burger icon
Rooli Casino Australia
Log In

Privacy Policy

This Privacy Policy explains how Rooli Casino (Rooli Casino, available to Australian users via roolibet-au.com) collects, uses, discloses and protects your personal information when you visit the Website, create an account, deposit or withdraw funds, or otherwise use our online gambling and related services.

It applies to all visitors and registered players who access the Website from Australia, as well as to any personal information processed in connection with Australian-facing marketing, customer support, and payment processing activities.

By using the Website you acknowledge that you have read and understood this Privacy Policy. If you do not agree, you should not use the Website or our services.

Effective date: 1 January 2026

Who We Are

Operator and data controller. The Website at roolibet-au.com is operated by:

  • Dama N.V., a company incorporated under the laws of Curaçao, with registered address at Scharlooweg 39, Willemstad, Curaçao, registration number 152125. Dama N.V. is the primary data controller for personal information processed under this Privacy Policy.
  • Friolion Limited, a company incorporated in Cyprus, with registered address at Leandrou, 12A, 3086, Limassol, Cyprus, registration number HE 419102, acts as a payment processing subsidiary and service provider on behalf of Dama N.V.

Dama N.V. holds an e-gaming licence no. 8048/JAZ2020-013 issued by Antillephone N.V. and authorised by the Government of Curaçao. The Website targets players in Australia but is operated from outside Australia and is not locally licensed under Australian gambling law; this Privacy Policy concerns data protection only.

Contact for privacy matters (Data Protection contact).

  • E-mail: [email protected]
  • Postal address (for Dama N.V.): Dama N.V., Scharlooweg 39, Willemstad, Curaçao (Attn: Data Protection Officer)

You may also contact our customer support through the help section on the Website for general questions; privacy-specific queries will be forwarded to the appropriate data protection contact.

What Personal Data We Collect

Identification and contact data

  • Registration data: full name, date of birth, country of residence, address, e-mail address, phone number, chosen username, password or authentication credentials.
  • Verification/KYC data: copies or details of identity documents (e.g. passport, ID card, driving licence), proof of address (e.g. utility bill, bank statement), and information we receive from identity verification and anti-fraud providers.

Technical and usage data

  • Device and connection data: IP address, browser type and version, operating system and device identifiers, language and time zone settings.
  • Log data: access dates and times, pages viewed, clicks, internal referral URLs, session duration, and similar diagnostic information generated when you use the Website.

Payment and financial data

  • Transaction data: deposits, wagers, wins, losses, withdrawals, bonuses used, selected payment methods, transaction timestamps, currency (including AUD) and amounts.
  • Payment instrument data: partially masked card numbers or other payment tokens, IBAN or account identifiers, wallet addresses (for certain payment methods), and related payment confirmations. We do not store full card details when payments are processed via third-party providers who act as independent controllers or processors.

Behavioural and profile data

  • Gaming and betting history: games played, stakes, outcomes, RTP-related information, bonus participation, session lengths and frequency.
  • Preferences and profile: language, communication and marketing preferences, favourites, feedback, support interactions, and inferred segments (e.g. active/inactive user, high-risk gambling behaviour).
  • Responsible gambling data: self-exclusion details, deposit or loss limits, reality checks, account cooling-off information, and internal notes related to safer gambling interactions.

Cookies and similar technologies

  • Cookies: small files stored on your device, including session cookies (deleted when you close the browser) and persistent cookies (stored for a defined period).
  • Similar technologies: web beacons, pixels, SDKs, local storage and similar tracking tools used for authentication, security, analytics and advertising (where permitted).

For more detail on cookies, please see the "Cookies & Tracking Technologies" section below.

Legal Basis for Processing

We process your personal information only where we have a valid legal basis. Depending on your location and the specific processing, this may include:

  • Performance of a contract: to create and manage your player account, provide access to games, process deposits and withdrawals, verify your identity for age and eligibility checks, provide customer support, and enforce our Terms and Conditions. Without this data, we cannot provide our services.
  • Compliance with legal obligations: to meet obligations under applicable anti-money laundering (AML), counter-terrorism financing (CTF), fraud prevention and responsible gambling laws and regulations, as well as accounting, tax and regulatory reporting requirements. This may include Curacao law and, where applicable, Australian law.
  • Legitimate interests: to operate, secure and improve the Website; prevent and investigate fraud, abuse and technical issues; protect our rights, property and users; conduct internal analytics and business reporting; and personalise content. We balance these interests against your rights and expectations and implement safeguards to protect your privacy.
  • Consent: for certain activities that are not strictly necessary for the service, such as:
    • sending marketing communications by e-mail, SMS or push notifications;
    • using non-essential cookies or similar technologies for analytics and advertising; and
    • sharing data with selected partners for personalised offers, where required.
    You may withdraw your consent at any time (see "Your Rights"). Withdrawal does not affect processing carried out before the withdrawal.

To the extent that data protection laws such as the EU General Data Protection Regulation (GDPR), the Mexican Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP), or the Australian Privacy Act 1988 (Cth) apply, we align our processing with the legal bases recognised by those laws.

Purpose of Processing

Provision and administration of services

  • Creating, verifying and managing your player account, including authentication, password management and account settings.
  • Providing access to casino games, promotions, loyalty programs and related functionality.
  • Processing deposits, wagers, wins, losses, bonus credits and withdrawals, and resolving payment issues.

Compliance, risk management and responsible gambling

  • Conducting KYC/identity verification, age checks and eligibility assessments.
  • Performing AML/CTF checks, transaction monitoring and fraud prevention activities.
  • Monitoring gaming behaviour for signs of problem gambling and applying limits, self-exclusion or other protective measures where necessary.
  • Maintaining records for audits, dispute resolution and regulatory inspections.

Service improvement and analytics

  • Analysing how the Website is used to improve performance, usability, product range, game offerings and customer experience.
  • Testing and deploying new features, functionalities and security enhancements.
  • Producing aggregated statistics and reports that do not identify individual users.

Marketing and personalisation

  • Sending promotional communications (where permitted) about games, bonuses, tournaments and special offers tailored to your profile and preferences.
  • Using cookies and similar technologies to remember your preferences and improve relevance of content.
  • Running loyalty, VIP and retention programs, including targeted incentives based on your activity.

Protection of our legitimate interests

  • Investigating and responding to complaints, disputes, chargebacks and policy violations.
  • Detecting and preventing fraud, collusion, money laundering, bonus abuse and other prohibited conduct.
  • Enforcing our Terms and Conditions and protecting our legal rights, as well as the safety and integrity of the Website and our users.

Disclosure & Sharing

We do not sell your personal information. We may, however, share it with the following categories of recipients where necessary for the purposes described above and subject to appropriate safeguards:

Group entities and internal recipients

  • Dama N.V. and its authorised staff involved in operations, risk, compliance, customer support and IT.
  • Friolion Limited and other group companies acting as payment processors or service providers on our behalf.

Payment and financial service providers

  • Banks, card schemes, e-wallet providers, payment gateways and other financial institutions that process deposits, withdrawals and refunds.
  • These entities may act as independent controllers for certain data; their own privacy policies apply in addition to this one.

Technical and operational service providers

  • IT hosting, cloud infrastructure, content delivery networks and data storage providers.
  • Game studios and software suppliers whose games you access through the Website.
  • Identity verification, AML/CTF and fraud-prevention providers.
  • Customer support platforms, communication tools and analytics providers.

Marketing and advertising partners

  • Marketing agencies, affiliate partners, and advertising networks that help us promote the Website, subject to consent where required.
  • Providers of analytics and attribution services, to measure the effectiveness of campaigns and optimise our offers.

Regulators, authorities and legal recipients

  • Regulatory and supervisory authorities in Curaçao and other relevant jurisdictions.
  • Law-enforcement agencies, courts, and government bodies where we are required to do so by law or where disclosure is necessary to establish, exercise or defend legal claims.

Corporate transactions

  • In connection with a merger, acquisition, reorganisation, sale of assets or similar corporate transaction, your data may be disclosed to potential or actual buyers and their professional advisers, subject to confidentiality obligations.

Whenever we share personal information with third parties who process it on our behalf, we require them by contract to process it only in accordance with our instructions and to implement appropriate security measures.

International Transfers

Because Rooli Casino (Rooli Casino) is operated from outside Australia and uses international service providers, your personal information may be transferred to and processed in countries other than your country of residence, including:

  • Curaçao (where Dama N.V. is registered and operates);
  • Cyprus (where Friolion Limited operates as a payment processing subsidiary);
  • Member States of the European Economic Area (EEA);
  • Other countries where our hosting providers, game suppliers, payment processors or support partners are located (which may include countries outside the EEA such as the United States).

These countries may have different data protection standards than those in your home jurisdiction (including Australia, the EU/EEA or Mexico). Where required by applicable law, we implement safeguards such as:

  • standard contractual clauses or other model data protection clauses approved by competent authorities;
  • contractual obligations requiring recipients to maintain appropriate security and confidentiality;
  • transfers to providers participating in recognised frameworks or schemes that ensure adequate protection, where applicable; and
  • technical measures (such as encryption and pseudonymisation) that mitigate risks associated with cross-border transfers.

By using the Website, you understand that your data may be processed in these locations. Where the Australian Privacy Act 1988 (Cth), GDPR or Mexican data protection laws apply to such transfers, we take steps to comply with their requirements.

Data Retention

We retain personal information only for as long as necessary to fulfil the purposes described in this Privacy Policy, including to meet legal, regulatory, accounting and reporting obligations, and then delete or irreversibly anonymise it.

Category of data Typical retention period
Account and identification data (basic profile) For the lifetime of your account and up to 5 years after account closure, unless longer is required by law (e.g. AML/CTF).
KYC and verification documents Up to 5 - 7 years after the end of the business relationship or last transaction, in line with AML/CTF and record-keeping obligations.
Transaction and gaming history At least 5 years from the date of the relevant transaction or activity, or longer where necessary for legal claims or regulatory requirements.
Marketing and communication preferences Until you withdraw consent or object to marketing, plus a short period to implement your request and maintain suppression lists.
Technical logs and security records Generally 6 - 24 months, unless needed longer for security investigations, litigation or compliance.
Cookies and similar identifiers According to their lifespan (see cookie banner and browser settings); session cookies are deleted when you close your browser.

We may retain anonymised or aggregated data indefinitely, as it no longer identifies you. When determining retention periods, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure, the purposes of processing, and applicable legal requirements.

Your Rights

Depending on your location and applicable law (including, where relevant, the GDPR, the Mexican Federal Law on Protection of Personal Data Held by Private Parties and its Regulations, and the Australian Privacy Act 1988 (Cth)), you may have some or all of the following rights with respect to your personal information:

Substantive rights

  • Right of access: to obtain confirmation whether we process your data and to receive a copy of your personal information, together with information about how it is used.
  • Right to rectification: to have inaccurate or incomplete personal information corrected. You can update certain details directly in your account settings.
  • Right to erasure ("right to be forgotten"): to request deletion of your personal information where it is no longer necessary for the purposes for which it was collected, where you have withdrawn consent (and no other legal basis applies), or where processing is unlawful. We may retain certain data where required by law (e.g. AML/CTF).
  • Right to restriction of processing: to request that we limit processing in certain circumstances, for example while we verify the accuracy of data or assess an objection.
  • Right to object: to object at any time to processing based on our legitimate interests, including profiling based on those interests. You have an absolute right to object to direct marketing.
  • Right to data portability: where applicable, to receive personal information that you have provided to us in a structured, commonly used and machine-readable format, and to transmit it to another controller, where technically feasible.
  • Rights relating to consent: where processing is based on consent, you may withdraw that consent at any time, without affecting the lawfulness of processing prior to withdrawal.

How to exercise your rights

  • Submit a request by e-mail to [email protected], from the e-mail address linked to your player account where possible.
  • Clearly state which right you wish to exercise and provide sufficient information for us to verify your identity (for example, username, full name, date of birth and registered address, or we may request additional verification documentation).
  • We will respond to your request within 30 days of receipt. In complex cases or where we receive numerous requests, this period may be extended by a further 30 days; we will inform you of any such extension and the reasons.
  • Requests are generally handled free of charge. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded or excessive, particularly due to their repetitive character.

Limitations

These rights are not absolute and may be limited by applicable law, for example where fulfilling your request would adversely affect the rights and freedoms of others, interfere with ongoing investigations, or require us to delete data we must retain by law (such as AML/CTF records or transaction histories). We will explain any decision not to fully comply with your request and inform you of your options to lodge a complaint with a supervisory authority (see "Complaints & Contacts").

Cookies & Tracking Technologies

Types of cookies we use

  • Session cookies: temporary cookies that exist only while your browser is open and are deleted when you close it. These are used, for example, to keep you logged in during a session.
  • Persistent cookies: remain on your device for a predefined period or until you delete them. They are used to remember your preferences and settings between visits.
  • First-party cookies: set by the Website (roolibet-au.com) and used primarily for core functionality and security.
  • Third-party cookies: set by external providers (such as analytics, advertising or affiliate partners) when permitted, to help us understand usage and deliver relevant content.

Purposes of cookies

  • Strictly necessary (functional) cookies: required for the operation of the Website, including authentication, load balancing, security and enabling core features (e.g. adding funds, placing bets). These cannot be switched off via cookie management tools, although you can block them in your browser (which may break the site).
  • Preference cookies: remember choices such as language, region, and display settings, to provide a personalised experience.
  • Analytics/performance cookies: help us measure and analyse how visitors use the Website (e.g. pages visited, errors encountered) so we can improve functionality and usability.
  • Advertising and marketing cookies: used to deliver and measure the effectiveness of marketing campaigns, personalise offers, and prevent showing the same advertisement repeatedly, where you have consented to such cookies.

Managing cookies

  • You can adjust your browser settings to refuse or delete cookies. The "Help" section of most browsers explains how to manage cookies, including blocking, restricting or deleting them.
  • Where available, you may use our on-site cookie banner or preferences centre to manage your consent for non-essential cookies (such as analytics and advertising cookies).
  • Disabling certain cookies may affect the functionality of the Website, and you may not be able to fully use all features (for example, staying logged in or accessing certain games).

Data Security

We implement technical and organisational measures designed to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

Technical measures

  • Use of TLS 1.2 or higher encryption to protect data transmitted between your browser and our servers.
  • Encryption or tokenisation of sensitive data at rest where appropriate, particularly payment-related information.
  • Firewalls, network segmentation, intrusion detection and prevention systems to protect our infrastructure.
  • Regular backups and integrity checks to ensure data availability and resilience.

Organisational and access controls

  • Access to personal information is restricted to authorised personnel who need it to perform their duties, based on role-based access control.
  • Multi-factor authentication and strong password policies for administrative access where feasible.
  • Employee and contractor confidentiality commitments and ongoing training on data protection, information security and responsible gambling.

Monitoring, audits and incident response

  • Regular security assessments and vulnerability management, including updates and patching of systems and software.
  • Review of service providers' security measures and data protection practices in line with industry standards (such as ISO/IEC 27001 and SOC 2), where applicable.
  • Incident response procedures to detect, investigate and respond to suspected personal data breaches. Where required by law, we will notify relevant authorities and affected individuals without undue delay.

While no system can guarantee absolute security, we continuously review and enhance our measures to maintain an appropriate level of protection, taking into account technological developments and the nature of our operations.

Complaints & Contacts

Contacting us

If you have any questions, concerns or complaints about how we handle your personal information, or if you wish to exercise your rights, you can contact us using the following channels:

  • E-mail (primary contact): [email protected]
  • Postal mail: Dama N.V., Scharlooweg 39, Willemstad, Curaçao (Attn: Data Protection Officer)
  • Website: via the support or contact section within your roolibet-au.com account.

Internal complaint handling

  1. Send your complaint or query to the contact details above, providing a clear description of your concern and any relevant account information.
  2. We will acknowledge receipt of your complaint within 5 business days, where feasible.
  3. We will investigate your complaint and aim to provide a substantive response within 30 days. If we require more time due to complexity or volume of issues, we will inform you of the extension and expected timeframe.

Escalation to supervisory authorities

If you are not satisfied with our response or believe that your data protection rights have been infringed, you may lodge a complaint with a relevant supervisory authority. Depending on your location, this may include:

  • Australia (if Australian privacy law applies): Office of the Australian Information Commissioner (OAIC). Further information on lodging a privacy complaint is available at https://www.oaic.gov.au.
  • Mexico (if Mexican law applies to you): Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI). Contact details and complaint procedures are available at https://home.inai.org.mx.
  • European Union/EEA (if GDPR applies to you): your local data protection authority. A list of authorities and their contact details is available via the European Data Protection Board at https://edpb.europa.eu/about-edpb/board/members_en.

We encourage you to contact us first so that we can attempt to resolve your concern directly, but you are not required to do so before approaching a regulator.

Updates

We may update this Privacy Policy from time to time to reflect changes in our services, legal or regulatory developments, or our internal practices.

How we notify you of changes

  • The latest version of the Privacy Policy will always be available on roolibet-au.com.
  • For material changes (for example, new types of data we collect, new purposes of processing, or changes in your key rights), we will endeavour to provide at least 30 days' advance notice where practicable, by:
    • e-mailing you at the address associated with your account;
    • displaying a prominent notice (banner or pop-up) on the Website; and/or
    • providing an in-account notification or message.
  • If you do not agree with the updated Privacy Policy, you may close your account and stop using the Website. Continued use of the Website after the effective date of the changes will constitute your acceptance of the updated Privacy Policy.

Version and change log

Version: 1.0

Last updated: January 2026

Future updates may include, for example, clarification of how we use particular cookies or analytics tools, adjustments to retention periods to reflect legal requirements, or updates to the list of our processors and partners. When we make material changes, we will summarise them in a notice accompanying the updated policy.