This Policy governs the information collection, use, sharing, and related practices applicable to the Services in Indiana only. This Policy is separate and distinct from the privacy policies that govern the online gaming services offered by MGM Resorts International in other jurisdictions, including the State of Nevada.
The Services currently operate under and pursuant to the Internet Sports Betting Operator License issued to Roar Digital by the Indiana Gaming Commission. Roar Digital is authorized to conduct Online Sports Wagering in the State of Indiana under an agreement with Belterra Resort Indiana, LLC d/b/a Belterra Casino Resort, an Indiana Gaming Commission Certificate of Authority Holder. These agreements are at all times subject to the authority of the Indiana Gaming Commission. The Services are provided by Roar Digital (where Roar Digital is an indirect, partially-owned subsidiary joint venture of MGM Resorts International (“MGM”)) and are marketed under brands owned by MGM. This Policy is at all times subject to the authority of the Indiana Gaming Commission.
I. INFORMATION WE COLLECT
We collect information from a variety of sources and in a variety of ways, including the following:
- Account Information. In order to use the Services, you must register for an online Indiana wagering account (a “Wagering Account”). When you register for a Wagering Account, we may access and collect the information you provide (including your name, postal address, e-mail address, and date of birth) by which you can be personally identified. We may also ask you for additional information including your mobile phone number, social security number, and a government-issued photo identification such as your driver’s license, state identification card, or passport. We will also verify whether you have a current MGM M life Rewards account (an “M life Account”). If you do not have a current M life Account, you will be required to create an M life Account as part of the registration process. You can learn more about the M life Rewards program by visiting https://mgmresorts.com. You can review the terms and conditions for the M life Rewards program at https://www.mgmresorts.com/en/mlife-rewards-program/program-rules.htmland MGM’s privacy practices with respect to the M life Rewards program at https://www.mgmresorts.com/en/privacy-policy.html. For more information about how Roar and MGM utilize and share information in connection with your Wagering Account and M life Account, please see Section II.B below.
IF YOU PROVIDE A CELL PHONE NUMBER AND EXPRESSLY CONSENT TO RECEIVE TEXT MESSAGES FROM ROAR, YOU EXPRESSLY CONSENT TO RECEIVE RECURRING INFORMATIONAL AND TRANSACTIONAL TEXTS—INCLUDING TEXTS MADE USING AN AUTODIALER—FROM OR ON BEHALF OF ROAR TO THE NUMBER YOU PROVIDED. BY PROVIDING A CELL PHONE NUMBER AND EXPRESSLY CONSENTING TO RECEIVE SMS MESSAGES FROM ROAR, YOU WARRANT AND REPRESENT THAT YOU ARE EITHER THE ACCOUNT OWNER OF THE CELL PHONE NUMBER YOU PROVIDE TO US, OR YOU HAVE THE EXPRESS PERMISSION OF THE ACCOUNT HOLDER TO PROVIDE THE NUMBER AND TO CONSENT TO AUTOMATED TEXTS TO THAT NUMBER.
ALTHOUGH THERE IS NO FEE ASSOCIATED WITH THIS SERVICE, YOUR CARRIER MAY CHARGE YOU FOR EACH MESSAGE YOU RECEIVE IN ACCORDANCE WITH YOUR CALLING PLAN. YOU AGREE THAT WE ARE NOT RESPONSIBLE IN ANY WAY FOR SUCH CHARGES. YOU CAN STOP RECEIVING TEXT MESSAGES FROM ROAR AT ANY TIME. JUST TEXT "STOP" IN RESPONSE TO ANY SMS MESSAGE YOU RECEIVE FROM ROAR. AFTER YOU SEND THE SMS MESSAGE "STOP" TO US, WE WILL SEND YOU A SINGLE MESSAGE TO CONFIRM THAT YOU HAVE BEEN UNSUBSCRIBED. AFTER THIS, YOU WILL NO LONGER RECEIVE TEXT MESSAGES FROM US. IF YOU WANT TO JOIN AGAIN TO RECEIVE MESSAGES, JUST SIGN UP AS YOU DID THE FIRST TIME, AND WE WILL START SENDING MESSAGES TO YOU AGAIN.
- Location, Gaming, and Transaction Information. When you use the Services, we and our third-party service providers may collect information about your precise physical location, your gaming activity, and all transactions associated with your Account. We may share this information, and any other information we collect about you, with the Indiana Gaming Commission, other government officials, and third parties including business partners.
Most web browsers automatically accept cookies, but, if you prefer, you can usually modify your browser setting to decline cookies. The Help menu on the menu bar of most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie and how to disable cookies altogether. You can also modify your Flash Player settings to prevent the use of flash cookies.
If you choose to decline cookies, you may not be able to experience all of the interactive features available through the Services. You can visit https://www.allaboutcookies.org/ in order to obtain more information on deleting or controlling cookies. Please note that by deleting our cookies or disabling future cookies, you may not be able to access certain areas or features of the Services.
- Wi-Fi and Location Information. In your use of the Services, we may collect information (directly or through third party service providers) that includes the web sites you visit, the type of device and browser you are using, your device identification number, bandwidth used, session time, etc. There are Federal law prohibitions and restrictions relating to wagering on the Internet (including such prohibitions and restrictions set out in 18 U.S.C. §§ 1084 et seq. (“The Wire Act”) and 31 U.S.C. §§ 3163 through 3167 (“UIEGA”)). It is a Federal offense for persons physically located outside of Indiana to engage in Internet wagering through any Indiana casino, including wagering on the Services. We and our service providers utilize several current technologies, and may use future technologies, in order to (i) verify your physical location while you are wagering on the Services and (ii) improve the location-based services. Tracking Technologies report your physical location from the computer or Internet-connected device that you choose and from which you are accessing the Services. Tracking Technologies obtain your physical location by accessing your IP address, MAC address, RFID, hardware embedded article/production number, embedded software number (such as UUID, Exif/IPTC/XMP or modern steganography), Wi-Fi positioning system, or device GPS coordinates. The Tracking Technologies report to us, our service providers and/or the Indiana Gaming Commission the physical and geographic location of the computer or Internet-connected device from which you are accessing the Services. Your precise or near-precise physical location will be reported to us, our service providers and/or the Indiana Gaming Commission when you use the Services. You may withdraw this consent at any time by turning off the location settings or by notifying us in writing that you would like to withdraw such consent. If you turn off the location settings or withdraw such consent, you will not be able to access real money games and tournaments via the Services. Your location information is retained for up to ten (10) years as required by the Indiana Gaming Commission and applicable state and federal regulations. Location coordinate data is transmitted via Secure Socket Layer (SSL) technology and stored in password protected servers managed by us and our geolocation and operating partners. Neither us nor our partners will pass on or resell your location information to any third party except that they reserve the right to provide location information as necessary to satisfy any law, regulation or government agency request.
- Affiliate and Third Party Information. We may obtain information about you from MGM Resorts International and casinos, resorts, platforms, and properties that are owned, operated, managed by or affiliated with MGM Resorts International (collectively “MGM Affiliates”), from our other parent and affiliated companies, including, but not limited to, GVC Holdings (collectively, with the MGM Affiliates, our “Affiliates”) and from third parties, including our business partners and other companies and individuals that refer you to our Services. This information may include, among other things, information related to your M life Account that we need to make the Services available to you, information to set up your Wagering Account and information necessary to connect your Wagering Account to your account with one or more of our business partners.
II. HOW WE USE THE INFORMATION WE COLLECT AND OPT-OUT OPTIONS
- Use by Roar Digital
Marketing Purposes. We may use the information we collect for our own marketing purposes including notifying you of special promotions, offers, and events via push notifications, e-mail, and other means. We may also link personal information (including your name, mobile phone number, and e-mail address) with non-personal information (including information collected through Tracking Technologies and Wi-Fi services) and use such information for our own marketing purposes. If you do not want us to use your personal information for marketing purposes, you may opt-out in accordance with the “How to Opt-Out” section below.
Non-Marketing Purposes. We may use the information we collect for non-marketing purposes including (1) validating your identity; (2) sending you push notifications or e-mails to provide you with alerts and updates about your Account and the Services; (3) monitoring, accessing, and recording gaming-related activity; (4) conducting statistical or demographic analysis; (5) processing and tracking gaming and non-gaming transactions; (6) complying with legal and regulatory requirements; (7) customizing your experience with the Services; (8) protecting and defending Roar Digital, MGM Resorts International, and all other MGM Affiliates against legal actions or claims; (9) preventing fraud; (10) debt collection; (11) satisfying contractual obligations; and (12) safety and security purposes including cooperating with law enforcement or other government agencies for purposes of national security, public safety, or matters of public importance when we believe that disclosure of information is necessary or appropriate to protect the public interest (collectively “Non-Marketing Purposes”).
- Sharing with Affiliates
We may share the information we collect with Affiliates for marketing purposes and for Non-Marketing Purposes. If you do not want us to share your personal information with Affiliates for marketing purposes, you may opt-out in accordance with the “How to Opt-Out” section below.
Regarding sharing of information with MGM about your M life Account, we will provide MGM with certain information (subject to compliance with applicable laws and with your consent where required) related to your gaming activity that is necessary for MGM to administer your M life Account, including, but not limited to: (1) the amount of money credited to, debited from or present in your Wagering Account; (2) the amount of money you wagered on any game or gaming device; (3) your Wagering Account account number and secure personal identification method that identifies you; (4) the identities of particular entities on which you are wagering or have wagered on in the past; and (5) your name, address or other information that Roar possesses that would identify you to anyone other than Roar or applicable gaming regulators (“Account Information”). The Account Information we will provide to MGM represents the information MGM needs to provide you with certain benefits and rewards as more fully described in the terms applicable to your M life Account. For opt-out information specific to your M life Account and its connection with your Wagering Account, please see the “How to Opt-Out” section below.
- Sharing with Business Partners and Other Third Parties
We may share the information we collect with our business partners and other third parties for joint marketing purposes and/or our business partners’ (or our own) marketing purposes. Even if you opt-out of permitting us to share your personal information with our business partners and other third parties for marketing purposes, we may still share the information we collect with them for Non-Marketing purposes such as processing transactions, fulfilling your requests, responding to your inquiries, etc.
- Service Providers
We may engage service providers to provide certain services to us or to perform certain services on our behalf including analytics, marketing, fulfillment, etc. In some cases, service providers may collect or be provided with access to your information as reasonably necessary to perform such services on the condition that they not use or disclose your personal information for other purposes.
- Certain Business Transactions
We may share all of the information we collect with any successor to all or part of our business in connection with a transaction involving a sale, purchase, reorganization, merger, or transfer of any our assets or the assets of Affiliates.
- How to Opt Out of Marketing from Us and How to Opt-Out of having Your Personal Information Shared with Others for Marketing Purposes
If you wish to opt-out of receiving marketing communications from us via postal mail, e-mail, telephone, and text messaging, or do not want us to share your personal information for marketing purposes with our business partners, third parties or Affiliates, please e-mail us at firstname.lastname@example.org write to us at:
Harborside Plaza 3, Suite 602
210 Hudson Street
Jersey City, NJ 07311
You can also unsubscribe from receiving SMS messages as described in Section I.A above, including by replying STOP to any text message you receive from Roar.
Although you may opt-out of the use and sharing of personal information for marketing purposes, we may still use and share information we collect for Non-Marketing Purposes.
Please note, if you would like to submit a request to opt-out from marketing relating to your M life Rewards Account, please email your request to MGM at email@example.com. To otherwise exercise any rights or request information related to your M life Rewards Account, please contact MGM’s M life Rewards Member Services at firstname.lastname@example.org.
- State Specific Opt-Out Rights
Nevada Residents Only. Nevada law gives consumers in Nevada the right to restrict certain businesses from selling certain personal information to unaffiliated third parties if those third parties will license or sell such personal information to additional third parties. To exercise this right (for Nevada residents only), please click https://privacyportal-cdn.onetrust.com/dsarwebform/4ba99d5f-d34f-467f-b12c-b3e355bd58d5/789f8c61-bfb8-4bb4-bb01-5b374a443e17.html, follow the instructions and provide the requested information including your complete name, street address, city, state, zip code, and email address. California Residents Only - Your California Privacy Rights. California law requires certain businesses to respond to requests from California residents asking about the disclosure of personal information to third parties for third party marketing purposes. Alternately, such businesses may adopt a policy of not disclosing personal information to third parties for marketing purposes if a California resident has opted-out of such information sharing. We have adopted an opt-out policy. If you wish to opt-out of our sharing your personal information with third parties for marketing purposes, please follow the instructions in Section II(E) above. The California Consumer Privacy Act of 2018 as amended and including any regulations adopted by the California Attorney General (collectively, “CCPA”) grants new privacy rights to California residents effective January 1, 2020. One such right is the right to opt-out of the sale of Personal Information to certain third parties. To learn more about the CCPA, including how California residents can opt-out of the sale of their personal information to third parties, please see Section III below.
III. CCPA RIGHTS – APPLICABLE ONLY TO CALIFORNIA RESIDENTS
If you are a California resident, you have the right to (A) know what categories of personal information we have collected about California consumers during the preceding 12 months, including the categories of sources from which that information was collected, the business or commercial purpose for which it was collected, and the categories of third parties with whom the information was shared (see Section III.A. below); (B) request to know what personal information we have collected, used, disclosed, and sold about you during the preceding 12 months (see Section III.B. below); (C) request that we delete your personal information (see Section III.C. below); and (D) opt-out of the sale of your personal information to third parties (see Section III.D. below). These rights, which are discussed more fully below, are subject to some important exceptions, which are intended, among other things, to protect the integrity and privacy of your personal information. You have the right not to be discriminated against for exercising your CCPA rights. You also have the right to designate an authorized agent to exercise your CCPA rights on your behalf.
If you need information on how to exercise your CCPA rights in an alternative, accessible format due to a disability, please send an email with your name and contact information to email@example.com.
- CATEGORIES OF PERSONAL INFORMATION COLLECTED
Below are the categories of personal information we have collected about California consumers related to the BetMGM App during the preceding 12 months, including the categories of sources from which that information was collected, the business or commercial purpose for which it was collected, and the categories of third parties with whom the information was shared.
Categories of Sources from Which Information Was Collected Information You Provide Directly to Us Categories of Personal Information Collected Personal identifiers including name, e-mail address, postal mail address, telephone number, and date of birth; legally protected characteristics including gender; commercial information including your gaming and business transactions; audio, visual, and biometric-related information Business or Commercial Purposes for Which Information Was Collected Provide the BetMGM App; assess and improve the BetMGM App; track your use of the BetMGM App; create and update customer profiles; determine your eligibility for credit and offers; internal market research and analytics; notify you about promotions and special offers; generate statistical studies; security and safety; protect our rights or property; respond to your inquiries; perform background checks; process financial transactions Categories of Third Parties with Whom Information Was Shared Third party service providers; third party business partners; government-related entities; credit reporting agencies; data analytics providers
Categories of Sources from Which Information Was Collected Information Automatically Collected Through Our Cookies and Tracking Technology Categories of Personal Information Collected Personal identifiers including internet protocol address; internet or other similar network activity such as browsing history and search history; geolocation data; inferences drawn from online behavior Business or Commercial Purposes for Which Information Was Collected Provide the BetMGM App; assess and improve the BetMGM App; track your use of the BetMGM App and our websites and mobile apps; create and update customer profiles; internal market research and analytics; protect our rights or property; security and safety Categories of Third Parties with Whom Information Was Shared Third party service providers; third party business partners; digital advertising providers; internet service providers; operating system and platform providers; government-related entities
Categories of Sources from Which Information Was Collected Information obtained from other sources, including from service providers, third party services, business partners, and government-related entities Categories of Personal Information Collected Personal identifiers; legally protected characteristics; commercial information; geolocation information; audio, visual, and biometric-related information, physical characteristics or descriptions Business or Commercial Purposes for Which Information Was Collected Provide the BetMGM App; assess and improve the BetMGM App; track your use of BetMGM App; create and update customer profiles; internal market research and analytics; generate statistical studies; security and safety; protect our rights or property; respond to your inquiries; perform background checks; process financial transactions; detect security incidents Categories of Third Parties with Whom Information Was Shared Third party service providers; third party business partners; government-related entities
Categories of Sources from Which Information was Collected Information Was Collected Information We Automatically Collect Through Our Mobile Apps Categories of Personal Information Collected Personal identifiers; internet or other similar network activity; geolocation data; inferences drawn from personal information; identity authentication based on biometric-related information Business or Commercial Purposes for Which Information Was Collected Provide the BetMGM App; assess and improve the BetMGM App; track your use of the BetMGM App and our mobile apps; create and update customer profiles; security and safety; protect our rights or property; internal market research and analytics Categories of Third Parties with Whom Information Was Shared Third party service providers; third party business partners; digital advertising providers
Categories of Sources from Which Information was Collected Information Was Collected Other Information We Collect Related to Your Gaming and Purchase History and Interactions with Us Categories of Personal Information Collected Personal identifiers; commercial information; inferences drawn from personal information Business or Commercial Purposes for Which Information Was Collected Provide the BetMGM App; assess and improve the BetMGM App; track your use of BetMGM App; create and update customer profiles; notify you about promotions and special offers that may be of interest to you; predict your preferences, interest and future gaming and spending activity Categories of Third Parties with Whom Information Was Shared Third party service providers; third party business partners; governmental-related entities
- REQUESTS TO KNOW ABOUT YOUR PERSONAL INFORMATION
You have the right to request that we disclose to you, for the 12-month period preceding the date we receive your request, the following: (1) the categories of personal information we have collected about you, (2) the categories of sources from which personal information was collected about you, (3) the business or commercial purpose for which your personal information was collected or sold, and (4) the categories of third parties to whom we have sold or disclosed your personal information. In addition, you have the right to request that we disclose to you the specific pieces of personal information we have about you. If you are a California resident, and wish to request this information, please click https://privacyportal-cdn.onetrust.com/dsarwebform/4ba99d5f-d34f-467f-b12c-b3e355bd58d5/14c6c195-4e88-4b9a-b445-2e0c4bb66803.html or call 1-844-604-4423 and indicate that you wish to request this information and provide the identifying information requested. All requests are subject to verification of your identity to protect the privacy and security of your personal information. We are required to fulfill these requests no more than twice within a 12-month period.
- REQUESTS TO DELETE YOUR PERSONAL INFORMATION
You have the right to request that we delete your personal information, subject to certain exceptions such as our need to comply with legal obligations, fulfill orders, complete transactions, etc. If you are a California resident, and wish to request deletion of your personal information, please click https://privacyportal-cdn.onetrust.com/dsarwebform/4ba99d5f-d34f-467f-b12c-b3e355bd58d5/14c6c195-4e88-4b9a-b445-2e0c4bb66803.html or call 1-844-604-4423 and indicate the at you wish to delete your personal information and provide the identifying information requested. All deletion requests are subject to verification of your identity. If we verify your request, we will also instruct our service providers (if any) to delete your personal information from their records, subject to applicable legal requirements.
- REQUESTS TO OPT-OUT OF SALE OF YOUR PERSONAL INFORMATION
You have the right to opt-out of having your Personal Information sold to third parties. In the past twelve (12) months, Roar has not sold any Personal Information to third parties with respect to the Services or any Wagering Account. If we decide to sell Personal Information in the future, we will update this Policy and the Services to make those rights available to you. Even though we do not currently sell any Personal Information, if you are a California resident and wish to opt-out of any future sale of your Personal Information to third parties, please click https://privacyportal-cdn.onetrust.com/dsarwebform/4ba99d5f-d34f-467f-b12c-b3e355bd58d5/14c6c195-4e88-4b9a-b445-2e0c4bb66803.html or call 1-844-604-4423 and indicate that you wish to opt-out of any future sale of your Personal Information to third parties and provide your identifying information as requested. Please note that even if you opt-out of the future sale of your Personal Information, we may still (1) share your Personal Information with service providers and other entities for business purposes consistent with the CCPA, and (2) share your Personal Information in connection with certain business transactions consistent with Section II above.
- VERIFICATION PROCEDURES
In order to verify requests made pursuant to the CCPA, we may require at least two (2) pieces of identifying information that match information maintained by us. In some cases, we may require additional identifying information and a signed declaration attesting to your identity. In situations where we receive a request from an authorized agent on your behalf, we may require written proof that the agent is, in fact, authorized to act on your behalf and we may take additional steps to verify your identity and the authorized agent’s identity. A request to opt-out pursuant to Section III.D. above need not be verified. However, if we have a good-faith, reasonable basis to believe that an opt-out request is fraudulent, we may deny the request and provide an explanation of the reason for the denial.
In certain circumstances, we may decline a request to exercise the Right to Know (III.B) or Right to Delete (III.C) described above, particularly where we are unable to verify your identity. If we are unable to comply with all or a portion of your request, we will explain the reasons for declining to comply with the request.
Non-gaming information and non-live gaming data collected by us through the Services is stored on secure servers located in the United States. Internet wagering and live game play data collected by us through the Services is stored on secure servers located in Indiana. Our Indiana and other United States-based servers may not offer a level of privacy protection as great as that offered in other jurisdictions. We make no representation that the practices described in this Policy are compliant with laws outside of the United States.
Our servers are protected by firewalls and other industry standard security measures. These security measures are intended to protect our servers from unauthorized access. However, no security system is impenetrable, and these systems could become accessible in the event of a security breach. We have controls in place that are designed to detect potential data breaches, contain and minimize the loss of data, and conduct forensic investigations of a breach.
Our staff is required to take reasonable measures to ensure that unauthorized persons cannot view or access your personal information. Employees who violate our privacy policies are subject to disciplinary action, up to and including termination of employment.
We cannot enforce or control the security of the computers, electronic devices, or electronic communication method that you may use to send e-mails and submit information to us over the Internet. You are responsible for ensuring that the computers, electronic devices and electronic communication methods you use will provide adequate security for communicating with us. We are not responsible for the disclosure or interception of information that you send us before we receive it.
As a standard security practice, we will take reasonable steps which are generally recognized in the industry to ensure that the communication methods used to support the Services do not permit connection or communication by methods that have known security weaknesses or vulnerabilities. As such, if you experience trouble using the Services, it may be an indication that you need to upgrade your Internet browsing tool or application to a newer version that supports more secure communication methods.
In situations where your personal information is collected by third parties under contract with us for performance of their contractual duties and other purposes, we require such third parties to exercise reasonable care to protect that information and restrict the use of your personal information to the purposes for which it was provided. When we share your personal information with MGM Affiliates or third parties in accordance with this Policy, we require them to exercise reasonable care to protect such information and restrict the use of such information to the purposes for which it was provided to them.
V. ACCESS TO PERSONAL INFORMATION
We will retain the information we collect about you as long as your Account is active. When your Account is terminated, we will retain your personal information for as long as necessary to comply with our legal and regulatory obligations, resolve disputes, reasonably manage our business, and enforce contractual agreements. You may access, update, and correct inaccuracies in your personal information which is in our custody and control by visiting the location where you registered for your Account or another MGM Resorts International designated location.
VI. OTHER WEB SITES
We are not responsible for the information collection or privacy practices of other web sites, including web sites accessible through the Services. You should review and understand the privacy policies posted on any linked sites you visit before using those sites or providing any personal information on them.
VII. INTERNATIONAL TRANSFERS
Information collected on the Services may be stored and processed in any country in which we or our affiliates, suppliers, third-party electronic payment processors and/or financial institutions or agents maintain facilities. By using the Services, you expressly consent to any transfer of information outside of your country (including to third countries that may not have been assessed as having adequate privacy laws). Nevertheless, we take steps to ensure that our agents, affiliates and suppliers comply with our standards of privacy regardless of their location.
VIII. PERSONS UNDER 21
The Services are for use by persons 21 or older. If you are under 21, you may not access, attempt to access, or use the Services. We do not knowingly collect or allow the collection of personal information via the Services from persons under 21.
IX. CHANGES TO THIS POLICY
We may revise this Policy from time to time in our sole discretion. We will notify you of any material revisions by sending you an e-mail and/or by placing notice of the revised Policy on the Services or any place through which you access the Services. For material changes to the Policy, you may be required to acknowledge acceptance of such change. For non-material changes, or changes approved by the Indiana Gaming Commission where an acknowledgement is not required, your continued access or use of the Services following any amendments to the Policy constitutes your acceptance of the Policy as amended. It is your sole responsibility to review the Policy and any revisions thereto each time you use the Services.
Updated: June 17, 2020.