Your personal information
This privacy policy explains how we collect and process your personal data. Personal data, or personal information,
means any information about an individual from which that person can be identified. This includes information that you
tell us, what we learn from you and the choices you make about the marketing you want us to send to you. This policy
explains how we do this, what your rights are and how the law protects you.
We do not knowingly collect data relating to children.
Changes to data protection law
The law in relation to data protection is changing on the 25 May 2018 when the General Data Protection Regulation comes
into force in the United Kingdom and across Europe. This privacy policy tells you about most of your rights under the
new law.
There may be changes which we will be required to make to this privacy policy after the 25 May 2018. Any changes to
this policy will appear on this website but we will notify you every time we make a material change to this policy. We
may need to ask you to agree to the changes, or refresh your consent to us using your personal information.
You can contact us by email at [email protected] or by calling us on 0161 850 4578. If you need to you can write to us at 5 Langley Street, 3rd Floor, London, WC2H 9JA.
Our representative for all queries in relation to this policy and your data protection rights is Mark Lewis.
When we refer to our website, we mean our website at https://lottobytext.com/.
- Data you give to us when you register as a member to use our services
- When you talk to us on the phone
- When you use our website, mobile device apps, or web chat
- In emails or letters to us
- If you take part in our competitions or promotions
- When you give us feedback
- Payment and transaction data
- Profile and usage data, including data we gather from the devices you use to connect to those services such as computers and mobile phones, using cookies (please see our cookie policy by clicking cookies)
- and other internet tracking software
- Companies that introduce you to us, including organic and paid search providers and lead generation companies with whom we have agreements to market our service
- Other members who provide your details to us (including by using our ‘Member get Member’ programme, or by another means such as Social networks)
- Public information sources, such as Companies House
- Recruitment agencies who provide your information in respect of job vacancies
- Government and law enforcement agencies
Identity data – name, username, title, date of birth and gender
Contact data – billing address, email address or telephone numbers
Transaction data – details about payments to and from you and other details of services you have purchased from us (including the syndicates you have joined, the instant win games you have played, and the prize draws you have participated in)
Technical data - internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website
Profile data - your username and password, syndicate memberships, prize draw and competition entries made by you, your interests, preferences, feedback and survey responses
Usage data – information about how you use our website and services
Marketing and communications data – your preferences in receiving marketing from us and our third parties and your communication preferences
We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
We do not collect any special categories of personal data about you. This includes details about race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
We are only allowed to use personal information about you if we have a legal basis to do so, and we are required to tell you what that legal basis is. We have set out in the table below: the personal
information which we collect from you, how we use it, and the legal ground on which we rely when we use the personal information.
In some circumstances we can use your personal information if it is in our legitimate interest to do so, provided that we have told you what that legitimate interest is. A legitimate interest is when we have a business or commercial reason to use your information which, when balanced against your rights, is justifiable. If we are relying on our legitimate interests, we have set that out in the table below.
What we use your personal information for | What personal information we collect | Our legal grounds for processing | Our legitimate interests (if applicable) |
---|---|---|---|
To register you as a new member | Identity data Contact data Open Data and Public Records Marketing and communications data | Performance of a contract with you Our legitimate interests Our legal duty Your consent | Keeping our records up to date, working out which of our services may interest you and telling you about them Defining types of members for new services Seeking your consent when we need it to contact you Being efficient about how we fulfil our legal and contractual duties To study how members use our services, to develop them, to promote and grow our business and to inform our marketing strategy |
To notify you about the results of syndicates you have joined | Identity data Contact data Transaction data Financial data | Performance of a contract with you | |
To manage payments or collect and recover money owed to us | Identity data Contact data Transaction data Financial data Open Data and Public Records | Performance of a contract with you Our legitimate interests | Being efficient about how we fulfil our legal and contractual duties Complying with rules and guidance from regulators |
To manage our relationship with you, including notifying you about changes to our membership terms or privacy notices | Identity data Contact data Transaction data Profile data | Performance of a contract with you Necessary to comply with a legal obligation Our legitimate interests | To keep our records up to date |
To enable you to partake in a prize | Identity data Contact data | Performance of a contract with you | To study how members and |
draws, competitions or to complete a survey | Transaction data Profile data | Our legitimate interests | non-members use our services and to grow our business |
To administer and protect our business and our website | Transaction data Technical Usage data | Our legitimate interests | Running our business, provision of administration and IT services, network security |
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you | Identity data Contact data Marketing and communications data Usage data Profile data | Our legitimate interests | To study how members and non-members use our services, to develop them, to grow our business and to inform our marketing strategy |
To use data analytics to improve our website, products / services, marketing, member relationships and experiences | Usage data | Performance of a contract with you Our legitimate interests | Being efficient about how we fulfil our legal and contractual duties |
To make suggestions and recommendations to you about services that may be of interest to you, including providing you with details of opportunities to join syndicates | Identity data Contact data Marketing and communications data Usage data Profile data | Our legitimate interests | To develop our services and grow our business To study how members and non-members use our services, to develop them, to grow our business and to inform our marketing strategy |
- Our group companies (including Groupify Limited which purchases lottery tickets and disburses winnings, and Bitstacker Limited which provides alternative billing services via reverse billed SMS messaging)
- Agents and advisers that we use
- HM Revenue & Customs and other regulators or authorities
- The Phone-paid Services Authority
- Our call-centre partners who assist us with dealing member enquiries and management and promotional and lead generation
- Third party organisations that provide applications/functionality, data processing, payment processing or IT services to us. For example, we use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. These include providers of IT services, payment services providers, cloud-based software as a service providers, identity management, website hosting and management, data analysis, data back-up, security and storage services, and direct marketing companies who help us manage our electronic communications with you.)
- Companies that we have a joint venture or agreement to cooperate with (including [BWin])
We require all organisations who we share your data with to respect the security of your personal data and to treat it in accordance with the law. We do not allow any of our service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We will only send your data outside the EEA if:
- (a) You have instructed us to do so
- (b) To comply with a legal duty
- (c) Work with our suppliers who help us to run your accounts and services
- Transfer it to a non-EEA country with privacy laws that give the same protection as the EEA.
- Put in place a contract with the recipient that means they must protect it to the same standards as the EEA.
- Transfer it to organisations that are part of EU-US Privacy Shield. This is a framework that sets privacy standards for data sent between the US and EU countries. It makes sure those standards are similar to what is used within the EEA.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator (including the ICO) of a breach where we are legally required to do so.
After you stop being a member, because you have stopped regularly using our services, we may keep your personal information for up to [2] years for one of the following reasons:
- To respond to any questions or complaints from you
- To maintain our records
- To comply with laws applicable to us
- To comply with regulations to which we are subject
We can only use your personal information to send you marketing messages if we have either your consent or a legitimate interest to do so.
You can ask us to stop sending you marketing messages at any time – you just need to contact us, or use the opt-out/unsubscribe links on marketing message sent to you.
We will get your express opt-in consent before we share your personal data with any company outside our group of companies] for marketing purposes. You can ask a third party company to stop sending you marketing messages at any time, by adjusting your marketing preferences in relation to that company or by using the opt-out links on any marketing message sent to you.
Where you opt out of receiving marketing messages, this will not apply to personal data provided to us as a result of purchasing our services or any other transaction between you and us.
You also have a right to complain to the Information Commissioner’s Office. You can find their contact details at www.ico.org.uk. We would be grateful for the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Getting a copy of the information we hold
You can ask us for a copy of the personal information which we hold about you, by writing to us at 5 Langley Street, 3rd Floor, London, WC2H 9JA. This is known as a data subject access request.
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this policy. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
You will not have to pay a fee to access your personal data, unless we believe that your request is clearly unfounded, repetitive or excessive. In such circumstances we can charge a reasonable fee or refuse to comply with your request.
We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month and in that case we will notify you and keep you updated.
Telling us if information we hold is incorrect
You have the right to question any information we hold about you that you think is wrong or incomplete. Please contact us at 5 Langley Street, 3rd Floor, London, WC2H 9JA if you want to do this and we will take reasonable steps to check its accuracy and, if necessary, correct it.
Telling us if you want us to stop using your personal information
You have the right to:
- object to our use of your personal information (known as the right to object); or
- ask us to delete the personal information (known as the right to erasure); or
- request the restriction of processing; or
- ask us to stop using it of there is no need for us to use it (known as the right to be forgotten).
Withdrawing consent
You can withdraw your consent to us using your personal information at any time. Please contact us at [email protected] if you want to withdraw your consent. If you withdraw your consent, we may not be able to provide you with certain services.
Request a transfer of data
You may ask us to transfer your personal information to a third party. This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.