We collect the minimum information needed to provide and improve services and to meet regulatory requirements in Australia.

Personal information we collect:

• Identity and contact: full name, date of birth, residential address, email, phone.
• Account and profile: username, hashed credentials, preferences, responsible gambling settings.
• Verification (KYC): government ID details, proof of address, biometric checks (where permitted), verification outcomes.
• Payments and transactions: payment method tokens, deposits, withdrawals, winnings, account balances, tax information where required.
• Technical and usage: device identifiers, IP address, browser or app details, log and session data, play history, interaction records.
• Communications and marketing: support tickets, complaints, survey responses, marketing preferences.

Why we collect it:

• To provide the online services, manage accounts, and process transactions.
• To verify identity, prevent fraud, and comply with the Anti Money Laundering and Counter Terrorism Financing Act 2006 (Cth).
• To support responsible gambling measures and comply with state and territory obligations.
• To operate, maintain, and improve the websites, apps, and user experience.

How we protect information:

• Encryption in transit (TLS) and at rest; tokenisation for card data handled under PCI DSS controls.
• Strict access controls, role based permissions, multi factor authentication, least privilege.
• Network security, continuous monitoring, vulnerability scanning, and regular independent testing.
• Staff training, confidentiality agreements, and vetted suppliers bound by privacy and security terms.
• Data minimisation, purpose limitation, and retention schedules followed by secure deletion or de identification.
• Incident response and breach notification aligned to the Notifiable Data Breaches scheme.

Your rights:

• Request access to your personal information and receive a copy.
• Ask for corrections if information is inaccurate, out of date, incomplete, or misleading.
• Request deletion or de identification where lawful and feasible, noting records may be retained to meet legal and regulatory requirements.
• Opt out of direct marketing at any time.

Compliance:

We handle information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. We also consider relevant international norms for users in other regions, to the extent they apply.

We use information for purposes that are lawful, fair, and transparent:

• Account setup and service delivery, including authentication and personalisation of user settings.
• Deposits, withdrawals, payment reconciliation, tax reporting where required, and dispute resolution.
• Identity verification, fraud prevention, anti money laundering and counter terrorism financing checks, sanctions screening.
• Customer support, complaint handling, and quality assurance.
• Analytics, service improvement, and testing to maintain and improve online performance.
• Responsible gambling tools, monitoring for harm minimisation, and compliance reporting to regulators where required.
• Marketing communications based on your preferences and consent, including the ability to opt out at any time.

We do not sell personal information. We only process information for the purposes outlined in this document or as otherwise notified and permitted by law.

How to exercise your rights:

• Access: submit a request through the Account area or via the Contact Us channel. We will verify identity before releasing information.
• Correction: update details in your profile or ask support to correct records that are inaccurate, incomplete, or out of date.
• Deletion: request deletion or de identification. We will action requests unless retention is required for legal, regulatory, dispute, or security reasons.

Process and timing:

• We aim to respond within a reasonable period. Certain complex requests may take longer, and we will keep you informed.
• Where a request is refused in whole or part, we will provide reasons subject to legal constraints.

Security checks and payments:

• By using JB Casino, you consent to identity verification, fraud and security screening, and processing of payment information by authorised payment and verification providers.
• Records may be retained for minimum periods required by the AML/CTF framework and applicable state and territory laws, including up to seven years for certain transaction and verification data.

• Services are offered only to persons aged 18 or over. Account creation requires confirmation of age and may require documents for verification.
• The operator cannot determine a user’s age without reliable identification documents. Verification may be requested at any time.
• If we become aware that a minor has provided information, the account will be closed and information will be deleted or de identified.
• Parents or guardians may contact the Privacy Officer through the Contact Us channel to request deletion of a minor’s information.

• Personal information may be processed in other countries where service partners operate, including payment processors, verification providers, analytics, and cloud hosting.
• By using the services, you consent to international transfers for the purposes set out in this policy.
• We require partners to protect confidentiality and security through contract, technical controls, and adherence to privacy standards comparable to the Australian Privacy Principles.
• Safeguards may include encryption, access controls, privacy impact assessments, and contractual clauses addressing cross border disclosure under APP 8. Where relevant, we consider international frameworks such as GDPR for users located in those regions.

• This policy sets out general rules for information handling. Any disclaimer in this section may limit or clarify the scope of those rules to the extent permitted by law.
• The policy applies when a user accepts it by creating an account, ticking acceptance during sign up, or continuing to use the services. Acceptance forms part of the overall agreement.
• If there is a conflict between this policy and the Terms of Service, the Terms govern service use and this policy governs privacy and information handling.
• Nothing in this policy limits rights that cannot be limited under the Privacy Act 1988 (Cth). This document is not legal advice for users.

Definition:

• Cookies are small files stored on a device by websites and apps. They help remember preferences and improve online functionality.

How we use cookies:

• Essential cookies for security, sign in, and core functions.
• Analytics to understand site performance and user behaviour.
• Personalisation to remember settings and optimise content.
• Advertising and attribution in line with your preferences and applicable law.

Retention and control:

• Cookie lifetime is up to 1 year unless you remove them earlier.
• You can manage cookies through browser settings or device controls. Blocking some cookies may impact features and services.

• Using the websites or apps signifies full acceptance of this Privacy Policy.
• The version published on this page is the current version and prevails over any prior versions.
• Continued use after updates indicates acceptance of the revised policy. Material changes will be signposted where practicable.

We may disclose personal information to third parties for lawful purposes:

• Payment service providers, banks, and card schemes to process transactions and manage chargebacks.
• Identity verification, sanctions and screening providers to meet AML/CTF obligations.
• Fraud prevention and security vendors, analytics providers, cloud hosting, customer support platforms, and communication tools.
• Regulators, law enforcement, dispute resolution bodies, and auditors where required or authorised by law.
• Professional advisers subject to confidentiality duties.

Notes on third parties:

• A current list or categories of key vendors may be provided on the website or on request. Where a specific partner is not listed, we will explain the purpose and scope at the point of collection where reasonable.
• Providing information constitutes consent to such disclosure for the purposes described in this document. Each third party maintains its own privacy practices and is responsible for its compliance.

• The services may include links to external websites or apps that are not operated by us.
• Those websites have their own privacy policies and practices. We are not responsible for their information handling, security, or content.
• Exercise care when visiting external sites and review their privacy policies before providing any personal information.