burger icon
Dollycasino Australia
Log In

Privacy Policy

This Privacy Policy explains how Dollycasino, operated via the website https://dollybet-au.com (the "Website"), collects, uses, stores, shares, and protects personal information of players and other visitors. It applies to all individuals who access or use the Website, register an account, participate in games, or otherwise interact with us online. This Privacy Policy is effective from 1 February 2026 and replaces any earlier versions published on the Website.

By using the Website, you acknowledge that your personal data will be processed in accordance with this Privacy Policy and our Terms and Conditions. If you do not agree with this Privacy Policy, you should not use the Website or our services.

Who We Are

The online gambling services offered through dollybet-au.com under the brand "Dollycasino" and targeted to Australian players as "Dollycasino" are operated by:

  • Operator: Rabidi N.V., a public limited company (N.V.) organised under the laws of Curaçao, operating multiple online casino brands including Dollycasino.
  • Registered / corporate location: Curaçao (Kingdom of the Netherlands). For licensing purposes, the address currently listed in the gaming licence details is Scharlooweg 39, Willemstad, Curaçao.
  • Gaming licence: Sub-licence No. 8048/JAZ2020-001 issued under the master licence held by Antillephone N.V., Curaçao eGaming framework.

Financial transactions for certain payment methods (for example, PayID, Neosurf, card payments and other fiat options) may be processed on behalf of Rabidi N.V. by:

  • Payment agent: Tilaros Limited, a limited company incorporated in Cyprus, registration number HE 406322, located in Nicosia, Cyprus, acting as payment processor/payment agent for Rabidi N.V.

In this Privacy Policy, "Dollycasino", "Dollycasino", "we", "us", or "our" refers to Rabidi N.V. (and, where applicable, its payment agent Tilaros Limited) operating the Website dollybet-au.com for Australian-facing traffic.

We are established outside Australia and operate under a Curaçao gambling licence. The Australian Communications and Media Authority (ACMA) may block access to some of our domains and mirrors in accordance with Australian interactive gambling rules. This Privacy Policy covers only how we handle your personal information; it does not determine whether you are legally permitted to use offshore gambling services in your jurisdiction.

Data Protection Contact

We have appointed a dedicated privacy contact function (data protection officer/department) to oversee questions in relation to this Privacy Policy:

  • Privacy contact / DPO: Data Protection Officer, Rabidi N.V.
  • Email: [email protected] (for privacy and data protection queries only)
  • Postal contact: Data Protection Officer, Rabidi N.V., Scharlooweg 39, Willemstad, Curaçao (please clearly mark your letter "Privacy - Dollycasino")

You may also contact us via any support channels listed on the "Contact Us" section of the Website and indicate that your request concerns privacy or personal data.

What Personal Data We Collect

We collect and process different categories of personal data when you visit our Website, register an account, deposit or withdraw funds, use our games, or otherwise interact with us. The main categories are:

  • Identification and contact data
    • Full name, date of birth, country of residence and address.
    • Email address and phone number.
    • Government-issued identification details (e.g. passport, driver's licence) and copies of documents you provide for verification (KYC) purposes.
  • Account and gameplay data
    • Username, account ID, password (stored in hashed form), security settings.
    • Betting and gaming history, including games played, stakes, wins/losses, bonuses used, tournaments joined.
    • Responsible gambling settings (deposit limits, loss limits, time limits, self-exclusion status).
  • Payment and financial data
    • Payment method details (for example, bank account used with PayID, card type and masked card number, Neosurf voucher details, e-wallet information, or other providers supported on dollybet-au.com).
    • Transaction records (deposits, withdrawals, chargebacks, refunds, account balances, bonuses credited).
    • Data from payment processors and banks used to complete your transactions and to comply with anti-money laundering (AML) obligations.
  • Technical and device data
    • IP address, approximate geolocation derived from IP, device identifiers, browser type and version, language, operating system, screen resolution.
    • Log data about access times, login attempts (successful and failed), pages viewed, game sessions, session duration, and other diagnostic logs.
  • Usage and behavioural data
    • Clicks, navigation paths, time spent on different pages, game preferences, marketing preferences, interaction with banners and offers.
    • Information used for risk profiling and fraud detection (for example, atypical betting patterns, multiple accounts, device fingerprinting indicators).
  • Cookies and similar technologies
    • Cookie identifiers, session IDs, tracking pixels, and similar technologies used to remember your preferences, authenticate you, and analyse how the Website is used.
  • Communication data
    • Records of emails, chat sessions, support tickets, and other communications with us.
    • Information contained in complaints, feedback, or survey responses.
  • Third-party and publicly available data
    • Data received from KYC/AML service providers, payment partners, or other business partners (for example, verification of identity, sanctions and politically exposed person (PEP) checks, fraud alerts).
    • Limited information from marketing partners or affiliates if you arrive at dollybet-au.com through their links (e.g. campaign ID, affiliate ID, bonus entitlement).

We do not intentionally collect special categories of personal data (such as health data) except where it is provided by you and strictly necessary (for example, medical evidence supporting a responsible gambling self-exclusion request). In such cases we will handle this information with heightened care.

Legal Basis for Processing

Because we serve players from multiple jurisdictions, we structure our processing in line with internationally recognised principles, including those found in the EU General Data Protection Regulation (GDPR), the Australian Privacy Principles under the Privacy Act 1988 (Cth), and Mexican data protection rules where relevant. Depending on the situation, we rely on one or more of the following legal bases:

  • Performance of a contract
    • To create and manage your gaming account on dollybet-au.com.
    • To process deposits, wagers, and withdrawals, including via payment providers such as PayID and Neosurf.
    • To provide customer support and operate loyalty, VIP or promotional programs you join.
  • Compliance with legal obligations
    • To conduct identity verification (KYC) and AML/CTF checks under applicable financial crime regulations and Curaçao licensing requirements.
    • To keep accounting and transactional records for tax, bookkeeping, and regulatory reporting purposes.
    • To respond to lawful requests from courts, regulators (including Antillephone N.V., and where applicable, privacy regulators in other jurisdictions), or law enforcement.
  • Legitimate interests
    • To secure our systems, prevent fraud and abuse, protect our games, and ensure the integrity of our promotions.
    • To analyse usage patterns to improve our Website, games, and user experience.
    • To defend our legal rights and bring or defend legal claims or complaints (including disputes escalated via Antillephone N.V.).
    • To send limited service-related communications (for example, important account or security notifications) that you cannot reasonably opt out of.
  • Consent
    • To send you marketing communications by email, SMS, push notifications or other electronic means, where required by law.
    • To place and read non-essential cookies (e.g. advertising and advanced analytics cookies) where consent is required.
    • To process certain sensitive information you voluntarily provide (for example, supporting documents related to responsible gambling requests).

Where we rely on consent, you may withdraw it at any time as described in the "Your Rights" and "Cookies & Tracking Technologies" sections. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

Purpose of Processing

We process your personal data only for specific, explicit and legitimate purposes, and we do not use it in ways incompatible with those purposes. The main purposes are:

  • Providing and operating our casino services
    • Registering and maintaining your player account, verifying your eligibility and age, and enabling you to access games and features.
    • Processing deposits and withdrawals in AUD and other currencies supported on dollybet-au.com, including via payment methods such as PayID and Neosurf.
    • Managing bonuses, free spins, tournaments, loyalty programs, and other promotions.
  • Compliance, risk management and fraud prevention
    • Carrying out KYC and AML checks, monitoring for suspicious transactions, and complying with anti-fraud obligations.
    • Preventing, detecting and investigating abuse of our services, bonus abuse, collusion, chargebacks, money laundering or other illegal activities.
    • Ensuring that self-exclusion and responsible gambling limits are respected.
  • Improvement and analytics
    • Analysing Website and game usage, understanding how players interact with our services and where improvements are needed.
    • Testing new features, games and security measures, and optimising performance for different devices and networks.
  • Customer support and communications
    • Handling enquiries, complaints, and feedback via email, chat and other channels.
    • Sending service-related messages, including important security alerts, changes to our terms, and operational notifications.
  • Marketing and personalisation
    • Providing you with tailored promotions, offers and bonuses based on your preferences and activity, where permitted by law and your settings.
    • Running surveys, loyalty programs, and other engagement initiatives to better understand player preferences.
  • Legal and business purposes
    • Maintaining business records, managing risks, performing audits and ensuring compliance with our licensing and contractual obligations.
    • Handling disputes, regulatory enquiries, and defending legal claims.

Disclosure & Sharing

We treat your personal data as confidential and do not sell player lists. However, we may share your data with selected third parties where necessary for the purposes described in this Privacy Policy, subject to appropriate safeguards:

  • Group entities and payment agents
    • Rabidi N.V. and its affiliated entities involved in the operation of Dollycasino.
    • Tilaros Limited (HE 406322, Cyprus) and any other designated payment agents processing payments on our behalf.
  • Payment service providers and financial institutions
    • Banks, card schemes, PayID and Neosurf providers, e-wallet operators and other financial institutions facilitating deposits and withdrawals.
    • Chargeback, risk and fraud management providers used to assess and manage financial risks.
  • Service providers and technical partners
    • IT hosting providers, cloud infrastructure providers, game platform suppliers, content delivery networks (CDNs), and email/SMS service providers.
    • Analytics and security vendors helping us monitor performance, detect intrusions, and secure our systems.
  • KYC, AML and fraud prevention partners
    • Identity verification providers, sanctions/PEP screening tools, fraud prevention agencies and similar partners helping us comply with legal obligations and manage risks.
  • Marketing and affiliate partners
    • Affiliates and marketing networks that refer players to dollybet-au.com, to track performance of campaigns, attribute bonuses and measure marketing effectiveness.
    • Advertising networks and analytics partners, where you have consented to non-essential cookies or where applicable law permits such sharing.
  • Regulators, dispute resolution bodies and law enforcement
    • Our gaming licensor Antillephone N.V. and other relevant regulators or authorities in Curaçao or other jurisdictions, when required by law or licence conditions.
    • Courts, police, financial intelligence units, and other law enforcement agencies if we are legally required to share data or if sharing is necessary to prevent or investigate crime.
    • The master licence holder's complaints contact (currently [email protected]) where we are asked to provide information in connection with a formal dispute about our conduct.
  • Business transfers
    • Potential buyers, investors, or other parties in connection with any actual or contemplated merger, acquisition, sale of assets, restructuring or similar corporate transaction involving Rabidi N.V. or the Dollycasino brand, subject to confidentiality obligations.

Whenever we share data with third parties, we require them to use it only for the purposes specified by us, to protect it appropriately, and to comply with applicable data protection laws and contractual safeguards.

International Transfers

Because we operate an offshore online casino serving players in different regions, your personal data may be transferred to, and processed in, countries other than the one in which you are located. These countries may have different data protection laws and may not provide the same level of protection as your home jurisdiction. In particular:

  • Your data will be processed in Curaçao, where Rabidi N.V. is located and licensed.
  • Your data may be processed in Cyprus and other European Economic Area (EEA) countries where Tilaros Limited or our EU-based service providers operate.
  • Your data may be processed in other countries (for example, the European Union, the United Kingdom, and the United States) where our technology, hosting, analytics, fraud prevention, or support providers are located.
  • Australian players should be aware that their data will generally be stored outside Australia and subject primarily to the laws of non-Australian jurisdictions.

Where we transfer personal data from the EEA, the UK, or other jurisdictions with cross-border transfer rules to countries that do not provide an "adequate" level of protection, we implement appropriate safeguards, such as:

  • Standard contractual clauses (SCCs) approved by the European Commission or equivalent contractual safeguards under UK or other local laws.
  • Data processing and security agreements with our processors specifying technical and organisational measures.
  • Additional safeguards where appropriate, including encryption and minimisation of transferred data.

We monitor legal developments (such as updated EU transfer frameworks). We do not rely on the invalidated EU - US Privacy Shield; where relevant, we may rely on the EU - US Data Privacy Framework or equivalent mechanisms as they become applicable.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, accounting, and reporting requirements, and to resolve disputes. Retention periods may vary depending on the data type and applicable law or regulatory expectations. In general:

  • Player account and identification data
    • Stored for the duration of your account's active status and, after closure, typically for up to five (5) years, unless a longer retention period is required by AML, tax or gaming regulations, or needed to resolve disputes.
  • KYC and AML documentation
    • Stored for at least the period required under AML and gaming laws applicable to Rabidi N.V. (generally between five (5) and seven (7) years from the end of the relationship or from the date of the relevant transaction), and then securely deleted or anonymised.
  • Payment and transaction data
    • Stored for at least five (5) years from the relevant transaction or account closure, to comply with financial record-keeping obligations and to manage disputes or chargebacks.
  • Gameplay and behavioural data
    • Stored while your account is active and for a reasonable period (normally up to five (5) years) after closure, in line with our legitimate interests in fraud prevention, dispute resolution and regulatory reporting.
  • Marketing data
    • Stored until you withdraw your consent or opt out of marketing, or after a defined inactivity period, after which we may retain limited suppression records to ensure we respect your opt-out.
  • Technical logs and security data
    • Stored for shorter periods (often from several months up to two (2) years), unless a security incident or investigation requires a longer retention.
  • Complaints and dispute records
    • Stored for the duration of the complaint/dispute and for a minimum of five (5) years thereafter, or longer if required by law or for ongoing proceedings.

When personal data is no longer required, we will either securely delete or irreversibly anonymise it. In some circumstances, we may anonymise your data so that it can no longer be associated with you, for example to use aggregated statistics for analysis and reporting.

Your Rights

We aim to respect data subject rights as reflected in the EU General Data Protection Regulation (GDPR) and, where relevant, in Mexican data protection law (including the Federal Law on Protection of Personal Data Held by Private Parties - LFPDPPP and associated regulations on ARCO rights), and to provide similar rights to users elsewhere (including in Australia) where technically and legally feasible.

Overview of Your Rights

  • Right of access
    • You can request confirmation whether we process your personal data and obtain a copy of the data and information about how it is used.
  • Right to rectification / correction
    • You can ask us to correct inaccurate or incomplete personal data (for example, an outdated address or phone number).
  • Right to erasure ("right to be forgotten" / cancellation)
    • You can request deletion of your personal data where there is no compelling reason for us to continue processing it, for example where it is no longer needed or where you withdraw consent and there is no other legal basis.
    • We may need to retain certain data despite your request if required for legal obligations (for example, AML or tax laws) or to establish, exercise or defend legal claims.
  • Right to restriction of processing
    • You can ask us to limit the processing of your data, for example while we verify its accuracy or where you object to our legitimate interests.
  • Right to object
    • You can object to processing based on our legitimate interests, including profiling for security or marketing, if you believe your interests or fundamental rights override ours.
    • You have an absolute right to object at any time to the use of your personal data for direct marketing.
  • Right to data portability
    • Where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, commonly used and machine-readable format and ask us to transmit it to another controller where technically feasible.
  • Rights under Mexican law (ARCO rights)
    • If Mexican data protection law applies to you, you may exercise ARCO rights: Acceso (access), Rectificación (rectification), Cancelación (erasure/cancellation) and Oposición (objection), in line with the LFPDPPP and its Regulations.
  • Right to withdraw consent
    • Where we rely on your consent (for example, for marketing communications or non-essential cookies), you may withdraw this consent at any time using the tools provided (such as unsubscribe links) or by contacting us.
  • Right to lodge a complaint
    • You may lodge a complaint with us and/or with a competent data protection authority (see "Complaints & Contacts" below).

How to Exercise Your Rights

  1. Submit a request
    • Contact us at [email protected] or via the support channels on the Website, clearly describing the right you wish to exercise and the data concerned.
  2. Identity verification
    • For your security, we may ask you to provide information to confirm your identity (for example, logging into your account, providing a confirmation code, or additional documentation where reasonably needed).
  3. Response timeframe
    • We aim to respond to your request within 30 days of receipt. If your request is particularly complex or we receive numerous requests, we may extend this period by a further reasonable period (up to an additional 30 days), in which case we will inform you of the extension and reasons.
  4. Fees
    • Requests are generally handled free of charge. However, where permitted by law, we may charge a reasonable fee or decline to act on requests that are manifestly unfounded, repetitive, or excessive.
  5. Limitations
    • We may refuse or partially comply with a request where we are legally required to keep certain data, where the rights of others would be adversely affected, or where other lawful exemptions apply. We will explain the reasons where we are permitted to do so.

Cookies & Tracking Technologies

Our Website uses cookies and similar technologies to distinguish you from other users, enhance your experience, and help us improve our services. Cookies are small text files stored on your device when you visit a website. We categorise them as follows:

Types of Cookies

  • Strictly necessary (session) cookies
    • These cookies are essential to operate the Website and enable core functions such as logging in, maintaining your session, processing payments, and providing basic security.
    • They are typically session cookies that expire when you close your browser.
  • Functional (persistent) cookies
    • These cookies remember your preferences and choices (for example, language, region, preferred games) to provide a more personalised experience.
    • They may be stored on your device for a longer period (e.g., several months) or until you delete them.
  • Analytics and performance cookies
    • These cookies help us understand how visitors use the Website (e.g., which pages are visited most frequently, how users navigate between pages, error messages).
    • We use this information to improve performance and user experience. These may be first-party or third-party cookies (for example, from analytics providers).
  • Advertising and tracking (third-party) cookies
    • These cookies may be set by us or by advertising/affiliate partners to deliver relevant advertisements or track the effectiveness of campaigns that bring users to dollybet-au.com.
    • They may track your browsing across our Website and, in some cases, other websites (depending on the partner's technology and your consent).

Managing Cookies

  • Browser settings
    • You can usually configure your browser to refuse all or some cookies, to notify you when a cookie is set, or to delete cookies. The "Help" section of your browser will provide information on how to do this.
  • On-site cookie tools
    • Where available, you can use our cookie banner or preference centre on the Website to manage your consent for non-essential cookies (e.g., analytics and advertising cookies).
  • Consequences of disabling cookies
    • If you block or delete cookies, some parts of the Website may not function properly. For example, you may not be able to log in, save your preferences, or complete transactions.

More detailed information on specific cookies used on dollybet-au.com, where required, may be provided in a separate cookie notice or within our cookie management tool.

Data Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, misuse, or alteration. While no system can be guaranteed as completely secure, we follow industry good practices, including:

  • Encryption in transit and at rest
    • We use TLS (Transport Layer Security) 1.2 or higher to encrypt data transmitted between your browser and our servers.
    • Where appropriate, we encrypt stored data or use other measures (such as tokenisation and hashing) to protect sensitive information like passwords and certain payment data.
  • Access control and authentication
    • Access to player data is restricted to authorised personnel who require it for their job role (e.g., customer support, payments, risk, compliance).
    • We implement strong authentication mechanisms for internal systems and may use multi-factor authentication for critical access.
  • System and network security
    • We use firewalls, intrusion detection and prevention systems, anti-malware tools, and other security controls to protect our infrastructure.
    • Our systems are regularly updated and patched to mitigate known vulnerabilities.
  • Monitoring, audits and risk management
    • We monitor our systems for suspicious activity and conduct periodic security assessments and audits with internal and external experts.
    • We maintain logs to support forensic analysis in case of incidents.
  • Staff training and confidentiality
    • Employees and contractors with access to personal data are bound by confidentiality obligations and receive training on data protection and information security.
  • Incident response
    • We maintain incident response procedures to handle suspected or actual data breaches, including investigation, containment, remediation, and notification to affected individuals and relevant authorities where required by law.

Our controls are designed with reference to recognised international standards (such as ISO/IEC 27001 or SOC 2) even though we may not hold formal certifications. We continually review and improve our security measures in light of technological developments and evolving threats.

Complaints & Contacts

If you have any questions, concerns, or complaints about how we handle your personal data, we encourage you to contact us first so we can try to resolve the issue directly.

How to Contact Us

  • Privacy contact / DPO
    • Email: [email protected]
    • Postal: Data Protection Officer, Rabidi N.V., Scharlooweg 39, Willemstad, Curaçao
  • General support
    • Visit the "Contact Us" or support section on dollybet-au.com to reach our customer support team via the available channels (e.g., live chat, email form). Please mention that your enquiry relates to privacy if applicable.

Internal Complaint Procedure

  1. Stage 1 - Customer support
    • Submit your concern to customer support or directly to the privacy contact. Include your account ID (if any), contact details, and a clear description of your issue.
  2. Stage 2 - Escalation to privacy contact / DPO
    • If your issue is not resolved at Stage 1, or if it specifically concerns data protection, it will be escalated to our Data Protection Officer or privacy team.
    • We aim to acknowledge complaints within a reasonable time (usually within 5 business days) and to provide a substantive response within 30 days, or inform you if more time is needed.

External Escalation - Data Protection Authorities

If you are not satisfied with our response, or you believe your data protection rights have been violated, you may have the right to lodge a complaint with a supervisory authority. Depending on your location and applicable law, this may include:

  • Mexico - INAI (for matters falling under Mexican privacy law)
    • Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI)
    • Website: https://www.inai.org.mx
  • European Union / EEA (if GDPR applies to you)
    • You may lodge a complaint with your local data protection authority in the EEA, or with the authority in the Member State of your habitual residence, place of work, or alleged infringement.
    • A list of EU/EEA supervisory authorities is available via the European Data Protection Board: https://edpb.europa.eu/about-edpb/about-edpb/members_en
  • Australia - OAIC (for Australian privacy enquiries)
    • Office of the Australian Information Commissioner (OAIC)
    • Website: https://www.oaic.gov.au
    • Phone (within Australia): 1300 363 992
    • Please note that we are an offshore operator established outside Australia; OAIC's jurisdiction and remedies may be limited in practice.

Nothing in this Privacy Policy limits any rights you may have to complain to or seek remedies from the relevant authority under applicable law.

Gambling Disputes and Regulatory Complaints

For disputes specifically relating to gambling services (for example, unpaid winnings or bonus terms), which may involve but are not limited to privacy matters:

  • First follow our internal complaint procedure via customer support.
  • If you remain dissatisfied, you may contact the master licence holder's complaints email: [email protected], as indicated by Antillephone N.V., providing details of your account and dispute.
  • Australian players can obtain general information about offshore gambling site blocking and regulatory actions from the ACMA at https://www.acma.gov.au/interactive-gambling. This is an information resource and not a direct dispute resolution channel for offshore casinos.

Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will revise the "Last updated" date at the end of this document.

How We Notify You of Changes

  • Minor changes
    • For non-material changes (for example, clarifications, formatting), we will update the Privacy Policy on the Website. Your continued use of the Website after the changes become effective will signify your acceptance.
  • Material changes
    • For significant changes affecting how we process your personal data (for example, new purposes, new categories of recipients, or changes in international transfers), we will provide more prominent notice, which may include:
      • Notification by email to the address registered on your player account.
      • In-account notifications or alerts in your player dashboard when you log in.
      • Banner or pop-up notices on the Website.
    • Where reasonably practicable, we will provide at least 30 days' advance notice before material changes take effect, so you have time to review them.

Your Options

  • If you do not agree with the updated Privacy Policy, you may choose to stop using the Website and, if you are a registered player, request closure of your account and, where applicable, withdrawal of your remaining balance subject to our Terms and Conditions and AML checks.
  • If required by law or if we introduce new processing activities based on consent, we may ask you to provide your consent again for those activities.

Last updated: February 2026