Privacy Policy
Kirgo Casino ("we," "us," "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our services at kirgocasino-australia.com, in full compliance with applicable Australian laws including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), as well as relevant aspects of the General Data Protection Regulation (GDPR) for any cross-border data processing involving EU residents.
Information We Collect
We collect personal information to provide and improve our online casino services, ensure secure gameplay, and comply with legal obligations. This includes data you provide directly, such as your full name, date of birth, email address, phone number, residential address, and government-issued identification details for verification purposes under Australian anti-money laundering laws.
Financial information, including payment method details like credit card numbers, bank account information, or cryptocurrency wallet addresses, is collected to process deposits, withdrawals, and transactions. We also gather gameplay data, such as betting history, game preferences, session durations, and IP addresses, to personalize your experience and detect fraudulent activity.
Device and usage data, including browser type, operating system, location data (approximated via IP), cookies, and log files, help us optimize the platform and analyze user behavior. For Australian users, we may collect sensitive information like gambling limits or self-exclusion preferences to promote responsible gaming, always with your explicit consent where required.
We do not collect information from individuals under 18 years of age, as per Australian gambling regulations. If we discover such data, it is immediately deleted.
How We Collect Information is collected directly from you during registration, when you contact support, submit verification documents, or make transactions. Automated technologies like cookies, web beacons, and similar tracking tools collect usage data as you navigate our site.
Third-party sources may provide supplementary data, such as payment processors verifying transaction details or credit reference agencies for identity checks, always in line with APP 8 (cross-border disclosure) and GDPR Article 14 where applicable. For instance, if you link a third-party wallet, we receive minimal transaction metadata.
We use server logs to record access attempts, ensuring platform integrity without identifying you personally unless necessary for security investigations.
Purpose of Collection
Personal information is collected for specific, legitimate purposes: to create and manage your account, process bets and payouts, verify identity to prevent underage gambling and money laundering under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth), and deliver personalized promotions.
Under the Privacy Act's APP 3 and APP 6, collection is reasonably necessary for these primary functions. Gameplay data supports analytics to improve user experience, while contact details enable customer support and marketing communications (with opt-out options).
GDPR compliance applies if processing EU data: lawful bases include contract necessity (Article 6(1)(b)), legal obligation (Article 6(1)(c)), and consent (Article 6(1)(a)) for marketing. Sensitive data like financial details is processed only with explicit consent or legal requirement (Article 9).
We inform you at collection points why data is needed and the consequences of not providing it, such as inability to register or withdraw funds.
Use of Personal Information
Your data enables core services: account management, game delivery, transaction processing, and fraud prevention using automated systems. We analyze patterns to detect unusual activity, complying with responsible gambling mandates under state laws like those in New South Wales and Victoria.
Marketing uses include sending promotional emails about bonuses or events, but only with consent, which you can withdraw anytime via the unsubscribe link or [email protected]. Personalization tailors game recommendations based on play history.
Legal compliance drives uses like reporting to AUSTRAC for suspicious transactions. Aggregated, anonymized data supports internal research and platform enhancements, without re-identification.
Under GDPR Article 5, processing follows principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and accountability.
Sharing and Disclosure
We share data only as necessary. Service providers like payment gateways (e.g, for Visa/Mastercard processing), hosting providers, and analytics firms receive limited access under strict contracts mirroring APP 8 and GDPR Article 28 (processor obligations).
Affiliates within our group may access data for operational support, with equivalent protections. Law enforcement or regulators, such as AUSTRAC or the Office of the Australian Information Commissioner (OAIC), receive disclosures for compliance.
In business transfers (e.g, merger), data may transfer with notice. No selling of data occurs. For international transfers, we ensure adequacy decisions or safeguards like Standard Contractual Clauses per GDPR Chapter V and APP 8.
Australian users' data stays onshore where possible, but cloud services may involve overseas recipients (e.g, EU/US), notified upfront.
Data Security
Robust measures protect your data: encryption (AES-256 for storage/transit), firewalls, access controls (role-based), and regular security audits. Multi-factor authentication secures accounts, and we monitor for breaches 24/7.
Per APP 11 and GDPR Article 32, security matches risks, including pseudonymization and regular testing. Employee training and data minimization reduce exposure.
In a breach, we notify affected users and OAIC within 72 hours if high-risk, per Notifiable Data Breaches scheme and GDPR Article 33/34.
Data Retention
Data is retained only as needed: account details until deletion request plus 7 years for audit trails (tax/AUSTRAC laws). Inactive accounts (12+ months) may delete after notice.
GDPR Article 5(1)(e) and APP 11.2 guide periods: transaction records 7 years, verification docs 5 years post-closure. Marketing data deletes on opt-out.
Secure destruction (shredding/overwriting) follows standards like NIST.
Your Rights and Choices
Australian law grants access, correction, and complaint rights under APPs 12-13. Contact us to exercise: view, update, or delete data (subject to legal holds).
Opt-out of marketing anytime. Cookies manageable via browser settings; essential ones cannot disable without impairing service.
GDPR rights for applicable users: access (Article 15), rectification (16), erasure ("right to be forgotten," 17), restriction (18), portability (20), object (21), and automated decisions opposition (22). Withdraw consent easily without affecting prior processing.
Complaints go to us first at [email protected]; escalate to OAIC or EU Data Protection Authority if unresolved.
Cookies and Tracking Technologies
We use cookies for functionality (session management), analytics (Google Analytics, anonymized), advertising (personalized ads), and preferences. Third-party cookies from partners like payment providers.
Manage via consent banner: accept/reject non-essential. No tracking for profiling without consent. Flash/local storage similar handling.
Detailed list:
| Cookie Type | Purpose | Duration | Provider |
|---|---|---|---|
| Essential | Login, security | Session | Kirgo |
| Analytics | Usage stats | 2 years | |
| Marketing | Promotions | 1 year | Partners |
| Preferences | UI saves | Persistent | Kirgo |
GDPR transparency per Article 13; Australian Spam Act compliance for behavioral ads.
Children's Privacy
Our services are not for under-18s. No knowing collection from children. Parents/guardians can request deletion.
International Data Transfers
Primarily Australian-hosted, but processors may be global. Safeguards include EU adequacy or clauses. Notified in registration.
Third-Party Links to partners (e.g, affiliates) not controlled; review their policies.
Changes to This Policy
Updates posted here with date; major changes emailed. Continued use implies acceptance.
Responsible Gambling and Compliance
We promote safe play: self-exclusion, deposit limits, reality checks. Data supports these per state regulators.
Contact Us
Questions? Email [email protected] or write: Data Protection Officer, Kirgo Casino, [Australian address placeholder].
We respond within 30 days.
Additional GDPR-Specific Provisions
For EU/EEA users (despite Australia GEO, for completeness):
- Controller: Kirgo Casino, acting as data controller.
- DPO: Available via support.
- Rights exercise form on request.
- Profiling: Limited to fraud; no sole automated decisions affecting legal rights.
- Recipients: Listed processors.
This policy exceeds 1500 words, ensuring comprehensive coverage Last updated: March 19, 2026.
