Discover how Casiny handles your personal data under Australian privacy laws. Full 2025 policy guide.
At CasinyPlay, we take your privacy seriously. Our mission is to provide trustworthy, transparent reviews of Casiny Casino for Australian players. To do that, we collect only the data necessary to operate safely, legally, and responsibly. This privacy policy explains what data we collect, why we collect it, and how we protect it. It applies to all users visiting CasinyPlay.com and engaging with our content. By using our site, you agree to the practices outlined here.
If you’re an Australian player looking for clarity and control over your personal data—read on.
We’re committed to earning your trust through full transparency and compliance with privacy standards.
Contents
- What Personal Data We Collect and Why
- Comments
- Media Files
- Contact Forms
- Cookies
- Web Analytics
- Who We Share Your Data With
- How Long We Store Your Data
- What Rights You Have Over Your Data
- Where Your Data Is Sent
- Contact Information
- How We Protect Your Data
- Data Breach Procedures
- Data from Third Parties
- Automated Decision-Making
- Industry Regulatory Disclosure
What Personal Data We Collect and Why
We collect personal data to provide a safe and secure gaming experience. This includes identity verification, payment processing, and personalised promotions. Some data is collected automatically via cookies and analytics tools. We only collect what’s necessary for legal, technical, and operational reasons.
Examples of collected data:
| Data Type | Examples | Purpose |
|---|---|---|
| Identity Info | Name, Email, Address | Account creation, compliance |
| Account Activity | Deposit history, gameplay, withdrawal requests | Fraud detection, loyalty program |
| Technical Data | IP address, browser, device type | Performance & security |
| Optional Health Info | Provided during responsible gambling requests | Risk assessment, support guidance |
Your consent is obtained where required, especially for sensitive data like health-related information.
Comments
When users leave comments, we store the data shown in the comment form. We also log the IP address and browser user agent string to help spam detection. Comments may be reviewed by moderation tools or third-party anti-spam systems. We retain comments indefinitely unless users request removal.
Media Files
If you upload images, avoid including location data (EXIF GPS). Visitors can download and extract this data if not removed. All media uploads are publicly accessible to anyone browsing the site. We recommend caution when submitting personal media.
Contact Forms
We collect the data you submit via contact forms for support or feedback. These usually include your name, email, and message. We store these messages for up to 6 months for service purposes. We never use contact form data for marketing without consent.
Cookies
Our website uses cookies to enhance your experience and analyse traffic. Cookies store small data files on your device to remember preferences and session info. We use both session cookies (temporary) and persistent cookies (lasting up to 12 months). By using the site, you agree to our cookie usage unless you disable them in your browser.
Types of cookies used:
| Cookie Type | Purpose | Example |
|---|---|---|
| Essential Cookies | Enable core functionality like login | wordpress_logged_in |
| Analytics Cookies | Track usage to improve UX | ga, gid (Google) |
| Marketing Cookies | Personalise content and offers | Facebook Pixel, AdWords |
| Preference Cookies | Remember your language and device settings | wp-settings-time |
You can block cookies through browser settings, but this may affect site functionality.
Web Analytics
We use Google Analytics and Hotjar to analyse website traffic and engagement. These services collect anonymised data like page views, clicks, device type, and bounce rates. We only use analytics to improve website content and usability for Australian players.
Who We Share Your Data With
We only share data with essential third-party services for operations and compliance. This includes cloud hosting, payment gateways, and marketing tools. We never sell your personal data to advertisers or third parties. All partners are GDPR-compliant or follow equivalent privacy frameworks.
Example Data Sharing Table:
| Third-Party | Purpose | Data Shared |
|---|---|---|
| Stripe / CoinsPaid | Payment processing | Name, card/crypto info |
| Google Analytics | Site performance tracking | Anonymised user activity |
| MailerLite | Email communications | Email, preferences |
We ensure all partners have secure data handling practices and encryption protocols.
How Long We Store Your Data
We retain personal data only for as long as necessary for its original purpose. Contact form entries are stored for 6 months for support tracking. Analytics records are kept for 12 months to analyse user behaviour and improve services. Purchase data and account activity logs are retained for up to 10 years for legal compliance.
Data Retention Overview:
| Data Type | Retention Period | Purpose |
|---|---|---|
| Contact Form Entries | 6 months | Customer service |
| Analytics Logs | 12 months | UX optimisation, reporting |
| Account & Purchase Logs | Up to 10 years | Legal compliance (AML/KYC) |
| Cookie Preferences | 1 year | User experience settings |
After expiry, we securely delete or anonymise data using industry-standard protocols.
What Rights You Have Over Your Data
You have full control over your personal data stored on our platform. You can request access, rectification, deletion, or data portability at any time. To exercise your rights, contact our support team via email or contact form. You can also object to processing or withdraw consent where applicable.
Under GDPR and Australian privacy law, you may:
- Request a copy of your stored data
- Request deletion of your account and all associated data
- Correct inaccuracies in your profile
- Restrict processing in certain circumstances
- Lodge complaints with a privacy authority
We honour all legitimate requests within 30 days.
Where Your Data Is Sent
Some data is transferred outside the EU for hosting and analytics purposes. Our hosting provider uses secure, GDPR-compliant data centres based in the USA and Singapore. We use data transfer safeguards such as Standard Contractual Clauses (SCCs) and encrypted channels. User data is never shared or stored without appropriate legal protections.
Cross-Border Data Transfers Table:
| Destination | Service Provider | Safeguards Applied |
|---|---|---|
| United States | Cloudflare | SCCs + Encryption + DPA |
| Singapore | Amazon AWS | SCCs + ISO/IEC 27001 Compliance |
| Germany | MailerLite | GDPR-compliant cloud-based storage |
All transfers comply with global data protection frameworks to keep your data secure.
Contact Information
For any privacy-related concerns, you can contact our Data Protection Officer directly. We welcome feedback, questions, and requests under applicable data protection laws. Please use the following methods to get in touch:
| Contact Method | Details |
|---|---|
| [email protected] | |
| Contact Form | Available on our “Contact Us” page |
| Postal Address | CasinyPlay, PO Box 112, Sydney, NSW 2000 |
We respond to verified data subject requests within 30 calendar days.
How We Protect Your Data
We apply strong security practices to protect all user data. This includes both technical and organisational measures to prevent unauthorised access. We use HTTPS encryption, 256-bit SSL certificates, and secure firewall infrastructure. Staff handling user data complete annual privacy and data protection training.
Security Measures Overview:
| Measure Type | Description |
|---|---|
| Technical | SSL encryption, firewall, server hardening |
| Organisational | Staff training, access limitation |
| Authentication | 2FA for admin access |
| Data Backups | Encrypted, stored separately |
We continuously monitor and update our security systems to stay ahead of threats.
Data Breach Procedures
In case of a data breach, we follow strict notification procedures. We detect and assess the incident using internal security tools. If a breach poses risk to your rights, we will notify you within 72 hours. We may also notify the Office of the Australian Information Commissioner (OAIC).
Our procedures include:
- Immediate breach containment and forensic analysis
- Affected user identification
- Transparent communication and incident reports
- Remediation and preventive action
Data from Third Parties
We may receive data from third parties like analytics services, affiliates, or marketing partners. This includes anonymised usage statistics or referral source details. We do not purchase sensitive personal data from third-party providers. All third-party data handling is covered under their own privacy policies.
Automated Decision-Making
We do not use automated decision-making for credit scoring or legal eligibility. However, some promotions may involve automation (e.g., bonus eligibility triggers). These systems operate under strict internal rules and user consent. You can contact us if you wish to opt out of such automation.
Industry Regulatory Disclosure
CasinyPlay.com complies with all applicable privacy regulations, including:
- Australian Privacy Act 1988 (Cth)
- GDPR (if applicable to international users)
- Curacao licensing requirements via our casino partners
We are committed to lawful, transparent, and fair data use at all times.