Privacy Policy

TASE Platform ("we," "our," or "us") is committed to protecting the privacy and security of personal data entrusted to us by our clients, partners, website visitors, and end users. This Privacy Policy explains how we collect, use, store, and protect your information when you interact with our website, platform, and services.

By accessing or using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please discontinue use of our services.

1. Information We Collect

We collect various types of information depending on your relationship with TASE Platform and how you interact with our services.

Information You Provide Directly

Contact information such as name, email address, phone number, and company name when you request a demo, submit a contact form, or register for an account
Business information including company registration details, licensing documentation, and billing information required to establish and maintain a commercial relationship
Communications and correspondence, including emails, support tickets, and feedback you send to us
Account credentials and authentication data necessary to access our platform

Information Collected Automatically

Device and browser information, including IP address, browser type, operating system, and device identifiers
Usage data such as pages visited, time spent on pages, click patterns, and navigation paths on our website and platform
Log data including access times, error logs, and referring URLs
Location data derived from your IP address at a country or city level

Information From Third Parties

Business intelligence data from public registries and industry databases to verify operator credentials
Analytics data from third-party services that help us understand website traffic and usage patterns

2. How We Use Your Information

We process personal data only for legitimate business purposes and in accordance with applicable data protection laws. Specifically, we use your information to:

Provide, operate, and maintain our iGaming platform and related services
Process and manage client onboarding, account setup, and ongoing account administration
Communicate with you regarding service updates, technical notifications, security alerts, and administrative messages
Respond to your inquiries, demo requests, and support tickets
Conduct due diligence and regulatory compliance checks as required by gaming regulations and anti-money laundering legislation
Analyze usage trends to improve our platform performance, user experience, and service offerings
Send marketing communications about our products and services, where you have consented or where permitted by applicable law
Detect, prevent, and address fraud, security incidents, and technical issues
Comply with legal obligations, regulatory requirements, and lawful requests from authorities

3. Data Protection & Security

We implement robust technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. Our security framework includes:

End-to-end encryption for data in transit using TLS 1.2 or higher, and AES-256 encryption for data at rest
Role-based access controls ensuring that personal data is accessible only to authorized personnel on a need-to-know basis
Regular security audits, penetration testing, and vulnerability assessments conducted by independent third-party security firms
Comprehensive incident response procedures to detect, report, and investigate data breaches in accordance with GDPR Article 33 notification requirements
Infrastructure hosted in ISO 27001-certified data centers with redundancy and disaster recovery capabilities
Employee training programs on data protection, security awareness, and confidentiality obligations

While we take every reasonable precaution to safeguard your data, no method of electronic transmission or storage is entirely secure. We encourage you to take appropriate measures to protect your own credentials and personal information.

4. Cookies & Tracking

Our website uses minimal local storage technologies to enhance your browsing experience:

Functional Storage (localStorage): We store your language preference locally in your browser using localStorage. This data never leaves your device and is not transmitted to our servers.

We do not use cookies, tracking pixels, or third-party analytics on this website. You can clear your localStorage data through your browser settings at any time.

5. Third-Party Services

In the course of providing our services, we may share personal data with trusted third-party service providers who assist us in operating our business. These include:

Cloud Infrastructure Providers: For hosting and data storage services, subject to strict data processing agreements
Font Delivery: Google Fonts is used to deliver web fonts; this may involve your browser connecting to Google servers
Payment Processors: To facilitate billing and financial transactions with our B2B clients
Communication Tools: For email delivery, customer support, and CRM functionality
Compliance and KYC Providers: To perform regulatory checks required by gaming and financial regulations

All third-party processors are contractually bound to process personal data only on our instructions, implement appropriate security measures, and comply with applicable data protection legislation. We do not sell personal data to third parties.

6. Your Rights (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with applicable data protection laws, you have the following rights regarding your personal data:

Right of Access: You may request a copy of the personal data we hold about you and information about how it is processed.
Right to Rectification: You may request that we correct any inaccurate or incomplete personal data.
Right to Erasure: You may request the deletion of your personal data where there is no compelling reason for its continued processing, subject to legal retention obligations.
Right to Restrict Processing: You may request that we limit the processing of your personal data under certain circumstances.
Right to Data Portability: You may request to receive your personal data in a structured, commonly used, and machine-readable format.
Right to Object: You may object to the processing of your personal data for direct marketing purposes or where processing is based on legitimate interests.
Right to Withdraw Consent: Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.
Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.

To exercise any of these rights, please contact us using the details provided in the Contact Us section below. We will respond to your request within 30 days, as required by applicable law. We may request verification of your identity before processing your request.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, regulatory, accounting, or reporting requirements. Our retention periods are determined based on the following criteria:

Client account data and contractual records are retained for the duration of the business relationship and for a minimum of five (5) years thereafter, in accordance with commercial and gaming regulatory obligations
Financial and billing records are retained for a minimum of seven (7) years as required by tax and accounting regulations
Website analytics and cookie data are retained for a maximum of twenty-six (26) months
Marketing consent records are retained for as long as the consent is valid, plus a reasonable period thereafter to demonstrate compliance
Support and communication records are retained for three (3) years following resolution

When personal data is no longer required, it is securely deleted or anonymized so that it can no longer be associated with an identifiable individual.

8. Children's Privacy

TASE Platform provides business-to-business (B2B) services exclusively to licensed iGaming operators and industry professionals. Our services are not directed at individuals under the age of 18, and we do not knowingly collect personal data from minors.

If we become aware that we have inadvertently collected personal data from an individual under the age of 18, we will take immediate steps to delete such information from our systems. If you believe that a minor has provided personal data to us, please contact us immediately using the details below.

9. Changes to This Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or industry standards. When we make material changes, we will:

Update the "Last updated" date at the top of this page
Provide prominent notice on our website or via email where appropriate
Where required by law, obtain your consent before applying changes that affect how your personal data is processed

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data. Your continued use of our services after any modifications constitutes your acceptance of the updated policy.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please do not hesitate to contact us:

Email: info@taseplatform.com
Address: Passeig de Gràcia 21, 08007 Barcelona, Spain

For data protection-specific inquiries, you may also reach our Data Protection Officer at the above contact details. We are committed to resolving any concerns you may have regarding the processing of your personal data.

You also have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates applicable data protection laws. In Spain, the relevant authority is the Agencia Española de Protección de Datos (AEPD).