What is collected

• Identity and verification details: name, date of birth, address, nationality, identity documents and images submitted for checks.
• Contact details: email address and phone number.
• Account and service data: username, preferences, responsible gambling settings, gameplay and betting history, transactions and support interactions.
• Payment information: tokenised card details, masked numbers, bank identifiers and payment method metadata processed by certified providers.
• Device and usage data: IP address, device identifiers, browser or app version, log files and approximate location.
• Communications: emails, chats, call recordings and feedback.

Why it is collected

• Create and manage accounts, provide services and settle bets and payments.
• Verify age and identity, prevent fraud and financial crime, and meet anti-money laundering duties.
• Comply with Australian law and regulatory requests.
• Improve websites and apps through analytics, testing and troubleshooting.
• Personalise content and communications where permitted.

Protection measures

• Technical controls: TLS encryption in transit, strong encryption at rest, hashed passwords, payment tokenisation, role-based access, multi-factor authentication, monitoring, firewalls, intrusion detection, rate limiting, DDoS protection, vulnerability scanning and penetration testing.
• Organisational controls: vetted staff, training, least-privilege access, segregation of duties, vendor due diligence and contracts, incident response and breach notification processes, data minimisation and privacy impact assessments.

Retention and destruction

• KYC and transaction records are kept for at least 7 years after account closure to meet AML/CTF obligations.
• Security and support logs are typically retained for 12 months unless a longer period is required.
• Marketing preferences are stored until you opt out or the account is closed.
• Information is securely deleted or de-identified when no longer needed.

Your rights

• Access the personal information held about you.
• Request correction of inaccurate, incomplete or out-of-date information.
• Request deletion where no legal or contractual duty requires retention.
• Withdraw consent to marketing at any time.
• Make a complaint to the Office of the Australian Information Commissioner.

Compliance

• The handling of personal information follows the Privacy Act 1988 (Cth) and the Australian Privacy Principles, as well as applicable gambling, AML/CTF and financial services requirements.

Personal information is used to:

• Provide, operate and support account services and features.
• Process deposits and withdrawals through payment providers and banks.
• Conduct identity verification, sanctions screening, fraud prevention and risk management.
• Deliver responsible gambling tools and safeguards.
• Provide customer support, manage complaints and resolve disputes.
• Improve services through analytics, research, testing and quality assurance.
• Personalise site content and communications where you have consented.
• Meet legal, tax, reporting and regulatory obligations, including audit and record keeping.
• Maintain security, detect incidents and prevent misuse.

Processing is lawful, fair and transparent. No decision producing legal or similarly significant effects is based solely on automated processing without appropriate human review.

How to access or update

• Review or update profile details through account settings where available.
• Submit a request to the Privacy Officer at [email protected] to access a copy of your personal information.

Correction and deletion

• If any information is inaccurate, you may request correction. Where we disagree, a note can be attached to the record.
• You may request deletion where the data is no longer needed and no law requires retention. Certain records must be retained for AML/CTF, tax or dispute purposes.

Process and timeframes

• We may ask for additional information to verify your identity and to clarify scope.
• A response is provided within a reasonable period, usually within 30 days.

Security checks and payment processing consent

• By using Casinonic, you consent to identity, age and anti-fraud checks, and to the processing of payment data by payment processors, card schemes and banks for authorisation, settlement and chargeback management.

• Services are intended for users aged 18 years and over.
• The operator cannot confirm age without receiving appropriate identity documents during verification.
• If we learn that a minor has provided personal information, the account will be suspended and the information deleted where permitted by law.
• A parent or legal guardian can contact the Privacy Officer to request deletion of a minor’s information. Reasonable evidence of guardianship may be required.

• Personal information may be processed outside Australia in locations where service providers or group companies operate.
• Using the website and services constitutes consent to these cross-border disclosures.
• Reasonable steps are taken under APP 8 to ensure overseas recipients do not breach the Australian Privacy Principles. Measures include contractual commitments, security assessments, encryption and ongoing oversight.
• All partners must protect confidentiality and use information only for agreed purposes.

• This policy explains how personal information is handled and does not grant rights beyond those required by law. Where a disclaimer clarifies the scope or effect of any rule, that clarification applies to the extent permitted by law.
• The disclaimer takes effect when you accept this policy by signing, clicking to accept or by continuing to use the services.
• If any part of this policy is invalid in a jurisdiction, that part is limited to what is necessary so the remainder continues to operate.

• Cookies are small files placed on your device by websites and apps. Similar technologies include SDKs, pixels and local storage.
• They are used for statistics, behaviour analysis, personalisation, fraud prevention and to improve site performance.
• Unless stated otherwise, non-essential cookies are retained for up to 1 year. Session cookies expire when the browser is closed.
• You can manage cookies in your browser and through on-site preferences. Blocking some cookies may affect certain features.
• Some cookies are set by third-party analytics and advertising providers engaged to support our services.

• Using the services constitutes full acceptance of this Privacy Policy.
• The current version published on the website prevails over any prior version.
• Changes will be posted with an updated date. Continued use after an update indicates acceptance of the revised policy.

• Personal information may be shared as necessary with third parties to comply with law, manage disputes or deliver services under our agreements. Typical recipients include payment processors and banks, identity and AML providers, hosting and support vendors, analytics services, auditors, regulators, law enforcement and dispute resolution bodies.
• A list of key processors and sub-processors is maintained on the website. Where a party is not listed, you will be informed of the purpose and scope where reasonably practicable.
• Providing personal information constitutes consent to such sharing for the stated purposes. Some third parties may handle information under their own privacy notices when acting independently, such as banks or regulators.

• The website may include links to other websites that have their own privacy policies.
• The operator is not responsible for how external sites collect, use or disclose information.
• Review the privacy policy and practices of any external site before providing personal information.