Entrevistas e Editoriais
COVID-19, GDPR and Online Gaming Business
What should operators have in mind when developing online business? #
Zlatan Omerspahić, Head of Legal and Compliance at NSoft: All industries, with no exception, have a common denominator for the year 2020. It is financial uncertainty.
Lockdown hit some niches hard. Many businesses were closed in a scenario we have never seen before. COVID-19 pandemic has brought the economies of all countries to a standstill. Betting and gaming industry wasn’t an exception, especially in the retail channel where the restrictions are still in force to a lesser or larger degree at almost all markets.
Still, the fact is that the internet gaming industry has a great chance to become the most popular betting channel. As always, the necessity is the mother of invention - in our case digitalisation. Understandably, the pandemic and the lockdown were a driving force for many operators to invest in online business - whether expanding the existing online betting business or starting from scratch.
Pay attention to regulatory risk and data protection #
It’s vital to pay attention to regulatory risk regarding online business and data protection in that context. The overriding obligations of the operators are to identify and understand the personal data that they process. The operators must understand legal obligations related to data protection and document all compliance activities. Furthermore, they have an obligation to establish a compliance framework that will comply with GDPR.
What compliance framework covers? #
Compliance framework comprises of data mapping, analysis of lawful basis and risk assessment.
- Data mapping. An operator shall develop a data map of player’s data which needs to contain at least (what personal data is processed, the source of the personal data, what the personal data is used for and similar);
- Analysis of lawful basis for processing. This analysis should cover the legal basis for each processing activity (Article 6 of GDPR);
- Risk assessment. The operator shall conduct a risk assessment to determine the level of risk for processing each of the personal data categories.
If an operator wants to have an adequate compliance program related to data protection, internal or external audit should control it periodically. Besides being legally on the safe side when we speak on GDPR and data protection, the operators have to build their business on three main pillars to ensure their players’ trust.
The following principles must be met: lawfulness, fairness and transparency.
Security #
Regarding security, as a general rule, Article 32, GDPR requires controllers and processors to adopt a risk-based approach to security measures “to ensure a level of security appropriate to the risk”.
Article 32 of GDPR defines several security measures such: pseudonymisation and encryption of personal data, the ability to ensure ongoing confidentiality, integrity, availability and resilience of systems and services processing personal data, the ability to restore the availability and access to data on time in the event of a physical or technical incident, as well as to document regular reviews of access controls, a process for regularly testing and certification mechanisms.
In the end... #
The most important thing is to ensure the implementation of these principles internally, including precise roles and obligations. The crisis is always a chance, but every responsible company needs to think about regulatory risk and reputation, especially in the data protection aspect.
Tags:
Artigos Relacionados
Entrevistas e Editoriais
27.01.2025.
Por que as plataformas de iGaming estão investindo pesado em mercados emergentes
Why are iGaming operators turning to Africa, LATAM, and Asia? These emerging markets offer big opportunities—but come with unique challenges. Explore what’s driving this shift, how companies are succeeding, and the hurdles they’re tackling along the way.
Saiba mais
Entrevistas e Editoriais
15.01.2025.
Corridas de Galgos: A Estratégia de Ouro Que Seu Sportsbook Precisa
Acha que corridas de galgos são ultrapassadas? Pense de novo. Esse nicho subestimado oferece apostas rápidas, ação 24/7 e um grande impulso na receita do seu sportsbook.
Saiba mais
15.01.2025.
The Hidden Cost of App Downtime
To uncover just how much apps stand to lose during downtime, we analysed the annual revenue of some of the most popular platforms. By calculating their earnings down to the minute, we have revealed the potential financial impact even a brief outage may have.
Saiba mais
Não encontrou o que estava procurando?
Nossa equipe terá o prazer de guiá-lo por nossos produtos e serviços.
Contate-nos