Notice Scope, Sources & Data Collected
Platform Interactions, Social Media & Financial Data
Protection of Minors & Sensitive Information
Purpose, Lawful Bases & Internal Use of Data
Data Sharing, Corporate Mergers & Legal Disclosures
Your GDPR Rights & Identity Verification Protocols
Marketing Controls, Targeted Ads & Consent Toggles
Cookies & Advanced Tracking Typologies
Preference Governance, Opt-Outs & Script Lifespans
Policy Updates, Enquiries & Regulatory Escalation

1. Scope and Framework of this Privacy Notice

1.1 Purpose of Notice: This Privacy Notice (“Notice”) details the strict policies and operational protocols deployed by MMD 4 Island Ltd. (“Prizino”, “the Company”, “We”, “Us”, “Our”) regarding the collection, processing, storage, sharing and protection of your personal information (“Personal Data”). This Notice applies to any natural person who interacts with the Prizino platform, website, or associated services as a consumer or player (“you”, “your”).

1.2 Data Controller Identity: For the purposes of applicable data protection legislation—including the European Union General Data Protection Regulation (GDPR) and the Irish Data Protection Acts—the legal data controller is MMD 4 Island Ltd., a company registered in Ireland under company registration number 486198, with its registered corporate office located at 10 Proudstown Road, Navan, Co. Meath, Ireland.

1.3 Omnichannel Aggregation: This Notice covers all digital, automated, telephonic, electronic and physical offline data collection streams. We may aggregate and cross-reference Personal Data collected across distinct channels (such as combining offline event attendance records with active Website account telemetry or promotional partner files) to validate player eligibility and ensure platform security.

1.4 Mandatory Nature of Data: Where the collection of specific Personal Data is required by statutory law or to fulfil our commercial contract with you (e.g., age validation or payment routing), this will be clearly indicated on our registration interfaces. Failure to provide mandatory data will result in the immediate rejection of your registration, entry, or prize claim.

2. Sources of Personal Data Collection

We extract, receive and log Personal Data through a variety of official touchpoints, explicitly restricted to the following channels:

• 2.1 Main Web Interfaces: The primary Prizino website (prizino.com), including associated individual Competition landing pages, account registration windows and micro-sites or canvas portals hosted within third-party social communication networks.
• 2.2 Mobile Infrastructure: Mobile-optimised web applications, smartphone apps and localised digital tablets operated by or for the Company.
• 2.3 Electronic Communications: User interactions with official email dispatches, short-message-service (SMS) text cycles and targeted push notifications.
• 2.4 Customer Care and Technical Support: Live text chat logs, automated digital assistant inputs, customer support portal tickets and recorded telephone conversations with our operations team.
• 2.5 Strategic Advertising Infrastructure: Tracking pixels, analytical cookies and user engagement logs derived from your interactions with Prizino advertising campaigns deployed across third-party websites or ad networks.
• 2.6 Derived Internal Telemetry: Operational records generated natively by the system during your platform lifecycle, including payment logs at "The Mint," Tokenz allocations, Dimenz conversion activities and passive Prizino Reward Point accruals.
• 2.7 Third-Party External Channels: Authorised data streams supplied by social media networks (e.g., Facebook, Google Sign-In metadata), corporate promotional partners, anti-fraud identity verification agencies and legally accessible public registries.

3. Categories of Personal Data Processed

Depending on the nature of your interaction with the Platform, we gather and process the following specific categories of information:

3.1 Personal Contact and Demographic Metadata

• 3.1.1 Contact Fields: Full legal name, current physical residential address, regional Eircode or Postcode, primary email address, mobile or landline telephone numbers and social media profile identities.
• 3.1.2 Demographic Markers: Date of birth, verified age range, gender designation and localised geographic routing coordinates.

3.2 Platform Security and Account Credentials

• 3.2.1 Authentication Tokens: Unique user identification tags, customised screen names, account passwords encrypted via secure, unrecoverable cryptographic hashes and designated account recovery verification metrics.

3.3 Technical Telemetry and Device Diagnostics

• 3.3.1 Network Identifiers: Internet Protocol (IP) address logs, unique device identification tags (UDID), media access control (MAC) values and advertising identifiers (e.g., IDFA/GAID).
• 3.3.2 Environment Analytics: Operating system architectures, web browser types, version histories, language configurations and precise device-level geolocation data where explicitly authorised via your device permissions.

4. Technical Tracking, Usage Analytics and Interaction Metrics

4.1 Automated Data Harvesting: When you navigate our Websites, open our newsletters, or interact with our digital entry screens, we deploy automated data collection technologies to record your actions. This metric tracks clicked hyperlinks, page view durations, device response times, download errors and system latency telemetry.

4.2 Analytics and Targeted Advertising Frameworks: These background statistics are captured using operational tracking mechanisms, including tracking pixels, web beacons and first-party cookies. This includes integration with third-party advertising and performance platforms (such as Google Analytics, Google Tag Manager and associated remarketing tools). These scripts track marketing attribution and platform efficiency. You retain an absolute right to control, mask, or opt out of non-essential analytical cookies via our dedicated cookie consent dashboard.

5. Qualitative Feedback and User-Generated Media Content

5.1 Market Research and Voluntarily Disclosed Data: We collect and archive qualitative details that you voluntarily submit regarding your consumer experience, platform reviews, interface feedback, or suggestions for future prize structures.

5.2 User-Generated Content (UGC) Processing: If you upload multimedia files directly to the Platform or tag our official handles on third-party social networks, we capture and process those assets. This category explicitly includes personal photographs, video recordings, audio bytes and winner experience stories.

• 5.2.1 Promotional Publication: Where contractually permitted under our Terms and Conditions, this data is processed to manage live-stream broadcasts, fulfil transparency audits and execute worldwide marketing campaigns.
• 5.2.2 Right of Exclusion: We do not knowingly process or publish UGC depicting minors under any circumstances.

6. Third-Party Social Network Integrations

6.1 API Data Sharing: If you log into the Platform utilising a third-party single sign-on authentication service (such as Google Sign-In or Facebook Connect) or interact with a Prizino micro-app hosted within a social network, we capture authorised data points transmitted via that network's Application Programming Interface (API).

6.2 Scope of Social Profile Data: This data pool routinely includes your basic network account details: full name, profile email address, gender designation, birthday, location coordinates, public profile picture and unique network user identification tags. You can directly alter or revoke this data-sharing mapping at any time by editing the privacy permissions within the application settings of your respective third-party social media provider.

7. Financial Transactions and Telephonic Communications

7.1 Payment and Financial Security at "The Mint": To fulfil digital token orders, process currency conversions, or facilitate a user "Cashout" request, we collect specific financial metadata.

• This data incorporates the cardholder's legal name, partial account numbers, expiration dates and specialised transaction tokens.
• All cardholder data routing is managed in strict alignment with the Payment Card Industry Data Security Standard (PCI DSS). Full, raw credit/debit card numbers or CVV codes are never stored on Prizino's local servers.

7.2 Customer Support and Call Recording Monitoring: Inbound and outbound telephonic communications with our support operators or live game show intake desks may be monitored and recorded.

• These recordings are retained strictly for operational training, user auditing and quality control verification.
• In complete alignment with PCI DSS regulations, payment card details or financial authentication codes are completely excluded from voice recording logs.

8. Processing of Special Category (Sensitive) Personal Data

8.1 General Prohibition on Extraction: We do not actively request or process Special Category Personal Data (as defined under GDPR Article 9, including data revealing racial origin, political opinions, religious beliefs, or health diagnostics) during the ordinary course of platform operations.

8.2 Legal Carve-Outs for Sensitive Processing: Where it becomes contractually or legally necessary to parse sensitive details, we execute such processing strictly under the following mandatory legal bases:

• 8.2.1 Explicit Consumer Consent: Where you voluntarily choose to share sensitive background anecdotes during a live broadcast, user feedback loop, or target marketing application.
• 8.2.2 Crime Detection, Fraud Prevention and Platform Integrity: To perform anti-fraud validation checks, track multi-account abusers, or prevent financial exploitation of "The Mint" transaction nodes.
• 8.2.3 Statutory Regulatory Compliance: To fulfil state-level diversity reporting, broadcast code audits, or mandatory regulatory requests issued by Irish, UK, or European statutory authorities.

9. Strict Protection of Minors and Children’s Data

9.1 Prohibition on Direct Collection: The Platform is strictly reserved for individuals aged eighteen (18) years or older. We do not knowingly solicit, harvest, or process Personal Data directly from minors under the age of 18. If our compliance team discovers that a minor has bypassed our account verification gates and provided data unintentionally, all associated records, Tokenz balances and account logs will be completely and permanently purged from our active databases without delay.

9.2 Parent or Guardian Mediated Exceptions: We may only process data concerning a minor if it is supplied directly by a verified parent or legal guardian who has provided unambiguous, explicit written consent. This operational carve-out is strictly limited to the distribution of specific family-focused prizes or promotional rewards won by an adult account holder, or where required to fulfil statutory diversity and production reporting.

10. Local Storage Diagnostics: Cookies, Log Files and Tracking Metrics

10.1 Cookie Governance: We utilise tracking cookies to manage user login states, secure "The Mint" transaction gateways and remember analytical preference settings. Detailed operational definitions, third-party script lists and cookie expiration timelines are published separately within our dedicated [Hyperlink: Cookie Policy]. Users retain the statutory right to block non-essential cookies at any time via our consent dashboard.

10.2 Server Log File Architecture: Our network infrastructure automatically compiles standard diagnostic text data in the form of secure server log files. These logs capture background interaction milestones, including your masking IP addresses, regional internet service provider (ISP) parameters, browser agent identities, operating system timestamps and referring/exit page sequences. This data is leveraged strictly for:

• Troubleshooting code compilation errors and system bugs;
• Optimising server performance to decrease video streaming latency;
• Detecting and neutralising automated forms-fillers, scraping scripts, or multi-account bot attacks.

10.3 Web Beacon and Tracking Tag Audits: We integrate small graphic strings of code known as web beacons, clear GIFs, or tracking tags within our digital prize listings and promotional email campaigns. These tags transmit real-time telemetry back to our analytics platforms to track user engagement. This structural diagnostic monitors data points such as the exact millisecond an email was accessed, inside-mail link click maps and marketing attribution pathways to assist with platform personalisation and layout optimisation.

11. Purpose and Lawful Bases for Processing Personal Data

Under European Union and Irish data protection laws, we must possess a specific lawful basis for every processing action we execute. The matrix below details the core operational purposes for which we handle your data, along with the required legal pillars under GDPR Article 6:

• 11.1 Platform Contract Performance: We process your contact information, account credentials and billing telemetry because it is strictly necessary to perform our contract with you. This includes establishing your Prizino profile, hosting live draw pools, facilitating Tokenz or Dimenz digital balances and delivering won physical merchandise from our Prizino Partners.
• 11.2 Legal and Regulatory Obligations: We process your identity documentation, age markers and telecommunication logs to satisfy mandatory statutory duties. This includes performing anti-money laundering checks on high-value Cashouts, verifying your legal age threshold (18+) and generating transparency data required by consumer protection regulators like the ASAI or ComReg [C3, C4].
• 11.3 Our Legitimate Interests: We process technical telemetry, web beacon metrics and user feedback where it aligns with our legitimate business interests, provided these do not override your fundamental privacy rights. This includes monitoring platform cybersecurity, executing anti-fraud audits, tracking passive Prizino Reward Points and managing live broadcast sets.
• 11.4 Explicit Customer Consent: We rely on your voluntary, active consent to activate direct marketing subscriptions, deploy non-essential advertising cookies, or feature your user-generated photographs and video clips within our worldwide streaming media promotions.

12. Operational Applications of Your Personal Data

We deploy your Personal Data across specific administrative and promotional channels, restricted to the following business use cases:

12.1 Consumer Support and Customer Care Management

We process your personal contact fields and technical communication histories to resolve system questions, troubleshoot code errors, handle balance discrepancies and respond to platform complaints. This processing is executed on the legal basis of Platform Contract Performance.

12.2 Competitions, Targeted Marketing and Digital Campaigns

Unless you have actively executed an opt-out request, we process your data to deliver marketing updates, seasonal promotional announcements and platform newsletters via email, SMS, telephone and targeted push alerts. This data handling is voluntary and based entirely on your Explicit Consumer Consent. You possess an unconditioned right to withdraw your consent at any moment via the opt-out mechanics detailed in Section 15.

12.3 Automated Profile Personalisation and Targeted Ad Delivery

Where authorised under your cookie settings or profile permissions, we track your interaction habits and analytical metadata to:

• Optimise the rendering of video streams and platform graphics for your specific mobile or desktop hardware;
• Deliver targeted advertising banners, seasonal promotions and personalised prize recommendations tailored to your behavioural interests;
• Securely cache your screen name, account login IDs, or active unredeemed items left within your inventory cart to facilitate rapid, friction-free return visits.

12.4 Order Fulfilment, Balance Security and Identity Verification

We process transaction telemetry and personal identifiers to execute digital token purchases at "The Mint," process balance transfers, manage the 14.7% gross fee calculations during Cashout cycles and dispatch physical merchandise won through our Prizino Partners. This operational loop includes mandatory, background identity validation checks to catch money laundering, trace unauthorised script tools and protect the system from security breaches.

12.5 Single Account Reconciliation and Deduplication Audits

To protect the fairness of our draws and enforce the strict market limitations outlined in our core Terms and Conditions, we reserve the absolute right to run background deduplication audits. If our system discovers that a single individual or household has generated multiple platform profiles, we will reconcile and merge those tracking metrics into one singular master account, or permanently close the duplicate profiles.

13. Disclosures and Transfers due to Legal Actions or Corporate Restructuring

13.1 Corporate Successorship: In the event that the Company undergoes a structural merger, asset acquisition, corporate sale, or asset liquidations arising from a bankruptcy proceeding, your accumulated Personal Data will be transferred to our legal corporate successors as an integrated business asset.

13.2 Mandatory Statutory Disclosures: We reserve the unconditioned right to disclose your Personal Data to external third parties, state bodies, or judicial entities without your consent if required by applicable law, including but not limited to:

• Responding to formal subpoenas, judicial warrants, or active court proceedings;
• Complying with statutory requests issued by a competent law enforcement agency or the police (An Garda Síochána);
• Protecting the safety, property, network uptime and legal rights of the Company, our staff, our consumers, or the public;
• Enforcing our master Terms and Conditions or investigating a suspected breach of platform security.

14. Authorised Disclosures of Personal Data to Third-Party Organisations

We do not rent, license, or sell your Personal Data to external third-party entities for their own commercial advertising use unless you have provided explicit, unambiguous opt-in consent. We do, however, share your data with carefully vetted categories of external contractors to facilitate platform execution:

14.1 Technical and Logistical Service Providers

These are carefully selected external corporate entities bound by strict confidentiality data processing agreements (DPAs). They process data solely on our behalf under our explicit instructions and are forbidden from using your data for secondary purposes. This ecosystem incorporates:

• Payment processing gateways managing secure transactions at "The Mint";
• Anti-fraud compliance agencies and third-party identity verification hosts;
• Server infrastructure providers, network delivery networks (CDNs) and database engineers;
• Independent random number generator (RNG) verification companies and draw auditing partners;
• Email distribution engines, SMS communication gateways and target market segmentation agencies.

14.2 Specialised Prizino Partners and Sponsors

To execute physical prize delivery, your verified contact details, shipping coordinates and prize transaction history will be shared directly with the specific Prizino Partner or commercial vendor responsible for manufacturing, warehousing and dispatching that specific physical reward asset.

14.3 Debt Collection and Credit Management Agencies

To the extent permitted by applicable Irish and European laws, if a User initiates unauthorised chargebacks, engages in transactional gateway fraud, or runs an uncollected financial deficit at The Mint, we may transmit their contact details and platform financial records to external debt recovery specialists and legal counsel to secure restitution.

15. Your Statutory Data Subject Rights Under the GDPR

Under the General Data Protection Regulation (GDPR) and the Irish Data Protection Acts, you possess comprehensive, non-excludable statutory rights regarding the processing of your Personal Data. You may execute any of the following rights at any time without charge:

• 15.1 Right of Access (Subject Access Request): You have the right to request clear confirmation as to whether we process your data, receive a comprehensive structural map of our processing activities and request a secure physical or electronic copy of all information held about you.
• 15.2 Right to Rectification: You have the right to demand the immediate correction, updating, or completed refinement of any inaccurate, outdated, or incomplete Personal Data linked to your account.
• 15.3 Right to Erasure (The Right to be Forgotten): You have the right to request that your complete data record be permanently expunged from our active servers.

• Account Interdependency: You acknowledge that deleting core contact arrays will automatically result in the permanent closure of your user account, the forfeiture of unspent Tokenz or Dimenz and the erasure of your Prizino Reward Points history.
• Statutory Retention Overrides: We are legally permitted and contractually required to retain specific transaction data subsets (e.g., payment logs at "The Mint" for Irish Revenue auditing or anti-money laundering checks on high-value Cashouts) even after a deletion request has been formally processed.

• 15.4 Right to Restriction of Processing: You have the right to limit how we use your data (freezing active processing while maintaining simple storage) if you challenge the accuracy of the information or object to our legitimate business interests.
• 15.5 Right to Data Portability: You have the right to request that we export your contact fields and profile telemetry into a structured, commonly used, machine-readable digital format (such as a CSV or JSON file) to transfer to another service provider.
• 15.6 Right to Object to Processing: You hold an unconditioned right to object to data processing executed under our legitimate interests based on your individual personal situation. Furthermore, you possess an absolute, unconditioned right to object to the processing of your data for direct marketing and consumer profiling.
• 15.7 Right to Withdraw Consent: Where data processing relies on your voluntary choice (such as marketing opt-ins or multimedia broadcast releases), you have the right to withdraw your consent instantly.

16. Protocols for Executing Rights and Verifying Identity

16.1 Submission Points: To formally execute a statutory data right, you must transmit your explicit request through the official contact portal at Prizino.com/Care or via registered post to: MMD 4 Island Ltd., C/O Prizino, 10 Proudstown Road, Navan, Co. Meath, C15X6F9, Ireland.

16.2 Security Identity Checks: To insulate our community against identity theft and unauthorised data leaks, you must pass our security validation protocols before data access is granted.

• If editing details natively within your account dashboard, you must verify your live login credentials.
• If submitting an external request via post or email, we may require you to upload a valid form of photographic identification or provide a utility statement matching your registered residential coordinates.
• Requests filed by third-party agencies or legal representatives will be rejected instantly unless accompanied by a legally verified Power of Attorney document.

17. Granular Consumer Control and Marketing Choices

We provide you with clear, toggle-based configuration options to manage your information directly through the following automated tools:

• 17.1 Analytical and Advertising Cookies: You can manage, reject, or modify your cookie tracking permissions at any moment via our centralised consent management banner. To block tracking across wider systems, configure your browser settings to alert you or automatically dump tracking files.
• 17.2 Disabling Marketing and Communications: You can toggle your preference switches inside your account configuration dashboard or follow the "Unsubscribe" hyperlink in our emails. To stop mobile campaigns, reply "STOP" to our SMS short-code numbers.
• Administrative Transaction Exceptions: Opting out of marketing networks will not block critical transactional notifications. You will continue to receive automated emails regarding digital token purchases, cashout status receipts, password reset tokens and legal policy updates.
• 17.3 Disabling Profile Personalisation: If you no longer wish to receive customised prize recommendations or tailored page content, you can opt out by transmitting an administrative request to Prizino.com/Care.
• 17.4 European Targeted Advertising Opt-Outs: To block targeted third-party interest-based advertising campaigns across the wider internet from ad providers participating in self-regulatory programs, visit the European Interactive Digital Advertising Alliance (EDAA) via www.youronlinechoices.eu. To lock down location telemetry on mobile apps, alter the location permission sliders inside your device operating system settings (iOS/Android).

18. Structural Revisions to this Privacy Notice

The Promoter reserves the absolute right to update its internal processing behaviours and modify this Privacy Notice at any moment to reflect platform upgrades, structural currency changes, or new regulatory compliance rules. Any alterations will be made transparent by updating the timestamp at the foot of this page. Users are advised to review this document frequently to audit active data harvesting policies.

19. Statutory Contact, Inquiries and Regulatory Escalation

19.1 Primary Compliance Channel: If you have an inquiry, feedback regarding our privacy infrastructure, or wish to log a complaint concerning data management, contact our compliance team directly via Prizino.com/Care or by physical post to our registered head office address: MMD 4 Island Ltd., C/O Prizino, 10 Proudstown Road, Navan, Co. Meath, C15X6F9, Ireland.

19.2 Direct Regulatory Escalation: We strive to address all data concerns internally through a good-faith resolution process. However, you retain an absolute statutory right to bypass our internal team and lodge a formal regulatory complaint directly with the national supervisory authority. In Ireland, this is the Data Protection Commission (DPC), accessible at www.dataprotection.ie.

1. Scope and Definition of Tracking Technologies

1.1 What are Cookies?: Cookies are small, secure text files deposited onto your computer, smartphone, or tablet by websites that you visit. On subsequent returns, these files are transmitted back to the originating domain (or a recognised third-party server) to verify your device state. They are deployed to ensure digital infrastructures function seamlessly, accelerate platform performance and deliver telemetry metrics to the site operators.

1.2 Extended Technology Grouping: Throughout this document, the term "cookie" encompasses all related background tracking mechanisms. This explicitly includes web beacons, clear GIFs, tracking pixels, server log diagnostics and mobile Software Development Kits (SDKs) utilised within our applications [10.3, 11.3].

2. Typologies of Cookies Deployed on Prizino

We organise our background tracking scripts into distinct operational classes. While the specific third-party partners we deploy may change over time, all scripts fall under these categories:

• 2.1 Strictly Necessary (Site Functionality) Cookies: These files are technically essential to navigate the Website and enforce secure user states. They manage your persistent login identity, protect token transaction flows at "The Mint," process the 14.7% gross fee calculations during Cashout cycles and track your active, unredeemed item inventory.
  • Legal Status: These cookies do not require prior consumer consent. If you block them via your browser hardware configurations, primary layers of the Platform will immediately fail to execute.
• 2.2 Site Performance and Analytical Cookies: These scripts allow us to measure, analyse and aggregate data regarding how consumers interact with our web assets and mobile platforms. We leverage this data (including Google Analytics telemetry) to track software bugs, analyse page loading times and decrease video streaming latency for live show formats [4.2].
• 2.3 Customer Preference (Functional) Cookies: These cookies record the choices and data inputs you actively provide to the Platform (such as your regional Eircode formatting, language configurations, or dark-mode preferences). They allow the interface to remember your profile settings, removing the friction of repetitive re-entry on your subsequent visits.
• 2.4 Advertising or Behavioural Targeting Cookies: These tracking scripts map your online behaviour across Prizino and non-affiliated digital platforms over time. They are deployed to build demographic profiles, deliver relevant advertising banners, restrict how many times you encounter an individual ad and evaluate marketing campaign efficiency. We may transmit this parsed tracking data to our marketing partners and media agencies.
• 2.5 Integrated Social Media Cookies: These cookies deploy when you interact with integrated social networking features (such as utilising Google Sign-In or Facebook Connect, or clicking social share buttons). The respective social network will log your interaction data and may link this information back to their internal marketing and targeting networks [6.1, 6.2].

3. Consent Architecture and Preference Governance

3.1 Prior Consent Requirement: In absolute compliance with European data protection frameworks, any non-essential tracking technologies (encompassing Analytics, Preferences, Advertising and Social Media cookies) will remain blocked by default until you provide explicit, unambiguous consent via our interactive cookie banner.

3.2 Granular User Choice: You are under no contractual obligation to accept tracking scripts to play our games or browse our prize lists. Our consent interface provides granular, individual toggle configurations allowing you to accept or reject specific cookie classes independently.

3.3 Browser-Level Mitigation Overrides: Beyond our built-in dashboard, you can alter your cookie settings directly inside your web browser (e.g., Google Chrome, Apple Safari, Mozilla Firefox). You can configure your browser to reject all third-party cookies, clear cookies automatically when shutting down an active tab, or signal an alert whenever a tracking beacon attempts to lodge on your machine.

4. Technical Lifespans and Policy Amendments

4.1 Script Durations: The tracking assets running on the Platform possess varying lifespans. We utilise:

• Session Cookies: Temporary trackers that are instantly deleted from your hardware device cache the moment your web browser is closed.
• Persistent Cookies: Long-term trackers that remain stored inside your device registry for a fixed window (ranging from ninety (90) days up to two years), or until you manually clear your local browser history files.

4.2 Notice Revisions: The Promoter reserves the right to modify, amend, or restructure this Cookie Notice at any moment to account for new tracking scripts, partner integrations, or changing data protection rulings. Any adjustments will be published instantly on this page; users are advised to check this node regularly to monitor our live technical configurations.