Privacy Policy BitBay Estonia

I. General information

  1. Data controller – Pinewood Estonia OÜ with its registered office in Harju maakond, Tallinn, Lasnamäe linnaosa, Lõõtsa tn 5, 11415, Estonia entered in the Register of Entrepreneurs of the Ministry of Justice of Republic of Estonia, with number: 14814864, share capital: 2,500 EUR, fully paid-in (the “Controller” or “we”) is the owner and the administrator of services “BitBay” available for the users (“Users” or “you”), provided at a given time by Controller and/or its affiliates – entities related to the Controller economically and/or personally (the “Affiliates”) and available to you on the "as is" basis (collectively referred here as “Services”).
  2. We process your personal data in accordance to the binding law, especially to Regulation 2016/679 of the European Parliament and the European Council from April 27, 2016 on the protection of individuals with regard to the processing of personal data and free movement of such data, as well as repealing Directive 95/46/WE (general regulation on data protection) (the “GDPR”) and other relevant binding provisions of law.
  3. This Privacy Policy applies to all of our Services and serves you as an actual information about how we process your personal data (the “Personal Data”).

II. Personal Data

  1. We may obtain your Personal Data from you directly (especially through the websites and/or online forms); and/or from third parties, service providers that are assisting us in providing you with a Services.
  2. We may collect the following categories of Personal Data:
    • vontact, registration and verification information such as name, surname, nickname, email, address and other information that are necessary to identify you and to prevent using your account by unauthorized parties;
    • data about your account (we may create a specific ID for you when you use the Services);
    • your IP address and unique mobile device identification numbers (such as your device ID, advertising ID, MAC address);
    • data about your device, such as manufacturer, operating system, CPU, RAM, browser type and language;
    • broad location data (e.g. country or city-level location);
    • precise geolocation data (GPS, with your consent);
    • data we collect with cookies and similar technologies;
    • data (such as your nickname, profile picture) we receive if you link a third-party tool with the Service (such as Facebook, Google or Weibo);
    • details of orders (amount spent, date, time, vouchers or offers used);
    • data to fight fraud and data required by anti-money-laundering provisions;
    • payment data (such as to verify payment);
    • data for advertising and analytics purposes, so we can provide you a better Service;
    • your messages to the Services (such as chat logs and player support tickets) any feedback you submitted about your experience with us; and/or
    • other data you choose to give us.
  3. Provision of Personal Data in a scope indicated by the Controller for particular purposes specified, is voluntary but may be necessary to use the Services.

IV. Recipients

  1. Categories of recipients: processors acting on our behalf such as service providers, marketing, PR and HR agencies and relevant Affiliates, or other controllers (when justified), enabling/ improving the Services such as relevant Affiliates, payment agents, banks or other financial institutions.
  2. We may feature advertising within our Services. The advertisers may collect and use information about you, such as your Service session activity, device identifier and IP address. They may use this information to provide advertisements of interest to you. In addition, you may see our Services advertised in other services.
  3. Our partners are based mainly in the countries of the European Economic Area (EEA). Some of our partners may be located outside the EEA. In connection to the transfer of your data outside the EEA, we verify whether the partners provide a guarantee of a high level of protection of Personal Data. These guarantees arise in particular from the obligation to use standard contractual clauses adopted by the Commission (EU). You have the right to request us to provide copies of standard contractual clauses by sending us a relevant request.

V. Retention

  1. We only process Personal Data for as long as it is necessary, especially in relation to the Services and/or handling complaints. When the purpose of the data processing has been fulfilled, your Personal Data will be deleted in accordance with our data retention policy, unless we are legally required to retain it. In relation to the legal grounds of processing as mentioned above, Personal Data may be stored for the following periods of time:
    • in the event when data are necessary for the performance of the contract, for the duration of the contract and until the expiration of the claims resulting from this contract;
    • if the basis for data processing is the legitimate interest of the controller, until you file an effective objection;
    • for tax, accounting, anti-money-laundering purposes, to the extent and for a period of time compliant with the applicable law;
    • if Personal Data are being processed based on the consent you gave - to the moment of withdrawal, restriction or other action on your part restricting such consent.

VI. Your Rights

  1. Your responsibility is to ensure that all Personal Data submitted to us are correct. We may maintain the accuracy and completeness of Personal Data and keep the data up to date.
  2. To the extent required by the applicable law, you may have:
    • right to access your Personal Data, including receiving a copy thereof;
    • right of rectification of your Personal Data;
    • right of erasure (only in cases foreseen by GDPR) of your Personal Data;
    • right to object or restrict the processing of Personal Data;
    • right to withdraw your consent - applicable to the situations when your Personal Data are processed based on your consent. Remember that withdrawal of your consent does not impact on lawfulness of processing before such withdrawal;
    • right to Personal Data portability, i.e. to receive your Personal Data from us in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, provided that the Personal Data are processed based on a consent or in order to perform the contract.

VII. Complaints

  1. To exercise the rights described above or in case of any questions in relation to Personal Data processing, you can use the following contact information:
    • e-mail: [email protected]
    • registered mail: Pinewood Estonia OÜ, Harju maakond, Tallinn, Lasnamäe linnaosa, Lõõtsa tn 5, 11415, Estonia.
  2. Your written request may be required for security reasons. We may decline the request, if there are reasonable grounds to believe that the request is fraudulent, unfeasible or may jeopardize privacy of others.
  3. If you think that the way we process your personal information does not comply with applicable data protection laws, you have the right to lodge a complaint with a supervisory authority – Estonian Data Protection Inspectorate, 39 Tatari St., 10134 Tallinn , Estonia.

VIII. Age Policy

  1. Our Services are not directed to people younger than eighteen (18) years of age. We do not intend to collect personal data from such people. If you are under 18, please do not use the Services and do not send any information about yourself to us. In the event that we learn that we have collected personal information from a person under age 18, we will delete that data as quickly as possible.

IX. Changes

  1. This Privacy Policy may be updated from time to time. We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy here. You are advised to consult this Privacy Policy regularly for any changes.

X. Cookies

  1. To ensure that our website works correctly, we may sometimes place a small piece of data - known as cookies - on your computer or mobile device. A cookie is a text file stored by a web server on a computer or a mobile device. The content of a cookie can be retrieved or read only by the server that created the cookie. The text in a cookie often consists of identifiers, site names, as well as some numbers and characters. Cookies are unique to the browsers or mobile applications you use, and enable websites to store various data, such as e.g. your preferences.
  2. Like many other Internet service providers, we use cookies to improve user experience. Session cookies are deleted after each visit, while persistent cookies remain in place across multiple visits. Cookies allow websites to remember your settings such as language, font size on your computer or mobile device, or other browser preferences. This means that you do not need to reset preferences every time. Therefore, if cookies are not used, websites will treat you as a new visitor every time you load a web page. For example, if you are redirected to another web page from a website you are already logged into and then return to the original website, it will not recognize you and you will have to log in again.
  3. You can manage or delete cookies based on your own preferences. You can clear all the cookies stored on your device, while most of the web browsers provide the option of blocking cookies. However, by doing so, you have to change the user settings every time you visit our website. Find out how to manage cookies settings in your browser or on its dedicated website.