Last Updated: February 05, 2020
Effective Date: January 1, 2020
We value your trust and respect your confidentiality. As a general practice, we do not provide any Personal Information gathered through forms, applications, websites, or other means to outside third parties, except as otherwise designated in this policy. We do not sell or rent any information gathered on the Sites, in the App, or in individual property players' clubs to any third party.
The Sites, App and Services are intended only for users who are at least age 18. Please leave the Sites and do not create an account or use the Services or App if you are under the age of 18. We do not intentionally or knowingly collect Personal Information of any person under age 18. If you believe we have received Personal Information belonging to someone under age 18, please firstname.lastname@example.org and, after reasonable confirmation, we will delete the Personal Information of the minor.
We strongly support parental control of the internet. If you are a parent and want to prevent your children from using the Services, the Sites or the App, then you may want to consult the filtering software companies, such as Net Nanny and Cybersitter. Net Nanny and Cybersitter are third party service providers that are not affiliated with us or any of our affiliates and we have no responsibility for the services provided by such providers.
COLLECTION OF PERSONAL INFORMATION
Personal Information is information that identifies or is capable of being associated with a particular consumer. We do not collect Personal Information about visitors to our Sites or users of the Services, except when visitors or users specifically provide such information on a voluntary basis. Such Personal Information may be gathered at registration, from mobile applications, and information requests. To register an account with us, you must create a Player Profile with the following information: nickname, email and password. Providing additional Personal Information is optional; however, if you choose not to provide the requested Personal Information, you may not be able to use some or all of the features of the Site, the App or the Services.
You are responsible for keeping your account login credentials, including any Facebook login credentials, confidential. You should not share any login credential with any other person as you are responsible for all activity on your account whether accessed directly or through Facebook. You will immediately notify us if you are aware or suspect any unauthorized use of your account.
We may also monitor and collect information relating to your Game play and the purchase and sale of virtual goods items. Such information is used to track the performance of players, determine winners, and manage the values of items in their Player Profile and related accounts. PLEASE NOTE THAT YOUR GAME PLAY INFORMATION MAY BE MADE AVAILABLE TO OTHER USERS AND THE PUBLIC AS FOLLOWS: 1) if a player is in a tournament, their first name/last initial or "user name" is visible in the tournament leaderboard that all participating players can view, 2) player scores may be visible on the hourly/daily/weekly leaderboards for the Games, 3) player profile pic (if Facebook linked) and/or Avatar and nickname will appear on multi-player table games (e.g. Poker, Craps, Blackjack) 4) such information may be made available in any other manner we may describe when and if you voluntarily provide such information and 5) if you voluntarily share such information via social media services (see also "User-Generated Content" with respect to this item 4).
We value opinions and comments from our visitors and we may conduct online surveys or issue invitations for you to take surveys. These surveys are entirely optional for all visitors to our Sites and users of our Services. Usually the information from such surveys is aggregated and used for improving our products, services and operations, and those of our subsidiaries and affiliates. In other cases, we will use the identifying information as a vehicle for responding to an individual question or comment or as otherwise specified in the survey at the time of the survey.
AUTOMATED INFORMATION COLLECTION
We may collect the following information about your use of our Sites or App through cookies and other online tracking technologies: your domain name; your browser type and operating system; web pages you view; links you click; your IP address; your mobile device ID; the length of time you visit our Sites or App; and the referring URL or the webpage that led you to our Sites. Advertising identifiers provided by the operating system of your handheld device (such as, for instance, IDFA, GAID). Various device identifiers, provided by the operating system (device ID or a vendor ID, for instance) or allocated by us (your in-App ID, for instance). App version, OS version information, browser type, language used, make/model of your device. All the events that naturally occur during your usage of the App (such as logs, events, hands played, purchase history, crashes of the App, system reports and so on). Statistical information with regards to App usage. We may combine this information with other information that we have collected about you, including, where applicable, your user name, name, and other Personal Information. Please see the section "Cookies/Online Tracking" below for more information.
If you have provided permission through your mobile device to allow us to collect location information through the App, we may obtain your physical location information from technologies like GPS, Wi-Fi, or cell tower proximity. The App may use the geolocation features of the App (GPS or network-based) and geolocation information that is collected through the App and your mobile device, to track your location and provide you information related to your physical location. You may withdraw your permission for us to acquire such physical location information from your mobile device through your mobile device settings; however, we do not control this functionality of your mobile device. If you have questions about how to disable your mobile device's location services, please contact your mobile device service provider or the mobile device manufacturer.
There are two types of cookies: session cookies and persistent cookies.
Session Cookies. Session cookies exist only during an online session. They disappear from your computer when you close your browser or turn off your computer. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Sites. This allows us to process your online transactions and requests and verify your identity, after you have logged in, as you move through our Sites.
Persistent Cookies. Persistent cookies remain on your computer after you have closed your browser or turned off your computer.
Clear GIFs (also known as web beacons, web bugs or pixel tags) are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer's hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs in connection with our Sites to, among other things, track the activities of visitors to the Sites, help us manage content, and compile statistics about usage of the Sites. You may view and change your preferences at any time by using the "Privacy Settings" link found in the footer of our Sites. We and our third-party service providers also use clear GIFs in HTML emails to our customers to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
THIRD PARTY ANALYTICS/TRACKING
DO NOT TRACK SIGNALS
Currently, our systems do not recognize browser "do-not-track" requests. You may, however, disable certain tracking as discussed in the Cookies section (e.g., by disabling cookies). Please note that we do not collect, and we not aware of third parties that collect, Personal Information from users of the Sites about users' online activities on third party websites.
USE OF PERSONAL INFORMATION
We use your information, including your Personal Information, for the following purposes:
- To provide our Services, Sites and App to you, to communicate with you about your use of our Services, Sites and App, to contact an account holder regarding account status, changes to the account agreement, special discounts, promotions, products offered and other matters relevant to the Services, to respond to your inquiries, to fulfill your orders, and for other customer service purposes.
- To process and transmit the content that you elect to share through the Services, Sites and App, and to track your physical location if you have permitted geolocation tracking through the App as described above.
- To tailor the content and information that we may send or display to you, to offer location customization, and personalized help and instructions, and to otherwise personalize your experiences while using our Services, Sites or App.
- For marketing and promotional purposes. For example, we may use your information, such as your email address, to send you news and newsletters, special offers, and promotions, or to otherwise contact you about products or information we think may interest you. We also may use the information that we learn about you to assist us in advertising our Services, Sites, and the App.
- To better understand how users access and use our Services, Sites and App, both on an aggregated and individualized basis, in order to improve our Services, Sites and App and respond to user desires and preferences, and for other research and analytical purposes.
HOW WE SHARE YOUR INFORMATION
We may share your Personal Information as follows:
- Service Providers. We may disclose Personal Information we collect from you to third-party vendors, service providers, contractors or agents who perform functions on our behalf ("Service Providers"). For example, we may contract with Service Providers to provide certain services, such as maintaining or servicing accounts, providing data storage and management, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, or providing analytic services. We only provide our Service Providers with the information or access to information necessary for them to perform these services on our behalf. Each Service Provider must agree to use commercially reasonable security procedures and practices, appropriate to the nature of the information involved, in order to protect your Personal Information from unauthorized acquisition, access, use, or disclosure. Service Providers may only use the Personal Information to provide services to us and are prohibited from using Personal Information other than as authorized by us under this Policy.
- Independent Controllers:
- If you are in the EU and do not wish to be targeted in this manner, the first Unity ad you see in an app (as of May 25, 2018) explains how you can opt-out of data collection in that particular game. You can opt-out then or at any time by clicking or tapping the "ℹ" button (or Data Privacy icon) on any ad you see (the "ℹ" button or Data Privacy icon will also allow you to access the data that is collected about you in that particular app). For example, you might see a summary that includes information indicating that Unity see that you are using an iPhone 8 and you are playing from Germany. In the past week you were seen 5 times in this game and have been shown 27 ads. You have installed 0 games based on those ads.
- Additionally, all users, regardless of their location, may opt-out of all personalized advertising by enabling privacy features on their devices such as Limit Ad Tracking (iOS) and Opt Out of Ads Personalization (Android). See your device's Help system for more information.
- Business Transfers. If we are acquired by, or merged with, another entity, if substantially all of our assets are transferred to another entity, or as part of a bankruptcy proceeding, or if we are evaluating or in negotiations with respect to any such transaction, we may transfer, or make available, the Personal Information we have collected from you to the other entity or resulting legal entity.
- In Connection with LegalProcess. We also may disclose the Personal Information we collect from you in order to comply with applicable laws or regulations, a government investigation, a judicial proceeding, court order, or other legal process, such as in response to a subpoena.
- To Protect Us and Others. We also may disclose the Personal Information we collect from you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, suspected violations of this Policy, suspected violations of any applicable terms and conditions for Services provided through this Site or at any hotel or casino owned or operated by Hard Rock, or as evidence in litigation in which we are involved.
- Aggregated and De-Identified Information. We may share aggregated or de-identified Personal Information about users with third parties and publicly for marketing, advertising, research, or similar purposes.
RETENTION OF PERSONAL INFORMATION
We retain Personal Information about you for the time necessary to accomplish the purpose for which such information was collected, usually for the duration of any contractual relationship or as long as you use or are registered for any of the Services and for any period thereafter as legally required or permitted by applicable law. Our retention policies respect applicable statute of limitation periods and legal requirements. When we no longer need to use or retain your Personal Information for any business, commercial or lawful purpose, we will endeavor to destroy all records, both physical and electronic, containing your Personal Information.
We have in place certain reasonable technological and procedural security measures in an attempt to protect and safeguard the security of the Personal Information provided by our visitors and users. Reasonable measures will be taken to protect against unauthorized access, alteration, or disclosure of Personal Information. Despite these efforts, please understand that no system is perfect we cannot guarantee that unauthorized access or theft of data will not occur.
For features on our Sites and App that require a login or password, it is important for you to protect against unauthorized access to your account and your computer. Be sure to sign off when finished using a shared device.
COMMUNICATIONS WITH OTHER USERS
The Services may permit users to communicate with other users, such as during Game play. Please note that any such communications may not be confidential and could be shared with other users or the public. Please note that all such communications are subject to the Acceptable Use Policy in our Terms and Conditions.
ACCESS, CORRECTION, AND CHOICE
You have choices about the collection, use, and sharing of your Personal Information, including:
- Deletion: You can request that we erase or delete all or some of your Personal Information (for example, it is no longer necessary to provide services to you).
- Change or Correct: You can review and edit your Personal Information by logging onto the Site and visiting your Player Profile or "play for fun" account at any time.
- Object to or Restrict Use: You can request that we stop using some or all of your Personal Information or restrict our use of your Personal Information.
- Access: You can access the Personal Information you submit to our Sites via a Player Profile or "play for fun" account at any time.
- Copy: You can request a copy of your Personal Information.
- Marketing: Users who no longer wish to receive our newsletter or promotional materials may opt-out of receiving these communications by clicking the unsubscribe link at the bottom of the email.
- Withdrawing Consent: If we have collected or processed your Personal Information with your consent, you may withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information based on other lawful processing grounds.
Right to Portability – provides the ability to request Personal Information in machine-readable format (for example, CSV).
If you request access, correction, amendment or deletion of your Personal Information and you have more than one account with us, you will need to instruct us on each account separately. Reasonable access to Personal Information will generally be provided within thirty (30) calendar days at no cost to you, subject to limited exceptions prescribed by law or excessive requests. For your protection, we may need to verify your identity before fulfilling your request. Please note that we may need to retain certain information for recordkeeping purposes or to complete requests or transactions that occurred prior your request. We will also retain your Personal Information if reasonably necessary to comply with our legal obligations, meet regulatory requirements, resolve disputes, maintain security, detect or prevent fraud and abuse, and enforce the Terms and Conditions of Use. We may also need to retain your Personal Information if required by gaming industry regulations, federal tax statutes and other legal requirements (e.g., information on our customers who self-report; tax reporting documents; player winnings, and any statistics, reports or listings that are required to protect our casino properties).
We aim to keep our information about you as accurate as possible. If you would like to access, update, review or change the details you have provided to us, please contact us as set out below.
PROCESSING IN THE UNITED STATES
We are located in the United States. Please be aware that, depending on your location, your Personal Information and communications may be transferred to and maintained on servers or databases located outside your state, province, or country. If you are located outside of the United States, please be advised that we store all Personal Information in the United States. The laws in the United States may not be as protective of your privacy as those in your location. By using the Site or Services, you agree that the collection, use, transfer, and disclosure of your Personal Information and communications will be governed by the applicable laws in the United States.
You may address all communications to Seminole Hard Rock Support Services, LLC, Attn: Data Protection Office (DPO), 5701 Stirling Road, Davie, Florida 33314, or email to email@example.com. Please include your name, address and phone number or email in all communications and state clearly the nature of your request. If you wish to make a request to access the Personal Information we collect and store about you, complete this form.
EU/US PRIVACY SHIELD COMPLIANCE
We are a Covered Entity of Hard Rock Café International (USA), Inc. and comply with the EU/US Privacy Shield framework administered by the United States Department of Commerce regarding the collection, use, and retention of Personal Information we receive from the European Economic Area and the United Kingdom. We have certified that we adhere to the Privacy Shield Principles. For purposes of enforcing compliance with the Privacy Shield, we are subject to the investigatory and enforcement authority of the Federal Trade Commission.
Please include your name, address and phone number or email in all communications and state clearly the nature of your request or concern. If you wish to make a request to access the personal information we collect and store about you, complete this form.
We provide a private sector independent recourse mechanism (located in the United States) to investigate and expeditiously resolve individual complaints and disputes. This dispute mechanism will cover all categories of Personal Information except for human resources data. For more information, visit the website for ICDR®/AAA® EU-US Privacy Shield: International Centre for Dispute Resolution®, the international division of the American Arbitration Association® (ICDR/AAA) at go.adr.org/privacyshield.html. The services of ICDR/AAA are provided at no cost to you. Under certain limited conditions and as a last resort, the individual can invoke binding arbitration.
If we transfer your Personal Information to a third party, we will ensure the third party is contractually obligated to process your information only for limited, specific purposes consistent with this policy, to apply the same level of protection to that data as the EU-US Privacy Shield Principles, and notify us if it makes a determination that it can no longer meet this obligation. Upon notice, we will take reasonable and appropriate steps to stop and remediate unauthorized processing. In cases of onward transfer to third parties of data received pursuant to the EU-US Privacy Shield, we are potentially liable.
When required, we must disclose Personal Information to comply with lawful requests from government authorities including to meet national security and law enforcement requirements.
QUESTIONS AND CONCERNS
APPENDIX A – ADDITIONAL PROVISIONS APPLICABLE TO EUROPEAN ECONOMIC AREA DATA SUBJECTS
This Appendix outlines certain additional information that we must provide to persons in the European Economic Area as well as certain rights such residents have with respect to the processing of their Personal Information under the European Union's General Data Protection Regulation (GDPR). For persons in European Economic Area, the term Personal Information means information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
A. Legal Bases for Processing of Personal Information
We process the Personal Information collected for the purposes described in the sections entitled "Collection of Personal Information", "Information We Collect", and "Use of Personal Information" in our Policy. The legal basis for our processing activities include processing Personal Information as necessary to comply with our contractual obligations, compliance with our legal obligations, protecting the safety of our employees, guests and others, for our legitimate business interests, and pursuant to your consent. The particular legal basis for the processing of your Personal Information is based on the purpose for which such information was provided or collected.
We use Personal Information, such as name, address, email and credit card information, as necessary to perform Services. For example, we are not able to provide our Services and products according to our contracts unless you provide us with certain necessary Personal Information. This collection and processing of the Personal Information is based on Article 6 paragraph 1(b) of the GDPR (necessary for the performance of a contract with you).
We may also process your Personal Information if we have received your consent, to respond to requests from you or to take actions in our legitimate interest, such as for marketing purposes or to otherwise inform you of our business operations, and to improve our products and services. Please note that if we rely on consent, you may withdraw your consent at any time, but such withdrawal will not affect the lawfulness of the processing of your Personal Information prior to the withdrawal.
B. Data Retention
See "Retention of Personal Information" above for our retention policies.
C. Data Subject Rights
Data subjects of the European Economic Area have the following rights:
- Access, Correction and Erasure Requests: You have the right to:
- contact us to confirm whether we are processing your Personal Information;
- receive certain information on how your Personal Information is processed;
- obtain a copy of your Personal Information;
- request that we update or correct your Personal Information; and
- request that we delete Personal Information in certain circumstances.
- Right to Object to Processing: You have the right to request that we cease processing of your Personal Information based on our legitimate business interests, including profiling, unless we are able to demonstrate a compelling legitimate basis for such processing or we need to process your Personal Information for the establishment, exercise, or defense of a legal claim. You also have the right to object, at any time, to processing of your Personal Information for direct marketing, which includes profiling to the extent that it is related to such direct marketing.
- Right to Restrict Processing: You have the right to request that we limit the processing of your Personal Information:
- while we are evaluating or in the process of responding to a request by you to update or correct your Personal Information;
- where such processing is unlawful and you do not want us to delete your data;
- where we no longer require such data, but you want us to retain the data for the establishment, exercise, or defense of a legal claim; and
- where you have submitted an objection to processing based on our legitimate business interests, pending our response to such request.
- Data Portability Requests: You have the right to request that we provide you or a third party that you designate with certain of your Personal Information in a commonly used, machine-readable format. Please note, however, that data portability rights apply only to Personal Information that we have obtained directly from you and only where our processing is based on consent or the performance of a contract.
If you believe our processing of your Personal Information violates the GDPR, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work, or the place of the alleged violation.
D. Submitting Requests
European Economic Area data subjects can submit requests by completing this form. We will respond to all such requests within the timeframe required under the GDPR. Please note, however, that certain Personal Information may be exempt from such rights pursuant to the GDPR. In addition, we will not respond to any request unless we are able to appropriately verify the requester's identity. We may charge you a reasonable fee for subsequent copies of Personal Information that you request. In addition, if a request is manifestly unfounded or excessive, we may either request a reasonable fee to respond to the request or deny the request.