of technology and its constant evolution, the protection of an individual’s online privacy is a true concern in today’s digital economy. Our mission is to provide a safe and secure environment for our users to enjoy our services while ensuring their privacy is respected and protected at all times.
The following principles set the foundation of Kaizen Gaming Group stance on privacy:
- Access: As the owner of the information, you have the control over the privacy of information provided to and processed by our Company.
- Transparency: We will be transparent about the data collected and how that information will be used so as to allow you to make an informed decision.
- Data Minimization: We only collect and use personal information that is necessary for providing our services and improving user experience. We limit the collection of personal information to what is necessary and relevant.
- Security: Using strong security and encryption techniques, our Company will protect the data entrusted to us by you when using our current site or our services as per market, committed to assure confidentiality, integrity and availability of your data.
- Compliance: As a global organization, Kaizen Gaming respects local privacy laws and will work with you to ensure your legal rights of privacy are respected and adhered to.
By adhering to these privacy principles, we aim to provide our users with the highest level of privacy protection possible. We continuously review and update our privacy practices to ensure they remain in line with best practices and evolving privacy regulations.
Delivering our products and services to our customers around the world, while creating a great environment to work in, so as to provide throughout the world the best and most trusted online gaming experience and essential intelligence as a global data and analytics company, requires that we maintain and continuously foster the trust of our customers, potential customers, candidates, employees, affiliates and third parties.
1.3 Scope of this Privacy Notice
This Privacy Notice describes how the personal data you may provide to us through our website (iroes.gr), and in connection with related services that we offer, is collected, protected and used. It also describes the choices you have as regards this information and guidance on how you can exercise your rights in relation to this data. Our website is provided by the Company as defined below and this Company is the controller of your information. This Privacy Notice applies equally whether you are accessing the website via a personal computer, a mobile device or any other technology or device. For the definitions of commonly used terms in data protection and privacy, you can always refer to our Glossary.
2. Collection of Personal Data
We use different methods to collect data from and about you, including through:
- Direct interactions: you may give us your name, surname, email address, phone number, Sponsorship Description, Theme or Aid Sector, the program you wish to participate in, by filling in the relevant Contact or Participation forms which are available on our Website. This includes the personal data you will provide in your written message when you contact us.and a message by filling in the “Contact” form, available on our Website.
- Automated interactions: as you interact with our Website, we will automatically collect Technical Data about your browsing actions and patterns (Cookies).
3. Types and usage of information we collect
|Purposes of processing your data||Personal Data Involved||Possible consequences of failure to provide the personal data||Legal basis for processing your data|
|1||Enquiries, complaints & troubleshooting||Country, name, surname, email address, message||We might not be able to handle/respond to your query/complaint||Legitimate Interest (Optimal experience for our online visitors and troubleshooting of issues, brand awareness and reputation)*|
|2||Accessing our Website, Enabling basic functionalities, optimal experience of our online visitors & personalized content/ advertisements||Cookies (Essential Cookies, Functionality Cookies, Performance/Analytical Cookies)||Basic website functionalities may not operate properly/ We might not be able to offer you a customized online experience when visiting our Website||Consent**|
|3||Evaluation of eligibility criteria for distribution of sports sponsorships||First Name, Surname, Father’s Name, Date of Birth, Gender, Email, Contact person, Phone number, Sponsorship description, Idea, Topic or area of support, Duration of sponsorship, Communication plan, Benefits to the sponsor, Cost and type of sponsorship, Other Sponsors||You might not be able to participate in the sponsorship||Legal interest*|
|4||Communications Management||First Name, Surname, Father’s Name, Date of Birth, Gender, Email, Aid Area, links, testimonials||We might not be able to handle/respond to your request||Consent**|
|5||Eligibility criteria for the “Little Heroes Learn” program grant allocation||Name, Surname, Father’s name, Date of birth, Gender, Email, State, Municipality, School, Contact person, Telephone number, Number of students||You might not be able to participate in the sponsorship||Legal interest*|
|6||Eligibility Criteria for Allocation of Sponsorship “Little Heroes Travel”||Name, Surname, Date of birth, Gender, Email, State, Municipality, School, Contact person, Phone number, Number of students||You might not be able to participate in the sponsorship||Legal interest*|
|7||Promote the Heroes brand and contribute to the public||Name, photo and voice that can identify you as individuals||You might not be able to participate in the sponsorship|
|8||Participation in the “Stoiximan Running Team” program||First Name, Surname, Father’s Name, Date of Birth, Nationality, Gender, Place of Residence, Country of Residence, Phone Number, Email||You might not be able to participate in the program||Consent**|
|9||Participation in the “Stoiximan Wheel chairs” program||First Name, Surname, Father’s Name, Date of Birth, Nationality, Gender, Place of Residence, Country of Residence, Phone Number, Email||You might not be able to participate in the program||Consent**|
*In the event that We have based the processing of your data on “legitimate interest”, we would like to inform you that we have first made an assessment for balancing our interests with your interests, rights and freedoms regarding your privacy and the protection of your data (“balance test”) and we have concluded that such processing is necessary and proportionate to our goal. For more information, please contact us.
**Your consent means any freely given, specific, informed and unambiguous indication of your wishes by which you, through a statement or a clear affirmative action, agree to the processing of your personal data. To the extent required/permitted under applicable privacy laws, and in accordance with the set conditions, Stoiximan will obtain lawful consent for the collection, use, or disclosure of your personal data. The form of consent used may differ as per case so as to be appropriate based on sensitivity of the information and your reasonable expectations. Consent can be withdrawn at any time; however, such withdrawal will not affect the validity of the processing conducted so far.
4. Disclosure of personal data
4.1 We will not sell, disclose, or rent your personal data to any third party/entities in ways different from what is disclosed in this Privacy Notice. We will only share your data with the following recipients:
- KAIZEN DIGITAL SERVICES MONOPROSOPI A.E., a Greek company of the Kaizen Gaming Group, with headquarters at Neratziotissis Street, no. 111, Marousi, 15124, which is not authorized to process your information unless it is necessary to provide services on our behalf or to comply with legal requirements and does so only in accordance with our instructions as a data processor.
- RUNAWAY GATE I.K.E, a Greek company with the distinctive title “RUNAWAY GATE”, which has its headquarters in Nea Kifisia, at Georgiou Lyra Street no. 53, and ισ responsible for carrying out the programs “Stoiximan Wheel chairs” and “Stoiximan Running Team”.
We also reserve the right to disclose your personal information to third parties, only in the event of the sale or purchase of any business, asset or stock, we reserve the right to disclose your personal information to the prospective seller or buyer of the business, asset or stock.
4.2 Finally, we reserve the right to disclose certain personal information to third parties/service providers independent of us, agents or independent contractors who help us maintain our website and who provide us with other administrative services (including but not limited to processing and order processing, customer service, data retention and analysis, communicating with customers on our behalf and collecting information for entering contests and other offers, selecting winners and awarding prizes). We seek to ensure that these third party/independent service providers will not use your personal data for any purpose other than to provide the services for which they are contractually bound. We also create contracts with these third parties that obligate them to comply with the personal data protection standards required by law and to use the data only for the purposes for which it was transmitted to them. Third parties provide the public with details of how data is processed through their websites or other convenient means.
4.3 We will not disclose your personal data to third parties outside the European Union, in countries where there is no adequate data protection regime. However, should such a data transfer occur, we will take all reasonable steps to ensure that your data is treated with the same security as within the EU/EEA and in accordance with this Privacy Statement and applicable law. In addition, we will update our current Privacy Statement to reflect cross-border data transfers and related safeguards for your privacy.
4.4 Where our website provides links to other websites created and maintained by other public and/or private sector organisations, we provide these links solely for your information and convenience. Stoiximan is not responsible for the privacy practices of websites not operated by or on behalf of Stoximan.
5. How long we keep your data
It is our policy to retain your personal data only for as long as is necessary for the purpose for which it was originally obtained, in accordance with the principles of Data Minimization and Storage Limitation. As per our personal data retention scheme, your data will be retained for a period of three (3) years as of the date of collection. This period might be extended in case that there is an open investigation, process, claim or complaint before any competent court or other body.
We do not conduct automated decision-making processes or profiling when we process the personal data you provide to us through the current website (iroes.gr).
7. Your data privacy rights
At any point and while we are maintaining or processing your data, you have the following rights and can submit a relevant request via email at [email protected]:
- Right of access – you have the right to access the personal data that we hold about you
- Right of rectification – you have the right to correct data that we hold about you that is inaccurate or incomplete.
- Right to erasure – you can ask for the data we hold about you to be erased from our records and we are obliged to satisfy such request in certain circumstances
- Right to restriction on processing – you have the right to request to restrict the processing of your personal data and we are obliged to satisfy such request when certain conditions apply
- Right to data portability – you have the right to have the data we hold about you transferred to another organization
- Right to object – you have the right to object to particular processing activities, under certain conditions
- Right to withdraw consent – you have the right to withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
We will assess your request and reply to you regarding the progress and outcome of the request (granting of request, partial granting of request, rejection of request), as soon as possible and, in any case, in no longer than one month from the date of your request’s submission. In the event that the Company refuses your request regarding the aforementioned Data Privacy Rights, we will provide you with a reason as to why. You have the right to lodge a complaint directly before the local supervisory authority (Hellenic Data Protection Authority) and the Data Protection Officer.
We reserve the right to reject requests that are unreasonably repetitive, require disproportionate technical efforts or have disproportionate technical consequences, risk the privacy of others, or would be extremely impractical.
Protecting your data is of utmost importance for the Company and, in this regard, we constantly strive to provide all possible means of assuring your personal data’s safekeeping, the restriction of unauthorized access and/or potential alterations. Such means include information security measures consistent with current best practices to protect our customers’ privacy. These measures include technical, procedural, monitoring and tracking steps intended to safeguard data from misuse, unauthorized access or disclosure, loss, alteration or destruction.
9.1 What Cookies are
You may find further information about Cookies, including information about how to manage and delete them at www.ec.europa.eu/ipg/basics/legal/cookies/index_en.htm, and www.allaboutcookies.org
9.2 Cookie Types
Session/Persistent cookies: Session Cookies are one-off and get automatically deleted at the end of users’ visit, while persistent Cookies remain stored on users’ devices for a predefined period of time after the end of their visiting sessions, enabling us to identify the users’ browser upon next visit as well as measuring the effectiveness of advertising efforts.
Third party cookies: These Cookies are placed by a third party on users’ devices, providing information about users’ browsing actions and patterns (e.g., visits to website, pages visited, links and advertisements clicked). These Cookies may determine whether certain third party services are being used, identify users’ interests, retarget advertisements and serve advertisements that are relevant to the website’s users. It has to be noted that these cookies adhere solely to the 3rd party’s Cookie Policies for the management of personal data and Our Website does not take any responsibility.
Essential or Required cookies: These Cookies are used for providing users with any requested features or services. Disabling Essential Cookies may make certain features and services unavailable.
Functionality cookies: These Cookies are used to identify our users’ selections and settings, maintain our users’ preferences over time and recognize users when they return to Our Website, assist us in personalizing our content and remember certain user preferences (e.g., name, language or region).
Performance/Analytical cookies: These Cookies help us understand how visitors use our Website, collecting information about the number of visitors, pages visited and visits’ duration. These Cookies help us to measure the performance of our promotional campaigns and their optimization for the best experience of our users.
Retargeting/Advertising cookies: These Cookies collect data on our users’ online activity and identify interests so that we can provide relevant advertising.
9.3 Cookie Settings
You can decide whether or not to accept Cookies. Users may set their browser so that they only allow cookies in individual cases, excluding the acceptance of cookies for all or certain cases and activate the automatic deletion of cookies when closing the browser. By having these settings, a user can still have full access to Our Website, however preferences have to be manually adjusted at each visit and some functionalities may not work optimally.
10. Changes to our Privacy Notice
We strive to constantly review and update our Privacy Notice in order to address potential legislative and regulatory requirements while providing optimal protection of your privacy. Any update will be communicated to you via the current web page and therefore we recommend that you check this page from time to time to inform yourself of any changes in this Privacy Notice.
11. Contact us
If at any time you believe that we have not adhered to the provisions set out within this Privacy Notice or for any other data privacy related matter, please contact us through email at d[email protected] or by calling us at 2155609950.
Kindly be informed that our Data Protection Officer is Eva Rodaki.
Below you may find a list of frequently used data privacy terms and their definitions, aiming to help you understand this Privacy Notice.
Personal Data: Any information that can directly or indirectly identify a living individual (‘data subject’). In plain terms, personal data is one data or a set of data that can single out a person from a group of people. We, at Stoiximan, are legally responsible for our customers’ data, and its storage, protection and use are governed by the General Data Protection Regulations and associated laws.
Process, Processed, Processing: Any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means. Operations performed may include collection, storage, access/use, disclosure, erasure.
Data Subject: Anyone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data Controller: A natural or legal person, Public Authority, Agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of personal data.
Consent: Any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the Processing of personal data relating to him or her.
Data Protection: The process of safeguarding personal data from unauthorized or unlawful disclosure, access, alteration, processing, transfer or destruction.
Data Processors: A natural or legal person, Public Authority, Agency or other body which Processes personal data on behalf of a Data Controller.
Profiling: Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Personal Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Special Categories of Data: Personal data pertaining to or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, data concerning health or sex life and sexual orientation, genetic data or biometric data.
Third Party: An external organization with which Stoiximan conducts business and is also authorized to, under the direct authority of Stoixima, process the personal data of individuals on its behalf.
Third Country: Any country not recognized as having an adequate level of legal protection for the rights and freedoms of Data Subjects in relation to the Processing of personal data.
[V.2 – 07/2023]