Facial Recognition Policy
15th July 2021
We make every effort to ensure the building is a safe and enjoyable environment for our visitors and to assist our efforts, we use live facial recognition technology (LFR) in the building.
1. Why Is Live Facial Recognition Used?
1.1 We use live facial recognition for the following reasons:
i. To uphold the wishes of individuals who have identified themselves as problem gamblers. They have either registered on SENSE (Self Enrolment National Self Exclusion Scheme, operated by the Betting and Gaming Council), or have registered with Hippodrome Casino on the internal VSE (Voluntary Self Exclusion) scheme.
ii. To keep individuals suspected of cheating, attempting to engage in money laundering or disorderly conduct out of the casino. These individuals have been suspended are on our exclusion database.
As part of our licencing conditions, we are required to take all reasonable measures to uphold the self-exclusion wishes of individuals who have asked us not to permit them entry to land-based casinos and; maintain a safe and crime-free environment for our guests.
2. Is my Image subject to this processing?
2.1 All entrances to Hippodrome Casino are covered by live facial recognition cameras – one per entrance. All visitors to the casino and its associated attractions are scanned following entry to the building. Cameras are positioned to cover internal areas only. No external areas are captured.
2.2 If your image is held on our exclusion databases (self-exclusion or suspension), then your image will be processed by the system and our security teams will be alerted to your attempted entry. Security will manually monitor your activity on conventional CCTV to ensure a positive ID, then you may be approached.
2.3 If your image is NOT held on our exclusion database, then your image will be scanned by the system, then immediately deleted. No copies of images are retained in any way beyond this initial scan.
3. Lawful Basis of Processing
3.1 Where an individual has enrolled on the SENSE or VSE scheme at Hippodrome, they are notified of this scanning at the point of sign-up and an image is taken for uploading to the exclusion database. We also believe it to be in the legitimate interest GDPR Article 6(1)(f) of the excluded for processing to occur – and a legitimate interest assessment document has been drafted to consider the balancing of rights.
3.2 Where an individual has enrolled on the SENSE scheme (operated by the Betting and Gaming Council) at another land-based casino, Hippodrome Casino will receive a copy of their image as part of our membership to the scheme. This image will be uploaded to the exclusion database and the live facial recognition system. We believe it to be in the legitimate interest GDPR Article 6(1)(f) of the data subject and the casino for processing to occur. Without facial recognition, we would have no way of identifying the individual if entry were attempted, therefore breaching their self-exclusion. A legitimate interest assessment document has been drafted to consider the balancing of rights
3.3 Where we have a need to exclude due to disorderly conduct, or due to our gambling obligations, this is to comply both with a legal obligation to which the data controller is subject to – GDPR Article 6 (1)(c) and a legitimate interest GDPR Article 6(1)(f) in keeping casinos safe and crime-free. A legitimate interest assessment document has been drafted to consider the balancing of rights.
3.4 We also rely on our legal obligation comply with Section 41, Paragraph 8 of The Gambling Act 2005 allowing the processing of sensitive data (biometric data) for the purposes of prevention of money laundering and terrorist financing.
4. Data Information
Facial Recognition Software – Hippodrome Casino Ltd / NEC (UK) Ltd.
4.1 The Data Controller is Hippodrome Casino Ltd, Cranbourn Street, Leicester Square, WC2H 7JH, whom have control of; the collection source, use purposes, legal basis, retention, locations of storage and the security of personal data within this system and other systems or parties in delivery of the service.
4.2 Joint Data Controller (under SENSE) is the Betting and Gaming Council (BGC), 1st Floor, 90 Chancery Lane, London. WC2A 1EU. The BGC operate the SENSE scheme (Self Enrolment National Self Exclusion Scheme) – a national self-exclusion programme available to anyone who wishes to exclude themselves from all land-based casino’s in the UK. Hippodrome Casino is a member of this scheme.
4.3 The Data Processor is Northgate Public Services (UK) Ltd, Peoplebuilding 2, Peoplebuilding Estate, Maylands Avenue, Hemel Hempstead, Hertfordshire. HP2 4NW and acts on the instruction of Hippodrome Casino Ltd.
4.4 The only instances where personal data is shared with, or received from other establishments, would be as part of the SENSE scheme, of which Hippodrome Casino Ltd will be a joint controller. No other data from the live facial recognition system is shared with other establishments.
4.5 If your image is to be uploaded to facial recognition, it will be taken from your existing records on our system, or those supplied to us as part of the SENSE scheme. If the image on our database is of insufficient quality for the live facial recognition system, a new image will be captured ahead of upload. If we are unable to capture a new image (part of SENSE) then it will not be uploaded.
SENSE / VSE:
4.6 If you are part of the SENSE / VSE scheme, your image will be retained on our exclusion database for at least six months, as part of the contract between yourself and the casino / SENSE scheme. If, after that six-month period, we still consider you at risk then you will remain suspended and join our “Problem Gambler” database until a time we believe you are no longer a risk.
Cheating / Money Laundering / Disorderly Conduct:
4.7 If you are suspected of cheating / money laundering / disorderly conduct, then you will be suspended from the casino indefinitely. In this instance, under our anti-money laundering obligations, we will retain your image on our suspension database for a period of five years from last visit, or attempted visit.
5. Privacy Concerns
5.1 Should you wish to exercise your privacy rights or have concerns over any elements of these processing activities, please contact the Hippodrome Privacy Office and we will be happy to help – [email protected]
5.2 If you are based in the EU / EEA, you can still contact us directly, alternatively feel free to contact us via our GDPR EU/EEA Representative, DataRep, which can be reached at:
- [email protected] – be sure to quote “Hippodrome Casino” in the subject line, otherwise they will not know what your request relates to and it may take significantly longer to administer your email.
- Online webform at www.datarep.com/datarequest
- At the postal address of your country of origin – the full list of which can be accessed here.
5.3 Right to complain – you have the right to complain at any time to the Information Commissioners’ Office (ICO) regarding data protection issues that pertain to processing activities of the Hippodrome Casino – https://ico.org.uk