Privacy Policy

The privacy of your information is a top priority at bizzoocasino, operated on bizzooz.com. This Privacy Policy explains how your personal data is handled whenever you use our online casino services or visit our website. It applies to all players and website visitors from Australia, and is effective as of 1 January 2025.

Who We Are

OBSERVE: Analyzing legal identity, operator details, and regulatory data.
EXPAND: Ensuring consistent disclosure and easily accessible contact information for data protection inquiries.
REFLECT: Presenting transparent and accurate company identity, controller status, and contact points.

• Legal Operator: The controller responsible for processing your personal data is TechSolutions Group N.V., registered and headquartered at Abraham Mendez Chumaceiro Boulevard 03, Willemstad, Curaçao. The operator holds active online gaming licenses (Curaçao #8048/JAZ2017-067, Kahnawake - valid until 2025).
• Contact Information: For privacy or data protection queries, please contact our Data Protection Officer (DPO):
  • Email (Support): [email protected]
  • Email (General Inquiries): [email protected]
  • Official website: https://bizzooz.com
  All communications regarding your data privacy are handled in strict confidence by our appointed officers.

What Personal Data We Collect

OBSERVE: Identifying types and sources of information processed.
EXPAND: Fulfilling AU and global industry requirements to specify each data category.
REFLECT: Complete, detailed listing enabling user understanding and regulatory transparency.

• Identity Data: Full name, date of birth, residential address, e-mail, phone number, proof of identity documents (as required for KYC/AML).
• Technical Data: IP address, device/browser information, operating system, usage logs, access time-stamps, location data (where permitted).
• Payment Data: Payment method details (card, e-wallet, bank account number, transaction ID), currency, withdrawal/deposit records.
• Behavioral Data: Betting and gaming activity, wins/losses, page visits, clicks, preferences, and support correspondence records.
• Cookies and Tracking Data: Information collected via cookies, beacons, pixels, and similar technologies to enable functionality, analytics, and advertising relevance.

Personal data is collected directly from you during registration, play, interactions with support, and through automated tracking technologies (see "Cookies & Tracking Technologies").

Legal Basis for Processing

OBSERVE: Analysing AU Privacy Act 1988, AML/CTF Act, and international standards on gaming data processing.
EXPAND: Addressing explicit and implied legal obligations and lawful grounds for each processing activity.
REFLECT: Outlining clearly the grounds permitting processing as required by Australian and global standards.

1. User Consent: We rely on your explicit consent for marketing communications, cookies requiring opt-in, and certain analytical processing. You may withdraw consent at any time using your account controls or by contacting us.
2. Performance of Contract: Processing your data is required to establish, administer, and operate your gaming account, process transactions, and provide customer support under our Terms and Conditions.
3. Legal Obligations: Compliance with Know Your Customer (KYC), Anti-Money Laundering (AML), and counter-terrorism financing (CTF) obligations under Australian and applicable international law. This includes verification and record-keeping as mandated by regulators.
4. Legitimate Interests: For fraud detection, internal analytics, network and information security, risk management, service improvement, and maintaining the integrity of our platforms. Where we rely on legitimate interests, we balance these needs against your rights under applicable law.

Regional Compliance Note: All processing is conducted in accordance with the Australian Privacy Principles, the AU Privacy Act 1988, and applicable industry standards.

Purpose of Processing

OBSERVE: Specifying for which business and regulatory purposes personal data is used.
EXPAND: Ensuring all significant operations (including marketing and fraud prevention) are included.
REFLECT: Presenting clear, unambiguous purposes covering both primary and ancillary uses.

• Provision of Services: To manage your account, process payments, verify your identity and eligibility, and facilitate participation in gaming activities at bizzooz.com.
• Service Improvement: To troubleshoot, enhance, and personalize player experience, based on user activity and feedback.
• Marketing & Promotions: To send personalised offers, newsletters, or information (where permitted and with your consent), via email or other channels.
• Analytics: To monitor system performance, optimize user experience, prevent abuse, and identify usage trends and preferences.
• Fraud Prevention and Security: To monitor, investigate, and respond to potential security risks, fraud, abuse, or illegal activities.
• Regulatory Compliance: To meet legal obligations, respond to requests from authorities, and comply with licensing requirements.

Disclosure & Sharing

OBSERVE: Reviewing AU privacy rules on third-party disclosure, regulatory reporting, and overseas recipients.
EXPAND: Considering all business relationships, including affiliates, vendors, and regulators.
REFLECT: Ensuring every scenario of data sharing is articulated, with protective measures stated.

1. Service Providers & Payment Partners: Data may be disclosed to service providers who assist with payment processing, verification, IT hosting, software, analytics, and communication services. All partners are contractually bound to protect your information in accordance with this Policy and applicable law.
2. Regulators & Legal Authorities: We are obligated to provide your information to relevant government authorities, gaming regulators (Curaçao, Kahnawake, Australian authorities), and law enforcement when required for legal compliance, investigation, or dispute resolution.
3. Affiliates & Group Companies: Data may be transferred within TechSolutions Group N.V. and its subsidiaries (including National Casino, 20Bet, and 22Bet) for operational and compliance reasons.
4. Advertising & Analytics Networks: With your consent, selected data may be shared with digital marketing, advertising, and analytics networks for campaign delivery and site optimization, strictly in accordance with AU law.

We never sell your data to unrelated third parties. Any disclosure is documented and limited to the purposes described.

International Transfers

OBSERVE: Assessing necessity of international transfers under global operations (Curaçao, Kahnawake, AU market).
EXPAND: Factoring in cross-border transfer mechanisms and data protection guarantees.
REFLECT: Ensuring explicit mention of all safeguards for users in Australia.

• Data Locations: Your personal information may be stored and processed in Curaçao, Kahnawake (Canada), European Economic Area (EEA), and Australia, taking into account operational group structure and third-party partnerships.
• Transfer Protections: We implement appropriate safeguards for overseas data transfers, including:
  • Standard Contractual Clauses (as approved by the European Commission)
  • Contractual agreements ensuring privacy standards consistent with Australian and international law
  • Technical and organizational measures to maintain confidentiality and security
• User Rights: Where legally required, you will be informed in advance of any material changes to international transfer mechanisms that may affect your privacy rights.

Data transferred out of Australia is always protected at a level not less than that offered by the Australian Privacy Act 1988.

Data Retention

OBSERVE: Detailing how long and by what criteria each data category is retained.
EXPAND: Extending timeframes to 2025 in accordance with current practice and legal requirements.
REFLECT: Guaranteeing users clear understanding and meaningful control over data lifecycle.

• Retention Periods: Personal and account data is retained for no longer than five (5) years after account closure or last activity, as required for regulatory, anti-fraud, and dispute-related purposes.
• Payment & Transaction Data: Financial data and transaction records are retained for a minimum of five years, in line with AML/CTF requirements.
• Behavioral and Technical Data: Usage, device, and log data are generally anonymised and retained for analytics for up to three years, after which data is deleted or irreversibly de-identified.
• Deletion Criteria: Data will be securely destroyed or anonymised upon user request, expiration of retention periods, or cessation of the processing purpose, unless continued retention is required by law or for the establishment, exercise, or defense of legal claims.

Your Rights

OBSERVE: Reviewing user rights under Australian law, GDPR (where relevant), and industry standards.
EXPAND: Integrating comprehensive coverage of all enforceable privacy rights.
REFLECT: Offering actionable, accessible pathways for users to exercise their data protection rights.

1. Right of Access: You have the right to request a copy of your personal data held by bizzoocasino at bizzooz.com.
2. Right of Correction: You may request correction or updating of inaccurate or incomplete information.
3. Right of Deletion: You may request deletion of your personal data, subject to legal and regulatory retention obligations.
4. Right to Restrict Processing: In certain circumstances, you may request that we suspend processing of your data (for example, pending correction).
5. Right to Object: You may object to processing based on legitimate interests, direct marketing, or certain types of profiling.
6. Right to Data Portability: Where applicable, you may request your data in a portable format for transmission to another provider.
7. Withdrawal of Consent: You may withdraw marketing or analytical consent at any time via your account settings or by contacting our DPO.

Requests can be made via [email protected]. We will respond to all rights requests within the statutory periods specified under AU law.

Cookies & Tracking Technologies

OBSERVE: Outlining all types, usage, and user options for cookies in line with AU standards.
EXPAND: Explicitly identifying control mechanisms and data collection implications.
REFLECT: Ensuring full transparency for users regarding online tracking.

• Session Cookies: Temporary files essential for site functionality and user authentication during each session. Automatically deleted when you close your browser.
• Persistent Cookies: Cookies stored on your device beyond your session for streamlining access and personalisation, valid up to 12 months unless cleared earlier via browser settings.
• Third-Party Cookies: Used by analytics, advertising partners, and affiliate networks to evaluate traffic, deliver adverts, and support marketing campaigns. These are only active where you have consented, and managed per partner contracts.
• Cookie Management: You can adjust cookie preferences or disable cookies using standard browser controls or (where available) our internal privacy panel. However, disabling essential cookies may impair site function.

Full details and regularly updated information about all cookies in use are provided in our dedicated Cookies Policy.

Data Security

OBSERVE: Detailing all technical and organizational measures taken to ensure data safety.
EXPAND: Including all industry-standard protections and staff/internal compliance procedures.
REFLECT: Affirming a strong security posture explicitly tailored to gaming and AU data risks.

1. SSL & Encryption: All transmission of sensitive data is protected using Secure Socket Layer (SSL) technology and industry-recognised encryption standards.
2. Access Control: Access to personal data is strictly limited to authorized personnel only, based on least-privilege and role-based requirements.
3. Regular Audits: We conduct frequent internal and third-party security audits to detect, assess, and mitigate vulnerabilities.
4. Data Segregation: Separate storage and processing of financial, identity, and behavioral data to minimize risk and access exposure.
5. Staff Training: All staff receive regular (at least annual) mandatory data protection and security awareness training to uphold compliance and manage incident response.
6. Incident Response: In the event of a data breach or security incident, affected users are notified without undue delay in compliance with AU Notifiable Data Breaches (NDB) scheme.

Complaints & Contacts

OBSERVE: Reviewing requirements for user grievance handling under AU law.
EXPAND: Defining a clear, accessible complaint escalation process aligned with obligations.
REFLECT: Presenting users simple means to seek redress or contact data protection contacts.

• Contacting Us: For all privacy and data protection enquiries, please contact our DPO or Privacy Department:
  • Email: [email protected]
  • General Information: [email protected]
  • Official website: https://bizzooz.com
• Complaint Procedure: If you believe your privacy rights have been infringed, you may file a complaint by emailing our DPO. We will acknowledge all complaints within 3 business days and aim to resolve within 30 days.
  • If dissatisfied with our response, you may escalate the complaint to the Office of the Australian Information Commissioner (OAIC) or your local data protection authority.

Updates

OBSERVE: Ensuring notification mechanisms for policy changes are explicit and accessible.
EXPAND: Including all user notification channels and update cadence.
REFLECT: Delivering legal certainty as to when and how amendments affect users.

• Changes to this Policy: We may update this Privacy Policy periodically to reflect legal, technological, or operational changes. Users will be notified of material amendments via email, website notifications, or account alerts prior to the effective date.
• Effective Date: The current version is effective as of 1 January 2025. Historical versions are available upon request.
• Notification: Continued use of bizzooz.com after changes take effect constitutes acceptance of the updated policy.