Bizzo Casino Privacy Policy
Last updated: 2026-05-11
This Privacy Policy explains how Bizzo Casino ("we", "our") collects, uses, discloses and protects personal information of Australian players. We operate in alignment with the Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APP) set out in Schedule 1 of that Act. Where AUSTRAC obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 require us to collect or hold information, that obligation prevails — and we explain those points below.
1. Scope and Acceptance
This policy applies to all visitors to our website and all registered account holders resident in Australia. By creating an account you confirm you have read this policy and consent to the collection, use and disclosure of your personal information as described here. We update this policy when our practices change; the date above shows the most recent revision.
2. What Personal Information We Collect
We collect only what we need to operate the service, meet our legal obligations and protect your account:
- Account identifiers: full legal name, date of birth, residential address, email, mobile number.
- Identity verification (KYC): photograph of an Australian Government ID (driver licence, passport or proof-of-age card), and where required a secondary address document such as a utility bill or bank statement.
- Financial data: deposit and withdrawal records, payment method identifiers (PayID handle, BSB and last-four account digits, BPAY reference, Neosurf voucher numbers).
- Source-of-funds documentation: required only where AUSTRAC thresholds apply (single deposit AU$10,000 or aggregated AU$10,000 within a rolling 30-day window).
- Gameplay data: wagers placed, games played, session length, bonus claims and points balance.
- Technical data: IP address, browser user-agent, device identifier, timezone, the pages you visit on this site.
- Communications: live-chat transcripts and email correspondence with our support team.
3. Why We Collect It (APP 3 and APP 6)
Each category has a defined lawful purpose:
- Account identifiers and KYC: meeting AUSTRAC's age and identity obligations and preventing duplicate accounts.
- Financial and source-of-funds data: processing payments, monitoring for laundering risk, and meeting AUSTRAC's reporting requirements.
- Gameplay data: running your account, computing loyalty points, applying responsible-gambling tools and detecting fraud.
- Technical data: protecting the platform from attack and improving site performance.
- Communications: supporting you and improving our service.
We do not sell personal information. We do not use your data for direct marketing without a clear opt-in, and you can withdraw consent in your account preferences at any time (APP 7).
4. How Long We Keep It (APP 11)
| Category | Retention period |
|---|---|
| Account identifiers | For the life of the account + 7 years after closure |
| KYC documents | 7 years from collection (AUSTRAC requirement) |
| Financial and transaction records | 7 years from transaction date (AUSTRAC requirement) |
| Gameplay logs | 3 years from session date |
| Technical and analytics data | 13 months from collection |
| Live-chat transcripts | 2 years from last message |
At the end of each window we either delete the data or de-identify it irreversibly. The 7-year floor on KYC and financial records reflects an explicit AUSTRAC obligation — we cannot delete that information earlier even on request.
5. Disclosure (APP 6 and APP 8)
We disclose your information only to:
- Our payment processors, to the limited extent needed to settle deposits and withdrawals;
- Identity verification providers (where we use a third-party KYC service) under written contracts that bind them to handle the data per APP requirements;
- AUSTRAC, the OAIC or a court of competent Australian jurisdiction, where required by law;
- Our hosting and security providers, who process data on instructions only.
Some of these providers operate servers outside Australia, including in the European Union and Singapore. We take reasonable steps under APP 8 to ensure overseas recipients handle your information in line with the APP.
6. How We Protect It (APP 11)
Data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access is role-based; only staff with a documented operational need can view KYC documents, and every access is logged. We run quarterly penetration tests and rotate keys yearly.
7. Your Rights (APP 12 and APP 13)
You may at any time:
- Request a copy of the personal information we hold about you;
- Request correction of any inaccurate information;
- Lodge a complaint about our handling of your personal information.
Requests can be made through your account dashboard or by emailing our privacy contact below. We respond to access requests within 30 calendar days. There is no fee for a routine request. We cannot delete records that AUSTRAC requires us to hold, but we can confirm exactly what is held and why.
8. Cookies and Similar Technologies
We use cookies for session management, security, and aggregate analytics. We do not use third-party advertising cookies that share personal information for cross-site tracking. You can control non-essential cookies via the consent banner shown on your first visit.
9. Children
Bizzo Casino is for adults aged 18 and over. We do not knowingly collect information from minors. If we discover an account belongs to a minor, we close it immediately and return any deposit funds where legally permitted.
10. Contact and Complaints
Privacy contact: [email protected]. If you are not satisfied with our response within 30 days, you may lodge a complaint with the Office of the Australian Information Commissioner at oaic.gov.au or by phone on 1300 363 992.