Privacy Policy

This Privacy Policy explains how personal information is collected, used, disclosed and protected when you visit and use the online gambling services and related content made available via the website thepokies-aussie.com, which promotes The Pokies. It applies to players, prospective players, and all other visitors to our website and related digital channels, regardless of device. By accessing or using thepokies-aussie.com, you acknowledge that you have read and understood this Privacy Policy.

This Privacy Policy is effective as of 1 January 2026 and replaces any earlier versions published on thepokies-aussie.com.

Who We Are

For the purposes of this Privacy Policy, references to "we", "us", "our" and "The Pokies" refer to the operator responsible for thepokies-aussie.com and for determining how and why your personal information is processed in connection with The Pokies.

Based on the information currently available, the following should be noted:

• Operator company name: not specified. The legal entity operating thepokies-aussie.com and The Pokies has not publicly disclosed a full legal name, corporate structure, registered address, or parent company details.
• Registered / legal address: not specified. No official registered office, headquarters or mailing address has been published.
• Company registration and tax details: not specified. No verifiable company registration number, tax identification number, or clearly identified operator jurisdiction has been disclosed.

Because this information is not fully transparent, users should be aware that the service effectively operates as an offshore online gambling offering targeting Australian players and is listed by the Australian Communications and Media Authority (ACMA) on its illegal offshore gambling blocklist. No active, verifiable Australian licence is held, and historical references to a Curaçao eGaming sub-licence (Master Licence 1668/JAZ) could not be confirmed as valid or current as of late 2024.

For all privacy-related queries, including the exercise of your privacy rights and complaints, you may contact our data protection contact point:

• Data protection contact / responsible person: Data Protection Officer (DPO) / Privacy Team (designation for contact purposes only; this is not a statement of formal regulatory appointment).
• Email (primary): [email protected]
• Email (secondary/general): [email protected]
• Website: https://thepokies-aussie.com

As no physical address is specified, you should use the above electronic contact details for all communications regarding this Privacy Policy.

What Personal Data We Collect

Categories of Personal Information

• Identification and contact data: full name, username, date of birth, country of residence, email address, mobile and/or landline number, password and other credentials you create, copies of identification documents (e.g. passport, driver's licence, utility bill) where requested for verification, and any information you provide during customer support interactions.
• Account and gameplay data: account registration details, account status, login history, preferred language and currency, game and betting history (including games played, amounts wagered, wins and losses, timestamps), bonuses claimed and wagering progress, self-exclusion or cooling-off flags that you activate.
• Financial and payment data: selected payment methods, partial payment card data (card type, masked card number, expiry date) where applicable, bank account or PayID identifiers, details of e-wallet accounts and third-party payment providers, transaction history (deposits, withdrawals, chargebacks, failed transactions), and any information necessary for anti-fraud checks and chargeback investigations. Full card details are typically processed by our payment processors and not stored in plain form by us.
• Technical and device data: IP address, device identifiers, browser type and version, operating system, preferred language, time zone, approximate geolocation derived from your IP address, pages visited, time and date of visits, clickstream data, referral URLs, and other standard server log information.
• Usage and behavioural data: information about how you interact with the website and games, including clicks, scrolling, navigation paths, session duration, viewed promotions, interactions with emails and push notifications, responsible gambling tools usage, and participation in loyalty or VIP programs.
• Marketing and communication data: your marketing preferences, newsletter subscriptions, consent status for email/SMS/push marketing, opt-in/opt-out records, and records of communications we send to you and your engagement with them.
• Cookies and similar technologies: unique identifiers placed via cookies, pixels, tags, SDKs and similar technologies, which may collect information about your device, browser, on-site activities, advertising interactions and preferences.

Data Collected from Third Parties

• Payment processors and financial institutions: confirmation of successful or failed payments, limited card or account data, chargeback information, and fraud risk indicators.
• Affiliate and advertising partners: referral identifiers, campaign tags, traffic source information and aggregate performance data about marketing campaigns.
• Fraud and verification service providers: results of identity verification checks, sanctions and watchlist screenings, device risk scores, and other fraud-prevention signals where applicable.

Important risk note: Based on available information, payments may be routed via shell companies or third-party payment processors located in Cyprus or Eastern Europe. While such processors are expected to apply their own security and compliance measures, the lack of transparent operator information may increase the risk associated with providing payment and personal data.

Legal Basis for Processing

Because The Pokies targets Australian players but operates offshore without a verified local licence, there is no single, expressly defined statutory privacy regime governing all processing. However, we strive to align our practices with internationally recognised data protection principles (including concepts found in the EU General Data Protection Regulation (GDPR)) while acknowledging that we are not formally established in the EU and do not hold an Australian licence. The principal legal bases on which we rely are:

Consent

• What this means: In certain cases, we process your personal data based on your freely given, specific, informed and unambiguous consent. This includes, for example, sending marketing communications by email or SMS, non-essential cookies and personalised advertising.
• Your options: You may withdraw your consent at any time (see "Your Rights" section). Withdrawal will not affect the lawfulness of processing prior to withdrawal but will stop the relevant processing going forward where consent is the only legal basis relied upon.

Performance of a Contract or Steps Prior to Entering into a Contract

• Account setup and operation: We process your identification, contact, technical, gameplay and financial data as necessary to create, administer and operate your account, to provide access to The Pokies games and services, to process deposits and withdrawals, and to resolve account-related issues.
• Customer support: We use your data to communicate with you, answer questions, and assist with any service-related matters.

Compliance with Legal or Regulatory Obligations

• KYC / AML and responsible gambling: Where applicable, we may be required under the laws of the jurisdiction(s) in which our payment processors or corporate entities operate (for example, in Curaçao or other offshore jurisdictions) to conduct identity verification, anti-money laundering (AML) and counter-terrorist financing checks, as well as responsible gambling monitoring.
• Record-keeping and reporting: We retain transaction, identity and gameplay data as needed to comply with record-keeping obligations, financial and tax reporting duties, and to respond to lawful requests from competent authorities in relevant jurisdictions.

Legitimate Interests

• Service security and fraud prevention: We process data to secure our systems, detect and prevent fraud, abuse, bonus misuse and other suspicious or unlawful activities, including monitoring transactions and device fingerprints.
• Service improvement and analytics: We analyse aggregated and pseudonymised usage data to improve our games, website functionality, user experience, and to understand overall performance of promotions and products.
• Basic direct marketing: Subject to your rights to object or opt out, we may rely on our legitimate interest to promote similar services to existing customers, in ways that respect your privacy expectations.

Where we rely on legitimate interests, we seek to ensure that our interests are balanced against your rights and reasonable expectations and that the impact on your privacy is proportionate.

Purpose of Processing

Provision of Services

• Account management: To register and maintain your player account, manage login credentials, verify your age and eligibility, and administer account preferences.
• Gameplay and betting: To provide access to casino games and betting products, record bets and game outcomes, credit winnings, and manage bonuses and loyalty schemes.
• Payments: To process deposits, withdrawals, refunds and chargebacks via third-party payment processors and financial institutions, and to maintain accurate financial records.
• Customer support: To respond to requests, complaints and feedback received via [email protected], [email protected], or other communication channels.

Improvement and Personalisation of Services

• Analytics and performance monitoring: To analyse website and game usage, detect technical issues, test new features and optimise performance.
• Personalised content: To tailor game recommendations, promotions, bonuses and communications to your profile and observed preferences, subject to your marketing and cookie choices.

Marketing and Promotions

• Direct marketing: To send emails, SMS or other communications about promotions, bonuses, tournaments, new games and other offers, where permitted by applicable law and your consent or preferences.
• Affiliate and advertising campaigns: To attribute your registrations and activity to affiliate partners, manage commissions and evaluate the effectiveness of campaigns.

Risk Management, Security and Legal Compliance

• Fraud and AML: To detect and prevent fraud, money laundering, terrorist financing, identity theft and other abuses of our services, by monitoring transactions, device data and behaviour patterns.
• Security: To ensure the confidentiality, integrity and availability of our systems and data, respond to incidents and enforce our Terms and Conditions.
• Legal obligations and enforcement: To comply with applicable laws in relevant jurisdictions, respond to lawful requests from authorities, and establish, exercise or defend legal claims.

Disclosure & Sharing

We do not sell your personal information as a standalone asset. However, to provide our services and operate effectively, we may disclose your personal data to the following categories of recipients, always limiting disclosure to what is necessary for the relevant purpose.

Service Providers and Business Partners

• Payment processors and financial institutions: Banks, card schemes, PayID facilitators, e-wallet providers and other payment intermediaries involved in processing your deposits and withdrawals, handling chargebacks and performing fraud checks. According to available information, some payment routing may occur via entities and processors based in Cyprus or Eastern Europe.
• Game providers and technical platforms: Third-party software providers that deliver games, random number generators, hosting, content delivery networks (CDNs), and platform infrastructure used to operate The Pokies.
• IT, security and analytics providers: Vendors providing data storage, backup, security monitoring, incident response assistance, web analytics and performance optimisation services.
• Verification, AML and risk management services: Third-party providers assisting with identity verification, sanctions and watchlist checks, fraud scoring and risk analysis (where used).
• Affiliate and marketing partners: Affiliates, ad networks, tracking platforms and marketing agencies that promote The Pokies, subject to applicable marketing and cookie consents. We may share pseudonymised identifiers and conversion data to attribute and optimise campaigns.

Corporate and Transactional Recipients

• Group entities and successors: If our operation is restructured, sold, merged or otherwise involved in a corporate transaction, your personal data may be transferred to prospective or actual purchasers, their advisors and our group entities, subject to confidentiality obligations and, where required, appropriate data protection safeguards.

Authorities and Legal Recipients

• Regulators and enforcement agencies: Competent authorities in relevant jurisdictions (for example, financial intelligence units, gambling regulators, tax authorities or law enforcement) where we are legally required to share information or where disclosure is necessary to protect our legal rights, players, or third parties.
• Professional advisers: Lawyers, auditors, accountants and consultants who require access to information to provide professional services, subject to strict confidentiality obligations.

Important transparency note: Because The Pokies and thepokies-aussie.com operate with limited public disclosure of ownership and corporate structure, some counterparties involved in the processing of your data may not be clearly identified on the website at all times. While we endeavour to use reputable third parties, this opacity may increase the risk of onward sharing beyond your reasonable expectations compared with fully regulated operators.

International Transfers

Your personal data may be transferred to, and processed in, countries other than the country in which you are located. This includes, but is not limited to:

• Offshore gambling and corporate jurisdictions: Transfers to jurisdictions where our servers, corporate entities or contracted service providers may be located, potentially including Curaçao or other offshore locations.
• European and non-European payment hubs: Transfers to payment processors and financial intermediaries based in Cyprus, Eastern Europe and other countries used to route player deposits and withdrawals.
• Global cloud and technology providers: Transfers to cloud hosting, security, analytics and content delivery providers that may operate data centres in multiple jurisdictions.

Where required by applicable data protection laws, we aim to ensure that such international transfers are subject to appropriate safeguards, such as:

• Contractual protections: Data processing agreements and, where relevant and enforceable, the use of standard contractual clauses or similar contractual mechanisms between us and our service providers, requiring them to protect personal data in line with recognised international standards.
• Technical and organisational measures: Encryption, access controls, data minimisation and other measures intended to reduce the risks associated with cross-border transfers.

However, because we do not operate under a clearly defined national privacy framework and are not certified under frameworks such as ISO 27001 or EU - US data transfer mechanisms, you should be aware that the level of legal protection for your data in destination countries may be lower than in your home jurisdiction. By using thepokies-aussie.com, you acknowledge that your data may be transferred to and processed in such countries.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting or reporting requirements, and for the establishment, exercise or defence of legal claims. Retention periods may vary depending on data type, jurisdictional obligations and risk considerations. As a general guide:

• Account and identification data: Typically retained for the duration of your account and for up to five (5) years after account closure or last activity, whichever is later, where necessary for AML, fraud prevention and legal defence purposes.
• Gameplay and transaction data: Betting history, financial transactions and related logs are generally retained for the lifetime of the account and for up to seven (7) years after closure or final transaction, to comply with potential financial record-keeping obligations and to resolve disputes.
• Customer support records: Communications with customer support are typically retained for up to five (5) years from the date of the last interaction, subject to longer retention where needed for dispute resolution.
• Marketing and consent records: Marketing preferences, opt-in/opt-out records and consent logs are kept for the period during which you receive marketing plus a reasonable period (typically up to three (3) years) to demonstrate compliance with consent and suppression requirements.
• Technical logs and security data: Server logs, security alerts and related technical data are usually retained for a shorter period, commonly between six (6) months and two (2) years, unless required longer for investigation or legal purposes.
• Cookies: Cookie data is retained in accordance with the lifespan of each cookie (see "Cookies & Tracking Technologies" below), which may range from session-only to several months or, in some cases, up to two (2) years.

When personal data is no longer needed for its original purpose and there is no legal requirement or overriding legitimate interest to retain it, we will take steps to delete, anonymise or irreversibly de-identify it. Because of backup and archival systems, residual copies may persist for a limited additional period before being automatically overwritten.

Your Rights

While The Pokies is not formally established in the European Union and does not operate under Mexican law, we seek to mirror, as far as reasonably possible, internationally recognised data subject rights similar to those provided under instruments such as the EU GDPR and Mexican data protection regulations. The actual enforceability of these rights may depend on your jurisdiction and applicable law. Subject to those limitations, you may have the following rights:

Right of Access

• Scope: You may request confirmation as to whether we process your personal data and, if so, receive a copy of the data and certain related information (for example, categories of data, purposes of processing and recipients).

Right to Rectification

• Scope: You may request correction of inaccurate personal data and completion of incomplete data (for example, updating your contact details or correcting spelling errors in your name).

Right to Erasure ("Right to be Forgotten")

• Scope: You may request deletion of your personal data in certain circumstances, such as where the data is no longer necessary for the purposes for which it was collected, you withdraw consent and there is no other legal basis for processing, or the processing is unlawful.
• Limitations: This right is not absolute. We may retain data where necessary to comply with legal obligations (for example, AML or financial record-keeping), to establish, exercise or defend legal claims, or to prevent fraud and abuse.

Right to Restriction of Processing

• Scope: You may ask us to restrict the processing of your data (for example, while we verify its accuracy or assess an objection you raised). During restriction, we will generally only store the data and not otherwise process it, except as permitted by law.

Right to Object

• Direct marketing: You may object at any time to the processing of your personal data for direct marketing purposes, including profiling related to such marketing. Upon objection, we will cease using your data for direct marketing.
• Legitimate interests: Where processing is based on our legitimate interests, you may object on grounds relating to your particular situation. We will assess your objection and cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or where processing is required for legal claims.

Right to Data Portability

• Scope: Where technically feasible and where the law provides for such a right, you may request to receive personal data that you have provided to us in a structured, commonly used and machine-readable format and to have it transmitted to another controller where processing is based on consent or contract and carried out by automated means.

Right to Withdraw Consent

• Scope: Where we rely on your consent for processing (for example, email marketing or certain cookies), you may withdraw that consent at any time using the unsubscribe links in emails, by adjusting your account preferences (where available), or by contacting us at the addresses provided below.

Procedures, Timeframes and Cost

• How to exercise your rights: You may submit a request by emailing [email protected] or [email protected], clearly indicating your identity, the right you wish to exercise, and relevant details of your request.
• Verification: To protect your privacy and security, we may ask you to provide additional information to verify your identity before acting on your request (for example, confirming certain account details or recent transactions).
• Response time: We aim to respond to legitimate requests without undue delay and in any event within thirty (30) days of receipt. If your request is particularly complex or we have received multiple requests from you, this period may be extended by a further thirty (30) days; we will inform you if an extension is needed.
• Fees: We do not normally charge a fee to handle your request. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded, repetitive or excessive, to the extent permitted by applicable law.

Regulatory alignment note: References in this section to GDPR-style rights and Mexican privacy principles are provided as a benchmark for good practice. They do not imply that The Pokies is formally subject to EU or Mexican supervisory authorities. Nevertheless, we will endeavour to honour these rights to the extent reasonably practicable within our technical and organisational capabilities.

Cookies & Tracking Technologies

We use cookies and similar technologies on thepokies-aussie.com to operate the site, enhance user experience, conduct analytics and, where permitted, support marketing and advertising activities.

Types of Cookies

• Strictly necessary (functional) cookies: These cookies are essential for the operation of the website and the provision of core services, such as enabling login, maintaining sessions, securing transactions, and remembering privacy settings. They cannot be switched off via our systems, though you may be able to block them in your browser (which may impair functionality).
• Preference cookies: These cookies remember your choices (for example, language, region, layout preferences) to provide a more personalised experience.
• Analytics and performance cookies: These cookies collect information about how visitors use our site (for example, pages visited, time spent, error messages) to help us understand performance and improve our services. We may use first-party analytics or third-party tools such as traffic analysis platforms.
• Advertising and tracking cookies: These cookies may be set by us or our advertising and affiliate partners to track your browsing across sites and build a profile of your interests, which can be used to display relevant adverts and measure the effectiveness of campaigns. They typically rely on unique identifiers of your browser or device.
• Session vs. persistent cookies: Session cookies are stored only for the duration of your browsing session and are deleted when you close your browser. Persistent cookies remain on your device for a defined period (for example, days or months) or until you delete them.

Managing Cookies

• Browser settings: Most web browsers allow you to manage cookies through their settings, including blocking or deleting cookies, or receiving alerts before a cookie is stored. Please consult your browser's help documentation for specific instructions.
• Internal controls: Where available, we may provide internal tools (such as cookie banners or settings panels) that allow you to manage consent for non-essential cookies, especially analytics and advertising cookies.
• Third-party opt-outs: Some analytics and advertising providers offer opt-out mechanisms via their own websites or industry platforms. Using these tools may help limit certain tracking but may not disable all cookies.

Disabling certain cookies, particularly strictly necessary or functional cookies, may affect your ability to use the site or enjoy all features of The Pokies.

Data Security

We take the security of your personal data seriously and implement technical and organisational measures designed to protect it against unauthorised access, loss, misuse, alteration or destruction. However, no system is completely secure, and given our offshore and unregulated status, you should carefully consider the risks of providing personal and financial information to any such service.

Technical and Organisational Measures

• Encryption in transit: We use industry-standard TLS (Transport Layer Security) protocols (TLS 1.2 or higher) to encrypt data transmitted between your browser and our servers, as indicated by the "https" and padlock symbol in your browser, typically using certificates such as Let's Encrypt SSL (R3).
• Data at rest: We seek to store personal data on secure servers that apply access controls and other safeguards. Depending on system design, we may also use encryption or pseudonymisation of certain data fields, and hashed/salted formats for passwords.
• Access control and authentication: Access to personal data is restricted to authorised personnel and service providers who require it for specific purposes, based on least-privilege principles. We encourage the use of strong, unique passwords and may provide or require multi-factor authentication (MFA) where technically available.
• Monitoring and logging: We use technical logs, monitoring tools and security alerts to detect suspicious activity, unauthorised access attempts and system anomalies, and we investigate incidents as appropriate.
• Staff awareness: Staff and contractors with access to personal data are expected to follow confidentiality obligations and are instructed on appropriate handling of customer information.
• Incident response: We maintain procedures to investigate potential data breaches or security incidents, mitigate harm, restore services and, where required by applicable law, notify relevant parties.

Important security disclaimer: Based on currently available information, The Pokies is not certified under ISO 27001, SOC 2 or similar internationally recognised security standards, and backend security controls have not been independently audited or publicly verified. In addition, data is likely to be shared with affiliate networks and other third parties. Because credential stuffing and account takeover are real risks, you should always use a unique password and consider using a dedicated email address for online gambling services to reduce exposure if another site is compromised.

Complaints & Contacts

Contacting Us

If you have questions, concerns or complaints regarding this Privacy Policy or our handling of your personal data, you can contact us using the following channels:

• Email (primary support and privacy contact): [email protected]
• Email (general enquiries): [email protected]
• Website: https://thepokies-aussie.com

No physical postal address or telephone number is currently specified; therefore, electronic contact is the primary method of communication.

Complaint Procedure

1. Submission: Send a detailed description of your concern or complaint, including relevant dates, account details (if applicable) and supporting documentation, to one of the email addresses above, clearly marking the subject line with "Privacy Complaint".
2. Acknowledgement: We will aim to acknowledge receipt of your complaint within seven (7) business days.
3. Investigation: We will review your complaint, gather any necessary information, and may contact you for clarification or additional details. We aim to complete this investigation within thirty (30) days from acknowledgement.
4. Outcome: We will send you a written response explaining the outcome of our investigation, any steps taken or proposed, and any options available to you.

In complex cases, we may require additional time to investigate; if this occurs, we will inform you of the extension and the expected timeframe for our final response.

Escalation to Supervisory Authorities

Because The Pokies operates as an offshore online gambling service without a clearly identified regulatory home, there may be no single supervisory authority with clear jurisdiction over our privacy practices. However, depending on your location, you may have the right to lodge a complaint with a data protection or privacy regulator in your country. For example:

• Australia: You may contact the Office of the Australian Information Commissioner (OAIC) regarding concerns about the handling of personal information by overseas entities that collect information about individuals in Australia. Website: https://www.oaic.gov.au
• European Union / EEA: If you are located in the EU/EEA and believe your rights under EU data protection law have been infringed, you may have the right to lodge a complaint with your local data protection authority.
• Mexico: If Mexican data protection regulations apply to you, you may contact the competent Mexican data protection authority (Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales - INAI). Website: https://www.inai.org.mx

Please note that the ability of these authorities to act against an offshore, unlicensed gambling operator may be limited. Nonetheless, you remain free to contact any authority you consider competent.

Updates

We may update or amend this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements or other factors. When we make changes, we will take appropriate steps to inform you, depending on the significance of the changes.

Notification Methods

• Website publication: The latest version of this Privacy Policy will always be available at https://thepokies-aussie.com. We will update the "Last updated" date at the end of the document.
• Email notifications: For material changes that significantly affect how we process your personal data or your rights, we will endeavour to notify registered account holders via email sent to the address associated with their account.
• On-site notices: We may display banners, pop-up notices or dashboard alerts on the site to inform you of important updates.

Advance Notice and Your Options

• Advance notice: Where feasible and where changes are material (for example, expanding the scope of processing or introducing new categories of recipients), we will provide at least thirty (30) days' advance notice before the changes take effect.
• Your review and objection: During the notice period, you should carefully review the updated Privacy Policy. If you do not agree with the changes, you may choose to discontinue use of The Pokies and request account closure and, where applicable, deletion or restriction of your personal data, subject to retention obligations described above.
• Continued use: Your continued use of thepokies-aussie.com after the effective date of any updated Privacy Policy will constitute your acknowledgment of the changes.

Last updated: January 2026