Privacy Policy

Bonza96 Casino is committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our services at bonza96casino-australia.com, in full compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Information We Collect

We collect personal information to provide our online casino services securely and in line with Australian gambling regulations. This includes information you provide directly, such as during registration, and data gathered automatically through your interactions with our platform.

Types of personal information we may collect include your full name, date of birth, residential address, email address, phone number, and government-issued identification details like driver's license or passport numbers. Financial information covers bank account details, payment card numbers, transaction histories, and deposit/withdrawal records essential for processing payments.

We also collect sensitive information, such as details related to responsible gambling assessments, gaming activity data including bet amounts, game preferences, session durations, and wagering patterns. Technical data encompasses IP addresses, device identifiers, browser types, cookies, and location information to enhance security and user experience.

For identity verification under AUSTRAC's Applicable Customer Identification Procedures (ACIP), we require proof of address documents like utility bills and may collect source of funds information to prevent money laundering. Gaming behavior data helps us monitor for problem gambling and comply with responsible gambling obligations.

We gather this information primarily through account registration forms, deposit processes, customer support interactions, and automated tools like cookies and analytics software. Where possible, we offer pseudonymity for non-essential interactions, but full identification is required for gaming services per APP 2.

How We Collect Information

Collection occurs directly from you via our website forms, emails, or phone calls to [email protected]. Indirectly, we obtain data from third-party services like payment processors, identity verification providers, and AUSTRAC-compliant KYC tools.

During gameplay, server logs automatically record session data, timestamps, and outcomes for auditing and compliance. Cookies and similar technologies track preferences and detect fraud, with options to manage them via browser settings.

We notify you at or before collection about the purposes, as required by APP 5, ensuring transparency. For unsolicited information received unexpectedly, we assess relevance under APP 4 and securely destroy irrelevant data.

Sensitive information, like health-related gambling vulnerability indicators, is collected only with consent or where legally required, aligning with Australian laws and international standards where EU users are involved.

Purpose of Collection and Use

Your information enables us to manage accounts, verify identities, process transactions, and deliver gaming services, fulfilling contractual necessities under APP 6. We use it for fraud prevention, security monitoring, and compliance with anti-money laundering laws enforced by AUSTRAC.

Responsible gambling measures rely on gaming data to identify risky patterns, offer self-exclusion, and report to authorities. Marketing communications, like bonus promotions, occur only with explicit opt-in consent per APP 7.

Data supports customer service, personalization of game recommendations, and platform improvements without selling it to unrelated parties. Legal obligations, such as taxation reporting and regulatory audits, necessitate retention and use.

Where GDPR applies to non-Australian users due to extra-territorial reach, we process on lawful bases like consent or legitimate interests, ensuring equivalent protections.

Disclosure of Information

We disclose data only as necessary and permitted under APP 6. Service providers like payment gateways (e.g, banks), KYC verifiers, and hosting companies receive limited access under strict contracts ensuring confidentiality.

Regulatory bodies, including AUSTRAC, the Australian Taxation Office, and state gambling commissions, may receive reports for compliance. In legal proceedings or court orders, disclosure occurs as required.

For cross-border transfers under APP 8, we use providers in jurisdictions with comparable protections or binding agreements; recipients are bound by equivalent standards. No transfers occur to high-risk countries without safeguards.

We do not share with marketing affiliates without consent. Group companies, if any, access data only for shared services like centralized support.

Data Security Measures

Security of personal information is paramount under APP 11. We implement encryption (AES-256 for data at rest and TLS 1.3 for transit), firewalls, multi-factor authentication, and regular penetration testing.

Access controls limit employee data handling to role-based needs, with audit logs tracking all interactions. DDoS protection and intrusion detection systems safeguard against cyber threats common in online gaming.

In breach events, we notify affected users and the Office of the Australian Information Commissioner (OAIC) promptly, as mandated. Physical servers are in secure Australian data centers compliant with ISO 27001.

Data Storage and Retention

Data is stored on secure Australian servers, with backups encrypted and geo-redundant. Retention follows legal minima: financial records for 7 years per taxation laws, account data for 7 years post-closure for AUSTRAC compliance, and gaming logs for 5 years for responsible gambling audits.

Identity documents are deleted after verification unless ongoing needs persist. Marketing data is purged upon consent withdrawal. Technical logs are kept 2 years for security.

Upon account deletion, we anonymize or destroy data where possible, except for mandatory records.

Your Rights and Choices

Under APPs 12 and 13, you can access your personal information free of charge within 30 days, subject to exemptions like unreasonable impacts. Submit requests to [email protected]; we'll verify identity first.

Correction requests for inaccurate data are processed promptly, notifying prior recipients if practicable. Anonymity options exist for browsing, but not registered play.

Opt-out of marketing anytime via account settings or email. Self-exclusion and data portability requests (aligned with emerging standards) are honored. Complaints go to our Privacy Officer first, then OAIC.

Children under 18 cannot register; we delete any inadvertently collected data.

Cookies and Tracking Technologies

We use essential cookies for functionality, analytics cookies for performance (Google Analytics, opt-out available), and advertising cookies for promotions (with consent). Third-party cookies from partners are limited.

Browser settings allow management; disabling may impair services. Our Cookie Policy details categories and vendors.

Children's Privacy

Our services target adults 18+. We do not knowingly collect children's data. Parents/guardians can contact us to remove any such information.

International Users and GDPR Alignment

For EU/EEA users, we adhere to GDPR principles: lawful processing, data minimization, accuracy, and rights like erasure (right to be forgotten, balanced with legal retention). Our Data Protection Officer oversees compliance.

Australian Privacy Principles mirror GDPR in transparency, purpose limitation, and security.

Changes to This Policy

We update this policy periodically; major changes are notified via email or site notice. Continued use post-update implies acceptance. Last updated: March 28, 2026.

Contact Information

Questions? Email our Privacy Officer at [email protected]. We'll respond within 7 days.

For complaints, use the above; escalate to OAIC at oaic.gov.au.

Governing Law

This policy is governed by Australian law, specifically the Privacy Act 1988.