Ozwin
Login Register


Privacy and Policy

This privacy policy governs how Ozwin Casino ("Ozwin", "we", "our") collects, uses, stores and discloses the personal information of players resident in Australia. The policy is aligned with the Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APPs) issued by the Office of the Australian Information Commissioner (OAIC). Last updated: 2026-05-08.

1. Open and Transparent Management of Personal Information (APP 1)

We maintain this policy as a single, plain-English source of truth on our information-handling practices. We update it whenever a new processing purpose is added, and the effective date at the top of this page reflects the most recent change. A complete version history is available on request to [email protected].

2. Anonymity and Pseudonymity (APP 2)

Where the law and operational reality allow, you may interact with us anonymously - for example, browsing the site or asking general support questions. Account creation, deposits, withdrawals and KYC verification require identifiable personal information; without it we cannot lawfully operate a real-money gaming account in your name.

3. Collection of Solicited Personal Information (APP 3)

We collect personal information directly from you at the points listed below, and only what is reasonably necessary for the function in question:

  • Registration: name, date of birth, email, postcode, phone number, password (hashed).

  • KYC verification: a government-issued photo ID, a recent (within 90 days) proof of address, and where applicable, a payment-method proof.

  • Banking: the payment-method identifier (PayID handle, BPAY reference, masked card number, crypto address) required to process the specific transaction.

  • Gameplay: wager and win records, session timestamps, IP address, device fingerprint and browser data.

  • Support interactions: chat transcripts, emails and call recordings (where you have consented).

4. Dealing with Unsolicited Personal Information (APP 4)

If we receive personal information we did not solicit and that we could not lawfully have collected under APP 3, we will, within a reasonable time and where lawful, destroy or de-identify the information.

5. Notification of Collection (APP 5)

At the point of collection - on the registration form, the cashier and the KYC upload module - we tell you what we are collecting, the purpose, the consequences if you do not provide it, and the third parties we may disclose it to. This policy is the master notice; the in-product prompts are summaries that link back here.

6. Use or Disclosure of Personal Information (APP 6)

We use your information to operate your account, provide the gaming service, comply with anti-money-laundering and counter-terrorism financing laws (the AML/CTF Act 2006 and AUSTRAC reporting obligations), prevent fraud, and respond to lawful regulatory requests. We do not sell your personal information to advertisers or data brokers. We do not use your data to train external AI models.

7. Direct Marketing (APP 7)

We may send you product updates, bonus drops and promotional offers if you have opted in. Every marketing email contains a one-click unsubscribe; SMS marketing carries a STOP keyword. Opting out of marketing does not affect transactional messages (deposit confirmations, KYC updates, account security alerts) which we are required to send.

8. Cross-Border Disclosure (APP 8)

Some of our service providers - cloud hosting, KYC vendors, payment processors, fraud-detection systems - operate from outside Australia, including the European Union, the United Kingdom and the Philippines. We take reasonable steps before disclosing personal information overseas to ensure the recipient does not breach the APPs in relation to that information, by way of contractual data-protection clauses and audited security standards.

9. Adoption, Use or Disclosure of Government Identifiers (APP 9)

Government identifiers (driver's licence number, passport number, Medicare number) are collected for the sole purpose of identity verification under AML/CTF obligations. We do not use them as account identifiers, and we do not disclose them to any party other than the regulated KYC processor performing the verification.

10. Quality of Personal Information (APP 10)

You are entitled - and we expect you - to keep your personal information accurate. The account dashboard lets you update name, address, email and phone at any time. We periodically re-verify identity for accounts that have been dormant for extended periods, before processing further transactions.

11. Security of Personal Information (APP 11)

Personal information is stored encrypted at rest using AES-256 and transmitted over TLS 1.2 or higher. KYC documents are held in a separate, access-controlled vault; access is limited to a small group of staff with documented business need. We retain your personal information for seven years after account closure, in line with AUSTRAC record-keeping requirements, after which we securely destroy or de-identify it.

If a data breach affects you and meets the threshold of "likely to result in serious harm" under the Notifiable Data Breaches scheme, we will notify both you and the OAIC as required.

12. Access to Personal Information (APP 12)

You can request a copy of the personal information we hold about you by emailing [email protected] from your registered email. We respond within thirty days of a verified request, free of charge for the first request in any twelve-month period.

13. Correction of Personal Information (APP 13)

If the information we hold is inaccurate, out-of-date, incomplete, irrelevant or misleading, you may request correction. Most fields are self-serve in the dashboard; for fields tied to KYC (legal name, date of birth) we may require updated documentation before applying the change.

Cookies and Similar Technologies

We use a short list of cookies. Strictly-necessary cookies (session, security, fraud) cannot be disabled without breaking the service. Functional cookies remember your locale and lobby preferences for thirty days. Analytics cookies aggregate usage in a privacy-preserving way and persist for ninety days. We do not use third-party advertising trackers on the casino itself. Your browser's "Do Not Track" signal is honoured for the analytics layer.

Children

Ozwin Casino is for adults aged 18 or over. We do not knowingly collect personal information from minors. If we discover that a minor has registered, we close the account immediately, return any deposited funds via the original method, and delete the personal information except where retention is required by law.

Complaints and Lodging with the OAIC

If you believe we have breached the APPs, write to [email protected] first. We will acknowledge within 7 days and resolve within 30. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner at oaic.gov.au or 1300 363 992.