Global Gaming
Data Processing Addendum (DPA)
Last updated: January 2026
This Data Processing Addendum (“DPA”) forms part of, and is incorporated by reference into, the Global Gaming Platform Terms of Use (the “Agreement”).
This DPA applies where Global Gaming processes personal data on behalf of an Organisation in connection with the Platform.
1. Parties
Data Processor:
Global Gaming LTD
Company Number: 13491574
6–8 Corinthian House
Great Eastern Street
London EC2A 3NT
England, United Kingdom
Data Controller:
The Organisation accepting the Platform Terms of Use.
2. Definitions
Capitalised terms not defined in this DPA have the meaning given in the Agreement.
“Applicable Data Protection Laws” means all laws relating to data protection and privacy, including:
UK GDPR
EU GDPR
UAE Personal Data Protection Law
Any applicable implementing or successor legislation
3. Scope and Roles
3.1 The Organisation acts as Data Controller for all personal data processed via the Platform.
3.2 Global Gaming acts as Data Processor, processing personal data solely on documented instructions from the Organisation.
3.3 Global Gaming does not determine the purposes of processing and does not act as a joint controller.
4. Subject Matter and Duration
Subject matter: Provision of the Platform
Nature of processing: Hosting, storage, analytics, visualisation, and system administration
Duration: For the term of the Agreement and any agreed retention period
5. Categories of Data and Data Subjects
5.1 Data Subjects
Organisation staff
Coaches
Players / participants
Administrators
5.2 Categories of Personal Data
Account and identity data
Organisation affiliation and role
Performance and training data
Optional, self-reported wellness data
No special category data is processed other than optional self-reported wellness indicators, which are non-medical.
6. Processor Obligations
Global Gaming shall:
a. Process personal data only on documented instructions from the Organisation
b. Ensure confidentiality of personnel with access to personal data
c. Implement appropriate technical and organisational security measures
d. Not disclose personal data to third parties without authorisation
e. Assist the Organisation in complying with data subject rights
7. Security Measures
Global Gaming implements measures appropriate to the risk, including:
Access controls
Role-based permissions
Encryption in transit
Secure authentication
Audit logging
Detailed technical measures may be provided upon reasonable request.
8. Sub-Processors
8.1 Global Gaming may engage sub-processors to support Platform operations.
8.2 Sub-processors are bound by written agreements imposing data protection obligations equivalent to this DPA.
8.3 A current list of sub-processors will be made available upon request.
9. International Data Transfers
Personal data may be processed in:
United Kingdom
European Union
United Arab Emirates
Where required, appropriate safeguards are applied, including:
UK Addendum to EU Standard Contractual Clauses
EU Standard Contractual Clauses
10. Data Subject Rights Assistance
Global Gaming shall reasonably assist the Organisation in responding to:
Access requests
Rectification requests
Erasure requests
Objections or restrictions
Global Gaming shall not respond directly to data subjects unless legally required.
11. Data Breach Notification
Global Gaming shall notify the Organisation without undue delay upon becoming aware of a personal data breach.
Notification will include:
Nature of the breach
Categories of data affected
Mitigation steps taken
12. Audits
12.1 Upon reasonable written request, Global Gaming shall provide information necessary to demonstrate compliance with this DPA.
12.2 Audits shall:
Be limited in scope
Occur no more than once per year
Not disrupt normal operations
13. Data Deletion and Return
Upon termination of the Agreement, and at the Organisation’s choice:
Personal data will be deleted
Or returned in a commonly used format
Unless retention is required by law.
14. Liability
Liability under this DPA is subject to the limitations set out in the Agreement.
Nothing in this DPA limits liability where such limitation is prohibited by law.
15. Governing Law
This DPA is governed by the laws of England and Wales.
16. Order of Precedence
In the event of conflict:
This DPA
Platform Terms of Use
Any other agreement