Realz Casino — Privacy Policy

Effective date: 21 May 2026. This Privacy Policy explains how Realz Casino (“Realz”, “we”, “us”) collects, uses, stores and discloses personal information about Australian residents who hold or apply for an account on our platform. Our handling of personal information is aligned with the Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APPs) set out in Schedule 1 of that Act.

1. Scope and Application

This policy applies to all personal information collected through realz.com, our mobile Progressive Web App, our cashier, and any communication you have with our support team. It does not extend to third-party websites linked from our pages; please consult their own privacy notices.


By creating an account or using the site, you acknowledge the practices described here. You can withdraw consent at any stage by closing your account; some information will continue to be held where the law requires it (see Section 7).

2. What We Collect

We collect only the information we need to operate a regulated gambling service for AU residents. The categories are:

  • Identity data. Full name, date of birth, residential address, country of residence, gender (where you choose to provide it).

  • Verification data (KYC). Driver licence or passport number, photographs of identity documents, proof-of-address documents (Medicare card, recent utility bill), facial-recognition selfie where requested.

  • Account data. Email address, hashed password, security question answers, two-factor authentication device identifiers.

  • Transactional data. Deposits, withdrawals, bets, wins, losses, bonus claims, payment-method tokens (we do not store full card numbers — those sit with our PCI-DSS-certified payment processor).

  • Technical data. IP address, device type, browser type, operating system, session identifiers, page-view logs, and crash diagnostics.

  • Communications data. Live chat transcripts, email correspondence with our support team, recordings of any phone-based KYC interview.

3. How We Collect

Most personal information comes directly from you when you register, deposit, withdraw or interact with support. Some data — such as IP address and device fingerprint — is collected automatically when you load our pages. KYC document checks may involve verification provided by accredited third-party identity-verification services operating under written contract and bound to APP-equivalent standards.


We do not knowingly collect personal information about anyone under 18. If we discover an underage account, it is closed immediately and any associated data is securely deleted within 30 days, except where statutory retention applies.

4. Why We Collect It

We use personal information for the following primary purposes:

  • Account creation, identity verification, and ongoing authentication.

  • Processing deposits, withdrawals, bonuses and game outcomes.

  • Compliance with anti-money-laundering and counter-terrorism-financing law.

  • Responsible-gambling monitoring (limit enforcement, cool-off, self-exclusion).

  • Detecting fraud, multi-accounting, bonus abuse and bot activity.

  • Communicating service updates, security alerts and (with your consent) marketing.

  • Improving the platform — analytics, performance, accessibility.

We will not use personal information for an unrelated secondary purpose without your consent, unless an exception under APP 6 applies.

5. Cookies, Local Storage and Analytics

Our pages use cookies and local storage for session continuity, fraud detection and analytics. You can disable cookies in your browser, but doing so will prevent you from staying logged in and may break the cashier. We use a first-party analytics setup that does not share raw event data with third-party advertising networks. Where you have opted in, we may use a privacy-preserving conversion-measurement pixel for ad attribution; the pixel does not store gambling outcomes or document data.

6. Disclosure

We may disclose personal information to:

  • Our payment processors, KYC providers and game suppliers, strictly for the purpose of performing the service.

  • Our regulators (Curacao Gaming Control Board) and any law-enforcement agency where compelled by law, court order or a properly authorised request.

  • A successor entity in the event of a merger, acquisition or restructure — bound by equivalent privacy commitments.

We do not sell personal information to advertisers, data brokers or affiliates.

7. Storage, Retention and Security

Personal information is held on encrypted servers within reputable cloud infrastructure. Access is role-restricted and logged. Production data is encrypted at rest (AES-256) and in transit (TLS 1.2 or higher).


Retention periods reflect AML obligations:

  • KYC documents: 7 years from the date of account closure.

  • Transaction records: 7 years from the transaction date.

  • Live chat and email records: 5 years.

  • Marketing-consent logs: until consent is withdrawn plus 12 months.

After the relevant period, information is destroyed or de-identified using a documented process.

8. Cross-Border Handling

Because we are a Curacao-licensed operator serving multiple jurisdictions, some processing happens outside Australia. Where personal information leaves Australia, we either (a) take reasonable steps under APP 8.1 to ensure the overseas recipient handles it in a way consistent with the APPs, or (b) rely on a permitted exception under APP 8.2. The principal jurisdictions where data may be processed are Curacao, Malta and the United Kingdom.

9. Your Rights

Under APP 12 and APP 13 you can:

  • Request access to the personal information we hold about you.

  • Request correction of inaccurate or out-of-date personal information.

  • Object to direct marketing and unsubscribe immediately, free of charge.

  • Lodge a complaint about how we have handled your personal information.

To make a request, email [email protected]. We respond within 30 days. If we refuse a request, we will tell you why and explain how to escalate.

10. Complaints and the OAIC

If you are not satisfied with our response, you can escalate to the Office of the Australian Information Commissioner (OAIC) — the regulator of the Privacy Act — at oaic.gov.au or by phone on 1300 363 992. You do not need our permission to do so, and we will not penalise you for raising a complaint.

11. Changes to This Policy

We may update this policy from time to time. The effective date at the top of the page will reflect the most recent revision. Material changes will be communicated by email to active account holders at least 14 days before they take effect.