When you use our services through the Website, or by sending us an SMS, or by using our USSD system, we collect the following information:
Openly collected from you
When creating a user account, you provide your phone number and (optional) your e-mail address and other data (also optional). The phone number you provide to be used to uniquelly identify your account and to perform its optional activation.
We might also use your phone number and other data provided by you voluntarily to send notifications on the functioning of the Website (including the notifications required by law), news about the Website and our services, information on products and services included on the Website, as well as for other marketing purposes).
You may cancel receiving marketing related notifications at any moment by logging in to your customer account and using the cancel link contained therein.
After creating an account you can complete your profile with the following data: first name, last name, address of residence, date of birth, email address. This information is used to improve the process of win notifications, payments, deposits and withdrawals, for Website customizations (including personalisation of notifications).
We also reserve the right to keep a registry of data willingly provided to us by users contacting us through the contact form, a telephone conversation, Facebook, Twitter and other social media platforms, or other means of contact, including: name, e-mail address or phone number.
Providing your name and e-mail address is necessary to send a message through the contact form on the website.
When a customer contacts us through social media, we will make our best effort to respond to them. Nevertheless, we reserve the right to not respond to messages sent via social media. For information on data collection by the various social media platforms, we suggest that you read their respective terms and conditions and privacy policies.
If a customer makes a payment via credit card, we will securely process payment card data (number, expiration date, first and last name of the holder, CVV code) in order to carry out the payment card payment process. CVV codes will onöy be used for a single transaction, and the CVV code will not be stored in our system, for your security.
Not collected openly
When you use the Website, we automatically collect specific information and use it to handle the Website’s main features, customize the Website (including Notifications), monitor the incoming traffic and maintain security. It includes, among others:
Your IP address
Headers sent by the browser, especially “User-Agent”, “Accept-Language” and “Referer” which contain such information as: type, version and language of the browser, type and version of the operating system and the web address the Website was found through.
Cookie files saved in the lottopawa.co.ke domain or subdomains
We might also use the user’s IP address to collect and process information on the user’s actual location.
In our server logs, we will store data automatically made available by web browsers, including HTTP requests, the date and time of their arrival, and IP addresses and URL addresses that are related to a request.
Our website, in order to function at optimal speed, uses your browser’s cache. This optimizes the Website’s loading time and makes it easier to uise the Website by storing data between sessions.
In order to handle and improve the payment process, the following information will be collected (not openly):
personal data (first name, last name, address, contact info),
transaction ID in order to carry out eMerchantPay payments,
Third party services
Statistics, advertisement and security
To handle the Website’s security as well as collect and analyze information on its functioning, we use the following third party services:
Google Analytics – to monitor traffic and keep detailed statistics that allow us to identify the sources of visits and analyze the Website’s functioning
Google reCAPTCHA – to improve the Website’s security by protecting against automated scripts
Facebook Pixel – to monitor traffic and keep detailed statistics that allow us to create better advertisement campaigns
We do not make your data available to companies, organizations or other third parties.
We make our best efforts to make sure that your data is stored safely. In accordance with our security policy, we do not store passwords in plain text. We use the latest encryption standards and technologies to make sure that the data and accounts of our users are safe, including, among others:
regular updating of the servers
immediate implementation of security updates
fulfilling all requirements of security standards defined by PCI-DSS for the entity that processes the payment card data
enforcing and using secure connections wherever possible
controlling levels of access to data that is only available to individuals, companies or organizations that need to access it
protecting our servers and website against unauthorized access, attacks, as well as monitoring all activities on our Website.
Our Website is directed towards people above the age of 18.