We at 32Red ask for a lot of information from our players and it is only right that our players in turn know that this information is maintained securely and without fear of compromise.
Firstly, let me deal with information that we hold in respect of a players’ financial accounts.
We do not store credit card numbers or the 3 digit security code that is contained on the reverse of the card. We have the ability to access full card numbers and this access is strictly controlled and limited to senior members of staff. Those employees, who do have access, have been verified through a number of means which do include background checks with the police. The majority of our employees are only able to view the last four digits of a card number, with this being necessary to being able to perform certain financial transactions. The back office system that we use does not allow employees to see multiple instances of accounts, does not allow employees to export information into other files and prevents details from being printed. We run regular audits so as to ensure we know who is accessing what data and for what purpose.
32Red does not store players’ passwords. Yes, we can perform password changes and reset log-in attempts but we have no access to the password itself. Once we have changed a player’s password we urge them to change it themselves from within the gaming software.
Not only do we have our own internal measures, but we are strictly monitored by our regulators and banking partners. As a merchant we have to be fully compliant with the Payment Card Industry’s Security Standards (
I suppose in all of this we are only ‘as strong as our weakest link’ and we are all at the mercy of that ‘rogue’ employee. A whole host of activity is undertaken so as to maintain a workforce that is ‘engaged’ and thus reduce the likelihood of this, but you can never be certain. Additional measures that we take, to further reduce this risk, include the control of the use of mobile phones (to prevent those with cameras being able to take screenshots of player information) and the use of ‘messenger’ applications. Physical security of and access to our premises is tightly controlled as is the security of stored documents. Documentation (for the purposes of player verification) which we receive is never stored and all physical documents are immediately ‘shredded’ once we have concluded our checks.
In respect of the use of personal information, including email addresses, we adhere to our Privacy Policy and we do not rent or sell such information to any third party. We may occasionally hire other companies to provide limited services on our behalf which include identity verification, payment processing and the provision of software. These companies are blue chip organisations and are publicly listed entities. 32Red will only provide these companies with that information which is reasonably required to perform the service, and these third parties will be prohibited from using that information for any other purpose. Again, we instruct these companies to adhere to our stated Privacy Policy and that they protect the confidentiality of your personal information.
Our employees do not have access to multiple instances of email addresses or personal details. When an email distribution is planned, it is only senior members of 32Red who can collate the necessary information from our player database.
I trust this allays your concerns and please feel free to drop me a line if you need any further information in this respect.
Firstly, let me deal with information that we hold in respect of a players’ financial accounts.
We do not store credit card numbers or the 3 digit security code that is contained on the reverse of the card. We have the ability to access full card numbers and this access is strictly controlled and limited to senior members of staff. Those employees, who do have access, have been verified through a number of means which do include background checks with the police. The majority of our employees are only able to view the last four digits of a card number, with this being necessary to being able to perform certain financial transactions. The back office system that we use does not allow employees to see multiple instances of accounts, does not allow employees to export information into other files and prevents details from being printed. We run regular audits so as to ensure we know who is accessing what data and for what purpose.
32Red does not store players’ passwords. Yes, we can perform password changes and reset log-in attempts but we have no access to the password itself. Once we have changed a player’s password we urge them to change it themselves from within the gaming software.
Not only do we have our own internal measures, but we are strictly monitored by our regulators and banking partners. As a merchant we have to be fully compliant with the Payment Card Industry’s Security Standards (
You do not have permission to view link
Log in or register now.
) which has a core group of six principles and a dozen or so accompanying requirements. These are all aimed at ensuring that we proactively protect customer account data. I suppose in all of this we are only ‘as strong as our weakest link’ and we are all at the mercy of that ‘rogue’ employee. A whole host of activity is undertaken so as to maintain a workforce that is ‘engaged’ and thus reduce the likelihood of this, but you can never be certain. Additional measures that we take, to further reduce this risk, include the control of the use of mobile phones (to prevent those with cameras being able to take screenshots of player information) and the use of ‘messenger’ applications. Physical security of and access to our premises is tightly controlled as is the security of stored documents. Documentation (for the purposes of player verification) which we receive is never stored and all physical documents are immediately ‘shredded’ once we have concluded our checks.
In respect of the use of personal information, including email addresses, we adhere to our Privacy Policy and we do not rent or sell such information to any third party. We may occasionally hire other companies to provide limited services on our behalf which include identity verification, payment processing and the provision of software. These companies are blue chip organisations and are publicly listed entities. 32Red will only provide these companies with that information which is reasonably required to perform the service, and these third parties will be prohibited from using that information for any other purpose. Again, we instruct these companies to adhere to our stated Privacy Policy and that they protect the confidentiality of your personal information.
Our employees do not have access to multiple instances of email addresses or personal details. When an email distribution is planned, it is only senior members of 32Red who can collate the necessary information from our player database.
I trust this allays your concerns and please feel free to drop me a line if you need any further information in this respect.
Last edited: