Privacy Policy

This Self-Exclusion Scheme is run by Multi-Operator Self-Exclusion Scheme Limited (“MOSES”). The Scheme allows you to self-exclude from select betting locations operated by licensed operators. You select and control these locations (for example, based upon geographic proximity to your home and/or work). We refer to the licensed operators which are part of your self-exclusion as the “Named Operators”.

When you request self-exclusion status with us, we will pass on basic information about you (your name, your photograph, and potentially your proof of identity) so that the Named Operators can assist with your self-exclusion by alerting the relevant locations. If you attempt to breach your self-exclusion, the Named Operators will then report back to us.

This privacy policy explains how your personal data will be used by MOSES when you decide to participate in the Scheme and “self-exclude” from locations operated by the Named Operators. In order to operate the Scheme, MOSES will share information with these Named Operators. These Named Operators have their own privacy policies which govern how they use your personal data, and we recommend that you review the privacy policies of your chosen Named Operators for more information. This policy may be updated from time to time. We will post any revised privacy policy on our website and will make reasonable efforts to provide you with notification of the revised policy if we make any substantial updates. It is important you read this policy, so that you are aware of how and why we are using your personal data.

  1. What personal data do we collect?
  2. How do we collect your personal data?
  3. How your personal data will be used and the applicable lawful bases.
  4. How long do we retain your personal data?
  5. Marketing
  6. Who we share your personal data with
  7. International transfers of your personal data
  8. What are your rights?
  9. How to contact us.
  10. How to make a complaint

1. What personal data do we collect?

Personal data is any information which identifies you or which could be used to identify you. For example, your name is your personal data. Your personal data also includes the fact that you have requested a self-exclusion.

We collect the following types of personal data:

  • Personal identification: For example, Name, email address, residential address, phone number, etc.
  • Identity Verification: Proof of your identity (e.g. a driver’s licence or passport)
  • Visual: Photograph or photographs of you
  • Transactional Data: Details of the locations and Named Operators to which your self-exclusion applies
  • Scheme Data: For example, notices of any breach of your exclusion (whether by you or a Named Operator), any extensions to your exclusion and whether you notify us that you would like your exclusion to end (following the initial 12 months).
  • Other: For example, correspondence with you and correspondence with Named Operators about your self-exclusion, documents and other records which note your self-exclusion. .

Certain types of personal data are sensitive and need more protection. For example, information about your race or ethnic origins, political opinions, sex life or sexual orientation, religious beliefs, health information, biometric and genetic data. There are also special rules about the use of criminal information (information about criminal convictions or allegations about criminal convictions). We do not collect these more sensitive types of data.

2. How do we collect your personal data?

Most of the personal data we need to operate your self-exclusion comes directly from you, for example when you:

  • Call MOSES to assist with your self-exclusion
  • Voluntarily complete the self-exclusion process.

You are not under any statutory or contractual requirement to provide us with your personal data. But if you don’t do so, there are certain circumstances where we will not be able to work with you, for example – we cannot help with your self-exclusion if you do not provide your name, contact details, photograph, and proof of identity and list of Named Operators.

We will also receive personal data from your chosen Named Operators, for example if you attempt to breach your self-exclusion.

3. How your personal data will be used, and the applicable lawful bases

We will only use personal data when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

  • where it is necessary for the purposes of our contract with you. For example, we need to know your name and the relevant Named Operators in order to sign you up to the Scheme.
  • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For example, we have a legitimate interest in sharing your personal data with your Named Operators so that we may effectively manage your self-exclusion.

We will use your personal data to manage your self-exclusion with the Named Operators. Specifically, the processing will include:

What we use your personal data for Types of personal data Further information Legal Basis
Recording and self-exclusion
  • Name, Contact Information
  • Images
  • Selected Named Operators and their locations
We will ask you to provide information about yourself and the Named Operators you wish to be excluded from. We will ask for a Photo which we will pass on to your Named Operators. When you register with us, you enter into an agreement with us for our assistance in your self -exclusion. This data is necessary for us to fulfil our part of the agreement.
Confirming your Identity
  • Name, Contact Information
  • Identification Documentation
When you register with us, we take steps to confirm your identity before we share your information with Named Operators. If you do not have any relevant documentation, we will ask you to provide a photograph so the Named Operators can confirm your identity on our behalf. It is in our legitimate interest to check the identity of the individual who is self-excluding to ensure their exclusion is valid.
Managing your self-exclusion
  • Name, Contact Information
  • Call records
  • Selected Operators and their locations
  • Details of any breach of self-exclusion
We ask your Named Operators to report back to us if you try to gamble with them. We will share this information with any other Named Operators so they can be alert. When you register with us, you enter into an agreement with us for our assistance in your self -exclusion. This data is necessary for us to fulfil our part of the agreement in ensuring that all Named Operators are aware of the current position.
Overall administration of the Scheme
  • Names of individuals who have entered into self-exclusions
  • Location of individuals
  • Named Operators for self-exclusions
  • Any incidents of you attempting to breach your self-exclusion
This will involve processing the personal data in aggregate or anonymising the personal data in order to perform the analysis. In order to continuously improve the Scheme, we use your personal data and the personal data of others who have self-excluded because it is in our legitimate interests to analyse our overall impact and effectiveness.

4. How long do we retain your personal data?

Self-exclusion will be recorded for an initial period of 12 months, followed by a review period of 6 months, during which time you can contact us to cancel or renew your self-exclusion. If you have not contacted us to renew your self-exclusion by the end of the review period, your self-exclusion will lapse. You can always contact us to extend your period of self-exclusion. Your personal data will be anonymised promptly following the end of your self-exclusion. If you have any questions about our retention policy, you can contact us using the details below.

You should be aware however that your Named Operators may continue to hold information about a player’s Self-Exclusion for an additional period after that time and this will be set out in each Operator’s privacy statements and retention policies.

5. Marketing

When you select a Named Operator to include in your self-exclusion, we will ask that Named Operator to take all reasonable steps to stop any future contact with you in respect of offers and incentives.

6. Who we share your personal data with

As mentioned above, we will share your personal data with your Named Operators in order to operate your self-exclusion.

We will also share your information with selected additional recipients where we have a lawful reason for doing so. These categories of recipients include:

  • Professional Advisors: accountants, auditors, lawyers, insurers, bankers, and other outside professional advisors;
  • Service Providers: companies that provide products and services to MOSES, such as IT infrastructure providers and contractors we use to support our operations;
  • Public and Governmental Authorities: entities that regulate or have jurisdiction over MOSES, such as regulatory authorities, public bodies, and judicial bodies, including to meet national security or law enforcement requirements; and
  • Third Parties in Corporate Transactions: in connection with any proposed or actual reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of MOSES’s organisation (including in connection with any bankruptcy or similar proceedings).

7. International transfers of your personal data

MOSES is based in the UK, and we keep your personal data in the UK. However, there may be circumstances when the personal data that we collect about you will be transferred outside the UK and the European Economic Area (“EEA”).

Some of these countries have a lower standard of protection for personal data. Where your personal data is transferred, stored, and/or otherwise processed outside the UK or EEA in a country which does not offer an equivalent standard of protection to the UK or EEA, we will take all reasonable steps necessary to ensure that the recipient implements appropriate safeguards designed to protect your personal information. For instance, we will enter into standard contractual clauses with the recipient which ensures that the recipient puts in place measures to protect your personal data.

If you would like more information about these safeguards, please contact us using the information below.

8. What are your rights?

Everyone is entitled to exercise the following rights in accordance with applicable Data Protection legislation:

The right to access – You have the right to request copies of your personal data. If we are satisfied that you have a right to see this personal data, and we are able to confirm your identity, we will, except where an exemption applies, provide you with this personal data.

The right to rectification – You have the right to have incomplete or inaccurate personal data about you rectified.

The right to erasure – You have the right to request erasure of your personal data, under certain conditions (noting that information about your self-exclusion cannot be erased during any period of self-exclusion or for a reasonable period thereafter).

The right to restrict processing – You have the right to restrict the processing of your personal data, under certain conditions (and noting that processing your personal data pursuant to your self-exclusion cannot be restricted during any period of self-exclusion).

The right to object to processing – You have the right to object to processing of your personal data, under certain conditions (and noting that you cannot object to the processing of your personal data pursuant to your self-exclusion during any period of self-exclusion).

The right to data portability – You have the right to request the transfer of data that we have collected to another organization, or directly to you, under certain conditions.

The right to withdraw consent – If we process your personal data on the basis of consent, you have the right to withdraw that consent at any time. Please note that we are unlikely to rely on consent as our lawful basis when processing your personal data for the purposes of the Scheme.

If you would like to exercise any of these rights, please contact us on the details set out below.

9. How to contact us

If you have any questions about this privacy policy, or you would like to exercise one of your data protections rights, please do not hesitate to contact us at First Floor, 10 Queen Street, London, EC4R 1BE. Telephone 0800 294 2060. Email help@self-exclusion.co.uk.

10. How to make a complaint

Should you wish to report a complaint about the way we have used your personal data or if you feel that any concerns haven’t been addressed in a satisfactory manner, you may contact the Information Commissioner’s Office: https://ico.org.uk/make-a-complaint/.

September 2020