Privacy Policy
Effective date: 2026-05-06. Version 4.2. Ripper Casino ("we", "us", "our") collects and handles personal information about Australian players under the Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APP) issued by the Office of the Australian Information Commissioner (OAIC). This policy explains, in plain English, what we collect, why, where it is stored, who we share it with, and how to exercise your rights.
1. Open and Transparent Management of Personal Information (APP 1)
This policy is the public expression of our information-handling practices. We review it at least annually and on any material change to our processing activities. Past versions are archived and available on request to [email protected].
2. Anonymity and Pseudonymity (APP 2)
You can browse the public sections of our site anonymously. Account creation, deposits and withdrawals require identifying information by law — Australian anti-money-laundering rules, our Curaçao licensing conditions, and the practical demand that we pay you to a verified person. Where lawful, marketing preferences and customer-service interactions can be linked to a pseudonym at your request.
3. What Personal Information We Collect (APP 3)
We collect three categories of personal information:
- Identity data: full name, date of birth, address, photo of a government ID, selfie for liveness, mobile phone number, email.
- Financial data: deposit and withdrawal records, payment method tokens (BPAY reference, PayID, partial card BIN, crypto wallet hash), transaction history.
- Behavioural data: game-play history, session duration, device type, browser version, IP address, geolocation at session start, cookies and analytics events.
4. How We Collect It (APP 3)
Directly from you when you register, deposit, withdraw, contact support or submit KYC. Automatically through cookies, server logs and our anti-fraud platform. From third parties: payment gateways (PayID issuers, POLi, Neosurf, BPAY), KYC/AML providers, and gaming-software studios when you play their pokies.
5. Use and Disclosure (APP 6)
We use your information to operate your account, process transactions, prevent fraud, respect responsible-gambling controls, comply with AML/CTF and tax laws, run our promotions, and improve the service. We do not sell your personal information to third parties — full stop. We do disclose it to:
- Payment providers, to settle deposits and withdrawals.
- KYC/AML vendors, to verify identity and screen sanctions/PEP lists.
- Game studios and platform providers, strictly to deliver the games you play.
- Regulators and law enforcement when legally compelled.
- Professional advisers (lawyers, auditors) under confidentiality.
6. Direct Marketing (APP 7)
We only send marketing emails or SMS where you've opted in at sign-up or later. Every message carries an unsubscribe link; we honour opt-outs inside three business days. Account-essential communications (security alerts, legal notices, KYC requests) are not marketing and continue regardless of marketing preferences.
7. Cross-Border Disclosure (APP 8)
Some of our processors are based outside Australia. Cross-border destinations currently include:
| Jurisdiction | Purpose |
|---|---|
| Curaçao | Licensing authority filings, regulatory reporting |
| Malta | Platform engineering, server hosting |
| United Kingdom | KYC/AML provider, anti-fraud analytics |
| Ireland | Payment-gateway processor |
| Singapore | Customer-support tooling, ticketing |
Each overseas recipient is bound by contract to handle the data consistently with the APPs.
8. Data Quality and Security (APP 10 and 11)
We take reasonable steps to ensure the data we hold is accurate, up to date and complete, and we encourage you to update profile fields when your circumstances change. Security controls include TLS 1.3 in transit, AES-256 at rest, segmented databases, principle-of-least-privilege access, periodic penetration testing and continuous logging. KYC documents are stored separately from gameplay data with stricter access gates.
9. Retention and Destruction
We retain your personal information for as long as your account is active, then for a further seven years after closure — the period prescribed by Australian AML/CTF record-keeping rules. Marketing-only data falls away inside 12 months of opt-out. Verified-destruction certificates are issued by our hosting providers when storage is decommissioned.
10. Cookies and Similar Technologies
| Cookie type | Purpose | Retention |
|---|---|---|
| Strictly necessary | Login session, fraud prevention, cashier flow | Session to 30 days |
| Preference | Locale, currency, theme | 12 months |
| Analytics | Anonymous usage statistics | 14 months |
| Marketing | Re-engagement campaigns (opt-in) | 13 months |
You can manage non-essential cookie categories at any time from the Cookie Preferences link in our footer.
11. Access and Correction (APP 12 and 13)
You have the right to ask what we hold about you and to correct anything inaccurate. Email [email protected] from your registered address. We respond to access requests within 30 calendar days at no charge. Where we decline (rare — typically because the data implicates a third party or active investigation), we explain why and your route of complaint.
12. Complaints
If you think we've mishandled your personal information, write to [email protected] first. We acknowledge inside two business days and aim for a final response within thirty calendar days. Unresolved complaints can be escalated to the Office of the Australian Information Commissioner — see oaic.gov.au for the lodgement form.
13. Changes to This Policy
We update this policy when our practices change. Material changes are notified by email or in-account banner at least fourteen days before they take effect. Continued use of the service after the effective date constitutes acceptance.