Les Ambassedeurs

Les A Member and Guest Privacy Policy

1) INTRODUCTION

The Proprietor and Owner of Les Ambassadeurs Club (the “Club”,) is Les Ambassadeurs Club Limited (“Les A”, “we”, “our” or “us”). If you are or become a Member of the Club, or enter as a Guest, you will be subject to our rules of the Club (the “Club Rules”). Our address is 5 Hamilton Place, London W1J 7ED, and our Registration No. 02708889.

We want our Members and their Guests (“you”) to know that we value your privacy and Personal Data just as much as you do. We apply the highest standards to ensure your Personal Data is secure, and we always comply with the General Data Protection Regulations (“the GDPR”).

Les A is regulated and licensed by the UK Gambling Commission and holds an Operating Licence. Because of this, we have a legal obligation to collect, process, and disclose certain Personal Data.

Les A is a Data Controller registered with the Information Commissioner’s Office, Registration No. Z5542615.

In this Privacy Policy (the “Policy”), we not only want to advise you of your rights, but also explain how we respect them. Any Personal Data you provide to us is subject to the terms of this Policy. This Policy and Les A’s collection, processing, use or disclosure of Personal Data shall be governed by and construed in accordance with English law.

Personal Data is any information relating to you from which:

  • you can be identified or made identifiable directly from the information in question; or
  • you can be indirectly identified or made identifiable from that information in combination with other information.

Some of personal data may include sensitive information about you, which we call “special category data”. Such data is given the highest level of protection by Us and by the GDPR. It is impossible to foresee precisely what types of Personal Data might be obtained about each individual Member, and some of these types of Personal Data may not be obtained at all for particular Members or Guests. We are not generally obliged to keep records of such Personal Data, save as required by law or regulations.

The table below sets out the categories of data we use, what they can include, and the period for which we retain that data (from the date of the last relevant activity):

Category Data Included Retention Period
Member & Guest Name; Date of Birth; Identity Documentation (Image); Gender; Nationality; Ethnicity; Biometric Data; Address; Email Contact; Telephone Contact; Visits; Interactions with us (Including Emails and Phone Calls). 5 years.
Social Responsibility Name; Date of Birth; Identity Documentation (Image); Gender; Biometric Data; Nationality, Ethnicity; Address; Email Contact; Telephone Contact; Visits; Interactions with us; Gaming History; Financial Transactions; SENSE Scheme Data (Including Enrolment and Departure from SENSE, and Gaming History from our own or 3rd Party Records); Gaming Behaviour and Mental Health Details. 5 years.
Finance & Due Diligence Name; Date of Birth; Identity Documentation (Image); Gender; Nationality; Ethnicity; Biometric Data; Address; Winnings; Invoices; Applications; Financial Transaction History; Bank Account Details; Bank Card Details; Debt Information; Cheques Awaiting Clearance; Payment Service; Affordability History; 3rd Party Affordability Referencing Data; 3rd Party Adverse Media Referencing Data, 3rd Party Debt Collection and Tracing Agencies, and other Authorised Agents; Records of Civil and Criminal Proceedings; Data from the Gambling Commission or other Regulatory or Government Authorities; Gaming Complaints or Disputes; Source of Wealth and Funds; Lifestyle and Social Circumstances; Occupation, Employment and Educational History; Family and/or Political Connections.7 years.
Marketing Name; Date of Birth; Nationality, Occupation; Address; Email Contact; Telephone Contact; Visits; Gaming History; Gaming Preferences; Interactions with us.5 years or deletion on request.
Gaming History Club Visits; Gaming Transactions; Gaming Complaints and Disputes; Financial Transactions; 3rd Party Gaming History; Gaming Behaviour.7 years.
Criminality Name; Date of Birth; Identity Documentation (Image); Gender; Biometric Data; Nationality; Address; Email Contact; Telephone Contact; Visits; Interactions with us and Behavioural Details.5 years.
AV Recordings Audio Recordings within operational areas; CCTV of Gaming Tables and the Premises; Facial Recognition and Incident Management.5 years.

AV Recordings: CCTV, Facial Recognition as well as audio recording software is active upon entry to the Club and throughout the casino premises, to enable the effective monitoring and traceability of individuals. We do this in order to prevent and investigate any crime, breaches of regulations, our License conditions, or Club rules. We also use CCTV at the Club’s perimeter.

2) DATA WE MAY PROCESS UNDER A LEGAL OBLIGATION

Basis: We have a legal obligation to collect and process specific Personal Data on each Member, Guest and each candidate for membership pursuant to the Proceeds of Crime Act 2002, the Money Laundering Regulations, the Gambling Act 2005, and as a condition of our licence granted by the UK Gambling Commission, the Gambling Commission’s Codes of Practice (the “Code”) and the Self Enrolment National Self Exclusion (SENSE) scheme; please visit www.gamblingcommission.gov.uk and www.playingsafe.org.uk/sense-information/ for further information.

Type of Data: Social Responsibility; Criminality; Finance & Due Diligence; Gaming History; AV Recordings.

When Data is Processed: We may collect and process this Personal Data in circumstances including, but not limited to, the following:

  • When you apply for Club Membership, enter the Club, use its facilities, or when you update your personal details or ID documents with us;
  • When we verify your identity and personal details, or when we conduct security, due diligence, gaming dispute and/or compliance checks;

Your Rights: Because the Personal Data referred to above is processed pursuant to a legal obligation, there is no right to erase or object to this data, or have this data made portable.

3) DATA WE MAY PROCESS UNDER OUR CONTRACT WITH YOU

Basis: When you become a Member of the Club you enter into a contract with us to provide certain services to you. This contract includes the Club Rules. It is necessary for us to process certain Personal Data about you in order to provide those services to you, including to maintain our accounts and records, to support and manage our staff, our customer services, and for the purposes of administration.

Type of Data: Member & Guest; Finance & Due Diligence; Gaming History; AV Recordings

We process source of revenue and source of wealth in order to carry out affordability risk reduction assessments and to provide you with additional account services, applied for as a Member of the Club.

When Data is Processed: We may collect and process this data:

  • When you apply for Club Membership, enter the Club, use its facilities, or when you update your personal details or ID documents with us;
  • When we verify your identity and personal details, or when we conduct affordability checks (including checks with 3rd parties);
  • When you contact us, request services, report a problem, or wish to make a complaint;

Your Rights: You have the right to ask us to erase such Personal Data collected pursuant to our contract with you, and we will delete any such Data (other than data we are required to retain in accordance with Section 2, above). In relation to this Data, you also have the right to data access and data portability.

4) DATA WE MAY PROCESS WITH YOUR CONSENT

Basis: When you become a Member of the Club, we will ask your express permission to contact you in relation to some of our additional services, events, general updates about the Club or other marketing materials (“Marketing Communications”). You do not have to give your consent, and we will not contact you with Marketing Communications unless you do so.

Type of Data: Marketing

When Data is Processed: We may collect and process this data:

  • If you give us your express permission to do so when you either apply for Club Membership, enter as a Guest, or you ask us to update your marketing preferences;
  • In the event that Les A or substantially all of its assets are acquired by a third party, Personal Data held by Les A may be one of the transferred assets;

Your Rights: You are entitled to qualify, vary or withdraw your consent in relation to Marketing whenever you want to. You also have the right to ask us to erase such Personal Data collected with your consent. In relation to Data obtained in this way, you also have the right to data access and data portability.

5) DATA WE MAY PROCESS FOR A LEGITIMATE INTEREST

Basis: We process specific data in order to protect the legitimate interests of Les A, our employees, our Members, and our Guests. Our legitimate interests include securing our premises, counter-fraud measures and investigations, conducting and managing our business, the maintenance of records, such as gaming, hospitality and financial details obtained throughout the course of your membership. Our Members, Guests and employees, have a legitimate interest in feeling safe and secure whilst on our premises, and of ensuring compliance with the Club Rules.

Type of Data: Member & Guest; Criminality; Finance & Due Diligence; Gaming History; AV Recordings;

When Data is Processed: This Data is used upon entry to the Club, throughout the casino premises and surrounding areas, specifically the Club’s perimeter, to enable the effective monitoring and traceability of individuals. 

Your Rights: Whilst you are entitled to object to some of this processing, the only way you can exercise that right is by not entering the Club. Any Personal Data will be deleted after the expiry of the retention period, provided it is not being actively used in any ongoing investigations.

6) WHERE YOUR PERSONAL DATA MAY BE STORED

We normally store your data within the UK, but some of the Data we collect about you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”), but only where this is necessary. Where this occurs, we have processes in place to ensure compliance with both, this Policy and the GDPR, whilst ensuring that there are adequate contractual agreements in place with those third parties to ensure that the appropriate safeguards are in place to protect your personal data. 

7) ACCESS TO YOUR PERSONAL DATA

Where you exercise your rights to Data Access under the GDPR to request a copy of your Personal Data held by us, we will supply you with all the Personal Data to which you are entitled, promptly and normally no later than one month after the receipt of your Data Subject Access Request. In rare cases, where the requests are complex or contain multiple requests, the period of compliance may be extended by a further two months, but we will write to you and explain why any extension is required within one month of your request.

Any access request is normally free, although in some cases we may charge a reasonable fee based purely on our administrative costs when a request is clearly unfounded, is made excessively, or is made repetitively. 

You may also have the right to Data Portability which allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability. If you wish to exercise this right, we will transmit such data to you in a machine-readable code where it is technically feasible to do so.

8) CHANGES TO THIS POLICY

From time to time we will need to update, change or supplement this Policy, including by altering the types of Personal Data that may be collected, processed or shared. If this happens, we will update this Policy on our website, in our literature, and we will contact Members (normally by email) to inform them of any updates to this Policy before such changes come into effect.

9) CONTACT US

If you wish to exercise any of your GDPR rights, if you have any questions, complaints, or comments regarding this Policy, please contact us:

  • by post to: The Data Protection Officer (DPO), Les Ambassadeurs Club, 5 Hamilton Place, London, W1J 7ED.
  • by email to: The Data Protection Officer (DPO) at DPO@Lesaclub.com
  • the Membership Committee at lesamembershipcommittee@lesaclub.com

To further query your rights regarding your Personal Data, to lodge a complaint, raise a concern about how your complaint has been handled and / or appeal against any decision made following your complaint, in accordance with your rights, you may contact the Information Commissioner’s Office (ICO): https://ico.org.uk/