Bizzo Bizzo
Login Register


Privacy Policy

Last updated: 7 May 2026

Operator: TechSolutions (CY) Group Limited, trading as Bizzo Casino

Privacy Officer: [email protected]

This policy explains how Bizzo Casino collects, holds, uses and discloses personal information about Australian customers. It is drafted to be consistent with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APP 1–13). Each section below is tagged with the relevant APP so a reader can map our practice to the legislation directly.

1. Open and Transparent Management (APP 1)

We make this policy publicly accessible at bizzocasino.com/privacy. Our internal information-handling practices are reviewed at least annually by the compliance function and any material change is reflected in this document. The Privacy Officer reports to the operator's Compliance Lead and operates separately from commercial and marketing teams to keep the function independent.

2. Anonymity and Pseudonymity (APP 2)

You can browse the public pages of bizzocasino.com without giving any personal information. Once you choose to register, deposit or place a wager, anonymity is no longer practical because Australian and Curaçao anti-money-laundering law requires identifiable account holders. We will not insist on identification for general enquiries to live chat unless the enquiry concerns a specific account.

3. Collection of Solicited Personal Information (APP 3)

We collect only what we need. At registration: full name, date of birth, residential address, email, mobile, chosen currency. At first deposit: payment instrument metadata (card last 4 digits or bank account number, never the CVV). At verification: a copy of an accepted ID document, a selfie, and a recent utility or bank statement. Game-play data such as session timings, wagers, wins and losses is collected continuously while you are logged in.

4. Unsolicited Personal Information (APP 4)

If we receive personal information we did not ask for — for example, a screenshot in a support ticket containing a third party's data — we assess whether the information is needed for one of our functions. If not, we destroy or de-identify it within 30 days.

5. Notification of Collection (APP 5)

This policy and the Terms accepted at registration provide the notice required under APP 5. Where personal information is collected from a third-party source (for example, payment processors confirming a transaction), the same notification applies.

6. Use or Disclosure (APP 6)

We use the personal information we hold for the primary purposes of operating your account, processing financial transactions, complying with anti-money-laundering and responsible-gambling obligations, providing customer support and detecting fraud. Marketing use is opt-in at registration and you can opt out from the account settings panel; the opt-out propagates to email and PWA push within 24 hours.

7. Direct Marketing (APP 7)

If you opt in to marketing, we send promotional emails, push notifications and occasional SMS about offers relevant to play history. Every such message includes a one-tap unsubscribe. Opting out of marketing does not stop transactional notices (deposit confirmations, withdrawal updates, security alerts) — those remain regardless.

8. Cross-Border Disclosure (APP 8)

KYC documents are stored on AWS infrastructure in Frankfurt, Germany — within the EEA, under contracts that bind processors to GDPR-equivalent standards. Operational data sits with the operator entity in Cyprus. We do not transfer data to any other jurisdiction except in response to a valid law-enforcement request, a regulator order, or a court order in a country with reciprocal arrangements.

9. Adoption of Government Identifiers (APP 9)

We do not use Australian government identifiers (Tax File Number, Medicare number, etc.) as our internal identifier of you. Your Bizzo account ID is generated independently.

10. Quality of Personal Information (APP 10)

You can review and correct your personal information at any time through the account profile screen. Verifiable changes (name on legal record, date of birth) require evidence — typically a passport, licence or court-issued document — before we update the file.

11. Security of Personal Information (APP 11)

Account passwords are hashed with bcrypt at a work factor of 12. KYC documents are encrypted at rest with AES-256 and decryption keys are rotated quarterly. Internal access to KYC requires both two-factor authentication and a documented audit reason logged at the moment of access. We retain your data for 7 years after account closure to satisfy AML obligations under the Curaçao licence, and we delete it after that window unless a regulator has instructed otherwise.

12. Access (APP 12)

You can request a copy of every record we hold about you. Email [email protected] and we will return the file within 30 calendar days. We do not charge a fee for an access request unless the request is repetitive or unreasonably complex.

13. Correction (APP 13)

If a record is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to correct it. We will action a correction request within 30 days and confirm the action in writing. If we decline, we will explain why and your right to attach a statement to the record.

Cookies and Tracking

We use first-party cookies for session management, fraud detection and remembering your settings. We use a small number of third-party tags for analytics and conversion measurement; no third-party tag has access to your account credentials. You can manage cookie preferences in the cookie banner at first visit and from the footer link on every page.

Complaints

If you believe we have breached this policy or the Privacy Act 1988, contact the Privacy Officer first. We will acknowledge within 5 business days and respond within 30 calendar days. If our response is unsatisfactory, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.