Privacy Notice

Privacy Notice

This Privacy Notice describes how  Sportingbet (Deutschland) Ltd ('Sportingbet', 'our', 'us', as appropriate) collects, use, stores, shares or keeps your personal information when you use our services through our online gaming website (“Website”) and mobile application (“App”). It also describes your data protection rights. This Privacy Notice is integral part and supplements the General Terms and Conditions (“GT&C” or “gaming contract”).

The data controller for your personal information is: Sportingbet (Deutschland) Ltd registered in Unit 6, St Business Centre, 120 The Strand, Gzira, Malta.

We have appointed a Data Protection Officer (DPO) that can be contacted at dataprivacy@entaingroup.com. Please note that this channel (above email address) is not monitored for customer service queries. You should contact the dedicated customer support channels provided on the gaming Website or App or our contact section below.

We are part of  Entain Group, which is a global business and for operational purposes other entities in our group will have access to your data. We may also share controllership jointly with other group companies.  In these cases, your rights are enforceable by the data controller mentioned here.  Please see the section on “Your Rights” for further information.

1. INFORMATION COLLECTED AND MEANS OF COLLECTING
2. INFORMATION USE AND LEGAL BASIS
3. AUTOMATED DECISION MAKING AND ARTIFICIAL INTELLIGENCE SOLUTIONS
4. DISCLOSING YOUR PERSONAL INFORMATION
5. INTERNATIONAL TRANSFERS
6. YOUR RIGHTS
7. SECURITY
8. RETENTION OF PERSONAL INFORMATION
9. CHANGES TO OUR PRIVACY NOTICE
10. CONTACT US

1. INFORMATION COLLECTED AND MEANS OF COLLECTING

We collect the following information about you:

1.1 Personal information you provide to us when register and use a gaming account with our Website or App, this may include first and last name, date of birth, payments and credit card information, username and password, proof of age and identity, billing address, home address, email address, phone number or other contact information;

1.2 Technical information about your devices and usage of our platforms such as: IP address, time of access, date of access, type of device, third-party web page(s) visited when you interact with us, language use, location, roaming trace, software crash reports and type of browser used. This information is essential for the provision and quality of our services.

1.3 Your public profile on social media, including, name, photo and other information you make available to us when you like, post, share or otherwise interact with our official social media pages e.g. Facebook, Instagram, X, etc.

1.4 We keep records of communication when you contact us or otherwise interact with us, including via e-mail, letter, text message (SMS), messaging applications, telephone, live chat functions or other online channels on our Website or App;

1.5 Other information collected from third parties and various databases to comply with our legal and regulatory obligations, age and identity verification, gaming protection, and credit checks;

1.6 We may also receive your personal information from external service providers such as online payments, banks and other financial services;

1.7 We may collect additional types of information where you provide such information to us through your use of our services.

1.8 We may collect information shared by legal consultants appointed by you, tutors appointed by courts or family members legally representing you, regulatory bodies and other governmental bodies (including police, prosecutor office or tax authorities). This typically occurs in relation to data access requests, complaints, legal disputes or official investigations related to your gaming activities.

2. INFORMATION USE AND LEGAL BASIS

2.1 To provide a requested service or carry out a contract with you (Art.6.1 (b) GDPR):

• To provide customer support and service messages, including messages requesting feedback on our services and notifying you about changes to our Website and App, services or changes to our terms, conditions and policies.
• To conduct security reviews, validate your identity, age, the registration information provided by you and to verify your use of our services and your financial transactions for potential breach of our GT&C and applicable laws. Security reviews may include verifying the information you provide against third-party databases.
• To process your online transactions and payments. As part of this process, we exchange your personal information with third party payment processors and other financial institutions as necessary.
• To deliver all other services and products included in our GT&C and process any request that you may have in relation to them.

2.2 To conduct our business and pursue our legitimate interests (Art.6.1 (f) GDPR):

• To investigate and address enquiries, questions and complaints and respond to any feedback for the purpose of improving our services and products and defend our legal interests.
• To post in-game activity to your newsfeed and share content with other players which may lead to loyalty points, or rewards (such posting of in-game activity can be controlled in your privacy settings).
• To invite you in participating in surveys related to our products, promotions, market research and events.
• Customer telephone and chat conversations may be recorded to allow us to improve the quality of our customer service and our products, train staff and to record what is said in the event of a subsequent complaint. You shall be informed in advance about such recordings.
• Provide you with promotional offers and information where you have indicated or you have inferred an interest in our products and services.
• We monitor the use of our Website and Apps and use your personal information to help us improve and protect our content, services, mobile applications and websites, both online and offline.
• We use your information to personalise our Website and App services for you e.g. tailor default settings related to language, games, etc.
• We monitor customer accounts to prevent the use of unfair, abusive, and illegal practices in our Website and Apps.
• We may use personal information to investigate any complaints or disputes received from you, other players or other third parties, about our Websites and App services.
• We may share your data with contracted third parties who provide us with services relevant to gambling services, including customer support, information security, payments, marketing, data analysis, research and surveys, etc.
• We may process the data to exercises and defend our legal rights in connection with legal claims, litigations, compliance, regulatory and investigative purposes as necessary. For the purpose we can share your data with our legal consultants, tax advisors and other parties offering their expertise.
• We use your data to categorise you through manual or partially automated processes in demographics, likely behaviors and product preferences. This categorisation is used in relation to the services, content and promotions we offer.
• We may target you with generic or customised promotions on social media channels. This typically happens if you join or follow our social media pages and accounts, click our promotions, or select this form of marketing in your social media accounts. This activity is within industry standards, balanced and within the customers’ expectations. It is performed together with the companies operating the social media channels (e.g. Facebook, Instagram, TikTok, YouTube, Snapchat, etc.). These companies act as separate data controllers, and we have limited oversight or control how they collect and process your data. You may review the marketing preferences and privacy settings in your social media and internet accounts. Some social media channels also offer paid accounts excluding any form of advertisement. In addition, our Cookie Notice page provides further information and options on this topic.

2.3 In accordance with your preferences and consent (Art. 6.1 (a) GDPR):

• Subject to your marketing consent preferences, we will use your personal information to deliver marketing communications per email (newsletters), text messages (SMS), telephone calls, mail post, online search engines and websites, gaming inbox messaging, push notifications or other available channels. They shall provide you with information regarding our existing and new products, services and promotions, including other gaming products (online casino, betting, deposits, bonuses, spins, etc.).
• We may use social media and instant messaging applications to communicate with you or share our offers. In those cases, we apply strict security rules, and you will be informed in advance by our staff to give consent to use them as official and legally binding communication channels. Please note that companies offering these services act as separate data controllers and you can review the privacy settings on your account with them.  
• To share your contact details with selected media partners and affiliates for the purposes of them being able to offer their own marketing services to you. We only do this where we have your consent and in line with your marketing preferences.
• To perform and enter you into surveys or promotions you have agreed to.

• We place cookies and use similar technologies in accordance with our Cookies Notice for more information please refers to our Cookie Notice.
• We may ask for your consent to use your data for other purposes not listed here. In such cases, we shall inform you in advance together with the consent form about the scope of processing.
• Wherever we rely on your consent, you will always be able to withdraw that consent at any time by updating your marketing preference or by contacting us. Consent withdrawal does not affect the already marketing completed activities or have any impact on service messages. In addition, we shall inform you in case we may have legal and legitimate grounds to further process your data for other purposes.  

2.4 For purposes which are required by law (Art.6.1 (c) GDPR):

• In response to requests by government or law enforcement authorities conducting an investigation or legal proceedings. This may include the police, public prosecutor office, tax authorities, gaming regulators, courts, government bodies fighting fraud, money laundering or terrorism financing, etc. We notify players about these requests only if the governmental body or authority requires this, or this is a legal obligation, or to defend our legitimate interests. In some cases, the law prohibits notification to players. The government bodies and law enforcement authorities act as separate data controllers, and you may contact them to obtain more information.

• To comply with gaming protection measures, including sharing customer data to self-exclusions and deposit limit databases operated by regulatory bodies or third parties authorized by law.

3. AUTOMATED DECISION MAKING AND ARTIFICIAL INTELLIGENCE SOLUTIONS

3.1 Automated decisions means that data processing and decisions that have legal effect on you are taken without human intervention. We may use partially automated decision making to categorize your profile, gaming behaviors and predict likely future gaming preferences. This helps us to provide you personalized gaming content, marketing communications, differential payments and withdrawals methods, and other operational services. These activities involve human oversight and decision making.

We use automated decisions to comply with legal and regulatory regulations, anti-fraud, anti-money laundering and responsible gaming including self-exclusion and deposit limit systems (Art.22.2 (b) GDPR). These may result in restrictions on services, such as complete or temporary blocking of your player account or payment options.

Some of our account registration, support functions and information security measures are based on automated decisions. These activities are necessary to fulfill our gaming contract, security obligations and legal requirements (Art.22.2 (a), (b) GDPR).

3.2 Artificial Intelligence Solutions

We use Artificial Intelligence (“AI”) to enhance player´s experience, maintain platform integrity, increase information security, and support operational efficiency. AI solutions are necessary to offer the highest security to our services and customers’ data and offer the best user experience to our players. We may use AI solutions for the following purposes:

• Gameplay Personalisation; to analyse player behavior and preferences and then tailor content recommendations.
• Information Security: to prevent, detect and handle security threats to our Website, App and customers personal data.
• Products Integrity and Compliance: to detect and prevent activities related to cheating, fraud, AML, RG protection and violations to our contract terms or applicable laws.
• Payment Activities: to process online payments in a secure and accurate manner.
• Support Services: tools that may assist in customer support, including chatbots and automated ticket routing.

AI based solutions are primarily offered and integrated into our systems by third-party suppliers. They may be also partially customised by us. Suppliers using AI solutions undergo our due diligence process and are contractually obliged to ensure that their AI systems comply with our data protection and ethical standards and legal obligations including GDPR and EU AI Act.

4. DISCLOSING YOUR PERSONAL INFORMATION

4.1 We may disclose information about you;

• to other companies in the  Entain Group, which includes direct and indirect subsidiary companies primarily for business and operational purposes in line with this Privacy Notice;

• to third party service providers and suppliers, who will process it on our behalf for the purposes identified above. Such third parties include providers of Website and App hosting, maintenance, call centre operations, identity checking, information verification services, marketing, data analysis, research and surveys, payment processors and/or financial institutions to process financial transactions and other organisations that provide technical support, process your online transactions and maintain your account;

• with law enforcement and public authorities to comply with any legal obligation or where we believe we are under a duty to comply with an obligation. This includes data sharing necessary for the performance of a task carried out in the public interest as defined by law.
• with third parties to enforce our terms and gaming contract and any other agreements with our players, or to protect the rights, property, safety, or security of the  Entain Group, third parties or the public.  This includes also data sharing that is necessary to protect the vital interests of our players as defined by law.

• with other online gaming sites, banks, credit card companies, and appropriate agencies, where you are found to have cheated or attempted to defraud us or any other user of our services, which may include but not limited to identity theft, unauthorized identity alteration or modification, multi-accounting, game manipulation, payment fraud, or prohibited transaction (including money laundering); and

• with third parties in the event of sale, purchase of assets, merger, bankruptcy or reorganization proceeding. This includes cases when our Website and App together with customers data is merged, sold or acquired by another  Entain Group company or a third party. In such cases, players are informed in advance in line with the gaming contract and applicable laws.

4.2 Below is a list of the main third parties we obtain and share data depending on the individual activities and decisions of the players, e.g. select the payment processor, apply self-exclusion, etc. They operate as separate data controllers. If you want to know how they process your data, we invite you to visit their privacy notices and contact channels.

Please note that in some cases company names, addresses, websites and processed data may change due to rebranding, acquisitions, contracting, regulatory, etc. We put efforts into keeping the list accurate and you may contact us in case of queries.

4.2.1 Identity Verification and Credit Scoring

4.2.2 Gaming protection and regulatory

4.2.3 Payment processors and credit cards 

We may process data directly with your bank by using online banking systems known as Instant Banking and Online Transfer (Online-Überweisung). This process takes place if you have a bank account with one of the participating banks and select this payment option.  

5. INTERNATIONAL TRANSFERS

We store your personal information on our servers located in the EU/EEA. As with any global organisation, we are often required as part of our services to grant access or partially transfer data internationally outside the EU/EEA. Accordingly, data about you may be transferred globally and if your data is collected within the EU/EEA, this means that your data may be transferred outside of it.

Where your personal information is transferred to a country or territory outside the EU/EEA, and where this is to a country that is not subject to an Adequacy Decision approved by the EU Commission, we will take steps ensuring that the privacy of your information continue to be protected. For example, by approved Binding Corporate Rules, Intra-group privacy agreements, EU Commission approved Standard Contractual Clauses (SSC) or verifying that third parties are certified under an approved certification mechanism according to international privacy rules (eg. EU-U.S. Data Privacy Framework). We do not transfer data to countries that are considered high risk due to authoritarian regimes or lack basic privacy laws and standards.   

6. YOUR RIGHTS

You have a number of privacy rights when it comes to your information. You can exercise any of these rights by contacting us through our contact information below.

• The right to object to processing. You have the right to object to certain types of processing, including processing for direct marketing.
• The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights.
• The right of access. You have the right to obtain access to your information processing by us and other information as provided in this Privacy Notice.
• The right to rectification. You are entitled to have your information corrected if it is inaccurate or incomplete. You can request that we rectify any errors in information that we hold.
• The right to erasure. This is also known as ‘the right to be forgotten’ and enables you to request the deletion or anonymisation of your information that we hold. This right is not absolute and not applicable when other legitimate and overriding reasons apply.
• The right to restrict processing. You have the right, under certain preconditions, to ask suspension of processing and further use of your information. When processing is restricted, we can still store your information but will not use it further.
• The right to data portability. You have the right to obtain and reuse your information for your own purposes across different companies. This is not an absolute right on all data and there are exceptions.
• The right to withdraw consent. If you have given us your consent to processing your information you can withdraw the consent to the processing at any time. This however, shall not affect the activities performed before the withdrawal.
• The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your information with the responsible data protection regulator: Information and Data Protection Commissioner (IDPC), Floor 2, Airways House, Triq Il-Kbira, Tas-Sliema SLM 1549, Malta. Web: https://idpc.org.mt/.

Privacy and data protection of our customers are a priority for us. We strongly encourage you to get in touch with us in case of privacy concerns or queries. We handle all requests with high attention.

7. SECURITY

Information security is fundamental for conducting our business operations. We place absolute importance to information security and the techniques needed to secure information and personal data. We use adequate organisational, technical and administrative measures to protect your personal data from unauthorised access, alteration, disclosure, destruction. We take steps with our group policies and certification to ensure that our staff, subsidiaries, agents, affiliates and suppliers also employ adequate levels of security. In particular with;

• Secure Firewalled Datacentres;
• Certified Encrypted Webpages; and
• ISO27001:2013 certified business practices.

8. RETENTION OF PERSONAL INFORMATION

The period we may retain your data depends on the purposes for which the data was collected, whether you have requested deletion, and whether any legal obligations require the retention eg. regulatory compliance. If we process your information for marketing purposes or with your consent, we process the information until you ask us to stop and for a short period after this (necessary to implement your requests). Where we process your information to fulfill the contracts with you or for compliance with our legal obligations, we will do so in accordance with retention periods specified by applicable law and as illustrated below.

*A gaming account is closed upon player´s request, if we do so in line with our GT&C, or the account is inactive (has no transactions) longer than two years.

**Some personal and account information are retained together with financial data.

9. CHANGES TO OUR PRIVACY NOTICE

We may update this Privacy Notice and any supplemental annexes or notices, from time to time. We will notify you of the changes where required by law to do so. We recommend that you revisit this Privacy Notice regularly.

10. CONTACT US

If you would like to exercise any of your data protection rights, such as the right of access to your information or data deletion, directly by yourself or by a third party on your behalf, please contact privacy@sportingbet.de.

Version: November 2025