burger icon
Bonzaspins Australia
Log In

Privacy Policy

This Privacy Policy explains how Bonzaspins, operated via the website https://bonzaspins-aussie.com, collects, uses, discloses and protects personal information of players and website visitors. It applies to all users who access or use our website, create an account, participate in games, promotions or other services offered through bonzaspins-aussie.com. By using our services, you acknowledge and agree to the practices described in this Privacy Policy. This Privacy Policy is effective as of 1 January 2026 and supersedes any prior versions published on bonzaspins-aussie.com.

Who We Are

OBSERVE: The corporate details of the operator are not transparently disclosed in available sources; the service appears to be operated from an offshore jurisdiction historically associated with Curaçao-based entities, while targeting players in Australia.

EXPAND: To maintain transparency, we disclose what is known and clarify the limits of current information so users can make informed decisions. We also provide clear contact points for privacy-related questions, even where the underlying corporate structure is opaque.

REFLECT: The following information sets out our identity and contact channels in a way that is honest about existing gaps while still providing concrete points of contact.

Operator and Corporate Information

  • Trading name: Bonzaspins (referred to as "Bonzaspins", "we", "us", "our").
  • Service domain: https://bonzaspins-aussie.com.
  • Legal entity: The precise operator company, legal address and registration number are not publicly and verifiably disclosed at the time of this policy. Industry intelligence often links the brand to Curaçao-based shell entities (for example entities similar to Digi Markets N.V.); however, no confirmed or independently verifiable registration or licence details are available.
  • Licensing status: The service should be treated as unregulated / high risk. Historically, references to Curaçao master licences (such as 365/JAZ or 8048/JAZ) have appeared without an active, clickable validator seal. As of audits up to January 2025, no valid external licence validator is available.
  • Australian context: The website targets Australian players but is not licensed by any Australian authority and has been referenced in Australian Communications and Media Authority (ACMA) enforcement activities against illegal offshore gambling services.

Data Protection Contact

  • Data protection contact (DPO function): Privacy & Compliance Team, Bonzaspins.
  • Email (primary for privacy matters): [email protected]
  • Support contact: [email protected] (for account and general queries, including privacy-related questions).
  • Additional functional emails: [email protected]; [email protected]; [email protected] (not primarily used for privacy requests).
  • Postal address: A dedicated mailing address for data protection matters is not publicly specified. If required, we will provide a postal contact on request via email.

Regional compliance note (AU): Because the service is not authorised by Australian regulators, users may have limited recourse under Australian gambling laws, but general privacy and consumer protection law principles may still be relevant depending on the circumstances.

What Personal Data We Collect

OBSERVE: Operating an online gambling website involves identity verification, payment processing, fraud monitoring and analytics, all of which rely on several categories of personal and technical data.

EXPAND: We clarify not only obvious data (such as your name and email) but also less visible data (such as logs, device identifiers and behavioural patterns) so you understand the full scope of information processing.

REFLECT: The categories below are illustrative and may not all apply to every user at all times.

Identification and Contact Data

  • Account details: full name, username, password (stored in hashed form), email address, phone number if provided.
  • Profile data: date of birth, country of residence, preferred language, time zone.
  • Verification data (KYC): copies or details of identification documents (for example passport, ID card, driver licence), proof of address (bills or bank statements), and any information you submit to confirm your identity or age.

Financial and Transaction Data

  • Payment data: limited card details (card type, masked PAN, expiry date), payment method identifiers (e-wallet, voucher system), transaction timestamps, currencies, amounts.
  • Account balance and payouts: deposit history, withdrawal history, bonuses credited and cleared, wagering status.
  • Anti-fraud indicators: internal flags, risk scores, chargeback history, and checks conducted by our payment and fraud-prevention partners.

Technical and Usage Data

  • Technical identifiers: IP address, device type, operating system, browser type and version, preferred language, device identifiers where available.
  • Log data: access dates and times, pages viewed, clicks, navigation paths, session duration, error logs, login attempts, approximate location based on IP.
  • Security logs: changes to account details, password reset requests, failed login attempts, device or location changes, suspected automated access.

Behavioural and Gambling Activity Data

  • Gameplay data: games played, stakes, outcomes, win/loss amounts, bet frequency, bonus use, jackpot participation.
  • Engagement data: participation in tournaments, loyalty programs, promotions, in-site messages and chat (where available).
  • Marketing interaction: email opens, clicks on promotional links, responses to offers, unsubscribe actions and preference changes.

Cookies and Similar Technologies

  • Cookie identifiers: unique IDs that allow us to recognise your browser or device.
  • Tracking technologies: cookies, local storage, pixels and similar tools used for session management, analytics, advertising and fraud prevention.

Data from Third Parties

  • Payment providers and banks: payment confirmation, fraud alerts, chargeback information.
  • Verification and risk partners: results of identity checks, sanctions screening, adverse media or politically exposed person (PEP) checks where applicable.
  • Advertising and affiliate partners: information about how you came to our website (for example, referral ID, campaign identifier, tracking link used).

Legal Basis for Processing

OBSERVE: While Bonzaspins operates from an offshore, unregulated context, we align our privacy practices with widely recognised standards such as the EU General Data Protection Regulation (GDPR)-style principles and local privacy expectations, as far as reasonably applicable.

EXPAND: We rely on several legal grounds depending on the purpose of processing, including performance of a contract, consent, legitimate interests and compliance with applicable laws in relevant jurisdictions.

REFLECT: The table-style explanation below clarifies why we process your data and on what basis.

Main Legal Bases

  • Performance of a contract: We process personal data that is necessary to:
    • create and manage your account on bonzaspins-aussie.com;
    • process deposits, wagers and withdrawals;
    • provide access to games, bonuses and tournaments;
    • offer customer support and resolve operational issues.
  • Consent: We rely on your consent for:
    • sending direct marketing communications (email, SMS, push notifications), where required;
    • using non-essential cookies and tracking technologies for advertising or advanced analytics;
    • processing certain sensitive verification data, if applicable under local law.
    You may withdraw your consent at any time as described below, without affecting the lawfulness of processing before withdrawal.
  • Legitimate interests: We process data where necessary for our legitimate business interests, provided these are not overridden by your rights and interests, including:
    • fraud detection and prevention, chargeback and risk management;
    • network and information security (for example protecting the site against attacks);
    • service improvement, performance monitoring and basic analytics;
    • enforcement of our terms and conditions, protection of our rights, property and users.
  • Compliance with legal obligations: If and to the extent that laws in applicable jurisdictions require us to:
    • conduct identity checks, age verification or sanctions screening;
    • keep accounting and transactional records for specified periods;
    • respond to regulatory or law enforcement requests that are valid in our operating jurisdiction.

Regional compliance note (AU): As ACMA treats this service as an illegal offshore gambling provider, specific Australian gambling regulations (including licensing and dispute resolution schemes) do not apply to us. However, general privacy principles and consumer law standards in Australia may still be relevant to your use of the site.

Purpose of Processing

OBSERVE: Online gambling operations involve multiple, distinct uses of personal data.

EXPAND: Breaking down these purposes increases transparency, especially where the same data may serve several functions (for example, gameplay monitoring for both account management and responsible gambling analytics).

REFLECT: We group purposes in clear categories for easier understanding.

Service Provision and Account Management

  • Creating, verifying and managing your user account on bonzaspins-aussie.com.
  • Processing deposits, wagers, game participation and payouts.
  • Applying bonuses, promotional credits and loyalty rewards.
  • Providing customer service and technical support, including handling complaints.

Compliance, Risk and Fraud Prevention

  • Conducting identity, age and location checks to reduce risks of fraud and misuse.
  • Monitoring gameplay and transaction patterns to detect suspicious or abusive behaviour.
  • Preventing money laundering, chargebacks and unauthorised account access where applicable laws or industry standards require prudent checks.
  • Enforcing our terms and conditions and protecting our rights and interests.

Analytics and Service Improvement

  • Analysing site performance, game popularity and user journeys to improve our platform.
  • Aggregating and anonymising data to understand trends and improve game offerings, bonuses and user experience.
  • Testing and deploying new features or changes to the website and services.

Marketing and Personalisation

  • Sending newsletters, promotional offers and product updates, where permitted by law and your preferences.
  • Customising bonus offers, recommendations and on-site content based on your past activity.
  • Measuring the effectiveness of our marketing campaigns and affiliate partnerships.

Security and Incident Management

  • Protecting our systems, users and data from security incidents, cyberattacks and misuse.
  • Logging and investigating system errors, outages and anomalies.
  • Maintaining audit trails and evidence necessary to assess or respond to incidents.

Disclosure & Sharing

OBSERVE: Personal data must often be shared with third parties for payment processing, technical operation, compliance and marketing.

EXPAND: We specify the types of recipients and general circumstances of disclosure rather than exhaustive lists of individual companies, which may change over time.

REFLECT: We share only what is necessary for a given purpose and seek to ensure appropriate safeguards contractually where feasible.

Categories of Recipients

  • Payment and financial partners: banks, card processors, e-wallet providers, voucher systems and other payment intermediaries who process deposits, withdrawals and chargebacks.
  • Verification and risk management providers: identity verification services, fraud-detection tools, sanctions and PEP screening services where used.
  • IT and infrastructure providers: hosting providers, content delivery networks, security services, email and SMS platforms, customer support tools.
  • Analytics and marketing partners: web analytics tools, marketing platforms, affiliate networks and advertising networks, where non-essential tracking is enabled and, where required, subject to your consent.
  • Professional advisers: lawyers, auditors and consultants who assist us in managing our business, subject to confidentiality obligations.
  • Corporate transactions: potential buyers, investors or partners, in the context of mergers, acquisitions, restructurings or similar corporate events, subject to appropriate safeguards.

Regulators and Law Enforcement

  • We may disclose data to regulators, courts, law enforcement agencies or other competent authorities in our operating or server-hosting jurisdictions, where we believe in good faith that such disclosure is:
    • required by applicable law or a valid legal process; or
    • necessary to protect our rights, your safety or the safety of others, investigate fraud or respond to a government request.
  • Australian context: Because we are not licensed or supervised by Australian gambling regulators, we do not participate in Australian dispute resolution schemes. ACMA has publicly warned that users of illegal offshore gambling services may have limited recourse if funds are lost or withheld.

Affiliates and Advertising Networks

  • Where permitted by law and, where required, with your consent, we may share limited information (such as hashed identifiers or cookie IDs) with:
    • affiliate partners to attribute referrals and calculate commissions; and
    • advertising networks to measure campaign performance and avoid displaying irrelevant or repetitive ads.

General Safeguards

  • We do not sell your personal data as a standalone asset.
  • We seek to ensure that third parties only access data necessary for their tasks and process it according to our instructions and applicable data protection standards.

International Transfers

OBSERVE: As an offshore online gambling service with players primarily in Australia, data may be processed and stored outside your country of residence.

EXPAND: Hosting providers, payment processors and support tools may operate from various jurisdictions, including but not limited to the European Union/EEA, the Caribbean (for example Curaçao), the United States and Asia-Pacific regions.

REFLECT: We aim to apply reasonable safeguards aligned with internationally recognised standards, even where local law does not mandate a particular mechanism.

Regions Where Data May Be Processed

  • Primary infrastructure: Servers and core systems may be hosted in data centres operated by third-party providers in the EU/EEA or other locations chosen for performance and resilience.
  • Operational and support services: Some processors (for example customer support platforms, analytics providers, email marketing tools) may process data in the EU/EEA, the United States or other countries.
  • Corporate and risk functions: To the extent the operator or related entities are based in or near Curaçao, certain management and risk-related processing may occur there or in neighbouring jurisdictions.

Protection Measures

  • Where we transfer data to third parties, we seek to implement appropriate contractual and technical protections, which may include:
    • contractual clauses reflecting data protection obligations (for example, clauses aligned with EU Standard Contractual Clauses (SCCs) where suitable);
    • technical safeguards such as encryption, access controls and pseudonymisation;
    • vendor due diligence, including security and privacy assessments.
  • Despite these measures, data protection standards in some countries may differ from those in your jurisdiction, and local authorities may have access to data under their own laws.

Data Retention

OBSERVE: Retention must balance operational needs, legal obligations and data minimisation principles.

EXPAND: We define general retention periods by category and based on typical gambling-industry practices, while acknowledging that specific legal requirements may vary by jurisdiction.

REFLECT: Where exact legal retention terms are unclear, we retain data only as long as necessary for the stated purposes.

General Retention Principles

  • We keep personal data only for as long as:
    • we have an ongoing relationship with you (for example, your account is active); and/or
    • it is necessary for the purposes set out in this Privacy Policy; and/or
    • we are required by applicable laws or justified for the establishment, exercise or defence of legal claims.

Indicative Retention Periods

  • Account and identification data: Typically retained for the lifetime of the account and up to five (5) years after account closure, unless a longer period is required for legal, accounting or anti-fraud purposes.
  • Transaction and financial data: Typically retained for at least five (5) years from the date of the transaction or account closure, to meet accounting, audit and anti-fraud requirements.
  • Gameplay and behavioural data: Retained while your account is active and usually up to five (5) years after closure for risk assessment, dispute resolution and statistical analysis (often in aggregated or anonymised form).
  • Marketing data: Retained while you remain subscribed and for up to two (2) years after your last interaction with our marketing content, unless you withdraw consent earlier.
  • Technical logs and security data: Retained for a period typically ranging from six (6) months to five (5) years, depending on the nature of the data and security or legal needs.

Deletion and Anonymisation

  • When data is no longer required, we will:
    • securely delete or irreversibly anonymise it; or
    • isolate it in backup systems until routine purge cycles occur, subject to technical constraints.
  • We may retain anonymised or aggregated data (that no longer identifies you) for analytics and business reporting beyond the above periods.

Your Rights

OBSERVE: Even though Bonzaspins is an offshore, unregulated gambling site for Australian users, we aim to align our privacy practices with recognised data protection standards similar to those found in the GDPR and comparable laws.

EXPAND: The rights described here are based on such frameworks. Their enforceability may vary depending on your location and applicable law, but we will endeavour, in good faith, to respect reasonable requests.

REFLECT: We provide clear procedures and timelines to exercise your rights.

Overview of Your Rights

  • Right of access: You may request confirmation whether we process your personal data and obtain a copy of such data, together with information about its processing.
  • Right to rectification: You may request correction of inaccurate or incomplete personal data.
  • Right to erasure ("right to be forgotten"): You may request deletion of your personal data in certain circumstances, for example where:
    • the data is no longer necessary for the purposes for which it was collected; or
    • you withdraw consent where processing is based on consent and there is no other legal ground; or
    • you reasonably object to processing and no overriding legitimate grounds exist.
    This right may be limited where we must retain data for legal or legitimate business reasons (for example, transaction records or anti-fraud logs).
  • Right to restriction of processing: You may request that we restrict processing of your data in specific situations, for example while we verify its accuracy or assess an objection.
  • Right to object: You may object to processing based on our legitimate interests, including profiling, and we will stop processing unless we demonstrate compelling legitimate grounds. You may always object to direct marketing, in which case we will cease marketing communications.
  • Right to data portability: Where technically feasible and applicable, you may request that we provide certain data you have supplied to us in a structured, commonly used and machine-readable format or request that we transmit it to another provider.
  • Right to withdraw consent: Where our processing relies on your consent (for example, marketing emails, non-essential cookies), you may withdraw this consent at any time. Withdrawal does not affect prior lawful processing.

How to Exercise Your Rights

  1. Submission of request: Send a clear request to [email protected] or [email protected], indicating:
    • your full name, username and registered email address; and
    • the right you wish to exercise and details of your request.
  2. Identity verification: We may ask for additional information to verify your identity before acting on your request, especially for access, erasure and portability.
  3. Response time: We aim to respond within thirty (30) days of receiving a complete and verifiable request. Complex or multiple requests may require an extension; if so, we will inform you of the delay and reasons.
  4. Fees: We generally handle rights requests free of charge. If a request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act, in line with recognised data protection standards.

Note: Technical or legal constraints (for example backup systems, mandatory record retention, fraud-prevention obligations) may limit our ability to fully comply with some requests immediately, but we will explain relevant limitations where they apply.

Cookies & Tracking Technologies

OBSERVE: Cookies and similar technologies are essential for operating an online casino and for improving user experience.

EXPAND: We distinguish between necessary operational cookies and those used for analytics or advertising.

REFLECT: Users are given options to manage cookies through browser settings and, where available, site-level tools.

Types of Cookies We Use

  • Session cookies: Temporary cookies that exist only while your browser is open and are deleted when you close it. They support navigation, login sessions and short-term functions such as maintaining your bet slip.
  • Persistent cookies: Cookies stored on your device for a defined period that remember your preferences (for example language, login region) and help us recognise returning users.
  • First-party cookies: Set directly by bonzaspins-aussie.com to support core site functions.
  • Third-party cookies: Set by external services integrated into our site, such as analytics providers, marketing platforms and affiliate tracking systems.

Purposes of Cookies

  • Strictly necessary / functional: Enable key site features, secure login, account access, transaction processing and load balancing.
  • Performance and analytics: Measure visits, usage patterns, game performance, technical diagnostics and user journeys to improve our services.
  • Advertising and affiliate tracking: Measure the effectiveness of marketing campaigns, limit the number of times you see a particular advert and attribute referrals to affiliates. These are typically non-essential and, where required, based on your consent.

Managing Cookies

  • You can manage or disable cookies through your browser settings, usually found under "Privacy" or "Security". Each browser provides help pages explaining how to manage cookies.
  • Blocking or deleting certain cookies may impact your ability to use some features of bonzaspins-aussie.com, including account login or gameplay.
  • Where available, we may provide an in-site cookie banner or preferences panel allowing you to accept or reject non-essential cookies.

Data Security

OBSERVE: Online gambling platforms process sensitive financial and behavioural data, requiring robust security controls.

EXPAND: We implement layered technical and organisational measures to protect data against unauthorised access, alteration, disclosure or destruction, consistent with commonly accepted industry practices.

REFLECT: While no system can be guaranteed 100% secure, our objective is to reasonably reduce risks and ensure rapid response to incidents.

Technical Security Measures

  • Encryption in transit: Data exchanged between your browser and bonzaspins-aussie.com is protected using Transport Layer Security (TLS) 1.2 or higher, indicated by "https" in your browser.
  • Encryption at rest: Sensitive data within our systems and databases may be encrypted or otherwise protected using industry-standard algorithms and key management practices.
  • Access controls: Access to personal data is limited to authorised personnel and service providers on a need-to-know basis, controlled by authentication and role-based permissions.
  • Password protection: Account passwords are stored using one-way hashing algorithms and should be unique and complex; we do not store plain-text passwords.
  • Infrastructure security: Use of firewalls, intrusion detection/prevention systems and network segmentation with regular patching of critical components.

Organisational Security Measures

  • Staff training: Personnel with access to personal data receive guidance on confidentiality, data protection and security good practices.
  • Vendor management: Third-party providers with access to data are expected to apply appropriate security controls consistent with their role and with contractual obligations.
  • Policies and procedures: Internal rules govern acceptable use, access control, incident response and data handling.

Monitoring and Incident Response

  • Monitoring: We log and monitor system activities to detect suspicious behaviour, potential security incidents and service disruptions.
  • Incident response: In the event of a data breach or significant security incident, we will investigate, take steps to mitigate potential harm and, where required by applicable law, inform affected users and/or authorities.

Compliance note: While we strive to align with recognised security standards (such as principles drawn from ISO 27001 or SOC 2), Bonzaspins does not currently claim formal certification under these standards.

Complaints & Contacts

OBSERVE: Users may wish to ask questions, exercise rights or raise concerns or complaints about how their data is handled.

EXPAND: We offer an internal escalation process and, where applicable, indicate external supervisory avenues, while acknowledging that our unregulated status may limit formal oversight in some jurisdictions.

REFLECT: Clear contact details and realistic expectations help you understand available options.

How to Contact Us

  • Primary privacy contact: [email protected]
  • Customer support: [email protected]
  • Media and business inquiries: [email protected], [email protected] (not for data subject requests).
  • Postal contact: If you require a physical mailing address for a formal privacy complaint, you may request it by email and we will provide the most appropriate contact details then available.

Internal Complaint Procedure

  1. Submit your complaint: Send a detailed description of your concern (including relevant dates, account identifier and any supporting evidence) to [email protected].
  2. Acknowledgement: We aim to acknowledge receipt of your complaint within seven (7) business days.
  3. Investigation: We will review your complaint, which may involve examining logs, communications and relevant records.
  4. Response: We will aim to provide a substantive response within thirty (30) days from acknowledgement. If we cannot meet this timeframe, we will inform you of the delay and reasons.
  5. Follow-up: If you are not satisfied with our response, you may request further clarification. However, our decision may be final in the absence of an applicable external dispute resolution mechanism.

External Authorities

  • Australia: Because Bonzaspins is an offshore, unlicensed gambling site, ACMA and other Australian regulators may not provide individual dispute resolution for issues with our service. ACMA has publicly warned that players using illegal offshore gambling services may have limited or no recourse if funds are lost or withheld.
  • Other jurisdictions: Depending on your location, you may have the right to lodge a complaint with a local data protection or privacy authority. We encourage you to consult the authority relevant to your country if you believe your data protection rights have been infringed.

Updates

OBSERVE: Our services, applicable laws and industry practices may evolve over time.

EXPAND: We therefore need to update this Privacy Policy periodically and explain how you will be informed of important changes.

REFLECT: Transparent versioning and notice periods allow you to assess changes and decide whether to continue using our services.

Policy Changes and Version Control

  • This Privacy Policy may be updated from time to time to reflect:
    • changes in our services or internal processes;
    • changes in applicable legal or regulatory requirements; or
    • feedback from users, partners or authorities.
  • The "Last updated" date at the end of this document indicates the current version.
  • Where changes are material (for example, new purposes of processing, new categories of data or significant modifications of your rights), we will provide more prominent notice.

Notification Methods

  • Email notifications: We may send an email to the address associated with your account describing material changes.
  • On-site banners or pop-ups: We may display notices on bonzaspins-aussie.com, including banners or pop-ups requiring you to review the updated policy.
  • Account dashboard alerts: We may show notifications or prompts in your account area summarising significant updates.

Advance Notice and Your Options

  • For material changes that significantly affect your rights or how we process your data, we will aim to provide at least thirty (30) days' advance notice before the changes take effect, where practically possible.
  • If you do not agree with the updated Privacy Policy, you may:
    • adjust your privacy or marketing preferences; and/or
    • request account closure and, where applicable, withdrawal of available funds, subject to our terms and conditions.
  • Your continued use of bonzaspins-aussie.com after the effective date of an updated Privacy Policy will constitute your acceptance of the changes.

Last updated: January 2026