Privacy Policy

Last Updated: December 26, 2024

Introduction

This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our Drop The Boss gaming platform and website. We are committed to protecting your privacy and ensuring your personal data is handled in accordance with UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Data Controller Information

We are the data controller for the personal information we collect about you. Our contact details are:

Email: [email protected]
Address: 36 King’s Cross Road, London WC1X 9DT, United Kingdom

Information We Collect

Personal Information You Provide

When you create an account or use our services, we may collect:

  • Name and contact details (email address)
  • Date of birth and age verification information
  • Account credentials (username and encrypted password)
  • Payment and banking information for transactions
  • Communications with our customer support team
  • Preferences and settings for your gaming experience

Information We Collect Automatically

When you use our platform, we automatically collect:

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, time spent, gaming sessions)
  • Technical data (screen resolution, device capabilities)
  • Cookies and similar tracking technologies (see our Cookie Policy)
  • Gaming activity and performance statistics

Information from Third Parties

We may receive information from:

  • Payment processors and financial institutions
  • Age verification and identity confirmation services
  • Analytics and customer support service providers
  • Marketing and advertising partners (with your consent)

How We Use Your Information

We use your personal data for the following purposes:

Service Provision

  • Creating and managing your gaming account
  • Processing payments and withdrawals
  • Providing customer support and technical assistance
  • Delivering gaming services and platform functionality
  • Maintaining account security and preventing fraud

Legal and Regulatory Compliance

  • Age verification and identity confirmation
  • Compliance with gaming and financial regulations
  • Anti-money laundering and fraud prevention
  • Responding to legal requests and court orders
  • Maintaining required records for regulatory authorities

Communication and Marketing

  • Sending service-related notifications and updates
  • Providing promotional offers and gaming recommendations
  • Conducting surveys and collecting feedback
  • Personalizing your gaming experience
  • Marketing communications (with your explicit consent)

Analytics and Improvement

  • Analyzing platform usage and user behavior
  • Improving gaming features and user experience
  • Developing new services and functionality
  • Monitoring technical performance and security

Legal Basis for Processing

We process your personal data based on:

PurposeLegal Basis
Account management and gaming servicesContract performance
Age verification and regulatory complianceLegal obligation
Fraud prevention and securityLegitimate interest
Marketing communicationsConsent
Platform improvement and analyticsLegitimate interest

Data Sharing and Disclosure

We may share your personal information with:

Service Providers

  • Payment processors for transaction handling
  • Identity verification and age confirmation services
  • Cloud hosting and technical infrastructure providers
  • Customer support and communication platforms
  • Analytics and performance monitoring services

Legal and Regulatory Requirements

  • Gaming regulators and licensing authorities
  • Law enforcement agencies when legally required
  • Financial crime prevention agencies
  • Court orders and legal proceedings

Business Transfers

In the event of a merger, acquisition, or sale of business assets, personal data may be transferred to the new entity, subject to the same privacy protections.

We do not sell your personal data to third parties for marketing purposes.

Data Security

We implement appropriate technical and organizational measures to protect your personal data:

Technical Safeguards:

  • Encryption of data in transit and at rest
  • Secure authentication and access controls
  • Regular security monitoring and vulnerability assessments
  • Automated backup and disaster recovery systems

Organizational Measures:

  • Staff training on data protection principles
  • Access controls and need-to-know policies
  • Regular security policy reviews and updates
  • Incident response and breach notification procedures

Data Retention

We retain your personal data only for as long as necessary:

Data TypeRetention PeriodReason
Account informationDuration of account + 7 yearsRegulatory requirements
Gaming transaction records7 yearsFinancial regulations
Marketing preferencesUntil consent withdrawnLegal requirement
Technical logs12 monthsSecurity and performance
Customer support records3 yearsService improvement

International Data Transfers

Some of our service providers may be located outside the UK. When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Adequacy decisions by the UK Government
  • Standard contractual clauses approved by UK authorities
  • Binding corporate rules and certification schemes
  • Explicit consent for specific transfers

Your Rights

Under UK data protection law, you have the following rights:

Access and Portability

  • Right of Access: Request a copy of your personal data
  • Data Portability: Receive your data in a portable format

Correction and Deletion

  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data (where legally possible)

Processing Control

  • Restriction: Limit how we process your data
  • Objection: Object to processing based on legitimate interest
  • Consent Withdrawal: Withdraw consent for marketing communications

Automated Decision-Making

  • Right to Review: Challenge automated decision-making processes
  • Human Intervention: Request human review of automated decisions

Exercising Your Rights

To exercise your rights or make a data subject request:

  1. Email us at: [email protected]
  2. Include your full name and account details for verification
  3. Specify which right you wish to exercise
  4. Provide any supporting information required

We will respond to your request within one month of receipt.

Children’s Privacy

Our services are not intended for individuals under 18 years of age. We:

  • Do not knowingly collect data from minors
  • Implement age verification processes
  • Remove accounts discovered to belong to minors
  • Comply with additional protections for young people

Changes to This Privacy Policy

We may update this Privacy Policy to reflect:

  • Changes in our data processing practices
  • New legal or regulatory requirements
  • Improvements to our security measures
  • Expansion of our services or features

When we make significant changes, we will:

  • Update the “Last Updated” date
  • Notify users through email or platform notifications
  • Provide clear information about the changes
  • Seek new consent where required by law

Complaints and Concerns

If you have concerns about how we handle your personal data:

Contact Us First:
Email: [email protected]

UK Supervisory Authority:

Information Commissioner’s Office (ICO)
Website: ico.org.uk
You have the right to lodge a complaint with the ICO about our data processing activities.

Additional Information

Automated Decision-Making

We may use automated systems for:

  • Fraud detection and prevention
  • Risk assessment for gaming activities
  • Personalized content recommendations
  • Account security monitoring

You have the right to request human intervention in these processes.