Last Updated: April 2023
Metropolitan Gaming is a trading name of London Clubs International Ltd.
This Data Processing Notice (“DPN”) describes how any personal data that London Clubs Management Limited (the “Controller”), its affiliates and subsidiaries (collectively and individually, “London Clubs Management Ltd”, “we”, “us” or “our”) collect from you (the “Data Subject”), or that you provide to us, will be processed by us.
In the course of interacting with you and/or providing you with our services, we collect certain personal data about you. This data may be contained in applications and other forms you submit to us, gathered from your gaming activity with us, or obtained from our affiliates and other third parties. We are therefore providing you with this notice to explain our approach for collecting, using and, where necessary sharing this data with others.
This DPN applies to all customers and visitors to any of our venues or use of any online service which is managed either by us, or by our partner companies operating physical or online services on our behalf, or them simply operating such services using our name or branding under a licensing arrangement.
Our Data Protection Principles
Personal data we collect
Where we store your data
The data that we collect from you may be transferred to, and stored at, a destination outside the United Kingdom as well as the European Economic Area (“EEA”). It may also be processed by employees operating outside the United Kingdom and the EEA who work for us. Such employees may be engaged in, among other things, the provision of any requested services, the processing of your payment details and the provision of support services.
All data you provide to us is stored on secure servers. If you use our site to send personal data to us, your transmission will be protected by Secure Socket Layer (SSL). SSL is a technology that encrypts your data during transmission.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. You must not share your password with anyone.
The transmission of data via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your data, we will use strict procedures and security features to try to prevent unauthorised access.
Lawful Basis for the Processing of your Personal Data
The processing of your personal data will be based on the various lawful basis described in the ‘Uses made of your data’ or as otherwise disclosed to you at the time of collection, and as otherwise permitted by law.
Uses made of this data
How do we share your data
We may disclose and transfer your personal data to any entity, affiliate and subsidiary of Metropolitan Gaming, or any partner company with which we have a services agreement, including those based outside of the EEA and including our parent company, Metropolitan Gaming, based in the United States of America.
Where your personal data is transferred to a country outside the UK or EEA, we will enter into model contractual clauses, including International Data Transfer Agreement clauses, or other templates as adopted by the European Commission, or issued by any UK statutory body such as the ICO. We will rely on individual country adequacy status or binding corporate rules where our service providers have adopted such internal policies approved by the UK and EU data protection authorities.
We may also disclose data that we collect from or about you with non-affiliated third parties as permitted or required by law, including those based outside of the EEA:
Third-Party service providers - We work with many different service providers and other third parties who process your personal data on our behalf. We only do business with companies that meet our standards on the processing of data and security, and we only share data that is necessary for the service.
Business transfers; bankruptcy - If Metropolitan Gaming or substantially all of its assets are acquired by a third party or in the event of a merger, reorganisation, joint venture, assignment, spin- off, transfer, or sale or disposition of all or any portion of our business, including in connection with any bankruptcy or similar proceedings, we may transfer any and all personal data to the relevant third party.
Compliance with legal obligations - We may disclose personal data if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or process; or to comply with any legal requirements of any governmental authority, including, but not limited to, gaming regulators; or in order to enforce the terms of loyalty program membership with you and other agreements.
Protection of our business and customers - We may disclose personal data to protect the rights, property or safety of Metropolitan Gaming, our customers or others. This includes exchanging data with other casinos, companies and organisations for the prevention and detection of crime and problem gambling. For example, in order to protect our business from criminal activity and to comply with the Licensing Objectives of the Gambling Act 2005 (i.e. preventing gambling from being a source of crime or disorder, being associated with crime or disorder or being used to support crime), we may share your personal data such as name, ID card / passport data, contact details, gambling records, photographic images and relevant incident / accident details with other UK land-based casino operators, or if you are found to have committed a crime, such as, but not limited to, cheating, theft, money laundering or robbery.
Fraud prevention - As part of our registration ID and verification process, we may conduct identity verification using a recognised fraud prevention agency.
External Website Links
Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. We do not expressly or impliedly endorse the materials disseminated at those websites, nor does the existence of a link to another site expressly or impliedly mean that the organisation or person publishing at that site endorses any of the materials on our site. Links to other websites are provided only as a convenience to our users and for data only. We have no control over the contents of those sites or resources, and accept no responsibility for them or for any loss or damage that may arise from your use of them.
If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
Metropolitan Gaming websites.
How long do we store your data for?
We will process your personal data for as long as it is necessary to fulfil the purposes outlined in this Data Processing Notice after which it will be retained for a defined period as stipulated in the MG Data Retention Policy. Once this period, or any subsequent change in the retention period has expired, it will be securely deleted.
You have the right to ask us not to use your personal data for direct marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes. You can exercise your right to prevent such processing by leaving certain boxes unticked on the forms we use to collect your data. You can also exercise the right at any time by contacting us to opt out of direct marketing communications at firstname.lastname@example.org or 020 7518 0000. You will need to indicate whether you wish to opt out of direct marketing communications from Metropolitan Gaming casinos (this is the default choice) or from the entire Metropolitan Gaming.
If you prefer not to receive emails or SMS messages from Metropolitan Gaming Group, you can click on the ‘unsubscribe’ option found on the bottom of all our email and SMS marketing communications or you may contact us at email@example.com or 020 7518 0000.
Your data protection rights for UK and other EEA residents
Requests for access to your personal data should be made by completing and sending to us a Data Subject Access Request form (Click here to download a copy). You will also need to send us two documents to verify your identity. Further details are provided on the form.
If you would like to exercise one of your rights as set out above, or you have a question about the way your personal data is processed, please contact our Data Protection Officer by one of the following means:
By email: firstname.lastname@example.org
The Data Protection Officer
55 Baker Street
Further, you may alternatively contact the Information Commissioner’s Office on their website https://ico.org.uk or in writing to:
Information Commissioner’s Office
Telephone number 0303 123 1113.
We are committed to creating a culture of Safer Gambling within our casinos. We have appointed Safer Gambling Ambassadors across all our sites, in order to protect young and vulnerable people from being exploited by gambling, prevent underage gambling and increase support for the treatment of gambling harm.