GDPR Consent
Introduction to GDPR
NovaQuartz Collective Ltd. ("we," "our," or "the Company") is a United Kingdom registered company operating the website novaquartzcollective.games and associated promotional content for Fun Of Vegas Casino Slots. This document constitutes our GDPR Consent and Data Protection Policy, detailing how we comply with the General Data Protection Regulation (Regulation (EU) 2016/679) and the UK General Data Protection Regulation (UK GDPR).
As a data controller under UK jurisdiction, we are committed to transparently processing personal data in accordance with applicable data protection laws. This policy supplements our Privacy Policy and Cookie Policy, providing specific information on consent management, legal bases for processing, and your rights under data protection legislation.
Our Commitment
We take data protection seriously. Our commitment extends to ensuring that all personal data we collect, process, and store is handled lawfully, fairly, and transparently. We implement appropriate technical and organisational measures to safeguard your information against unauthorised access, alteration, disclosure, or destruction. We regularly review our practices and update our policies to align with evolving regulatory guidance and industry standards.
Legal Basis for Processing
We process your personal data only where we have a valid legal basis. Depending on the purpose of processing, we rely on one or more of the following:
- Consent: Where you have given clear, affirmative consent for specific processing activities, such as marketing communications or non-essential cookies.
- Contract performance: Where processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.
- Legitimate interests: Where processing is necessary for our legitimate business interests (e.g. website analytics, fraud prevention), provided such interests are not overridden by your rights.
- Legal obligation: Where we are required to process data to comply with laws applicable in the United Kingdom or the European Economic Area.
Data We Process
We process the following categories of personal data in connection with our website and services:
- Identity data: Name, username, or similar identifiers when you contact us or engage with our services.
- Contact data: Email address, postal address, or telephone number when you submit inquiries or correspondence.
- Technical data: IP address, browser type, device identifiers, operating system, and similar information collected automatically when you visit our site.
- Usage data: Information about how you interact with our website, including pages viewed, time spent, and navigation paths.
- Preference data: Your choices regarding cookies, age verification, and communication preferences, as stored via our Cookie Policy mechanisms.
For a comprehensive overview of how we collect and use data, please refer to our Privacy Policy.
Your Rights Under GDPR
If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with equivalent data protection laws, you have the following rights in relation to your personal data:
Right to Access
You have the right to request a copy of the personal data we hold about you. We will provide this information in a commonly used, machine-readable format within one month of your request, subject to any lawful extensions. We may ask you to verify your identity before disclosing personal data to protect against unauthorised access.
Right to Rectification
You have the right to request that we correct any inaccurate or incomplete personal data we hold about you. Upon receiving such a request, we will take reasonable steps to verify the accuracy of the new information and update our records accordingly.
Right to Erasure
You have the right to request that we delete your personal data in certain circumstances, including where the data is no longer necessary for the purposes for which it was collected, where you withdraw consent (and no other legal basis applies), or where the data has been unlawfully processed. This right is not absolute and may be subject to exceptions where we are required to retain data for legal or regulatory purposes.
Right to Restriction of Processing
You have the right to request that we restrict the processing of your personal data in specific situations, such as when you contest the accuracy of the data, when processing is unlawful but you prefer restriction to erasure, or when we no longer need the data but you require it for legal claims.
Right to Data Portability
Where processing is based on consent or contract, and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format. You may also request that we transmit this data directly to another controller where technically feasible.
Right to Object
You have the right to object to processing of your personal data where we rely on legitimate interests as the legal basis. You also have an absolute right to object to processing for direct marketing purposes at any time. Where you object, we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
Consent Management
Where we rely on your consent as the legal basis for processing, we ensure that such consent is freely given, specific, informed, and unambiguous. You may withdraw your consent at any time by contacting us or by adjusting your cookie preferences via the cookie banner and settings available on our website. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. For detailed information on how we obtain and manage cookie consent, please see our Cookie Policy.
Data Protection Officer
NovaQuartz Collective Ltd. has designated a Data Protection Officer (DPO) to oversee compliance with data protection laws and to handle inquiries from data subjects and supervisory authorities. For any questions or concerns regarding this policy or the processing of your personal data, you may contact our DPO using the contact details provided in the Contact Us section below.
International Data Transfers
Our business operations are primarily based in the United Kingdom. Where we transfer personal data to countries outside the EEA or the UK, we ensure that appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses approved by the European Commission or the UK authorities, or other recognised transfer mechanisms. We do not sell or rent your personal data to third parties. Where we engage service providers who process data on our behalf, we require them to adhere to contractual obligations that ensure an equivalent level of protection.
Data Breach Procedures
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of the breach. Where the breach poses a high risk to you, we will also inform you directly without undue delay, providing clear information about the nature of the breach, the categories of data affected, the likely consequences, and the measures we have taken or propose to take to address it.
Automated Decision-Making
We do not use your personal data for automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you. Any analytics or automated processing we perform is limited to aggregate or anonymised data for the purpose of improving our website and services, and does not involve decisions that affect you as an individual.
Exercising Your Rights
To exercise any of the rights described above, please contact us via our Contact page or by writing to the address below. We will respond to your request within one month of receipt. In complex or multiple-request scenarios, we may extend this period by up to two further months and will inform you of any such extension. There is no fee for exercising your rights in most cases; however, we may charge a reasonable fee if your request is manifestly unfounded or excessive, or if you request further copies of your data.
Contact the Supervisory Authority
If you believe that our processing of your personal data infringes applicable data protection laws, you have the right to lodge a complaint with a supervisory authority. In the United Kingdom, the relevant authority is the Information Commissioner's Office (ICO). You may contact the ICO at: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, United Kingdom, or visit ico.org.uk/make-a-complaint. If you are located in another EEA member state, you may lodge your complaint with the supervisory authority in your country of residence.
Changes to GDPR Policy
We may update this GDPR Consent and Data Protection Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you via a prominent notice on our website. We encourage you to review this policy periodically. Your continued use of our website after any changes indicates your acceptance of the updated terms. If you do not agree with the revised policy, you should discontinue your use of our services and contact us to exercise any applicable rights.
Contact Us
For any questions, requests, or concerns regarding this GDPR Consent Policy or the processing of your personal data, please contact us:
NovaQuartz Collective Ltd.
Marcus J. Whitfield, Director
47 Kensington High Street, London, W8 5ED, United Kingdom
Email: support@novaquartzcollective.games
Telephone: +44 20 7946 0328
You may also use our Contact form for general inquiries. We aim to respond to all legitimate requests within thirty (30) days. For more detailed information on our data practices, please refer to our Privacy Policy and Cookie Policy.