Advisory: We only operate services from the RANDOM.ORG domain. Other sites that claim to be operated by us are impostors. If in doubt, contact us.

Privacy Notice

1. Introduction and Scope

At Randomness and Integrity Services Limited (‘RANDOM.ORG’) we know that your privacy is important to you. This privacy notice (‘Notice’) describes the types of information we collect and use, who that information relates to, how and why we use such information, who we share it with and your legal rights.

When we talk about information in this Notice, we mean any information relating to you, either directly or indirectly.

Unless indicated otherwise, this Notice applies to all our websites, domains, apps, and to the provision of any subscription services through our website (the ‘Services’).

2. Who is Responsible for Your Information?

RANDOM.ORG is responsible for your information.

This Notice applies to Randomness and Integrity Services Limited, company number 489434 and registered office at Premier Business Centres, 8 Dawson Street, Dublin 2, D02 N767, Ireland, which is the data controller for the purposes of this Notice.

When we say ‘RANDOM.ORG’, ‘we’, ‘us’ or ‘our’, we mean the controller of your information.

If you want to get in touch and seek to exercise your rights described below, please contact us at or by writing to us at the following address: Customer Services, Randomness and Integrity Services Limited, Premier Business Centres, 8 Dawson Street, Dublin 2, D02 N767, Ireland.

3. Who this Notice Applies To

We collect and process information which relates to a variety of categories of individuals. These include individuals who may not have a direct relationship with RANDOM.ORG. We have described below the main types of individuals whose information we collect, use and otherwise process:

  • Visitors to, as well as the websites listed here (together the ‘Site’)
  • Purchasers of subscription services through the Site
  • Purchasers of services through the Site on a once-off basis
  • Participants in events hosted using the Services

4. Who We Receive Information From

We receive your information from a variety of sources, including from third parties. For example, in the course of providing the Services, we may receive your information from cookies on the Site, information that you provide to us when you register an account with us, information that you provide to us or to payment providers when you place an order for services through the Site and information that you provide when you host an event using the Services.

5. Information We Collect and How We Use It

In the course of providing the Services, we collect or receive information in different ways and relating to various groups of individuals (described in section 3 above). The type of information that we collect includes IP addresses of visitors, information collected via cookie technology (more information on this is available in our Cookie Policy), certain details provided to payment providers when purchasing Services from the Site (such as shipping address and email address), the title, date, type, entries and names of winners selected, web log files, results of requests generated with our Third-Party Draw Service, Multi-Round Giveaway Service, the Trail Service and the Signed API, and personal details used to set up an account to access the Services (such as name, address and email address). We use this information for a number of purposes, including those described further below.

  • To fulfil any contracts that we may enter with you for the supply of certain services. This includes notifying you and other interested parties that a draw has taken place in connection with the Services, and notifying you in respect of billing matters. In carrying out this processing we rely on the following legal bases: contractual necessity.
  • To verify that events hosted using the Services have been conducted in a fair and unbiased manner. Depending on the nature of the Service, we may retain certain information indefinitely to verify that the results of any draw performed as part of the Services are accurate and in line with our integrity principles (‘Verification Data’). In carrying out this processing we rely on the following legal bases: legitimate interests.
  • To notify any interested parties where we reasonably believe that the results of a draw using the Services have been manipulated or distorted in some way. In carrying out this processing we rely on the following legal bases: legitimate interests.
  • To expose fraud in the use of the Services. In carrying out this processing we rely on the following legal bases: legitimate interests.
  • Where you have consented, we may also use your data to provide you with information about goods and services which may be of interest to you and we may contact you about these by electronic means. In carrying out this processing we rely on the following legal bases: consent.
  • If you are a current or former customer or have agreed that we may stay in touch with you in relation to updates and events, we will include your information in our CRM database. We do so to keep in touch with you such as to send you communications, surveys and marketing about our events and Services; to identify what other events or Services we think you might be interested in; and understand how you use our Services. We also keep business contact information including information about meetings and communications between our staff and you in the past for business intelligence purposes. In carrying out this processing we rely on the following legal bases: legitimate interests.
  • If you visit the Site, we will collect certain information relating to you. Generally, unless you submit information to us, such as via an online form, we only collect technical and device-related information from your use of the Site. We do so to secure the Site, understand how you use them, and analyse how we can improve them. See the Cookie Notice on the Site for more details. With your consent such as your subscription to ezines or blogs or your registration for our events, materials or event notifications, we may send you updates, invites and marketing materials. We may also do this if you are a client or a former client and you will always have the right to unsubscribe from such communications. If we do so, we will also collect information on your interaction with such communications. In carrying out this processing we rely on the following legal bases: legitimate interests.

6. Information You Give Us about Other People

If you provide information to us about any person other than yourself, you should ensure that you have a legal basis for doing so and that you have complied with your transparency obligations under data protection law.

You should also try to limit the personal information you give us to what you think is necessary for us to provide you with the Services.

7. Our Legal Bases

In order to collect, use, share, and otherwise process your information for the purposes described in this Notice, we rely on a number of legal bases, some of which are mentioned above, including where:

  • necessary to perform a contract we have with you, such as our Terms of Use, and to provide the Services (we refer to this as contractual necessity above);
  • you have consented to the processing (in which case you may revoke your consent at any time);
  • necessary for us to comply with a legal obligation, or to establish, exercise or defend legal claims;
  • necessary to protect your vital interests, or those of others;
  • necessary in the public interest; and
  • necessary for the purposes of RANDOM.ORG's or a third party's legitimate interests, such as those of clients and others, provided that those interests are not overridden by your interests or fundamental rights and freedoms

8. Legitimate Interests

Where we collect, use, disclose and otherwise process your information based on legitimate interests, we may rely on the following interests:

  • Keeping our Services Safe and Secure: We use your information in certain instances as necessary to pursue our and your legitimate interests of keeping some of our Services, such as our domains, websites, apps, offices, events, and the integrity of draws and our services generally, safe and secure. For example, we collect IP addresses and process log files to ensure our website and apps are not subject to fraudulent access, and we store data from the True Random Number Generator widget and the List Randomizer for three years in order to be able to expose fraud.
  • Marketing our Services: We use your information as necessary to pursue our legitimate interests in marketing our Services.
  • Providing, improving and developing the Services: We use your information as necessary to pursue our legitimate interests in tailoring and improving our Services.

9. Sharing Your Information

In the course of providing the Services, we share information with various third parties, including the host of an event which uses the Services, legal and regulatory authorities and payment service providers.

We do this based upon the legal bases and exceptions mentioned in section 8 of this Notice.

  • Service providers: We may share your personal information to help us provide our services and communicate with you. Categories of service providers include IT software and hosting providers and records-storage companies. Where such third parties are processors, these third parties are contractually required to use it only to provide their service to us and are contractually barred from using it for their own purposes.
  • Business re-organisation: In instances where our business is subject to a re-organization, such as a merger or acquisition of some or all of its assets, we may, in accordance with our legitimate interests, need to share information in the course of the transaction. In such circumstances, your information may be disclosed, where permitted by applicable law, in connection with a corporate restructuring, sale, or assignment of assets, merger, or other changes of control or financial status of RANDOM.ORG.

10. Data Transfers

In certain cases, we need to transfer your information to recipients outside the European Economic Area (‘EEA’), such as where it is necessary to provide the Services.

Where we transfer your information, we do so in accordance with EU data protection law. We only transfer personal information to these countries when it is necessary for the services we provide you, or it is necessary for the establishment, exercise or defence of legal claims or subject to safeguards that assure the protection of your information. We may rely on different legal mechanisms to ensure the transfer is lawful. If the recipient is in a country that is not deemed ‘adequate’ by the European Commission, we may enter into the ‘standard contractual clauses’ with the recipient. These are contracts that contain standard commitments approved by the EU Commission protecting the privacy and security of the information transferred.

Please note that the privacy protections and the rights of authorities to access your information in some of these countries may not be the same as in your home country. We will only transfer information as permitted by law.

For further information, including obtaining a copy of the documents used to protect your information, please contact us at

11. Retention

We may retain your information for as long as necessary in light of the purposes set out in this Notice, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for RANDOM.ORG to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We also consider regulatory and guidance issued by the Data Protection Commission.

12. Your Rights

You have a number of rights in relation to your information that we process. To exercise these rights, please contact us at

While some of these rights apply generally, certain rights apply only in specific circumstances. Exceptions may also apply to these rights under data protection law in certain circumstances. We describe these rights below.

  • Access: You have the right to request access to your information that we control.
  • Data Portability: You have the right to request that some of your personal information that you initially provided to us is returned to you or another controller in a commonly used machine readable format.
  • Rectify, Restrict and Delete: You have the right to ask us to restrict the processing of your information or to rectify or delete your information. Please note that despite a deletion request, we may continue to process your information if we have a legal basis to do so.
  • Object: If we process your information based on our legitimate interests explained above, or in the public interest, you can object in certain circumstances. In such cases, where legally required to do so, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. Where we use your data for direct marketing, you can always object using the unsubscribe link in such communications or by contacting us at
  • Revoke Consent: Where you have previously provided your consent, you have the right to withdraw your consent to our processing of your information at any time. For example, you can withdraw your consent to email marketing by using the unsubscribe link in such communications or contacting us at In certain cases, we may continue to process your information after you have withdrawn consent if we have a legal basis to do so or if your withdrawal of consent was limited to certain processing activities.
  • Complain: You have the right to submit a complaint about our use of your information with your local supervisory authority or RANDOM.ORG's supervisory authority, the Irish Data Protection Commission.

13. Third Party Services

The Site may contain links to other websites and services, which are managed and controlled by third parties. Please note that this Notice does not apply in those cases and we are not responsible for the privacy practices of such third parties.

14. Amending the Notice

From time to time, we may amend this Notice. This might happen, for example, where we make changes to the Services. If we make material changes to the Notice, we will take steps to notify you, such as by posting a notice on the Site. The Notice was last updated at the date indicated further below.

15. Contact Us

If you want to exercise you rights (described above), or if you have any questions about this Notice, please contact us as follows:

Customer Services
Randomness and Integrity Services Limited
Premier Business Centres
8 Dawson Street
Dublin 2
D02 N767

Last updated: 1 August 2020