This Privacy Notice explains how we process your personal data at Kindred. It applies to, for instance:
This notice is not:
Cookie Notice: Our cookie notice can be found here. It describes how we use cookies and other trackers and how you can manage your cookie settings.
This Privacy Notice may be updated from time to time to reflect changes in the way we work or the way our work is regulated. If significant changes are made to the Privacy Notice we will notify you.
Kindred is Kserol P.L.C., a company duly registered under the laws of Malta, with Company Registration No. C 88882, and having its registered office and business address at Level 6 - The Centre, Tigne Point - Sliema, TPO 0001 – Malta. Kindred belongs to Kindred Group plc (“Kindred”).
Kindred Group is a leading online gambling operator comprising nine brands, including Unibet, Maria Casino, 32Red, Bingo.com, Casinohuone, Kolikkopelit, Highrolling, Vlad Cazino, and Ottokasino. We offer a range of products such as online casino, poker, bingo, and sports betting.
For the purposes of this privacy notice, "Kindred " refers to any company within the Kindred Group, duly registered under the relevant local laws. Kindred Group plc (“Kindred Group”) ensures that all our entities adhere to a consistent level of privacy protection.
This privacy notice applies to all companies and brands within the Kindred Group. We are committed to providing a consistent level of privacy protection across all our entities and brands, ensuring your personal data is handled with care and in compliance with applicable data protection laws.
You can find more information on who we are at www.kindredgroup.com
There are various ways you can contact us.
For general queries do not hesitate to get in touch with our Customer Service team via phone, email or live chat - please see our Contact us page.
For general questions on this privacy notice, please contact our Data Protection Officer at dpo@kindredgroup.com
You can exercise your data subject rights by completing our online Privacy Web form. For further information on these rights, please see Section 10 of this notice.
Please see the table below for detailed information regarding what personal data we process.
Category of personal data:
Categories of personal data:
Legal Basis
Necessary for the performance of a contract (Art. 6(1)(b) GDPR) as described in our Terms and Conditions, in particular to manage service-related tasks such as password reminders and service messages (e.g., site maintenance)Categories of personal data:
Legal Basis
Necessary for the performance of a contract (Article(6)(1)(b) GDPR) as indicated in our Terms and Conditions and legal obligation (Article(6)(1)(c) GDPR), such as applicable gambling regulations to register you in our systems and ensure eligibility for our servicesCategories of personal data:
Legal Basis
Necessary for the performance of a contract (Art. 6(1)(b) GDPR) as described in our Terms and Conditions. We collect and process this data to provide essential services such as password reminders, service messages (including site maintenance notifications, updates to our Privacy and Cookies Policies, and Terms and Conditions), and to inform you if your Kindred account has become inactive and inquire whether you would like to reactivate it before we close it.Categories of personal data:
Legal Basis
Performance of a contract (Art. 6(1)(b) GDPR) and compliance with a legal obligation (Article(6)(1)(c) GDPR) such as our bookkeeping obligations and managing any financial requests (withdrawal, deposit or refund).Categories of personal data:
Legal Basis
Your consent (Art. 6(1)(a) GDPR) in order to offer you a tailored experience based on your interest’s.Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR) and performance of a contract. The processing is necessary to fulfil our legitimate interest of responding to your inquiries as effectively as possible and providing you with the assistance you need but also based on performance of a contract (Art. 6(1)(b) GDPR) as described in our Terms and Conditions.Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR). The processing is necessary to ensure fair gaming with our customers and to handle any complaints and disputes and litigationsCategories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR). The processing is necessary to ensure fair gaming with our customers.
Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR). The processing is necessary to prevent and deter breaches of our Terms and Conditions, this can be done through phone calls.
Categories of personal data:
Legal Basis
Compliance with legal obligations (Article (6)(1)( c) GDPR) to make sure our customers are redirected to the appropriate country site in adherence to our license conditions.Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR) to ensure that our customers have the funds to use our services safely.
Where applicable: Compliance with legal obligations (Article (6)(1)( c) GDPR) to comply with legal obligation from gambling authorities.
Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR) to ensure that our customers do not become exposed to problem gaming, but this is also in compliance with legal obligations (Article (6)(1)( c) GDPR) such as from the gambling authorities, where applicable.
Special Category Data may be processed to determine whether there is of gambling addiction, such as health data. This category of personal data are being collected to comply with legal obligation. This is done under our duty of care, in accordance with Art. 6(1)(e)GDPR and Art. 9(2)(g) GDPR.
Categories of personal data:
Legal Basis
Necessary for the performance of a contract (Article(6)(1)(b) GDPR) as described in our Terms and Conditions.
We conduct regular reviews of customer accounts to oversee gameplay, ensuring both its safety and accuracy. This monitoring is implemented to prevent any form of cheating or misuse of our services, promoting fair and secure gaming experiences for all users.
Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR) in preventing fraud and ensuring that our advertising campaigns are directed towards legitimate customers. The data collected through our third-party provider, TrafficGuard, is used to detect and block fraudulent clicks.Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR) to ensure security while using our products.Categories of personal data:
Legal Basis
Compliance with legal obligations (Article (6)(1)( c) GDPR) to ensure we are identifying, mitigating, reporting any AML or Fraud activity and risk rating customer’s appropriately.
Categories of personal data:
Legal Basis
With your consent (Art. 6(1)(a) GDPR) to administrate promotion and competitions in which you consent to participate.Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR) to conduct internal and third-party collaborative market research and surveysCategories of personal data:
Legal Basis
For any non-essential cookies: we rely on Your consent (Art. 6(1)(a) GDPR) .
For essential cookies our legal ground is legitimate interest (Art. 6(1)(f) GDPR) to ensure that our website function.
For more detailed information on our use of cookies, please see our cookie notice.
Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR) to personalise your experience while using our product and service which are accurate with your interests.Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR) to conduct profiling activities for personalized services, marketing, and enhancing user experience, and consent (Art. 6(1)(a) GDPR) where necessary.Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR) to conduct data analytics for improving our services, understanding user behaviour, and optimizing our business operations.Categories of personal data:
Legal Basis
Our legitimate interest (Art. 6(1)(f) GDPR) to resolve a dispute or litigation.Special Category Data
We may collect personal data which is referred to as "special categories of data," such as information related to health. This most often specifically in the context of responsible gambling, which is a legal requirement. This data may be collected from your, or in some instances from third parties.
We will only process such data if:
We may also process data relating to criminal activities or suspected criminal activities, specifically in the context of fulfilling our legal obligations under anti-money laundering regulation. We will only process such data to the extent necessary to fulfil our legal obligations, or to the extent necessary to fulfil our legitimate interest of establishing, exercising, or defending legal claims.
We may process sensitive data such as health information. Health information is sensitive, so we only process the personal data necessary to fulfil our duty of care. If your gambling behaviour and financial information, along with any health details you provide, raise concerns about your well-being, we are required to take appropriate measures. The collection of such special category data falls under the public interest as indicated in article 6 (1)(e) of GDPR and in accordance with article 9 (2) (g) of GDPR to allow us to process special category data.
We collect personal data when you interact with us and use our services. Sometimes, this information is provided to us by you – such as when you register for the first time and when you make use of our products or get in touch with us. Sometimes third parties or publicly available sources provide us information about you.
At registration:
Through your use of Kindred services:
At registration:
Kindred’s websites and apps use cookies for various purposes.
We use cookies for the following purposes, amongst others:
More information can be found in our Cookies Notice.
In certain circumstances, we share your personal data with other companies within the Kindred Group, with third parties that provide services on our behalf, and with other third parties to comply with our legal obligations. These third parties include companies such as Evolution, which provides live casino products; Microgaming, a gaming platform specializing in slots; Trustly, a payment provider; Oracle, which offers database software; Microsoft; Amazon Web Services; and Pragmatic, known for its casino products, including slot games and live casino offerings. We do not sell your personal data to marketing companies. When we use third parties for marketing services, your consent is required before your data can be processed. Other examples of when we might share your personal data include when we enter any kind of merger or business sale, as customers’ personal data is likely to be included in the sale/transfer. We will inform you prior to affecting such transfer of personal data. Even when it is shared, we ensure that your personal data will only be used for the purposes outlined in this Privacy Notice.
We may share the personal data we collect with other companies in the Kindred Group for purposes such as:
We may share personal data with third parties in the following circumstances:
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers: such as United States of America (USA), Australia, India. This can be the case for instance if we provide services globally, your data may in a few instances be processed in countries where we have operations or services providers. Further, for efficiency and reliability, we may use cloud services hosted in different countries. In certain cases, we might need to transfer data to comply with international legal obligations.
To ensure your personal data remains safe when transferred in this manner, we will take all reasonable steps to maintain a suitable level of protection in line with this notice.
Any transfer of your personal data to a location outside the EEA will processed/performed in accordance with applicable data protection laws, including the GDPR, and will be based on:
Should you have any questions regarding our transfers of personal data to countries outside the EU/EEA area, please contact us by using the contact details provided at the beginning of this Privacy Notice.
We will only retain your information for as long as needed to fulfil the purposes for which they are collected.
While you are a customer, we will need to retain your information to meet our legal and contractual requirements. However, when you cease using Kindred's Services, we may still retain your personal data for a period of time. There are several reasons why we retain your information, these include:
If you ever request to have your data erased, we will promptly remove any marketing materials you may have previously consented to receive but some other type of personal data will be kept to meet our legal requirements as indicated above.
Under the GDPR, you have a number of rights concerning the personal data we hold about you. If you wish to exercise these rights, you should contact our Customer service team or use our GDPR Online Form. You also have the right to complain to your local data protection authority if you are concerned with how we process your information
Further information and advice about your rights can be obtained from Information Commissioner's Office. We have also designated a lead data protection authority, the Office of the Information and Data Protection Commissioner (“IDPC”) in Malta which you can also contact for further information For Individuals - IDPC
You have, under certain circumstances, the right to exercise the following rights:
Your right to:
>What is your right?
Be informed of the personal data we process about you and how we process it.
>How to exercise
By accessing this Privacy Notice we are informing you of your rights and the principles. Information may also be provided by us in connection with your provision of your personal information and/or in connection with your use of our services. More information can be found in our Help Centre
>What is your right?
You may request confirmation whether personal data about you is processed by us and, if that is the case you have a right to request a copy of the personal data we hold about you, known as a data subject access request.
>How to exercise
These requests can be made in our Help Centre
>What is your right?
You have a right to request that we amend or update your personal data where it’s inaccurate or incomplete.
>How to exercise
These requests can be made in our Help Centre
>What is your right?
In some circumstances, you can ask us to erase personal data we hold about you (‘the right to be forgotten’). This includes when:
>How to exercise
These requests can be made in our Help Centre
>What is your right?
You have the right to ask us to restrict (‘block’ or ‘suppress’) the processing of your personal data. When processing is restricted, we can still store your information, but will not process it further. This right is available to you when:
You can object to the processing of your personal data, that is:
You can object to the processing of your personal data, that is:
>How to exercise
These requests can be made in our Help Centre
If you would like to not receive marketing emails, you can also unsubscribe / opt out of receiving them.
>What is your right?
You have the right to at any time withdraw your consent to the processing of personal data to the extent the processing is based on your consent.
>How to exercise
These requests can be made in our Help Centre
>What is your right?
This allows you to request and reuse your information for your own purposes across different services. For example, if you decide to switch to a different provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability. This is not a general right however, and only arises when the processing of your information is:
>How to exercise
These requests can be made in our Help Centre
If you would like to not receive marketing emails, you can also unsubscribe / opt out of receiving them.
Restriction on data subject’s rights:
In certain circumstances, your rights as a data subject under GDPR, particularly your right to access personal data and the right to request the erasure of data, may be restricted or limited. Such restrictions may be necessary and proportionate for reasons such as ensuring compliance with legal obligations or to protect the rights and freedoms of others.
We will ensure that any restrictions on your rights are clearly justified.
Data protection laws aim to protect individuals from potential harm caused by automated decision-making, including profiling, without human intervention. You have the right not to be subjected to decisions that have a legal or similarly significant effect on you. if they are based solely on automated processing of your personal data.
Detecting Fraud:
Your personal data is used to identify and prevent potential fraud or money laundering activities. If we suspect any risk, we may take actions like blocking or suspending the account.
Opening an Account:
When you create an account, we ensure that the product or service is suitable for you based on our knowledge. We also verify that you meet necessary conditions, such as age, residency, nationality, or financial status.
Use of AI technology:
We may use AI technology as part of our processing activities; however, we do ensure that when we use these tools, it is in accordance with Data Protection regulations and security requirements.
We are committed to protecting the personal data you entrust to us. We take all reasonable steps to ensure that all information collected through our website is treated securely and in line with this Privacy Notice and strict data protection standards. Accordingly, we have adopted robust procedures and technologies to protect your data from unauthorised access and improper use.
After logging in all information sent to and from the |Website is encrypted using 128-bit Secure Socket Layer (SSL) technology. The SSL certificate used is issued and verified by Trustwave, click on the image for more information.
Your credit card details are encrypted and sent only once over the internet to Kindred. It is then stored encrypted in our secure systems. We are dedicated to protecting our customers’ confidential information and, as part of doing so, we are certified towards the Payment Card Industries Data Security Standard.
The security of our systems and applications are tested several times per year by third-party security experts. Furthermore, we have an Intrusion Detection System that monitors all network traffic 24/7 for signs of attacks or intrusions.
We have a dedicated fraud department and advanced systems in place to detect and prevent suspicious activity, to ensure that our websites remain a secure playing-field. Any account involved in suspicious activity will be suspended and investigated to the fullest extent. Should you as user have any doubts about the activity on your account, such as unrecognized transactions in the transaction history or surprising changes in the balance, please contact us immediately.
If you wish to raise a complaint on how we have handled your personal data, you can contact us to have the matter investigated by emailing our Data Protection team at: dpo@kindredgroup.com
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law you can complaint to our lead data protection authority, the Office of the Information and Data Protection Commissioner (IDPC).