EFFECTIVE DATE: 8/27/2020
You can access the Sites in many ways, including from a computer or mobile device, and this Policy will apply regardless of the means of access. To the extent we provide you notice through the Sites of different or additional privacy policies or practices (e.g., at the point of collection), those additional terms shall govern such data collection and use.
Please read this policy carefully. If you do not want us to collect, use or disclose your Personal Data in the ways described in this Policy, please do not use the Sites or otherwise provide us with your Personal Data or authorize a third party to make your Personal Data available to us. By using the Sites or otherwise providing us with your Personal Data, or otherwise making your Personal Data available to us, you consent to the collection and use of your Personal Data by us as described in this Policy. Please note, as described in this Policy, we may receive your Personal Data from third parties that have not expressly advised you that they will disclose your Personal Data to us. If you have any questions about how we collect, use, protect, disclose or otherwise process Personal Data, including whether we have received your Personal Data from a third party, please contact us at the email address or mailing address provided at the end of this Policy.
Personal Data We Collect
This section describes what Personal Data we collect and the different ways we collect it. When we refer to “Personal Data” in this Policy, we mean information that identifies, relates to, describes or is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to a particular individual. Please note, as used in this Policy, “Personal Data” does not include publicly available information from government records or information that has been deidentified or aggregated in a way that it cannot be used to identify a specific individual.
Categories of Personal Data We Collect
Generally, we may collect and disclose the categories of Personal Data in the table below in connection with the Operations. Please note, the examples of Personal Data identified are for informational purposes only and any reference to a specific type of Personal Data is not a representation that we actually collect that specific type of Personal Data. Additionally, the categories identified below cover all categories of Personal Data that we collect, use and disclose in connection with our Operations. Thus, some categories of Personal Data may not be collected from or about a specific individual.
Examples of Types of Personal Data Within the Category
A real name, alias, postal address, email address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, current or past job history, or other similar identifiers.
Personal data categories covered by certain laws (including the California Consumer Records statute (Cal Civ. Code § 1798.80(e))
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Note: Some types of personal data included in this category may overlap with other categories.
Protected classification characteristics under certain laws.
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
Records of personal property, products or services purchased, obtained, or considered, or other purchasing histories or tendencies
Internet or other similar network activity
Browsing history, search history, information on a consumer’s interaction with a website, application or advertisement.
Physical location or movements.
Professional or employment-related information
Current or past job history or performance evaluations.
Non-public education information (per the Family Education Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information or student disciplinary records.
Inferences drawn from other personal data.
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.
How We Collect Personal Data
Personal Data We Collect From You
When you use our Sites or otherwise engage with us in connection with our Operations, such as requesting more information about our organization, communicating with us or otherwise interacting with us, you may be required or otherwise choose to provide certain Personal Data directly to us. The Personal Data we may collect includes your first and last name, your email address, your phone number, your date of birth, your geographic location, and, if you apply for your job, information about your prior work experience and other relevant historical information.
We may, now or in the future, allow you to register for an account on our Sites. When you register for an account, we may access and collection the Personal Data you provide as part of your account creation, which may include your first and last name, contact information, email address, date of birth, phone number, username and password. We will also collect and maintain information about your use of your account and interactions with our Sites.
All Personal Data you provide us in connection with our Operations will be collected, used, shared and stored in accordance with this Policy.
Personal Data We Collect from Third Parties
We may obtain Personal Data about you through or in connection with our Operations from third parties. These third parties may include our parent companies, affiliates, our business partners, social media sites, ad networks, analytics providers and other third parties that you authorize to share your Personal Data with us or otherwise inform you that they will share your Personal Data with us. We may also collect Personal Data about you from others that refer you to our organization.
Personal Data We Automatically Collect
When you use our Sites, our servers automatically record information that your browser or device sends whenever you visit a website or utilize an application. This information may include your IP address, the type of device you are using, your internet service provider or mobile carrier, your device identifiers, your mobile telephone number, your geographic location and your activities on the Sites, including the links you click, the pages or screens you view, your session time, the number of times you click a page/screen or use a feature on the Sites, the date and time you click on a page or use a feature and the amount of time you spend on a page or using a feature.
Like many websites, our Sites also use “cookie” technology to collect additional website usage data and to improve our Sites and our services. A cookie is a small data file that we transfer to your computer’s hard disk. A session cookie enables certain features of the Sites and is deleted from your computer when you disconnect from or leave the Sites. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our Sites. We may use both session and persistent cookies to better understand how you interact with our Sites, to monitor aggregate usage by our uses and web traffic routing on out Sites, and to improve our Operations. You may also be able to configure your computer or mobile device to limit the collection of these “cookies,” but that limitation may also limit our ability to provide all of the services or functionalities of the Sites. For more information about cookies, including how to set your internet browser to reject cookies, please go to www.allaboutcookies.org.
We may also automatically record certain information from your computer or device by using various types of technology, including “clear gifs” or “web beacons.” This automatically collected information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or after you visit our Sites, the pages or other content you view or otherwise interact with on our Sites and the dates and times that you visit, access or use our Sites. We may also use these technologies to collect information regarding your interaction with email messages, such as whether you opened, clicked on or forwarded a message, to the extent permitted under applicable law.
Please note that we have not yet developed a response to browser “Do Not Track” signals, and do not change any of our data collection practices when we receive such signals. We will continue to evaluate potential responses to “Do Not Track” signals in light of industry developments or legal changes.
Personal Data Collected by Third Parties
Our Sites may contain links to other websites. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer or mobile device, collect data or solicit personal data from you. Other websites follow different rules regarding the use or disclosure of the personal data you submit to them. We are not responsible for the content, privacy and security practices, and policies of third party sites or services to which links or access are provided through our Sites. We encourage you to read the privacy policies or statements of the other websites you visit.
How We Use the Personal Data We Collect
We use the Personal Data we collect for various purposes to conduct our business and improve our Operations. This section describes the primary purposes for which we use the Personal Data we collect.
We may use the Personal Data we collect for our own marketing purposes, including notifying you of special promotions, opportunities, offers and events via push notifications, e-mail and other means, all subject to our compliance with applicable laws. We may also link Personal Data (including your name, mobile phone number, and e-mail address) with non-personal information (including information automatically collected as described in this Policy) and use such linked information for our own marketing purposes. If you do not want us to use your Personal Data for marketing purposes, you may opt-out in accordance with the “How to Opt-Out” section below.
We may use the Personal Data we collect for non-marketing purposes, including: (1) validating your identity; (2) sending you emails to provide you with alerts and updates about your engagement with our Operations; (3) conducting statistical or demographic analysis; (4) complying with legal and regulatory requirements; (5) customizing your experience with our Operations; (6) protecting and defending BetMGM and its affiliates against legal actions or claims; (7) preventing fraud; (8) satisfying contractual obligations; (9) cooperating with law enforcement or other governmental agencies for purposes of investigations, national security, public safety or matters of public importance when we believe that disclosure of Personal Data is necessary or appropriate to protect the public interest; and (10) for other business purposes permitted under applicable law.
We may also use information in the aggregate to conduct research studies and for other purposes. BetMGM will not collect additional categories of Personal Data or use the Personal Data we collect in connection with our Operations for materially different, unrelated or incompatible purposes without providing you notice.
Who We Share Personal Data With
For business purposes, we may share certain Personal Data we collect in connection with our Operations from and about you, and about your relationship with us, with our parent companies or other affiliates and certain third parties. Doing so allows us to conduct our Operations. This section describes the categories of third parties we may share your Personal Data with and the purposes for that sharing.
Categories of Personal Data Disclosed to Third Parties
Generally, in the past 12 months, we have disclosed the following categories of Personal Data to third parties for business purposes:
- Personal data categories covered by certain laws (including the California Consumer Records statute (Cal Civ. Code § 1798.80(e))
- Protected classification characteristics under certain laws
- Commercial information
- Internet or other similar network activity
- Geolocation data
- Professional or employment-related information
- Non-public education information (per the Family Education Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)
- Inferences drawn from other personal data
Categories of Third Parties to Whom We Disclose Personal Data
We may share your Personal Data with our parent companies or other affiliates to enable us or them to use your Personal Data for the purposes described in this Policy and as otherwise described to you.
Third Party Service Providers
Your Personal Data may be shared with or collected by third party service providers who provide us with services, including, but not limited to, data hosting or processing. We require these third party service providers to exercise reasonable care to protect your Personal Data and restrict their use of your Personal Data to the purposes for which it was provided to them.
We may provide anonymized information to third parties. Any anonymized information we provide to third parties is not considered Personal Data and is not subject to the terms of this Policy.
Sale of our Business; Bankruptcy
Compliance with Laws and Law Enforcement
BetMGM cooperates with government and law enforcement officials or private parties to enforce and comply with the law. To the extent permitted under applicable law, we may disclose any information about you to government or law enforcement officials or private parties as we believe is necessary or appropriate to investigate, respond to, and defend against legal claims, for legal process (including subpoenas), to protect the property and rights of BetMGM or a third party, to protect BetMGM against liability, for the safety of the public or any person, to prevent or stop any illegal, unethical, fraudulent, abusive, or legally actionable activity, to protect the security or integrity of our Operations and any equipment used to make the Sites available, or to comply with applicable law.
As Directed by You
Upon your consent and/or pursuant to your instruction, we will share your Personal Data, including your authorization to disclose such Personal Data, with others.
Selling Your Personal Data
We do not sell your Personal Data and have not done so in the past 12 months.
Managing Your Personal Data
BetMGM offers you several choices with respect to how we use your Personal Data. This section describes the mechanisms available to you to control the Personal Data we use about you in connection with our Operations.
Tracking Technologies and Advertising
Updating Your Personal Data
If you want to update any Personal Data you have provided us, you can send us a request to update your Personal Data at email@example.com. If you have an account through the Sites or otherwise in connection with our Operations, we may, now or in the future, provide certain functionalities that enable you to update your Personal Information directly.
From time to time (and with your consent when required), you may receive periodic mailings or emails from us with news or other information about our Operations and other efforts. If at any time you wish to stop receiving mailings or emails from us, please send us an email to firstname.lastname@example.org with the phrase “Privacy Opt Out: BetMGM Mailings” in the subject line, or write to us at the address provided below, and we will remove you from our mailing list.
Alternatively, for email communications, you may opt-out of receiving such communications by following the unsubscribe instructions set forth in most email messages from us. Your unsubscribe request or email preference changes will be processed promptly, though this process may take several days. During that processing period, you may receive additional emails from us.
Please note, opting out of email communications will only apply to marketing and other promotional emails and will not apply to any email or other communication sent for non-marketing purposes, including, but not limited to, emails and other communications about your account or your use of the Sites.
If you do not want us to use Personal Data that we collect or that you provide us to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by sending us an email with your request to email@example.com.
We do not control third parties’ collection or use of your Personal Data to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your Personal Data collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) on the NAI’s website, located at networkadvertising.org.
Security of Your Personal Data
BetMGM is committed to protecting the security of your Personal Data. We maintain commercially reasonable safeguards to maintain the security and privacy of Personal Data that we collect and use in connection with our Operations. Nevertheless, when disclosing Personal Data, you should remain mindful that there is an inherent risk in the use of email and the internet. Your information may be intercepted without our knowledge or consent, collected illegally and/or used by third parties that are not affiliated with and/or controlled by us without your consent. We cannot guarantee the security of any information you disclose online, and you do so at your own risk.
We do not knowingly collect or allow the collection of Personal Data via the Sites or in connection with our Operations from persons under the age of 13. If we learn that we have collected the Personal Data of someone under the age of 13, we will take appropriate steps to delete this information. If you are a parent or guardian of someone under the age of 13 and discover that your child has submitted Personal Data to us, you may contact us at firstname.lastname@example.org and ask us to remove your child’s personal information from our systems.
Personal Data collected through the Sites may be stored and processed in any country in which we or our parent companies or other affiliates, suppliers, service providers or agents maintain facilities. By using the Sites, or otherwise engaging with our Operations, you expressly consent to any transfer of your Personal Data outside of your country (including to third countries that may not have been assessed as having adequate privacy laws). Nevertheless, we take steps to ensure that our parent companies or other affiliates, suppliers, service providers and agents comply with our standards of privacy regardless of their location.
State-Specific Privacy Rights
This section describes the additional rights available to residents of certain states in the United States with respect to how we use their Personal Data.
California Privacy Rights
If you are a California resident, you have certain rights regarding your Personal Data under California’s Shine the Light Law and the California Consumer Privacy Act (“CCPA”). This section describes your rights under those laws.
Your Rights Under California’s Shine the Light Law
Under California’s Shine the Light Law, you have the right, once per calendar year, to request information from us regarding the manner in which we share certain categories of Personal Data with third parties for their direct marketing purposes, in addition to the other rights described in this Policy. Under California’s Shine the Light Law, you have the right to send us a request at the designated email address provided below to receive the following information:
- the categories of Personal Data we disclosed to third parties for their direct marketing purposes during the preceding calendar year;
- the names and addresses of the third parties that received the information; and
- if the nature of the third party’s business cannot be determined from their name, examples of the products or services they market.
This information may be provided in a standardized form that is not specific to you. The designated email address for these requests is email@example.com.
Your Rights Under CCPA
Please note, the rights described in this section only apply to Personal Data covered by the CCPA. Among other types of Personal Data, the CCPA does not cover information that is publicly available from government records, deidentified or aggregated consumer information, health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) or the California Confidentiality of Medical Information Act (CMIA) or clinical trial data and personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), the California Financial Information Privacy Act (FIPA) and the Driver’s Privacy Protection Act of 1994.
Under the CCPA, you have the right to request that BetMGM disclose certain information to you about our collection and use of Personal Data over the past 12 months. Once we receive and confirm your verifiable consumer request (information on how to submit requests is provided below), we will disclose to you, based on what you request:
- The categories of Personal Data we collected about you.
- The categories of sources for the Personal Data we collected about you.
- Our business and/or commercial purposes for collecting or selling that Personal Data.
- The categories of third parties with whom we shared that Personal Data.
- The specific pieces of Personal Data we collected about you (also known as a data portability request).
- If we sold or disclosed your Personal Data for a business purpose, two separate lists disclosing: (1) sales, identifying the Personal Data categories that each category of recipient purchased; and (2) disclosures for a business purpose, identifying the Personal Data categories that each category of recipient obtained.
Under the CCPA, you have the right to request that BetMGM delete any of your Personal Data that we collected from or about you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (information on how to submit requests is provided below), we will delete (and direct our service providers to delete) your Personal Data from our records, unless an exception applies.
We may deny your deletion request if retaining your Personal Data is necessary for us or our services providers to:
- Complete the transaction for which we collected the Personal Data, take actions reasonably anticipated within the context of our ongoing business relationship with you or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Comply with a legal obligation.
- Make other internal and lawful uses of the Personal Data that are compatible with the context in which you provided it.
How to Submit a Request
To submit an access, data portability or deletion request, please submit a verifiable consumer request to us by either:
- Calling us at 844-604-4423; or
- Using our Online Form.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Data. You may also make a verifiable information request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period.
When submitting a verifiable consumer request you must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative of that person; and
- Describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it.
We cannot respond to your requests if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you.
Making a verifiable consumer request does not require you to create an account with us.
We will only use Personal Data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Responses to Requests
We attempt to respond to verifiable consumer requests within 45 days. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing within 45 days after we receive your initial request. We will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period prior to the date we receive the verifiable consumer request. The response we provide will also provide the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Data that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Rights Regarding the Sale of Personal Information
At this time, BetMGM does not sell any Personal Information in connection with its Operations. The CCPA does grant consumers rights with respect to the sale of their Personal Data, and if we decide to sell Personal Data in the future in connection with our Operations we will update this Policy and our Sites to make those rights available to you.
Non-Discrimination for Submitting Requests
We will not discriminate against you for exercising any of your rights under the CCPA. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Data’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
Updates to this Policy
You agree that your use of the Sites and otherwise providing us with Personal Data in connection with our Operations constitutes your agreement with this Policy. BetMGM reserves the right to change this Policy at any time. If we decide to change this Policy, we will post those changes on this page so that you are always aware of what Personal Data we collect, how we use it and under what circumstances we disclose it. As we may make changes to this Policy from time to time, with or without notifying you, we suggest that you periodically consult this Policy for any changes. Your continued use of the Sites or other engagement with our Operations after the effective date of any modification to this Policy will be deemed to be your agreement to the changed terms.
We welcome your questions, comments and concerns about privacy. Please email us at firstname.lastname@example.org with your feedback pertaining to privacy. You may also write to us at:
Harborside Plaza 3, Suite 602
210 Hudson Street
Jersey City, NJ 07311