Star Casino

Privacy Policy

This Privacy Policy outlines how we collect, use, store, and protect your personal information when you access and use our online gaming platform and associated services. We are committed to maintaining the highest standards of data protection and transparency in accordance with the Privacy Act 1988 (Cth) and other applicable Australian privacy legislation. Last updated: January 16, 2026.

Information We Collect

We collect various types of personal information to provide you with seamless gaming experiences and comply with regulatory obligations. The information we gather includes data you voluntarily provide during registration, as well as information collected automatically through your interactions with our platform. Understanding what information we collect helps us serve you better while maintaining strict confidentiality standards.

When you create an account, we require essential personal details including your full name, date of birth, email address, phone number, and residential address. We also collect financial information such as banking details, payment card information, and transaction history to facilitate deposits and withdrawals. Additionally, we gather identification documents including passport numbers, driver’s licence information, and tax file numbers for verification and compliance purposes.

Our platform automatically collects technical information about your device and browsing behaviour. This includes your IP address, device type, operating system, browser version, cookie identifiers, and pages visited. We also record your gaming patterns, bet amounts, game preferences, and account activity logs to enhance your experience and detect unusual patterns that might indicate security risks.

  1. Registration data: name, date of birth, address, contact information
  2. Financial information: bank account details, payment methods, transaction records
  3. Identification documents: identification numbers and verification documents
  4. Device information: IP address, device identifiers, browser data
  5. Gaming activity: game history, betting patterns, account interactions
  6. Communication records: emails, support tickets, and correspondence logs
  7. Cookies and tracking data: session identifiers, preferences, analytics data
  8. Location information: inferred from IP address for regional compliance

Purpose of Data Collection

We collect and process your personal information for specific, clearly defined purposes that benefit both you and our operations. Every data collection activity is justified by legitimate business needs, regulatory requirements, or your explicit consent. We do not use your information beyond the purposes outlined unless we obtain additional consent from you.

The primary purpose of collecting your information is to establish and maintain your gaming account, verify your identity, and prevent fraud and money laundering. We use your data to process financial transactions, including deposits, withdrawals, and bonus payments, ensuring accurate record-keeping and compliance with financial regulations. Your information enables us to provide customer support, respond to inquiries, and resolve disputes or complaints efficiently.

We analyse gaming data to improve our services, develop new games, and personalise your experience based on your preferences. Your information helps us enforce our terms and conditions, prevent cheating, detect problem gambling behaviours, and comply with Australian gambling legislation and anti-money laundering requirements. We also use your data to communicate promotions, updates, and responsible gambling information relevant to your account.

  1. Account creation and verification: establishing identity and preventing duplicate accounts
  2. Financial processing: managing deposits, withdrawals, bonuses, and payment reconciliation
  3. Regulatory compliance: meeting Australian gambling laws, AML/CTF requirements, and tax obligations
  4. Fraud prevention: detecting suspicious activity, account takeovers, and unauthorised access
  5. Customer service: responding to inquiries, resolving issues, and providing support
  6. Service improvement: analysing usage patterns to enhance platform functionality
  7. Problem gambling detection: identifying at-risk players and offering support resources
  8. Marketing communications: sending personalised offers and responsible gambling messages
  9. Legal obligations: responding to law enforcement requests and court orders

Data Sharing and Third Parties

We share your personal information with selected third parties only when necessary to fulfil our services or comply with legal obligations. We maintain strict agreements with all third parties to ensure your data receives equivalent protection. We never sell your personal information to unrelated businesses for marketing purposes without your explicit consent.

Payment processors and financial institutions receive your financial information to facilitate transactions. These organisations operate under strict confidentiality agreements and comply with payment industry standards. Software providers who maintain our platform infrastructure may access limited technical data to ensure system reliability and security. Regulatory authorities and law enforcement agencies may request your information when legally required, and we comply with lawful requests while protecting your rights.

Responsible gambling organisations may receive referrals with your consent when you request support services. Our customer service providers have access to account information necessary to assist you. Third-party analytics providers receive aggregated, non-identifiable data for platform improvement. Your information may be shared with other entities within our corporate group for administrative and security purposes.

  1. Payment processors: financial institutions handling transactions
  2. Banking partners: organisations facilitating account transfers and verification
  3. Compliance agencies: regulators and government bodies with statutory authority
  4. Customer support outsourcers: third-party service providers assisting with inquiries
  5. Responsible gambling services: organisations offering counselling and support
  6. Analytics providers: companies processing aggregated platform data
  7. Legal representatives: lawyers handling disputes or compliance matters
  8. Law enforcement: police and government agencies with lawful authority

Security Measures and Data Protection

We implement comprehensive security protocols to protect your personal information from unauthorised access, alteration, disclosure, or destruction. Our security infrastructure combines technical, administrative, and physical safeguards to maintain the confidentiality and integrity of your data throughout our systems.

We employ 256-bit SSL encryption for all data transmitted between your device and our servers, ensuring that sensitive information including passwords and financial details remains encrypted during transit. Our databases are protected by multiple layers of security including firewalls, intrusion detection systems, and access controls. We restrict employee access to personal information based on the principle of least privilege, ensuring individuals only access data necessary for their role.

All staff members handling personal information complete mandatory privacy training and sign confidentiality agreements. We conduct regular security audits and penetration testing to identify vulnerabilities before they can be exploited. Our systems maintain comprehensive logs of data access and modifications, allowing us to detect and investigate suspicious activities. We maintain secure backup systems with disaster recovery capabilities to prevent data loss.

  1. Encryption: SSL/TLS encryption for data in transit and AES encryption for stored data
  2. Access controls: role-based permissions limiting employee data access
  3. Firewalls and intrusion detection: preventing unauthorised network access
  4. Regular audits: conducting security assessments and vulnerability testing
  5. Staff training: mandatory privacy and security education for all employees
  6. Incident response: procedures for detecting and responding to data breaches
  7. Backup systems: secure data redundancy and disaster recovery capabilities
  8. Monitoring: 24/7 surveillance of suspicious account activities and transactions

Data Retention and Deletion

We retain your personal information for the duration necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. We regularly review retained data and delete information when it is no longer required, balancing your privacy interests against potential legal and business requirements.

Active account information is retained while your account remains open and for up to seven years after account closure to comply with Australian tax law and anti-money laundering regulations. Financial transaction records are maintained for a minimum of seven years as required by the AML/CTF Act. Identification documents used for verification are retained for the duration of your account relationship and seven years thereafter. Should you request account closure, we remove non-essential personal information while retaining records necessary for regulatory compliance and fraud prevention.

You may request deletion of specific non-essential data at any time, subject to legal retention requirements. We will inform you of retention periods when you request deletion if legal obligations require us to maintain your information. Upon legitimate deletion requests, we securely destroy information using methods that prevent recovery, maintaining only aggregated statistical data that cannot identify you.

  1. Active account data: retained throughout account lifetime plus seven years post-closure
  2. Financial records: maintained for minimum seven years per AML/CTF legislation
  3. Identification documents: stored for account duration plus seven years after closure
  4. Communications records: retained for three years from final communication date
  5. Cookies and tracking data: removed within 12 months of inactivity
  6. Marketing consent records: maintained until consent is withdrawn
  7. Dispute resolution records: retained for three years after dispute resolution
  8. Backup data: deleted in accordance with primary data retention schedules

Your Privacy Rights

As an individual in Australia, you have fundamental rights regarding your personal information. We respect these rights and provide accessible mechanisms for you to exercise them. You have the right to request access to information we hold about you, understand how we use it, seek correction of inaccurate information, request deletion where appropriate, and lodge complaints about our privacy practices.

You can request access to your personal information by submitting a written request through your account dashboard or contacting our privacy team. We will provide your information in a clear, understandable format within 30 days of receiving a valid request. If you believe information we hold is inaccurate, incomplete, or misleading, you may request correction, and we will update our records accordingly or provide you with written explanation if we dispute the correction.

You have the right to object to processing your information for marketing purposes, and we will cease such communications upon request. You may withdraw consent for optional data collection at any time, which will not affect the lawfulness of processing conducted with consent before withdrawal. If you wish to lodge a complaint about our privacy practices, you may contact our privacy officer or the Office of the Australian Information Commissioner.

  1. Right of access: request copies of personal information we hold about you
  2. Right of correction: request amendment of inaccurate or incomplete information
  3. Right of deletion: request removal of unnecessary personal data
  4. Right of objection: refuse processing for marketing and optional purposes
  5. Right to withdraw consent: revoke permission for optional data collection
  6. Right to data portability: request information in portable, machine-readable format
  7. Right to lodge complaints: submit grievances to privacy authorities
  8. Right to explanation: request details about how automated decisions affect you

Cookies and Tracking Technologies

Our platform uses cookies and similar tracking technologies to enhance your gaming experience, remember your preferences, and analyse how you interact with our services. Cookies are small text files stored on your device that enable us to deliver personalised experiences and maintain session security. We use both essential cookies required for platform functionality and optional cookies for analytics and marketing purposes.

Essential cookies enable fundamental operations such as account login, transaction processing, and fraud prevention. These cookies are necessary for our platform to function correctly and cannot be disabled without preventing service access. Analytics cookies collect information about how users navigate our platform, which pages are viewed most frequently, and where users encounter difficulties. This information helps us improve our services and identify technical issues affecting user experience.

Marketing cookies track your interactions across our platform and external websites to display relevant advertisements and promotions. We also use cookies to remember your account preferences, language settings, and gaming choices. You can control cookie preferences through your browser settings, although disabling essential cookies will prevent normal platform functionality. Third-party cookies from analytics and advertising partners may also be present on our platform.

  1. Session cookies: maintain your login status and account security during browsing
  2. Preference cookies: remember your settings, language, and display preferences
  3. Analytics cookies: measure user behaviour and platform performance metrics
  4. Marketing cookies: track interactions for personalised advertising and promotions
  5. Security cookies: prevent fraud and detect suspicious account activity
  6. Third-party cookies: from advertising partners and analytics providers
  7. Flash cookies: persistent identifiers stored by media players
  8. Web beacons: tracking pixels measuring page visits and advertisement effectiveness

Marketing Communications and Preferences

We send promotional communications, game updates, responsible gambling information, and service notifications to enhance your experience and keep you informed. Your marketing preferences are entirely within your control, and we provide simple mechanisms to manage what communications you receive and how often we contact you.

When you register, you may opt in to receive email newsletters featuring game recommendations, exclusive promotions, and special offers. You may adjust these preferences at any time through your account settings or by clicking unsubscribe links in our communications. We also send transactional emails regarding account activity, payments, and security notifications which cannot be unsubscribed as they relate to account management and statutory obligations.

We segment our mailing lists based on your gaming preferences and activity patterns to ensure you receive relevant information rather than generic broadcasts. Our promotional emails always include clear identification as marketing communications and provide easy mechanisms to modify your preferences. If you remain inactive for extended periods, we may send re-engagement communications offering bonuses or updates, which you can immediately disable.

  1. Promotional emails: game recommendations and special offers based on your preferences
  2. Newsletter subscriptions: regular updates about new games and platform improvements
  3. Account notifications: essential messages about transactions and account changes
  4. Responsible gambling: information about tools and support services available
  5. Security alerts: notifications of unusual activity or login attempts
  6. SMS communications: text messages for time-sensitive promotional offers
  7. Push notifications: in-app messages for game launches and promotions
  8. Preference centre: centralised control of all communication frequency settings

Data Breach Notification

Should a data breach occur involving unauthorised access to or disclosure of your personal information, we will notify you promptly in accordance with the Privacy Act 1988 and Australian data breach notification laws. Our notification will include details about what information was compromised, the likely consequences, and steps we are taking to address the breach and prevent recurrence.

We maintain incident response procedures enabling rapid detection, investigation, and containment of data breaches. Upon discovery of a breach, we immediately secure affected systems, engage cybersecurity specialists, and cooperate with law enforcement if required. We will contact affected individuals within 30 days using email, SMS, or telephone depending on contact information availability and breach severity. We also notify relevant regulatory authorities including the Office of the Australian Information Commissioner when breaches meet statutory notification thresholds.

Our breach notification will provide guidance about protective measures you should consider, such as monitoring your accounts for fraudulent activity and changing passwords. We may offer complimentary credit monitoring or other protective services if personal financial information was compromised. We maintain detailed breach records documenting the nature, scope, response, and remedial actions taken to ensure continuous improvement of our security protocols.

  1. Immediate investigation: engaging specialists within 24 hours of breach discovery
  2. System containment: isolating affected systems to prevent further unauthorised access
  3. Individual notification: contacting affected users within 30 days with breach details
  4. Authority notification: informing regulators and law enforcement as required
  5. Protective guidance: advising on steps to monitor and protect your accounts
  6. Remedial services: offering credit monitoring or protective services if applicable
  7. Public statements: issuing appropriate disclosure about breach response measures
  8. Record maintenance: documenting breach details for regulatory and improvement purposes

International Data Transfers

Your personal information is primarily processed and stored within Australian data centres to protect your privacy under Australian law. However, certain operations including cloud services, customer support, and analytics may involve data transfers to overseas locations. We only transfer your information to countries with adequate privacy protections or with appropriate safeguards in place.

Where we transfer information to overseas service providers, we ensure they maintain equivalent privacy protections through contractual obligations, standard contractual clauses, or privacy certifications. We do not transfer information to jurisdictions without adequate privacy frameworks without your explicit consent, except where required by law or for fraud prevention. You should be aware that overseas service providers may be subject to local laws requiring disclosure of information to government authorities.

We minimise overseas transfers of sensitive data such as identification documents and financial information, retaining such data within Australian jurisdiction where possible. Any overseas recipients are contractually bound to protect your information consistently with Australian privacy laws and our privacy standards. You can request details about specific overseas recipients through our privacy team.

  1. Cloud hosting: data stored on secure servers in Australian data centres primarily
  2. Payment processing: financial information may be transferred to overseas payment providers
  3. Customer support: some support functions may be outsourced to international operators
  4. Analytics services: usage data may be processed by overseas analytics platforms
  5. Contractual safeguards: binding agreements requiring equivalent privacy protections
  6. Data minimisation: limiting transfers to essential information only
  7. Consent mechanisms: obtaining explicit consent for discretionary international transfers
  8. Regulatory compliance: ensuring transfers comply with Privacy Act 1988 requirements

Contact and Privacy Complaints

We welcome questions, concerns, or requests regarding our privacy practices. Our dedicated privacy team is available to assist you with any privacy-related matters, provide information about how we handle your data, or help you exercise your privacy rights. You can contact us through multiple channels for your convenience and preference.

If you believe we have violated your privacy rights or mishandled your personal information, we encourage you to contact our privacy officer directly. We will investigate your complaint promptly and provide a detailed response within 30 days. If you are unsatisfied with our response or wish to escalate your complaint, you may lodge a formal complaint with the Office of the Australian Information Commissioner, which is the independent Australian privacy regulator.

You may also seek independent advice from community legal services or privacy advocates regarding your privacy rights. We maintain a record of all privacy complaints and use this feedback to improve our privacy practices and training. Your complaint will not affect your ability to continue using our services, and we will not retaliate against you for raising legitimate privacy concerns.

  1. Privacy officer contact: dedicated team responding to privacy inquiries
  2. Email submission: privacy concerns can be submitted through our website
  3. Telephone support: privacy team available during business hours
  4. Account dashboard: submit privacy requests through your account portal
  5. Written complaints: formal written submissions to our privacy team
  6. OAIC complaints: escalation to the Office of the Australian Information Commissioner
  7. Response timeline: 30-day commitment to investigating and responding
  8. Non-retaliation: assurance that complaints will not affect service access