1. Who We Are

Ruby Competitions Ltd is a UK-registered company operating skill-based prize competitions.

2. What Data We Collect Updated

We may collect and process the following personal data:

• Full name
• Date of birth
• Email address
• Phone number
• Postal address
• Payment details (handled securely via third-party processors)
• Answers to competition questions
• IP address and browser/device information
• Information submitted via contact forms or postal entries

• Photographic identification documents (e.g. passport, driving licence, national identity card, PASS card) — collected from winners only, for age and identity verification purposes

3. How We Use Your Data Updated

We use your data for the following purposes:

• Processing competition entries and payments
• Contacting winners and arranging prize delivery
• Verifying the age and identity of winners prior to prize release (see below)
• Displaying winner names/towns with consent
• Responding to customer queries
• Fraud prevention and anti-money laundering compliance
• Tax, audit, and legal compliance (e.g. HMRC requirements)
• Internal analytics and service improvement
• Sending promotional emails (only with your consent)

Photo ID — Age and Identity Verification

Where a competition entrant is selected as a winner, we are required to verify that they are aged 18 years or over and are the named account holder. To fulfil this requirement:

• We will request a valid photographic ID document from the winner.
• The document will be reviewed solely for the purpose of confirming name, date of birth, and photograph.
• Photo ID will not be used for any other purpose, shared with any third party (except where legally required), or retained beyond the period necessary to complete verification.
• Once verification is complete, the document will be securely deleted.
• Failure to provide satisfactory Photo ID will result in forfeiture of the prize, as set out in our Terms and Conditions.

Winners' Images & Marketing Use

As part of ensuring fairness and transparency, Ruby Competitions Ltd may request photographs, video clips, or testimonials from winners. These materials are used for marketing purposes (such as on our website, social media channels, email newsletters, or other promotional platforms) to demonstrate genuine prize fulfilment and build customer trust.

• Consent: We will always ask for your consent before using your image, name, or testimonial in marketing.
• Withdrawal of Consent: You have the right to withdraw consent at any time by contacting us at [email protected]

4. Lawful Basis for Processing Updated

We process your personal data under the following lawful bases:

• Contractual obligation – to fulfil competition entries
• Legal obligation – e.g. HMRC tax/audit requirements
• Legitimate interest – fraud prevention, age verification, site security
• Consent – for marketing or testimonials

Photo ID documents are processed on the basis of legitimate interest (age verification and fraud prevention) and legal obligation, in accordance with applicable competition legislation and our Terms and Conditions.

5. Data Sharing Updated

We only share your data where necessary and with trusted third parties:

• Payment processors (e.g. Stripe or similar)
• Email marketing platforms (if subscribed)
• Delivery/courier services (for prizes)
• Legal or regulatory authorities (if required by law)
• Website analytics providers (e.g. Google Analytics, Facebook Pixel)

We do not sell your data.

6. Data Retention Updated

We retain your personal data for up to 6 years from the date of your last interaction, in line with HMRC audit obligations. Data may be deleted sooner where appropriate, unless legally required to retain it.

7. Your Rights

You have the following rights under the UK GDPR:

• To access a copy of the data we hold about you
• To correct inaccurate or incomplete data
• To request deletion of your data (where legally permitted)
• To restrict or object to certain processing
• To data portability (in applicable cases)

To exercise any of these rights, contact [email protected]. We may request proof of identity.

8. Cookies and Tracking

We use cookies to enhance your browsing experience, manage sessions, and collect anonymised analytics. For full details, see our separate cookie policy: https://rubycompetitions.rafflex.uk/i/cookie-policy

9. Data Security Updated

We apply technical and organisational measures to safeguard your data, including:

• Secure server hosting
• HTTPS encryption
• Access controls for staff
• Regular security audits

10. International Transfers

We do not routinely transfer your data outside of the UK. If we do, we ensure appropriate safeguards are in place, such as UK-approved Standard Contractual Clauses.

11. Complaints

If you have concerns about how your data is handled, contact us first at [email protected]. You also have the right to complain to the UK Information Commissioner's Office (ICO):

• Website: https://www.ico.org.uk
• Phone: 0303 123 1113

12. Updates to This Policy

We may update this policy from time to time. The latest version will always be available on our website with an updated Effective Date.

For any privacy-related enquiries, please contact: [email protected]