Privacy Policy

Privacy Policy (“Policy”) – Century Resorts Management
Last updated on: 24th May 2018


This Policy, together with our Terms & Conditions, explains the basis on which we collect and process personal information or data from our business partners or from individuals, who provide data to us.

Please read the following carefully to understand our views and practices regarding personal information and how we will treat it. By visiting and any other website, individuals are accepting and consenting to the practices described in this Policy.

Century Resorts Management GmbH (“CRM”) is the data controller for the purposes of the General Data Protection Regulation 2016 (EU).

At CRM, we are committed to providing our business partners and individuals (“stakeholders”) with the best services. As described in this Policy, we are committed to properly safeguarding the privacy of all personally identifiable information (“personal information”) that is collected from stakeholders when they visit our property or use the websites of CRM.

Privacy Principles

  • We take reasonable steps to protect all non-public personal information we collect about our stakeholders by adopting strict standards of security and confidentiality.

  • We maintain physical, digital and organisational safeguards to protect this information.

  • We contractually require any person or organisation providing products or services to our stakeholders on our behalf to protect the confidentiality of this information.

  • We permit only authorised employees, who are trained in the proper handling of this information, to have access to it.

  • We afford former stakeholders the same protections as existing stakeholders with respect to the use and sharing of their information.

  • We facilitate the review, correction or removal of personal information stored by us upon request and as permitted by applicable legislation.

Information Collection

We collect and use information we believe is necessary to administer our business and to provide our stakeholders with our services. For this purpose, we collect and process several types of information, including but not limited to those stated below:

  • Information that stakeholders provide by signing any contract or completing any application form. The types of information we collect can include: date of birth, first name, last name, address, phone, email address, gender, language preference and other information.

  • Information about business transactions with us, including payments, business histories and details of representatives.

  • If stakeholders contact us, we may keep a record of that correspondence (including email, mail, phone calls)

  • Employees of CRM may also ask stakeholders to complete surveys or feedback forms that we use for research purposes. Individuals may decide whether or not to respond.

This information may be collected either directly by CRM, or by third parties that have been contracted by us.

Internet Protocol Addresses and Technical Data

We automatically track and collect information when stakeholders visit our websites, including:

  • IP addresses

  • domain servers

  • type of computers

  • type of web browsers

  • requested resources and response code (the pages accessed)

  • browser version, operating system, and language (collectively “traffic data”)

Traffic data is anonymous information that does not personally identify our stakeholders. It helps us to improve our marketing and website experience.


In order to enhance our stakeholder service, we may obtain information about our stakeholders’ general internet usage by using cookie files which are stored on the hard drive of individual’s computers.

In general, cookies help us to improve our websites and to deliver a better and more personalised service. Cookies enable us:

  • To evaluate our audience’ size and usage pattern.

  • To store information about stakeholders’ preferences.

  • To customise our websites according to our stakeholder interests.

  • To speed up stakeholder requests and searches.

  • To recognise patrons when they return to our websites.

Google Analytics

In particular, our websites use Google Analytics, a web analytics service provided by Google, Inc. (“Google”) which uses cookies to help us analyse how users interact with our websites. The information generated by the cookies about stakeholder use of our websites (including IP addresses) will be transmitted to and stored by Google on global servers (incl. in the United States of America). Google will provide us with this information for the purpose of evaluating use of our websites, compiling reports on our websites activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.

Please note that our web partners (e.g. advertisers) may also use cookies, over which we have no control. In general, the use of cookies by our websites may allow unauthorised third parties to view the traffic data. The viewing of traffic data by unauthorised third parties is outside of our control and we assume no legal responsibility for such use.

How Stakeholders Can Control Cookies

Stakeholders may refer to the help section of their web browser to learn more about how cookies work and how the settings can be customized.

Stakeholders may prevent the use of cookies by configuring the appropriate browser settings. Stakeholders may have to manually adjust some preferences every time they visit a website and some services and functionalities may not work.

Data Storage

The data that we collect from stakeholders may be transferred to, and stored at, a destination outside the European Union (“EU”). It may also be processed by staff operating outside the EU who work for us. Such staff may be engaged in, among other things, the provision of any requested services, the processing of stakeholder payment details and the provision of support services. By submitting individuals’ personal information, individuals agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that stakeholder data is treated securely and in accordance with this Policy.

All information stakeholders provide to us is stored on secure servers. If stakeholders use our websites to send personal information to us, each transmission will be protected by Secure Socket Layer (“SSL”). SSL is a technology that encrypts the information during transmission. Once we have received stakeholder information, we use strict procedures and security features to try to prevent unauthorised access.

We retain personal information for a as long as it is necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law.

Data Handling and Information Processing

We only collect and retain personal information to the extent that it is required for our purposes. Personal information submitted by stakeholders to the website or collected by us will be used for the following purposes:

  • To provide stakeholders with information, products or services that our stakeholders request from us or which we feel may interest our stakeholders, where individuals have consented to be contacted for such purposes.

  • To carry out obligations arising from agreements or contracts between stakeholders and us.

  • To notify stakeholders about changes to CRM.

We may also use stakeholder data and permit employees of CRM to use stakeholder data, to provide stakeholder with information about goods and services which may be of interest to stakeholders and we may contact our stakeholders about these by post, e-mail or telephone.

We do not disclose information about identifiable individuals to our partner companies, but we may provide them with aggregate information about our users (for example, women/men visitor ratio).

Data Disclosure & Trans-Border Data Transfers

We may disclose and transfer stakeholder personal information to any employee of CRM, including those based outside of the EU including our parent company, Century Casinos, Inc., based in the United States of America. We may also disclose personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose personal information to the prospective seller or buyer of such business or assets.

  • If CRM or substantially all of its assets are acquired by a third party, in which case personal information held by it about its stakeholders may be one of the transferred assets.

  • If we are under a duty to disclose or share personal information in order to comply with any legal obligation or process; or to comply with any legal requirements of any governmental authority, including but not limited to gaming regulators; or in order to enforce the terms of agreements; or to protect the rights, property, or safety of CRM, our stakeholders, or others. This includes exchanging information with other companies and organisations for the prevention and detection of crime and risk reduction.

  • We may also disclose information that we collect from or about stakeholders with non-affiliated third parties as permitted or required by law.

By visiting the website and communicating electronically with us, individuals consent to these transfers.

Links to External Websites

Our websites may contain links to and from websites of our partner networks, advertisers or affiliates. We do not expressly or impliedly endorse the materials disseminated at those websites, nor does the existence of a link to another website expressly or impliedly mean that the organisation or person publishing at that website endorses any of the materials on our websites.

Links to other websites are provided only as a convenience to our users and for information only. We have no control over the contents of those websites or resources, and accept no responsibility for them or for any loss or damage that may arise from individual’s use of them.

If anyone follows a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. We recommend that our stakeholders check the policies of these websites before they submit any personal information to these websites.

Changes to the Policy

Over time, we may change or supplement this Policy by way of amending the Policy on this website. We always indicate the date the last changes were published.

However, it is each individual’s responsibility to check the Policy from time to time to ensure that individual agrees with it and individual’s continued use of the websites will be deemed to be individual’s acceptance of any changes that we make.

Opt-In and Opt-out

As part of our newsletter, we may give our stakeholders important choices (“opt-in”) about updates and press releases. We hope our stakeholders will find these items interesting and informative. Nonetheless, every stakeholder has the right to ask us not to use personal information for these purposes (“opt-out”). To exercise the right of opt-out, please sent an Email request to [email protected] or use the link to unsubscribe at the bottom of our newsletters.

Data Access and Corrections

We will take all reasonable steps to ensure that our stakeholders’ personal information is correct and up to date.

We facilitate the review, correction or removal of personal information stored by us upon request and as permitted by applicable legislation.

Stakeholders may send a written inquiry to Century Resorts Management GmbH, Untere Viaduktgasse 2, 1030 Vienna or email to [email protected] .

Contact Information & Questions

Questions, comments and requests regarding this Policy are welcomed and should be addressed to:

Century Resorts Management GmbH
Untere Viaduktgasse 2,
1030 Vienna