GDPR Compliance Statement

Last updated: January 2025

1. Our Commitment to GDPR

olympiangemsgameau.com is committed to protecting the privacy and personal data of all users, including those in the European Union. We comply with the General Data Protection Regulation (GDPR) to ensure your rights are respected and your data is handled responsibly.

This document outlines how we meet GDPR requirements and your rights under this important privacy legislation.

2. Legal Basis for Processing

We process personal data under the following lawful bases:

  • Consent (Article 6(1)(a)): When you explicitly agree to data processing for specific purposes
  • Contract Performance (Article 6(1)(b)): To provide our social entertainment services
  • Legitimate Interests (Article 6(1)(f)): For security, fraud prevention, and service improvement
  • Legal Obligation (Article 6(1)(c)): To comply with applicable laws and regulations

3. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

3.1 Right to Information

You have the right to be informed about how we collect and use your personal data. This information is provided in our Privacy Policy and this GDPR statement.

3.2 Right of Access

You can request access to your personal data and receive:

  • Confirmation that we are processing your data
  • A copy of your personal data
  • Information about how we use your data

3.3 Right to Rectification

You can request correction of inaccurate or incomplete personal data. We will update your information promptly upon verification.

3.4 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data when:

  • The data is no longer necessary for the original purpose
  • You withdraw consent and there's no other legal basis
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed

3.5 Right to Restrict Processing

You can request that we limit how we use your data in certain circumstances, such as when you contest the accuracy of the data or object to processing.

3.6 Right to Data Portability

You can request a copy of your data in a structured, commonly used format that can be transferred to another service provider.

3.7 Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we have compelling legitimate grounds.

4. Data Protection Measures

We implement comprehensive technical and organizational measures to protect your data:

4.1 Technical Safeguards

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Secure authentication and access controls
  • Automated backup and disaster recovery systems
  • Regular software updates and security patches

4.2 Organizational Measures

  • Staff training on data protection and GDPR compliance
  • Data protection by design and by default principles
  • Regular privacy impact assessments
  • Clear data retention and deletion policies
  • Incident response and breach notification procedures

5. Data Transfers

When we transfer personal data outside the EU/EEA, we ensure adequate protection through:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules where applicable
  • Certification schemes and codes of conduct

6. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected:

  • Account Data: Retained while your account is active plus 12 months
  • Usage Analytics: Anonymized after 24 months
  • Support Communications: Retained for 36 months
  • Legal/Compliance Data: Retained as required by law

7. Automated Decision Making

We may use automated processing for:

  • Fraud detection and security monitoring
  • Content personalization and recommendations
  • Technical optimization and performance

You have the right to request human intervention, express your point of view, and contest automated decisions that significantly affect you.

8. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Inform affected individuals without undue delay
  • Provide clear information about the nature and impact of the breach
  • Offer guidance on protective measures you can take

9. Exercising Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: support@olympiangemsgameau.com

Please include the following in your request:

  • Clear identification of the right you wish to exercise
  • Sufficient information to verify your identity
  • Specific details about your request

We will respond to valid requests within one month, or inform you if we need additional time or information.

10. Supervisory Authority

If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority. For EU residents, you can find your local authority at: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

11. Updates to GDPR Compliance

We regularly review and update our GDPR compliance measures to ensure continued protection of your rights. Significant changes will be communicated through our website and other appropriate channels.

12. Contact Information

For GDPR-related inquiries, questions about your rights, or to make a data subject request:

Email: support@olympiangemsgameau.com

Website: olympiangemsgameau.com

We are committed to respecting your privacy rights and will handle all GDPR-related requests promptly and professionally.