Privacy Policy

1. Scope

Converst Ltd. (“Converst”, “we”, “us”, or “our”) provides multilingual customer support, incident handling, technical troubleshooting, CRM campaign execution, and performance reporting services for operators in the gaming and entertainment sector, including casino, sports betting, and lottery platforms.

This Privacy Policy (“Policy”) explains how and why we collect, process, and use personal data when you access our Website or engage with our services. We process personal data strictly in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR), with a strong commitment to safeguarding your privacy and protecting your rights.

Personal data (“Personal Information”) refers to any information that identifies you or can reasonably be used to identify you. Such data will only be used in line with this Policy and for legitimate business purposes connected to the services we provide.

By using our Website, you confirm that you have read and understood this Policy. If you do not agree with its terms, or do not wish to provide the personal information we require, please discontinue use of the Website and services.

If you have any questions about this Policy or about your rights as a data subject, you may contact us at: [email protected]

2. Definitions

  • “User”, “Client”, “you”, “your”: refer to any individual or business entity accessing our Website or engaging with our services.
  • Data Controller: The person, company, or other body that determines the purposes and means of processing personal data, either alone or jointly with others.
  • Data Processor: A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the Controller.
  • Personal Data: Any information relating to an identified or identifiable natural person, as defined under applicable data protection law.
  • GDPR: The General Data Protection Regulation (Regulation (EU) 2016/679).

3. Types of Data Processed by Converst

We may collect and process the following categories of personal data when you access our Website or engage with our services:

  • Contact and business information such as company name, registration details, billing address, and contact details (name, role, telephone number, email address) of representatives, employees, or contractors of our clients and partners.
  • Technical data such as IP address, device type, browser type and version, time zone setting, operating system and platform, as well as information about your visits to our Website, including page interaction information and website usage statistics. We may also collect cookie information in accordance with our Cookie Policy and your preferences.
  • Communication data, including information you provide when you contact us, such as inquiries, complaints, or requests for support, and records of interactions between you and our support teams.
  • Client services data, which may include information provided by clients necessary for the performance of our services, such as account identifiers, preferences, data used in CRM campaigns, support scripts, and performance dashboards. This data is processed strictly in accordance with client instructions and applicable law.

We do not intentionally collect or process special categories of personal data (such as racial or ethnic origin, political opinions, religious beliefs, health data, or sexual orientation).

4. Disclosure of Personal Data

We may disclose your personal data to:

  • regulatory authorities where required to comply with legal obligations,
  • law enforcement in response to lawful requests,
  • service providers who support our operations such as IT hosting, analytics, and CRM tools,
  • professional advisors such as lawyers, auditors, and consultants where necessary for business operations or legal claims,
  • Converst employees or contractors strictly on a need-to-know basis.

We do not sell or rent personal data to third parties.

5. International Data Transfers

We primarily process and store personal data within the European Union. If data is transferred outside the EU or EEA, we ensure adequate safeguards are in place in line with GDPR requirements, such as European Commission adequacy decisions or Standard Contractual Clauses.

6. Marketing

If you have provided your consent, we may send you information about our services that may be of interest to you. You may withdraw your consent and unsubscribe at any time by following the instructions in our communications or by contacting us directly.

7. Security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These include:

  • secure transmission protocols such as SSL,
  • access restrictions to authorised staff only,
  • regular system monitoring, backups, and audits.

We also maintain breach response procedures, including notification to you and supervisory authorities where legally required.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including compliance with legal, contractual, and reporting obligations. Once retention is no longer necessary, we securely delete or anonymise the data.

9. Data Subject Rights under GDPR

You have the right to:

  • request information and transparency about how we process your data,
  • access your personal data,
  • rectify inaccurate or incomplete data,
  • request erasure (“right to be forgotten”) where applicable,
  • restrict processing under certain circumstances,
  • data portability where processing is based on consent or contract and carried out by automated means,
  • object to processing based on legitimate interests, including profiling, and to opt out of direct marketing,
  • not be subject to automated decision-making that produces legal effects or significantly affects you.

To exercise these rights, please contact us at [email protected].

10. Verification and Requirements for Data Subjects

For security reasons, we may request specific information to confirm your identity before fulfilling your request. This ensures that personal data is not disclosed to unauthorised persons.

We also rely on you to keep your information accurate and up to date. Please inform us of any changes to your data.

11. Linked Websites

Our Website may contain links to third-party websites. We are not responsible for the privacy practices or content of such websites. Please review their privacy policies before providing them with personal data.

12. Surveys and Feedback

From time to time, we may invite you to participate in surveys or provide feedback to help us improve our services. Participation is voluntary, and any personal data you provide will be processed with your consent and used solely for the stated purpose.

13. Changes to this Policy

This Policy may be updated from time to time to reflect changes in our practices, services, or legal requirements. The date of the last update will always be indicated at the top of this Policy. We encourage you to review this Policy periodically.

14. Contact and Complaints

If you have any questions about this Policy or how we process your personal data, please contact us at [email protected].

You also have the right to lodge a complaint with your local data protection authority or with the Bulgarian Commission for Personal Data Protection (CPDP), as Converst is established in Bulgaria.