Batumi: +995 591 34 11 99 Tbilisi: +995 511 23 11 99
en
Home Privacy Policy

Privacy Policy

Effective Date: 30.04.2025
Applies to: Grand Bellagio Casino Batumi & Grand Bellagio Casino Tbilisi

1. Introduction

This Privacy Policy explains how we collect, use, store, and protect your personal data in compliance with the Law of Georgia on Personal Data Protection (2024). By visiting our website or using any of our services (online or offline), you agree to the practices described in this document.

Grand Bellagio respects your right to privacy and is committed to processing your personal data lawfully, fairly, and transparently.

2. Data Controller

The data controllers responsible for your information are:

Grand Bellagio Batumi
Sherif Khimshiashvili Street 16, Batumi, Georgia
Email: [email address] | Phone: [number]

Grand Bellagio Tbilisi
Biltmore Hotel, Rustaveli Avenue 29, Tbilisi, Georgia
Email: [email address] | Phone: [number]

3. Categories of Personal Data We Collect

We may collect and process the following types of personal data:

Identification data: Full name, nationality, ID/passport number, date of birth
Contact data: Email address, phone number, residential address
Financial data: Payment details, transaction history
Gaming activity: Game preferences, visit frequency, loyalty program usage
Device & technical data: IP address, device ID, browser type, cookies, location data
Video surveillance: CCTV recordings inside casino premises (for security purposes)

4. Purposes of Data Processing

We process personal data for the following purposes:

To provide access to our services (gaming, hospitality, events)
To comply with regulatory obligations, including AML/CTF laws
To conduct responsible gaming monitoring
For customer relationship management (CRM) and loyalty programs
For marketing communications (only with your consent)
To ensure security within our premises and IT infrastructure
To improve our website and services through analytics and performance tracking

5. Lawful Basis for Processing

Your personal data is processed on one or more of the following legal grounds:

Your explicit consent (e.g., for marketing communications)
Contractual necessity (e.g., loyalty program enrollment)
Legal obligations (e.g., AML checks, identity verification)
Legitimate interests (e.g., security, fraud prevention)
Vital interests (e.g., safeguarding health in emergencies)

6. Data Retention

We retain personal data only as long as necessary for the purposes outlined above or as required by law:

Identification data: Up to 5 years after the last transaction (AML law)
Video surveillance: Up to 30 days unless required for investigation
Financial data: As required by Georgian tax and accounting law

Data will be securely deleted or anonymized once the retention period ends.

7. Data Sharing and Transfers

We may share your data with:

Regulatory bodies and supervisory authorities (e.g., Revenue Service, Financial Monitoring Service)
Third-party service providers (IT, payment processors, KYC providers)
Legal or law enforcement authorities when required by law
Casino group affiliates (if relevant for loyalty or VIP benefits)

We do not transfer your data outside Georgia unless:

The destination country ensures an adequate level of data protection (as recognized by the Georgian Personal Data Protection Service), or
You give explicit consent, or
Adequate safeguards (such as standard contractual clauses) are in place.

8. Your Rights as a Data Subject

Under the Georgian Data Protection Law, you have the right to:

Request access to your personal data
Rectify inaccurate or incomplete data
Erase your data (right to be forgotten)
Restrict or object to processing
Withdraw your consent at any time
File a complaint with the Personal Data Protection Service of Georgia

To exercise your rights, contact us via email or visit our front desk with a valid ID.

9. Cookies and Website Tracking

We use cookies to:

Remember user preferences
Analyze website performance
Support online services like chat or booking

You may configure your browser to refuse cookies, although this may limit functionality.

10. Children’s Data

We do not knowingly collect personal data from individuals under the legal gambling age in Georgia (18+). Any such data will be deleted upon discovery.

11. Data Security Measures

We implement strong organizational and technical safeguards, including:

Secure servers and encrypted connections (SSL/TLS)
Role-based access control to personal data
Staff confidentiality agreements and training
Regular data protection audits

12. Policy Updates

This Privacy Policy may be updated to reflect changes in our practices or legal requirements. The latest version will always be available on our website, with the revision date clearly indicated.

13. Contact Us

If you have questions about this policy or your personal data, please contact:

Data Protection Officer (DPO)
[Full Name or Role]
Email: [email address]
Phone: [number]
Address: [relevant branch office address]