Privacy Policy
Privacy Policy
This Lotteo Privacy Policy (hereinafter referred to as the Privacy Policy) applies to the lotteo.com website (hereinafter referred to as the Website) operated and maintained by White Lotto B.V., Fransche Bloemweg 4, Willemstad, Curacao (hereinafter referred to as the Company).
This Privacy Policy defines the types of collected information, the ways it is used, the access to it and also the methods of updating it. We handle our obligations towards the protection of privacy in a serious manner, making our best effort to keep the following Privacy Policy as clear and comprehensible as possible. If you have any remarks or questions regarding this Privacy Policy, we ask you to contact us through one of the available means of contact (e-mail, telephone, contact form).
By using our Website, you accept the following Privacy Policy as well as our Terms of Use.
The information we collect
When you use the Website, we collect the following information:
Openly collected from you
When creating a user account, you provide your e-mail address to be used to uniquely identify your account and to perform its optional activation. The e-mail address is also used to enable the password reminder, to perform its function.
We might also use your e-mail address and phone number to send Notifications on the functioning of the Website (including the notifications required by law), news about the Website, information on products and services included on the Website, as well as for other marketing purposes including third party products or services that you might be interested in (hereinafter referred to as Notifications). You may quit receiving marketing related Notifications at any moment by using the cancel link included in every e-mail message we send or by contacting us through the available means of contact: e-mail, telephone, contact form.
After creating an account, you can complete your profile with the following data: first name, last name, address of residence, date of birth, phone number and time zone. This information is used to improve the process of payments, deposits and withdrawals, for Website customizations (including Notifications), as well as to handle the Winnings above 2,500 USD in accordance with paragraph 3.5 of the Terms of Use.
We might also keep a registry of data provided to us willingly in order to contact us through the contact form, a telephone conversation, a postal message, Facebook, Twitter or other means of contact, including: name, e-mail address, phone number, postal address. Providing your name and e-mail address is necessary when sending a message through the contact form.
Contact with us through social media, like Facebook or Twitter, should not be deemed official. We reserve the right to not respond to messages sent through this mean of contact, while also informing that we will make our best effort to respond to them. To obtain detailed information on the data collected by the social media platforms mentioned above, one has to make themselves familiar with the following documents:
- Facebook: Privacy Policy and Terms and Policies;
- Twitter: Privacy Policy and Terms of Service.
We also process payment card data (number, expiration date, first and last name of the holder, CVV code) in order to carry out the payment card payment process – Learn More.
Not collected openly
When you use the Website, we automatically collect specific information and use it to handle the Website’s main features, customize the Website (including Notifications), monitor the incoming traffic and maintain security. It includes, among others:
- IP address;
- headers sent by the browser, especially “User-Agent”, “Accept-Language” and “Referrer” which contain such information as: type, version and language of the browser, type and version of the operating system and the web address the Website was found through;
- system time;
- HTTP requests;
- cookies files saved in the lotteo.com domain or subdomains.
We might also use the IP address to collect and process information on your actual location in order to improve the data updating process as well as customize the Website (including Notifications).
Some of the data made automatically available by web browsers is stored in server logs, including full HTTP requests, time of their arrival, IP address and URL addresses related to a request.
The Website’s functioning uses your browser’s cache. It makes it possible to optimize the time of loading the Website as well as makes using the Website easier by storing data between sessions even after restarting the browser.
The information not collected openly includes, among others, the following data used to handle and improve the payment process:
- e-mail address, personal data (first name, last name, address, contact info) and transaction ID in order to carry out eMerchantPaypayments; with your explicit consent, we also store non-sensitive data of the payment cards you use in order to make further payments faster;
- e-mail address, date, status, amount and transaction ID used or generated to carry out tpay.com payments;
- e-mail address, user account ID, status, amount and transaction ID used or generated to carry out Skrill payments;
- e-mail address, user account ID, personal data (first name, last name, address, date of birth, sex, contact info, account balance, account language and currency) and billing data used or generated to carry out Neteller payments;
- destination Bitcoin address and transaction ID used or generated to carry out Cubits payments;
- e-mail address, phone, country and transaction ID used or generated to carry out Sofort payments.
To obtain more information on the data collected during payments, we invite you to familiarize yourself with the privacy policies of different payment gateways (Learn More).
The information not collected openly is also used by third party services (Learn More).
Third party services
Statistics, advertisement and security
To handle the Website’s security as well as to collect and analyze information on its functioning, we use the following third-party services:
- Google Analytics – to monitor traffic and keep detailed statistics that allow us to identify the sources of visits and analyze the Website’s functioning;
- Google reCAPTCHA – to improve the Website’s security by protecting against automated scripts;
- Facebook Pixel – to monitor traffic and keep detailed statistics that allow us to create better advertisement campaigns.
The above services collect and use information in order to function properly. To obtain information on the data collected by Google Services, we invite you to familiarize yourself with Google Terms of Service and Google Privacy Policy. To obtain information on the data collected by Facebook services, we invite you to familiarize yourself with Facebook Policies.
Payments
We do not store detailed data of payment cards in our databases. To store payment card data, we use third party payment gateways that comply with the requirements of the PCI-DSS (Payment Card Industry Data Security Standard) security standards. Our databases only store the references to payment cards stored in third party payment gateways. The references we store only contain the non-sensitive data of payment cards: expiration date, first and last name of the holder and the last four digits of the card number. Payment card data is only used and stored with your explicit consent. You might delete the references to the stored payment cards at any time. Payment card data gets also deleted from a particular third-party payment gateway, provided that it makes such feature available. One has to remember that it might not be possible to delete the data completely due to the way a particular payment gateway works. Detailed information on the type of data stored by the payment gateways we use can be found in the privacy policies and terms of use of different payment gateways – Learn More. Deleting stored payment card data will not cancel the initiated transactions.
To carry out the above, we process payment card data provided through the forms available on the Website. Such operation is in full compliance with the PCI-DSS (Payment Card Industry Data Security Standard) requirements. All the payment data you provide is sent through an encrypted SSL (Secure Socket Layer) connection.
We inform you that in order to protect your data, we take all necessary actions to make sure your data does not get accidentally lost, misused, made public, or in any way, modified or destroyed. We also protect it from unauthorized access.
To obtain detailed information on the data collected by different payment gateways, please familiarize yourself with the following documents:
- tpay.com: Terms of Use and the Cookies Policy;
- Skrill: Terms and Conditions and the Privacy Policy;
- Neteller: Terms of Use;
- Cubits: Terms of Use and the Privacy Policy;
- Sofort: Security and the Privacy Policy.
Shared data
We do not make your data available to companies, organizations or other third parties with the following exceptions:
- in the event that we have received your explicit consent to make it available;
- we might send your data to trusted entities that process it for our needs and for purposes defined solely by us, while maintaining the highest confidentiality and information security, especially the companies that are part of our group or our business partners;
- when we deem it justified in order to comply with the law we are subject to;
- analyzing Website security breaches, detecting and preventing fraud and improving security and other technical matters;
- we might also share data that can’t be used to unequivocally identify an individual for purposes like displaying the latest Winnings or publishing general statistics on the Website’s usage.
Data safety
We make our best efforts to make sure that your data is stored safely. In accordance with our security policy, we do not store passwords in plain text. We use the latest standards and recommendations to make sure that the data and accounts of our users are completely safe, including, among others:
- regular updating of the server;
- immediate implementation of security updates;
- fulfilling all the requirements of security standards defined by PCI-DSS for the entity that processes the payment card data;
- enforcing and using secure connections wherever possible;
- the control of the levels of access to data that is only available to individuals, companies or organizations that need to access it; such entities are also obliged to maintain strict confidentiality or face severe consequences;
- protection against unauthorized access, automated attack blocks and overall monitoring of Website activity.
Deleting data
Deleting your profile data is not synonymous with deleting it completely from our system. The said data might still be stored in the systems and files of backup copies for up to a year of time. Backup copies, due to their significance and sensitivity, are also stored on other servers owned by us and maintained by us and by third party companies that operate our servers under separate agreements. Your data contained in backup copies might only be used in order to restore it in special cases that require the use of backup copies. Changes to your profile data made between the date of creating a backup copy and the date of restoring it will be lost, of which you will be explicitly notified.
You can delete your user account by contacting us in written form. The deleted account’s data will be kept in order to prevent losing the association between the account and the transactions performed as well as other actions performed by you in the system. At your explicit request, we might completely delete your profile data from the system by replacing it with anonymous data, although it will not delete the data for the transactions performed.
Age restrictions
Our Website is directed towards people above the age of 18. We never deliberately collect or use the data of people that we know do not meet our age criteria. Whenever we notice that a person under the age of 18 has opened an account on our Website, we make our best efforts to delete their data from our system.
The Privacy Policy limitations
This Privacy Policy does not apply to the services offered by our partners or other entities with advertisements and/or references to our Website; it also does not apply to other websites that our Website has references to. One should familiarize themselves with their Privacy Policies and Terms of Use separately.
Cookies policy
In order to use the main features of the Website, it is necessary to enable cookies in one’s web browser. You may set your browser to not allow cookies if you wish to do so, although it will make using our Website very limited.
To learn how you can disable cookies, refer to your web browser’s documentation.
Changes
We do our best to update this Privacy Policy on an ongoing basis. In the event of significant changes, especially ones including increased limitations of the access to your data or broadening the extent to which it is shared, we will notify you of the changes electronically by sending a message to your e-mail address, although we reserve the right to make changes to this Privacy Policy in a completely discrete way, without prior notice. It is your sole responsibility to make sure if changes have been made to this Privacy Policy or the Terms of Use. Any use of the Website, after making changes to the Privacy Policy or the Terms of Use will be considered as accepting them. You can review your data or delete it at any moment in accordance with and within the scope defined by this Privacy Policy.
Contact
If you have any questions regarding this Privacy Policy, contact us through the available means of contact (e-mail, contact form, telephone).