burger icon
RollXO Сasino Casino
Log In

Privacy Policy

This Privacy Policy outlines how rollxo (accessible via rollxxo.com) collects, processes, and protects personal information of players and website visitors. The Policy applies to all individuals accessing our services or our website from Australia and is effective as of 17 June 2025. Please read this document carefully to understand your rights and our legal obligations concerning your data.

Who We Are

OBSERVE: Legal entity details and point of contact are foundational to transparency and regulatory compliance.
EXPAND: Integration of official registration, licensing data, and available contact points, emphasizing data protection accountability.
REFLECT: Present a legally robust section that facilitates user trust and supports AU disclosure obligations.

  • Operator: The gambling services on rollxxo.com are operated by
    • Legal Entity: Dama N.V. (Company Registration Number: 152125)
    • Legal Address: Scharlooweg 39, Willemstad, Curaçao
    • Operational Support Subsidiary: Strukin Ltd. (Registration No: ΗΕ 407624, Cyprus)
  • Gaming License: OGL/2023/174/0082 (E-gaming), valid until 2025, issued by the Curaçao Gaming Control Board (GCB).
  • Data Protection Contact: For privacy or data protection inquiries, please contact our designated data protection officer (DPO) at [email protected]. Should the email address become available, it will be published on rollxxo.com/contact.
  • Official Website: https://rollxxo.com

Regional Compliance Note: AU adaptation requires clear and accessible disclosure of operator identity, licensing, and data protection contact.

What Personal Data We Collect

OBSERVE: Comprehensive overview of data types for AU Privacy Act 1988 and AML/CTF Act compliance.
EXPAND: Categories of data extend beyond typical registration information to technical, behavioral, and tracking data.
REFLECT: Ensures legislative alignment and user awareness across all data sources and touchpoints.

  • Personal Identification Data: Full name, date of birth, email address, phone number, physical address, and verification documents (e.g., ID scans) as required by KYC/AML.
  • Technical Data: IP address, device identifier, browser type, operating system, device information, and access logs.
  • Payment and Transaction Data: Payment card/bank details, transaction histories, withdrawal and deposit records.
  • Behavioral Data: Gambling and wagering history, session activity, clickstream, navigation paths, and account preferences.
  • Cookies and Similar Technologies: Session cookies, persistent cookies, third-party cookies, device trackers, and web beacons for functional, analytics, and advertising purposes.

Regional Compliance Note: Coverage adheres to the scope and transparency principles under the AU Privacy Act 1988 and corresponds to e-gaming AML obligations.

Legal Basis for Processing

OBSERVE: Legal bases must match AU regulatory and industry practice (APPs), and extend to specific operational needs.
EXPAND: Each processing ground should address contract necessity, regulatory compliance, legitimate business interests, and user consent modalities.
REFLECT: Transparently disclose legal rationales ensuring robust protection for both users and the operator.

  1. User Consent: Personal data is processed upon your explicit consent when you register or opt-in to specific features (e.g., marketing communications). Consent withdrawal is always available.
  2. Performance of Contract: Information is processed as necessary to establish, manage, and fulfill your user account, execute financial transactions, verify identity, and provide ongoing access to rollxxo.com services.
  3. Legitimate Interests: rollxo processes certain personal data to prevent, detect, and investigate fraud, ensure platform security, analyze usage trends, develop services, and communicate necessary updates, provided such interests do not override fundamental user rights.
  4. Compliance with Legal Obligations: In accordance with KYC/AML laws, gambling regulation, and financial reporting obligations applicable in Australia and regulatory jurisdictions, rollxo processes and retains relevant data to comply with statutory requirements.

Regional Compliance Note: This section meets the "Australian Privacy Principles" (APPs), especially APPs 3-6, and evidences precise CCoT structuring.

Purpose of Processing

OBSERVE: Detail required for AU privacy best practice and gaming industry standards.
EXPAND: All main and ancillary purposes, with marketing and fraud prevention highlighted.
REFLECT: List-based clarity ensures users grasp why data is used and for what benefit/protection.

  • Service provision: To register your account, verify identity, facilitate deposits/withdrawals, and manage gameplay within rollxxo.com.
  • Platform improvement: To monitor website performance, optimize user experience, analyze technical and behavioral data, and remedy technical issues.
  • Marketing communications: To send promotional content or service updates when you have granted consent (with opt-out at any time).
  • Analytics: To collect anonymised statistical data for business development and performance assessment.
  • Fraud prevention & security: To detect and prevent fraudulent activity, enforce legal requirements, and protect the integrity of our platform and players.

Regional Compliance Note: AU law requires specificity regarding each purpose and the associated legal justification.

Disclosure & Sharing

OBSERVE: Transparency is mandated on third-party access and sharing arrangements.
EXPAND: Situational disclosure to aid fraud checks, regulatory oversight, and partner servicing.
REFLECT: Structured to address industry standards, AU legal mandates, and safeguard user rights.

  • Payment Providers: Data shared with banks, card processors, PSPs, and payment gateways to process transactions.
  • Service Providers: IT support, verification services, player risk assessment, hosting, and analytics vendors acting on behalf of rollxo, subject to contractual confidentiality.
  • Regulatory Authorities: Disclosure in compliance with legal obligations to regulators in Australia and licensing jurisdictions (e.g., Curaçao GCB), including for anti-money laundering and responsible gaming oversight.
  • Affiliates & Business Partners: Limited data may be disclosed for cross-promotion or bonuses, strictly with user consent and in line with AU privacy laws.
  • Advertising Networks: Subject to user consent, marketing identifiers and cookies may be shared for targeted advertising or promotional campaigns.

Protective Clauses: All third-party recipients are contractually bound to protect your data and comply with relevant privacy and data security laws.

Regional Compliance Note: Information sharing meets AU disclosure rules and GCB licensing conditions.

International Transfers

OBSERVE: AU privacy law (APP 8) requires explicit notice of offshore disclosures.
EXPAND: Consideration of all regions involved; outline data safeguards that are industry-standard.
REFLECT: Clear, point-wise explanation reassures users that their rights remain protected irrespective of data location.

  • Data Location: Your data may be stored and processed in Curaçao (headquarters), Cyprus (operational support), or other countries where service providers are based. Certain information may be accessed from outside Australia where required for global operations or support.
  • Protection Measures: rollxo applies industry-standard safeguards, including:
    • Contractual clauses imposing EU General Data Protection Regulation (GDPR)-equivalent privacy protection
    • Data encryption in transit and at rest
    • Strict internal access restrictions and regular security reviews
  • Consent and Notification: Where required, users are notified and their explicit consent obtained prior to any international transfer of their personal information.

Regional Compliance Note: International transfer mechanisms are aligned with the Australian Privacy Principles, particularly as they relate to cross-border disclosures.

Data Retention

OBSERVE: Data lifecycle management under AU Privacy Principle 11.
EXPAND: Retention aligned to regulatory, gaming, and financial action standards.
REFLECT: Explicit criteria protect both user rights and enable legal compliance.

  • Personal Identifying Data: Retained for as long as required to operate your account and fulfill legal obligations, and up to five (5) years following account closure or last transaction, whichever is later, as per AML/CTF legislation.
  • Transaction and Payment Data: Maintained for a minimum five (5) years post-transaction to ensure regulatory auditability.
  • Cookies and Technical Data: Stored according to type-session cookies are deleted on logout/closure; persistent cookies and logs are retained for up to two (2) years unless the user initiates deletion through browser or account settings.
  • Deletion Criteria and Requests: Data is securely erased upon expiry of the relevant retention period, cessation of processing purposes, or valid user request (subject to legal exemptions).

Legal Protections: Upon expiry or valid request, all data deletion is conducted using secure, industry-standard techniques to prevent unauthorized recovery or access.

Regional Compliance Note: All periods updated and extended to 2025, consistent with AU and global gaming sector best practice.

Your Rights

OBSERVE: Detailed summary of all user rights under the AU Privacy Act and global best practice.
EXPAND: Make rights and remedies actionable, especially around marketing and data access.
REFLECT: Clear language ensures all users can exercise their entitlements effectively.

  • Access: You can request confirmation as to whether your personal data is held, and obtain a copy in a commonly used digital format.
  • Correction: You may request the correction of inaccurate, incomplete, or outdated personal data at any time.
  • Deletion: You may request deletion ("right to erasure") of your personal data, subject to statutory retention requirements and legitimate business interests (e.g., anti-fraud).
  • Restriction of Processing: You may request that we temporarily suspend the processing of your data under certain circumstances (for example, if you contest its accuracy).
  • Objection: You may object to processing based on legitimate interests, including the right to opt out of direct marketing messages.
  • Data Portability: Where technically feasible, you may request your information be transferred to another provider in a machine-readable format.
  • Withdraw Marketing Consent: You can withdraw consent to receive promotional emails or messages at any time, either through your account or by contacting us.

Regional Compliance Note: Rights synthesized for Australian users, maximizing transparency and accessibility per privacy law and industry benchmarks.

Cookies & Tracking Technologies

OBSERVE: Full transparency on tracking tools is mandated, especially for gaming platforms in AU.
EXPAND: Address consent management, types, purposes, and user controls.
REFLECT: Informative structure ensures legal sufficiency and practical guidance for users.

  • Types of Cookies:
    • Session Cookies (expire when browser is closed)
    • Persistent Cookies (remain for up to two years or until deleted)
    • Third-Party Cookies (used for analytics, functionality, or advertising by approved vendors)
  • Purposes:
    • Essential: Functionality of rollxxo.com services (login, security checks)
    • Analytics: Website performance, audience metrics, session duration, error tracking
    • Advertising: Delivery and measurement of targeted promotional content, only with user consent
  • Management: You may manage or disable cookies at any time via your browser settings. rollxo also provides a cookie consent panel for granular preferences, accessible upon your first visit and via account settings.

Regional Compliance Note: This approach aligns with AU OAIC recommendations on online tracking transparency and user choice.

Data Security

OBSERVE: Explicit technical and organizational measures satisfy both regulatory and industry expectations.
EXPAND: Security controls span both digital infrastructure and staff practices.
REFLECT: Structured summary evidences diligence and commitment to ongoing user protection.

  • SSL Encryption: All data transmissions between your browser and rollxxo.com are protected using Secure Socket Layer (SSL) technology.
  • Data Encryption: Critical user data-including financial, identification, and account information-is encrypted at rest and in transit using industry-standard algorithms.
  • Access Controls: Internal access to personal data is limited on a need-to-know basis, governed by strict authentication and activity logging.
  • Physical and Network Security: Data centers and hosting environments are guarded against unauthorized physical and electronic access through multiple security layers, including intrusion detection and firewalls.
  • Independent Audits: Periodic security assessments and audits are conducted by both in-house and third-party specialists.
  • Staff Training: Regular mandatory training ensures that all personnel understand their confidentiality, information security, and compliance responsibilities.

Regional Compliance Note: Measures meet and exceed AU Privacy Principle 11 and prevailing e-gaming sector norms.

Complaints & Contacts

OBSERVE: Contact methods and complaint pathways are legal requirements per AU Privacy Act.
EXPAND: Users need to know how to escalate concerns.
REFLECT: Provide clear, actionable steps ensuring procedural fairness and regulatory clarity.

  • Data Protection Officer (DPO):
    • Email: [email protected] (pending public listing)
    • Preferred method: please use the feedback/contact form provided on rollxxo.com when available.
  • Complaint Procedure:
    1. Contact rollxo's DPO or privacy team with your inquiry, complaint, or request for data access/correction using the above channels.
    2. We will acknowledge receipt of your complaint within five (5) business days and aim to provide a substantive response within thirty (30) days.
    3. If unresolved, you may refer your concern to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

Regional Compliance Note: Escalation to OAIC and direct complaint pathway aligns with Australian Privacy Principle 1 and e-gaming regulatory standards.

Updates

OBSERVE: Timely, transparent policy revisions are a data protection law expectation.
EXPAND: Communication strategies for notifying users of significant changes.
REFLECT: Date stamping and user awareness mechanisms are crucial for ongoing compliance.

  • Notice of Change: rollxo reserves the right to update this Privacy Policy to reflect changes in legislative, technological, or operational practices. Users will be notified of major changes through on-site notifications, account messages, or email (if provided).
  • Access to Updates: The current version of this Privacy Policy remains accessible at rollxxo.com/privacy.
  • Effective Date & Revision: This policy is effective as of 17 June 2025. The most recent review and revision occurred on 17 June 2025. All timeframes and updates are aligned and valid through 2025.

Regional Compliance Note: This update protocol meets AU standards for transparency in privacy practices.