burger icon
Betman Casino Australia
Log In

Privacy Policy

This Privacy Policy explains how Betman Casino, operating the website https://betman-au.com and related mirror domains used by Australian players, collects, uses, discloses, and protects your personal information. It applies to registered players, prospective players, and other visitors who access our websites, mobile versions, or related services.

This document is intended to provide clear information about our data practices, to help you understand your rights, and to meet the expectations of applicable privacy and data protection standards (including Australian privacy principles and, where relevant, EU and Mexican regulations). It does not limit any mandatory rights you may have under the law of your country of residence.

This Privacy Policy is effective from 1 February 2026 and supersedes all earlier versions for services provided through betman-au.com.

1. Who We Are

Operator and brand. The online casino service marketed as "Betman Casino" and referred to in this policy as "Betman Casino", "Betman Casino", "we", "us" or "our", is operated for Australian-facing users via the domain betman-au.com.

Operating entity. The service is operated by Betman Operations Ltd, a privately held company established under the laws of Curaçao and operating under online gambling sub-licence number 8048/JAZ2023-014, issued by Antillephone N.V. under the authority of the Government of Curaçao.

Legal address and registration details. Betman Operations Ltd is registered in Curaçao. Specific corporate registration details (including registration number and full registered office address) are not published in this policy and may change due to corporate or regulatory developments, including the ongoing transition of Curaçao's licensing regime. You may request the most up-to-date legal address and registration details at any time using the contact channels below.

Australian regulatory context. Our services are provided to Australian residents on an offshore basis and are not licensed under Australian gambling law. The Australian Communications and Media Authority (ACMA) may classify our services as an illegal offshore gambling service under the Interactive Gambling Act 2001 (Cth), and Australian internet service providers may be requested to block access. Australian regulators (including ACMA and the Commonwealth Ombudsman) generally do not provide dispute resolution for our services.

Data protection contact / DPO. We maintain a dedicated privacy contact function acting as our Data Protection Officer ("DPO") for the purposes of this policy.

  • E-mail (primary contact): [email protected]
  • Alternative contact for privacy queries: [email protected] (please mark the subject line "Privacy")
  • Mailing / physical details: If you require a current postal address for formal privacy correspondence or service of legal notices, please contact us by e-mail and we will provide the most up-to-date information for Betman Operations Ltd.

What Personal Data We Collect

We collect only the information that is reasonably necessary to operate Betman Casino, meet legal and licensing obligations, manage risks, and improve our services. Depending on how you interact with us, we may process the following categories of data:

  • Identification and contact data: full name, date of birth, residential address, country of residence, e-mail address, mobile/telephone number, preferred language, copies of identification documents (passport, ID card, driver's licence), proof of address (utility bill, bank statement), and any other KYC (Know Your Customer) data required under anti-money laundering (AML) rules or our Curaçao licence.
  • Account and profile data: username, encrypted password and other authentication data, security questions and answers, account preferences, communication preferences (e.g. marketing opt-in/opt-out), self-exclusion or responsible gambling settings, and internal risk or VIP status indicators.
  • Technical and usage data: IP address, approximate geolocation derived from IP, device identifiers, device type and operating system, browser type and version, language settings, referral URLs, access times, session identifiers, error logs, and similar diagnostic data collected when you use betman-au.com or associated mirror links such as betman24.com, betman.com or other domains that route traffic to our service.
  • Payment and transactional data: chosen currency (e.g. AUD), payment method details (such as the last four digits of card numbers, card type, issuing country, PayID handle, Neosurf voucher references, e-wallet identifiers), deposit and withdrawal history, account balances, bonus balances, chargeback records, transaction timestamps, and associated AML monitoring information. We do not store full card numbers or CVV codes; these are processed by PCI-compliant payment processors.
  • Gameplay and behavioural data: betting history (including stakes, wins, losses, game rounds and timestamps), game preferences, session duration, clickstream and navigation patterns on our website, device and network signals used for fraud and collusion detection, and information on interaction with game features (e.g. bonus use, free spins, jackpots).
  • Communications data: records of live chat conversations, emails, internal messages, customer support tickets, and complaint correspondence, including any information you voluntarily provide in these communications.
  • Cookies and similar technologies: unique identifiers, session tokens, preferences (language, currency, cookie choices), analytics identifiers (e.g. Google Analytics or similar services), advertising identifiers where permitted, and tracking pixels or scripts used to measure marketing performance and detect abuse of promotional offers.
  • Derived and risk data: internal risk scores related to AML, fraud prevention, responsible gambling and bonus abuse, as well as decisions generated by automated monitoring tools (for example, flags on multiple accounts, unusual betting patterns, or use of VPNs or proxies).

Legal Basis for Processing

We process your personal data only when we have a valid lawful basis. Depending on your location and the specific processing activity, we rely on one or more of the following grounds:

  • Performance of a contract and pre-contractual steps: We process data that is necessary to:
    • create and manage your Betman Casino account;
    • verify your identity and eligibility to play;
    • process deposits, wagers, and withdrawals;
    • provide customer support and respond to your requests;
    • administer bonuses and loyalty programs in line with our Terms and Conditions.
  • Compliance with legal and regulatory obligations: As a Curaçao-licensed gambling operator and a financial service user, we must comply with AML and counter-terrorist financing rules, responsible gambling obligations, tax and accounting requirements, and regulatory reporting duties. This may require us to:
    • verify and update your identity and address information;
    • monitor and record transactions and gameplay for AML and fraud purposes;
    • retain records for legally mandated retention periods;
    • respond to requests from law enforcement, regulators (including Antillephone N.V. and the Curaçao Gaming Control Board), and, where applicable, other authorities.
  • Legitimate interests: We process certain data to pursue our legitimate business interests in a way that we believe does not override your privacy rights, such as:
    • ensuring network and information security (for example, detecting bots, abuse of bonuses, or collusion);
    • improving and optimising our website, games and user experience;
    • preventing fraud, chargebacks, and other abuse of the platform;
    • performing analytics to understand how our services are used by different segments of players;
    • defending or establishing legal claims and managing disputes.
  • Your consent: In specific situations, we rely on your consent, for example:
    • sending marketing emails, SMS or push notifications that are not strictly necessary to provide the service;
    • using non-essential cookies and similar technologies (especially for advertising and advanced analytics);
    • processing certain optional pieces of information that you choose to provide.
    You can withdraw your consent at any time, as described in the "Your Rights" section, without affecting the lawfulness of processing before withdrawal.
  • Other jurisdiction-specific bases: Where the EU General Data Protection Regulation ("GDPR"), the UK GDPR, Australian Privacy Principles under the Privacy Act 1988 (Cth), or Mexican data protection laws apply to your circumstances, we interpret and apply the above legal bases in a manner consistent with those laws.

Purpose of Processing

We use personal data only for specified, explicit and legitimate purposes, and we do not process data in a way that is incompatible with these purposes. In particular, we process your data for the following purposes:

  • Providing and operating the casino services: to register and manage player accounts, verify identity and age, enable access to games, process bets and results, credit winnings, process deposits and withdrawals, and generally deliver the services described in our Terms and Conditions.
  • Regulatory compliance and risk management: to comply with AML/CTF requirements, prevent and detect fraud, manage chargebacks, detect bonus abuse and other breaches of our Terms, and cooperate with regulators and law enforcement when legally obliged to do so.
  • Service improvement and analytics: to analyse gameplay, website usage, and performance metrics, identify technical issues, improve game offerings, optimise user journeys, and support product development, while relying on aggregated or pseudonymised data where feasible.
  • Marketing and promotions: to send you promotional messages about games, tournaments, bonuses, and special offers by e-mail, SMS, push notification, or on-site messaging, in accordance with your marketing preferences and applicable law; and to measure the effectiveness of our campaigns and affiliate programmes.
  • Personalisation: to tailor content, bonuses, and offers to your profile and historical behaviour, such as suggesting games you may like, or adjusting responsible gambling tools to your risk profile, in line with our legitimate interests and your preferences.
  • Customer support and dispute handling: to respond to your queries and complaints, investigate issues, record interactions for quality assurance and training, and manage internal and external dispute resolution processes.
  • Security and integrity of our platform: to protect our systems, prevent unauthorised access, mitigate DDoS or similar attacks, detect multiple-accounting or proxy use, and maintain the integrity and fairness of games.
  • Corporate governance and legal proceedings: to manage business operations (including audits and regulatory inspections), protect our legal rights, and handle actual or potential mergers, acquisitions, restructurings, or transfers of our business or assets.

3. Disclosure & Sharing

We do not sell your personal data to third parties. However, to operate Betman Casino, comply with legal obligations, and pursue the purposes described above, we may share your data with carefully selected categories of recipients under appropriate safeguards:

  • Payment and financial service providers: banks, card schemes, payment gateways, PayID and Neosurf providers, and other payment processors (including entities based in Cyprus that provide processing services for credit and debit card transactions) that enable deposits, withdrawals, and refund operations. These providers act as independent controllers or processors, depending on the context, and have their own legal obligations.
  • Technical and game service providers: hosting providers, content delivery networks, game studios, RNG and game platform suppliers, and IT support services that enable us to operate our website and games. These providers typically act as data processors subject to contractual confidentiality and security obligations.
  • Identity verification, AML and fraud-prevention partners: third-party KYC providers, AML screening tools, transaction-monitoring services, and anti-fraud platforms used to verify your identity, screen against sanctions lists and politically exposed persons (PEP) databases, and detect suspicious or fraudulent activity.
  • Analytics, marketing and affiliate partners: providers of web analytics, marketing automation tools, customer relationship management systems, and affiliate tracking platforms, as well as advertising networks that display our ads on third-party sites. When required, we rely on your consent before enabling marketing cookies or sending promotional communications.
  • Corporate affiliates and group entities: other entities within our corporate group (including any subsidiaries or service entities in Cyprus or other jurisdictions) that assist with payment processing, risk management, customer support, or technical operations, subject to intra-group data protection arrangements.
  • Regulators, licensing bodies and public authorities: the Curaçao Gaming Control Board, Antillephone N.V., financial intelligence units, law enforcement agencies, courts, and other public authorities when we are legally required to disclose data or when disclosure is necessary to protect our rights, the rights of players, or the safety of others. Where requested, we may also respond to enquiries from Australian authorities (including ACMA) in accordance with applicable law, though we are not licensed under Australian gambling law.
  • Professional advisers: auditors, legal advisers, accountants, and similar professionals bound by confidentiality obligations, who support us with compliance, risk management and dispute resolution.
  • Business transactions: in connection with any actual or proposed merger, sale of assets, reorganisation, or acquisition involving Betman Operations Ltd or its assets, your data may be shared with potential or actual counterparties and their advisers, subject to appropriate confidentiality protections and only as far as necessary.

Whenever we share your data with third parties acting as processors, we require them to process the data only on our documented instructions, to maintain adequate security, and to delete or return the data when the services are complete, unless the law requires them to retain it.

4. International Transfers

Because Betman Casino is operated on an offshore basis and uses global infrastructure and service providers, your personal data may be transferred to and processed in countries outside your country of residence, including:

  • Curaçao: where Betman Operations Ltd is established and where core gaming operations, compliance and some technical systems are managed.
  • Cyprus: where a payment processing subsidiary or partner may handle credit and debit card transactions and related financial operations.
  • European Economic Area (EEA) and United Kingdom: where certain game providers, analytics services, or technical vendors may be located.
  • Other jurisdictions (including, potentially, the United States or other third countries): where cloud hosting, data storage, support services, or specialised risk and AML tools are provided.

These countries may have privacy and data protection laws that differ from those in your home country. Where data protection laws such as the GDPR or Mexican privacy law apply to specific transfers (for example, transfers from the EEA, UK or Mexico), we seek to ensure that appropriate safeguards are in place, including one or more of the following:

  • Standard Contractual Clauses (SCCs) or equivalent contractual mechanisms approved by relevant regulators;
  • intra-group data transfer agreements that impose GDPR- or LFPDPPP-consistent obligations on receiving entities;
  • technical measures such as strong encryption in transit and at rest, strict access controls, and data minimisation to reduce risk in the event of unauthorised access;
  • transfers to providers located in jurisdictions recognised as offering an adequate level of protection under applicable data protection laws, where relevant.

Regardless of where your data is processed, we implement safeguards designed to protect it in line with this Privacy Policy and the principles of applicable data protection frameworks.

Data Retention

We retain personal data for no longer than is reasonably necessary for the purposes for which it was collected, including to satisfy legal, accounting, and regulatory requirements. Retention periods vary depending on the category of data and the applicable legal obligations, particularly those related to AML and gambling regulation. As a general guide:

  • Account and identification data (KYC data): normally retained for the duration of your active account and for up to five (5) years after account closure or your last transaction, unless a longer period is required by applicable AML or regulatory obligations, or necessary for the establishment, exercise or defence of legal claims.
  • Gameplay, transactional and financial data: retained for the duration of your relationship with us and typically for up to five (5) years after account closure, to comply with AML, accounting and regulatory record-keeping requirements and to manage disputes.
  • Technical, log and security data: IP logs, device identifiers, and security-related logs are generally kept for a shorter period, typically between twelve (12) and twenty-four (24) months, unless a longer retention is required for the investigation of fraud, abuse, or security incidents.
  • Marketing data: information about your marketing preferences and communication history is retained as long as you remain subscribed to marketing and for a limited period thereafter to demonstrate compliance with consent and opt-out obligations.
  • Cookies and tracking identifiers: retention depends on the type of cookie:
    • session cookies: retained only for the duration of your browsing session;
    • persistent cookies: retained for a period typically ranging from three (3) to twenty-four (24) months, depending on their purpose, or as otherwise set out in our cookie banner or cookie settings interface.

When data is no longer needed, we will either irreversibly anonymise it (so it can no longer be associated with you) or securely delete it. In some cases, we may be unable to delete certain data immediately if legal obligations or legitimate interests require us to retain it longer; in such cases, we will restrict processing to the extent possible.

Your Rights

We respect your privacy rights and strive to provide protections that are consistent with leading international standards, including the GDPR and Mexican privacy law, even though our operations are based in Curaçao and primarily target Australian players. Depending on your location and the applicable law, you may have some or all of the following rights:

  • Right of access: to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of your data and additional information about the processing.
  • Right to rectification (correction): to request that inaccurate or incomplete personal data be corrected or completed. We may ask you to provide documentation to verify changes (for example, new proof of address).
  • Right to erasure ("right to be forgotten" / cancellation): to request deletion of your personal data where, for example, the data is no longer necessary for the purposes for which it was collected, you have withdrawn consent and there is no other legal basis, or you have a valid objection. This right may be limited where we are required by AML or licensing laws to retain data for specified periods or where data is needed for legal claims.
  • Right to restriction of processing: to request that we limit the processing of your data in certain circumstances, such as when you contest the accuracy of the data, or where processing is unlawful but you do not want us to delete the data.
  • Right to object: to object, on grounds relating to your particular situation, to processing based on our legitimate interests, including profiling for risk or marketing analysis, and to object at any time to the use of your data for direct marketing.
  • Right to data portability: to receive personal data that you have provided to us in a structured, commonly used and machine-readable format and to request that we transmit that data to another controller where technically feasible, in circumstances covered by the GDPR or similar laws.
  • Rights related to consent: where we rely on your consent (for example, for marketing communications or non-essential cookies), you may withdraw that consent at any time through your account settings, unsubscribe links in communications, cookie management tools, or by contacting us. Withdrawal does not affect prior lawful processing.
  • Rights under Mexican law (ARCO rights): If you are located in Mexico and the Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP) and its Regulations apply, you may exercise your ARCO rights: Acceso (access), Rectificación (rectification), Cancelación (cancellation) and Oposición (objection), which are broadly aligned with the rights described above.

How to exercise your rights. You can exercise your rights by contacting our DPO at [email protected] from the e-mail address associated with your account, or by contacting customer support and clearly indicating that your request concerns data protection rights. To protect your account and data, we may need to verify your identity before responding (for example, by requesting additional information or documentation).

Response times and fees. We aim to respond to all valid requests within thirty (30) days from receipt. In complex cases or where we receive numerous requests, we may extend this period in accordance with applicable law, but we will inform you of any extension and the reasons for it. We process rights requests free of charge, unless requests are manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act, as permitted by law.

Certain rights may not be fully available in all jurisdictions or may be subject to exemptions (for example, where disclosure would adversely affect anti-money laundering efforts, regulatory investigations, or the rights and freedoms of others). Where we refuse or restrict a request, we will explain the reasons, unless prohibited by law.

Cookies & Tracking Technologies

We use cookies and similar technologies to ensure the proper functioning of Betman Casino, enhance your experience, analyse usage, and support marketing activities. Cookies are small text files stored on your device when you visit our website.

  • Types of cookies we use:
    • Session cookies: temporary cookies that are deleted when you close your browser. They are necessary for basic functionality such as logging in, maintaining your session, and processing game and payment requests.
    • Persistent cookies: cookies that remain on your device for a defined period or until you delete them. They help remember your preferences (e.g. language, currency, cookie settings) and support analytics and marketing.
    • First-party cookies: cookies set directly by betman-au.com.
    • Third-party cookies: cookies set by third parties, such as analytics providers, advertising networks, affiliate tracking platforms, and social media services integrated on our site.
  • Purposes of cookies:
    • Strictly necessary / functional: required for the site to function (e.g. security, load balancing, account login). These cannot be disabled via cookie settings without affecting service functionality.
    • Performance and analytics: used to collect aggregated information about how visitors use our website (for example, which pages are visited most). This helps us improve performance and usability.
    • Advertising and marketing: used to deliver and measure personalised promotions and advertising, including through affiliates and partner sites, and to limit how often you see particular ads.

Cookie management. When you first visit our site (and periodically thereafter), you may be presented with a cookie banner or settings panel that allows you to accept or manage non-essential cookies. You can also control cookies through your browser settings by blocking, deleting, or restricting certain types of cookies. However, blocking essential cookies may impair your ability to use some features of our services.

Where required by law, we will only place non-essential cookies (such as advertising cookies) after you have given your consent. You can withdraw or modify your cookie preferences at any time via our cookie settings interface (if available) or by adjusting your browser settings.

5. Data Security

We take the security of your personal data seriously and implement organisational, technical and physical measures designed to protect it against unauthorised access, alteration, disclosure or destruction. While no system can be completely secure, we continuously assess and enhance our controls in line with industry practices.

  • Encryption and transmission security: data transmitted between your device and our servers is protected using Transport Layer Security (TLS) version 1.2 or higher, helping to ensure confidentiality and integrity in transit. Sensitive data is encrypted or otherwise protected at rest, using strong cryptographic standards where appropriate.
  • Access controls and authentication: access to personal data is restricted to authorised personnel who need it to perform their duties, based on role-based access controls. We use strong authentication practices, maintain unique credentials for staff, and encourage (and may in some cases require) additional authentication measures for player accounts.
  • Infrastructure and application security: we use firewalls, intrusion detection and prevention systems, endpoint protection, and secure networking practices to protect our systems. Our applications are developed and maintained following secure coding standards and are subject to periodic security testing and vulnerability management.
  • Monitoring and incident response: systems and logs are monitored for suspicious activity, and we maintain incident response procedures to identify, assess, and mitigate potential security breaches. Where required by law, we will notify affected individuals and relevant authorities of certain data breaches without undue delay.
  • Staff awareness and training: employees and contractors with access to personal data are bound by confidentiality obligations and receive training on data protection, security and responsible handling of customer information.
  • Standards and best practices: our security program is designed with reference to recognised frameworks such as ISO/IEC 27001 and SOC 2. While Betman Operations Ltd may not hold formal certification under these standards, we aim to align our controls with their core principles.

16. Complaints & Contacts

If you have questions, concerns or complaints about how we handle your personal data, we encourage you to contact us first so that we can try to resolve the issue directly.

Internal contact channels

  • Data Protection Officer (primary): [email protected]
  • Customer support: [email protected]
  • Online forms: When a contact or feedback form is available on betman-au.com, you may submit privacy-related enquiries by selecting the relevant category (for example, "Privacy" or "Data Protection").

Complaint procedure

  1. Step 1 - Submit your complaint: Send a detailed description of your concern to our DPO at [email protected], including your account ID, contact details, and any relevant supporting information. Please specify if your complaint relates to a particular privacy right or to a suspected breach of data security.
  2. Step 2 - Acknowledgement: We will acknowledge receipt of your complaint as soon as reasonably practicable, usually within seven (7) days.
  3. Step 3 - Investigation: We will investigate your complaint thoroughly, which may include requesting additional information from you, consulting relevant internal teams, and reviewing system logs or records.
  4. Step 4 - Response: We aim to provide a substantive response within thirty (30) days from receipt of a complete complaint. If we are unable to respond within this timeframe due to complexity or volume, we will inform you of the delay and the expected new timeframe.
  5. Step 5 - Escalation: If you are not satisfied with our response, you may request that the matter be escalated internally (for example, to senior management or our legal department) for further review.

External supervisory authorities

Depending on your location and the laws that apply, you may have the right to lodge a complaint with a data protection or privacy authority in your country of residence, place of work, or place of the alleged infringement. Examples include:

  • Australia: the Office of the Australian Information Commissioner (OAIC), which oversees compliance with the Privacy Act 1988 (Cth).
    Website: https://www.oaic.gov.au
  • Mexico: the National Institute for Transparency, Access to Information and Personal Data Protection (INAI), which oversees compliance with the LFPDPPP.
    Website: https://www.inai.org.mx
  • European Union / EEA: if GDPR applies to you (for example, because you are in the EEA), you may complain to your local data protection authority. Contact details for EU supervisory authorities are available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
  • United Kingdom: the Information Commissioner's Office (ICO) if UK GDPR applies to you.
    Website: https://ico.org.uk

We encourage you to contact us first, but you are not obliged to do so before contacting a supervisory authority where such a right exists under applicable law.

25. Updates

We may update this Privacy Policy from time to time to reflect changes in our services, technology, legal or regulatory requirements (including developments in Curaçao's licensing regime and changes to Australian, EU or Mexican privacy laws), or for other operational reasons.

  • Versioning and "Last updated" date: Each version of this Privacy Policy is identified by the "Last updated" date below. We encourage you to review the policy periodically.
  • Notification methods: For material changes, we will take appropriate steps to inform you, which may include:
    • sending an e-mail notification to the address associated with your account;
    • displaying a prominent notice or banner on betman-au.com or within your account dashboard;
    • providing in-account alerts requiring you to review and acknowledge key changes.
  • Advance notice for significant changes: Where required by law or where we believe changes materially affect your rights or the way we process your data (for example, expanding categories of data collected or changing significant aspects of sharing practices), we will provide, wherever practicable, at least thirty (30) days' advance notice before the changes take effect. Continued use of our services after the effective date of the updated policy will constitute your acknowledgment of the changes.
  • Your options: If you do not agree with the updated Privacy Policy, you may:
    • adjust your privacy and marketing settings, where available;
    • contact us to exercise your rights (including objection, restriction, or deletion, subject to legal limitations);
    • request account closure and, where permitted, withdrawal of any remaining balance, subject to our Terms and Conditions and AML obligations.
  • Historical versions: You may request a copy of previous versions of this Privacy Policy by contacting [email protected], and we will provide them where reasonably available.

Last updated: February 2026