Ripper
🎁 Play Register

Ripper Casino Privacy Policy

This policy explains what personal information Ripper Casino collects from Australian players, why we collect it, where it lives and what rights you have over it. The framework is the Australian Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APPs) issued by the Office of the Australian Information Commissioner. We have written it in plain language because punters deserve to read a privacy policy without a legal degree.

What We Collect and Why

We collect three categories of information: account data (name, date of birth, residential address, email, mobile number, and Australian-government photo identification), financial data (payment instrument details, deposit and withdrawal history, source-of-funds material on larger transactions), and play data (logins, IP and device information, game session events, balances and bonus state). Each category is tied to a defined purpose under APP 3: account opening, age verification, anti-money-laundering compliance, payment processing, fraud detection and game integrity.

How the Thirteen APPs Apply to Your Account

The APPs sit behind every operational decision. The summary below maps the clauses you are most likely to ask about.

  • APP 1 — Open and transparent management: this policy itself, kept current and dated.
  • APP 3 — Solicited collection: we only request information necessary for licensing, AML and fair play.
  • APP 5 — Notification at collection: the registration form discloses each field's purpose at the point of capture.
  • APP 6 — Use and disclosure: personal information is used for the original purpose, with secondary use restricted to closely related, reasonably-expected functions.
  • APP 8 — Cross-border disclosure: outlined separately below.
  • APP 11 — Security: data is encrypted in transit (TLS 1.3) and at rest (AES-256), with role-based internal access.
  • APP 12 & 13 — Access and correction: request a copy or a correction at any time; turnaround is detailed below.

Cross-Border Data Transfers (APP 8)

Ripper Casino is licensed in Curaçao and uses payment, fraud and customer-support vendors located across the European Union, the United Kingdom and Singapore. Before transferring personal information offshore, we take reasonable steps under APP 8.1 to ensure the recipient handles it consistently with the APPs, including contractual data-protection clauses. Where a transfer is to a jurisdiction with weaker protections, we obtain your consent under APP 8.2(b) at the point of relevant interaction.

Cookies, Pixels and Marketing Choices

The site uses three classes of cookies: strictly necessary (session, login, fraud detection — these cannot be turned off without breaking the casino), functional (preferences, language) and analytics or marketing (which you can opt out of via the cookie banner on first visit and again from the footer). We do not sell personal information to third parties for advertising in the legal sense the term is used in the United States, and we do not run cross-context behavioural advertising on under-eighteens.

Retention Windows

Account data is retained for the life of the account plus seven years after closure, in line with anti-money-laundering record-keeping obligations under the AML/CTF Act 2006. Marketing preferences, where you have unsubscribed, are kept for two years to honour your suppression request. Server log data — IP addresses, device identifiers — is retained for ninety days for incident response then aggregated or deleted.

Your Access, Correction and Complaint Rights

Under APPs 12 and 13 you can ask us for a copy of the personal information we hold about you, or for a correction. Subject-access requests are answered within thirty days. Corrections to obvious errors — a misspelled street name, a transposed birthdate digit — are usually processed in 24–48 hours after we sight the supporting document. There is no charge for either, except for unreasonable repeat requests where we may recover photocopying or postage costs.

If you believe we have mishandled your information, contact our Data Protection Officer through live chat or by email. If our response does not satisfy you, you can escalate to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au, which oversees Privacy Act complaints in Australia.

What We Do Not Do

We do not sell your data to third-party gambling operators or affiliate networks. We do not enrich your profile with off-platform behavioural data scraped from social media. We do not retain card numbers in our own systems — payment instruments are stored as tokens by our PCI-DSS-compliant payment processors. And we do not pass your information to advertising platforms that would identify you to other gambling brands; programmatic advertising the casino itself runs uses hashed audience IDs that cannot be reversed by third parties.

Changes to This Policy

Material changes will be notified to logged-in players in-app and by email at least fourteen days before they take effect. Minor changes — a vendor swap that does not change the data flow, a fix to a typo — go in without prior notice but the effective date at the top of the page is always current.