This Self-Exclusion Scheme is run by Multi-Operator Self-Exclusion Scheme Limited (“MOSES”). The Scheme allows you to self-exclude from select betting locations operated by licensed operators. You select and control these locations (for example, based upon geographic proximity to your home and/or work). We refer to the licensed operators which are part of your self-exclusion as the “Named Operators”.
When you request self-exclusion status with us, we will pass on basic information about you (your name, your photograph, and potentially your proof of identity) so that the Named Operators can assist with your self-exclusion by alerting the relevant locations. If you attempt to breach your self-exclusion, the Named Operators will then report back to us.
- What personal data do we collect?
- How do we collect your personal data?
- How your personal data will be used and the applicable lawful bases.
- How long do we retain your personal data?
- Who we share your personal data with
- International transfers of your personal data
- What are your rights?
- How to contact us.
- How to make a complaint
1. What personal data do we collect?
Personal data is any information which identifies you or which could be used to identify you. For example, your name is your personal data. Your personal data also includes the fact that you have requested a self-exclusion.
We collect the following types of personal data:
- Personal identification: For example, Name, email address, residential address, phone number, etc.
- Identity Verification: Proof of your identity (e.g. a driver’s licence or passport)
- Visual: Photograph or photographs of you
- Transactional Data: Details of the locations and Named Operators to which your self-exclusion applies
- Scheme Data: For example, notices of any breach of your exclusion (whether by you or a Named Operator), any extensions to your exclusion and whether you notify us that you would like your exclusion to end (following the initial 12 months).
- Other: For example, correspondence with you and correspondence with Named Operators about your self-exclusion, documents and other records which note your self-exclusion. .
Certain types of personal data are sensitive and need more protection. For example, information about your race or ethnic origins, political opinions, sex life or sexual orientation, religious beliefs, health information, biometric and genetic data. There are also special rules about the use of criminal information (information about criminal convictions or allegations about criminal convictions). We do not collect these more sensitive types of data.
2. How do we collect your personal data?
Most of the personal data we need to operate your self-exclusion comes directly from you, for example when you:
- Call MOSES to assist with your self-exclusion
- Voluntarily complete the self-exclusion process.
You are not under any statutory or contractual requirement to provide us with your personal data. But if you don’t do so, there are certain circumstances where we will not be able to work with you, for example – we cannot help with your self-exclusion if you do not provide your name, contact details, photograph, and proof of identity and list of Named Operators.
We will also receive personal data from your chosen Named Operators, for example if you attempt to breach your self-exclusion.
3. How your personal data will be used, and the applicable lawful bases
We will only use personal data when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
- where it is necessary for the purposes of our contract with you. For example, we need to know your name and the relevant Named Operators in order to sign you up to the Scheme.
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For example, we have a legitimate interest in sharing your personal data with your Named Operators so that we may effectively manage your self-exclusion.
We will use your personal data to manage your self-exclusion with the Named Operators. Specifically, the processing will include:
4. How long do we retain your personal data?
Self-exclusion will be recorded for an initial period of 12 months, followed by a review period of 6 months, during which time you can contact us to cancel or renew your self-exclusion. If you have not contacted us to renew your self-exclusion by the end of the review period, your self-exclusion will lapse. You can always contact us to extend your period of self-exclusion. Your personal data will be anonymised promptly following the end of your self-exclusion. If you have any questions about our retention policy, you can contact us using the details below.
You should be aware however that your Named Operators may continue to hold information about a player’s Self-Exclusion for an additional period after that time and this will be set out in each Operator’s privacy statements and retention policies.
When you select a Named Operator to include in your self-exclusion, we will ask that Named Operator to take all reasonable steps to stop any future contact with you in respect of offers and incentives.
6. Who we share your personal data with
As mentioned above, we will share your personal data with your Named Operators in order to operate your self-exclusion.
We will also share your information with selected additional recipients where we have a lawful reason for doing so. These categories of recipients include:
- Professional Advisors: accountants, auditors, lawyers, insurers, bankers, and other outside professional advisors;
- Service Providers: companies that provide products and services to MOSES, such as IT infrastructure providers and contractors we use to support our operations;
- Public and Governmental Authorities: entities that regulate or have jurisdiction over MOSES, such as regulatory authorities, public bodies, and judicial bodies, including to meet national security or law enforcement requirements; and
- Third Parties in Corporate Transactions: in connection with any proposed or actual reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of MOSES’s organisation (including in connection with any bankruptcy or similar proceedings).
7. International transfers of your personal data
MOSES is based in the UK, and we keep your personal data in the UK. However, there may be circumstances when the personal data that we collect about you will be transferred outside the UK and the European Economic Area (“EEA”).
Some of these countries have a lower standard of protection for personal data. Where your personal data is transferred, stored, and/or otherwise processed outside the UK or EEA in a country which does not offer an equivalent standard of protection to the UK or EEA, we will take all reasonable steps necessary to ensure that the recipient implements appropriate safeguards designed to protect your personal information. For instance, we will enter into standard contractual clauses with the recipient which ensures that the recipient puts in place measures to protect your personal data.
If you would like more information about these safeguards, please contact us using the information below.
8. What are your rights?
Everyone is entitled to exercise the following rights in accordance with applicable Data Protection legislation:
The right to access – You have the right to request copies of your personal data. If we are satisfied that you have a right to see this personal data, and we are able to confirm your identity, we will, except where an exemption applies, provide you with this personal data.
The right to rectification – You have the right to have incomplete or inaccurate personal data about you rectified.
The right to erasure – You have the right to request erasure of your personal data, under certain conditions (noting that information about your self-exclusion cannot be erased during any period of self-exclusion or for a reasonable period thereafter).
The right to restrict processing – You have the right to restrict the processing of your personal data, under certain conditions (and noting that processing your personal data pursuant to your self-exclusion cannot be restricted during any period of self-exclusion).
The right to object to processing – You have the right to object to processing of your personal data, under certain conditions (and noting that you cannot object to the processing of your personal data pursuant to your self-exclusion during any period of self-exclusion).
The right to data portability – You have the right to request the transfer of data that we have collected to another organization, or directly to you, under certain conditions.
The right to withdraw consent – If we process your personal data on the basis of consent, you have the right to withdraw that consent at any time. Please note that we are unlikely to rely on consent as our lawful basis when processing your personal data for the purposes of the Scheme.
If you would like to exercise any of these rights, please contact us on the details set out below.
9. How to contact us
10. How to make a complaint
Should you wish to report a complaint about the way we have used your personal data or if you feel that any concerns haven’t been addressed in a satisfactory manner, you may contact the Information Commissioner’s Office: https://ico.org.uk/make-a-complaint/.