logo

Privacy Policy

INTRODUCTION


Canadianlotto.ca, (“we”; “us”), is committed to protecting and respecting your privacy. This Privacy Policy (“policy”) forms part of and is incorporated by reference into the Take That Limited standard Terms and Conditions. This policy governs the data which we collect from users and other third parties in the course of our business and the way in which we protect and process such information. Please read this policy carefully to understand how we will treat your personal data.


Canadianlotto.ca respects your privacy and is committed to protecting your personal data and processing it in compliance with applicable laws – notably:


- The Data Protection Act 2018 (DPA 2018), and the Canada General Data Protection Regulation.


- The Regulation 2016/679 of the Canada Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)


This Privacy Policy will inform you as to how we process your personal data when you visit our website and/or use our services and tell you about your privacy rights and how the law protects you.


CONTENTS OF THIS PRIVACY POLICY:


1. DATA CONTROLLER


1.1. SCOPE OF THIS PRIVACY POLICY


This privacy policy aims to give you information on how We collect and process your personal data through or in conjunction with your use of this website and Our Services.


This Privacy Policy stipulates details and conditions of collecting and processing your Personal Details and provides you with information in terms of articles 12 and 13 of the and 20 of General Data Protection Regulation.


This website is not intended for children and we do not knowingly collect data relating to children.


1.2. CONTROLLER


Canadianlotto.ca is the controller and responsible for your personal data (referred to as "We", “we”, "us" or "our" in this Privacy Policy).


We have appointed a data protection officer who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise rights please contact Us using the details set out below.


1.3. CONTACT DETAILS


Although Our goal is to always be as clear and transparent as possible, We strongly encourage You to contact Us for any clarification You may need.


1.4. CHANGES TO THE PRIVACY POLICY


Any changes we may make to our Privacy Policy in the future will be posted on this page and on our website. Please check this page occasionally to ensure you are happy with any changes.


2. THE DATA WE COLLECT ABOUT YOU


2.1. Personal Data: means any information that identifies You as an individual or that relates to an identifiable individual.


Whenever it is not possible or feasible for Us to make use of anonymous and/or anonymised data (in a manner that does not identify any Users of the Site or customers of Our services), We are nevertheless committed to protecting Your privacy and the security of Your Personal Data at all times.


2.2. Data disclosed by You: We collect from You, through interaction with You or through Your interaction with Us or our Services different kinds of personal data about you which we have grouped together follows:


a. Registration Data provided by you when you register on the Website including display name (chosen by you).


b. Contact Data includes your email address and residential address.


c. Log in Data includes internet protocol (IP) address, your logins, browser and operating system on the devices you use to access our Services.


d. Analytics data include various data provided by you or observed with respect to your use of our Website and Services such as your browser data, referring site URLs, time or usage information, Website preferences and settings. Certain information is collected using cookies and/or similar tracking technology – please see further section “Cookies”.


2.3. Special categories of Personal Data


We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. However, we may not exclude that You send us such data in communication with Us.


2.4. If You Fail To Provide Personal Data


Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with Our Services).


3. PURPOSES AND LEGAL BASIS


3.1. General Purposes


We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- To allow You access and use of the Website
- For identification and verification proposes
- For analytics purposes


3.2. Purposes and Legal Basis


We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.


4. RETENTION PERIOD


We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.


The criteria We use to determine what is ‘necessary’ depends on the nature of the particular personal data in question.


For the avoidance of doubt we will normally keep your data for a period no longer than five (5) years, unless required to hold your data for a longer period for regulatory purposes.


Where Your personal data is no longer required by Us, We will either securely delete or anonymise the personal data in question.


5. PEMROSES DATA


5.1. As Canadianlotto.ca's business partners, suppliers or service providers are responsible for certain parts of the overall functionality or operation of the Website, Personal Data is also processed by them for the purposes mentioned above on behalf of Canadianlotto.ca.


We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not authorize our third-party service providers to use your personal data for their own purposes and only authorize them to process your personal data for specified purposes and in accordance with our instructions.


5.2. Lawful disclosure: If you are suspected of having breached our Terms and Conditions or applicable law (for example where we suspect that a crime may have been committed), or for the purposes of preventing, detecting or addressing fraud, Canadianlotto.ca reserves the right to:


- Forward your Personal Data to government authorities;


- Share your Personal Data with relevant law enforcement and/or criminal investigation agencies and assist such agencies with any investigation into your actions;


- Use your Personal Data for the purpose of responding to a subpoena or similar official order or request for Personal Data;


6. INTERNATIONAL TRANSFERS


We will only transfer your personal data to countries which are considered as providing an adequate level of legal protection or where alternative arrangements are in place to protect your rights.


We may transfer your personal data outside the EEA in the unlikely event that we receive a legal request from a foreign law enforcement body. All requests for information we receive from these bodies will be carefully checked before personal data is transferred.


We may use remote website server hosts to provide and maintain some aspects of our service and website, which may be based outside the EEA (in “the cloud”). Your personal data may also be processed by staff operating outside the EEA or one of our service providers located in a country outside of the EEA. Transfers to service providers outside of the EEA will be protected by contractual commitments and, where appropriate, further assurances, such as certification schemes In all cases we will take steps with the aim of ensuring that your privacy rights continue to be protected, as outlined in this privacy policy and in accordance with the GDPR and other applicable laws.


You have the right to ask for more information about the safeguards we have put in place as mentioned above.


7. SECURITY


We have put in place appropriate technical and organizational security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.


We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.


8. YOUR RIGHTS UNDER THE DATA PROTECTION LAWS


8.1. The Right to Data


With effect from May 25, 2018, you have the right, in certain circumstances, to obtain personal data you have provided us with, in a structured, commonly used and machine-readable format, and to reuse it elsewhere or ask us to transfer this to a third party of your choice.


8.2. The Right to Object


When the processing is necessary for the purposes of the legitimate interests pursued by Us or by a third party You shall have the right to object to processing of Your personal data by Us.


When Your data is processed for direct marketing purposes, You have the right to object at any time to the processing of Your personal data, which includes profiling to the extent that it is related to such direct marketing.


8.3. The Right to lodge a Complaint


You also have the right to lodge complaints with the appropriate Data Protection Supervisory Authority. The competent authority in the Canada is the Information Commissioner’s Office. We kindly ask that You please attempt to resolve any issues You may have with Us first (even though, as stated above, You have a right to contact the competent authority at any time).


8.4. Identification


When exercising your rights by contacting us, we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.


8.5. Time Limit To Respond to Your Requests


We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.


9. COOKIES


Our site uses cookies, for further information on what cookies are and which cookies we use