The information we collect
When you use the Website, we collect the following information:
Openly collected from you
When creating a user account, you provide your e-mail address to be used to uniquelly identify your account and to perform its optional activation. The e-mail address is also used to enable the password reminder to perform its function.
We might also use your e-mail address and phone number to send notifications on the functioning of the Website (including the notifications required by law), news about the Website, information on products and services included on the Website, as well as for other marketing purposes including third party products or services that you might be interested in (hereinafter referred to as Notifications). You may quit receiving marketing related notifications at any moment by using the cancel link included in every e-mail message we send or by contacting us through the available means of contact: e-mail, telephone, contact form.
We might also keep a registry of data willingly provided to us in order to contact us through the contact form, a telephone conversation, a postal message, Facebook, Twitter or other means of contact, including: name, e-mail address, phone number, postal address. Providing your name and e-mail address is necessary to send a message through the contact form.
Contact with us through social media like Facebook or Twitter should not be deemed official. We reserve the right to not respond to messages sent through this mean of contact while also informing that we will make our best effort to respond to them. To obtain detailed information on the data collected by the social media mentioned above, one has to make themselves familiar with the following documents:
We also process payment card data (number, expiration date, first and last name of the holder, CVV code) in order to carry out the payment card payment process – learn more.
Not collected openly
When you use the Website, we automatically collect specific information and use it to handle the Website’s main features, customize the Website (including Notifications), monitor the incoming traffic and maintain security. It includes, among others:
- IP address;
- headers sent by the browser, especially “User-Agent”, “Accept-Language” and “Referer” which contain such information as: type, version and language of the browser, type and version of the operating system and the web address the Website was found through;
- system time;
- HTTP requests;
- cookies files saved in the lottohoy.com domain or subdomains.
We might also use the IP address to collect and process information on your actual location in order to improve the data updating process as well as customize the Website (including Notifications).
Some of the data made automatically available by web browsers is stored in server logs, including full HTTP requests, time of their arrival, IP address and URL addresses related to a request.
The Website’s functioning uses your browser’s cache. It makes it possible to optimize the time of loading the Website as well as make using the Website easier by storing data between sessions even after restarting the browser.
The information not collected openly includes, among others, the following data used to handle and improve the payment process:
- e-mail address, personal data (first name, last name, address, contact info) and transaction ID in order to carry out eMerchantPay payments; with your explicit consent we also store non-sensitive data of the payment cards you use in order to make further payments faster;
- e-mail address, date, status, amount and transaction ID used or generated to carry out tpay.com payments;
- e-mail address, user account ID, status, amount and transaction ID used or generated to carry out Skrill payments;
- e-mail address, user account ID, personal data (first name, last name, address, date of birth, sex, contact info, account balance, account language and currency) and billing data used or generated to carry out Neteller payments;
- destination bitcoin address and transaction ID used or generated to carry out Cubits payments;
- e-mail address, phone, country and transaction ID used or generated to carry out Sofort payments.
To obtain more information on the data collected during payments we invite you to make yourself familiar with the privacy policies of different payment gateways (learn more).
The information not collected openly is also used by third party services (learn more).
Third party services
Statistics, advertisement and security
To handle the Website’s security as well as collect and analyze information on its functioning, we use the following third party services:
- Google Analytics – to monitor traffic and keep detailed statistics that allow us to identify the sources of visits and analyze the Website’s functioning;
- Google reCAPTCHA – to improve the Website’s security by protecting against automated scripts;
- Facebook Pixel – to monitor traffic and keep detailed statistics that allow us to create better advertisement campaigns.
To carry out the above we process payment card data provided through the forms available on the website. Such operation is in full compliance with the PCI-DSS (Payment Card Industry Data Security Standard) requirements. All the payment data you provide is sent through an encrypted SSL (Secure Socket Layer) connection.
We inform you that in order to protect your data we take all necessary actions to make sure your data does not get accidentally lost, misused, made public, or in any way modified or destroyed. We also protect it from unauthorized access.
To obtain detailed information on the data collected by different payment gateways one has to make themselves familiar with the following documents:
We do not make your data available to companies, organizations or other third parties with the following exceptions:
- in the event that we have received your explicit consent to make it available;
- we might send your data to trusted entities that process it for our needs and for purposes defined solely by us while maintaining the highest confidentiality and information security, especially the companies that are part of our group or our business partners;
- when we deem it justified in order to comply with the law we are subject to;
- analyzing Website security breaches, detecting and preventing fraud and improving security and other technical matters;
- we might also share data that can’t be used to unequivocally identify an individual for purposes like displaying the latest winnings or publishing general statistics on the Website’s usage.
We make our best efforts to make sure that your data is stored safely. In accordance with our security policy, we do not store passwords in plain text. We use the latest standards and recommendations to make sure that the data and accounts of our users are completely safe, including, among others:
- regular updating of the server;
- immediate implementation of security updates;
- fulfilling all the requirements of security standards defined by PCI-DSS for the entity that processes the payment card data;
- enforcing and using secure connections wherever possible;
- the control of the levels of access to data that is only available to individuals, companies or organizations that need to access it; such entities are also obliged to maintain strict confidentiality or face severe consequences;
- protection against unauthorized access, automated attack blocks and overall monitoring of Website activity.
Deleting your profile data is not synonymous with deleting it completely from our system. The said data might still be stored in the systems and files of backup copies for up to a year of time. Backup copies, due to their significance and sensitivity are also stored on other servers owned by us and maintained by us and by third party companies that operate our servers under separate agreements. Your data contained in backup copies might only be used in order to restore it in special cases that require the use of backup copies. Changes to your profile data made between the date of creating a backup copy and the date of restoring it will be lost, of which you will be explicitly notified.
You can delete your user account by contacting us in written form. The deleted account’s data will be kept in order to prevent losing the association between the account and the transactions performed as well as other actions performed by you in the system. At your explicit request we might completely delete your profile data from the system by replacing it with anonymous data, although it will not delete the data for the transactions performed.
Our Website is directed towards people above the age of 18. We never deliberately collect or use the data of people that we know do not meet our age criteria. Whenever we notice that a person under the age of 18 has made an account on our Website, we make our best efforts to delete their data from our system.
In order to use the main features of the Website it is necessary to enable cookies in one’s web browser. You may set your browser to not allow cookies if you wish to do so, although it will make using our Website very limited.
To learn how you can disable cookies, refer to your web browser’s documentation.