The platform handles personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

Information collected

• Identity and contact details: name, date of birth, residential address, email, phone number, and verification documents such as a passport or driver licence.
• Account and verification records: account IDs, security settings, responsible gambling preferences, and results from KYC and AML/CTF checks including sanctions and politically exposed person screening.
• Transaction and payment information: deposit and withdrawal records, payment method details, amounts and timestamps. Payment service providers may store card or bank information in line with PCI DSS or equivalent standards.
• Gameplay and betting activity: wager history, outcomes, preferences, limits, and self-exclusion status.
• Device and technical data: IP address, device identifiers, operating system, browser type, log files, cookies, and approximate location where enabled by the user.
• Communications: chat messages, emails, support tickets, and call recordings for quality assurance and dispute resolution.
• Compliance and risk data: fraud indicators, security alerts, and records of interactions for risk and compliance reviews.

Why this information is collected

• To provide and manage services, verify identity, and operate accounts under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.
• To process payments, prevent fraud, ensure security, and resolve disputes.
• To support responsible gambling measures, including limits and self-exclusion.
• To maintain, improve, and analyse the online services and user experience.
• To meet legal, regulatory, and reporting obligations in Australia.

Protection measures

• Encryption in transit using modern TLS and encryption at rest for sensitive records.
• Strict access controls, role-based permissions, and multi-factor authentication for authorised staff.
• Network segmentation, firewalls, continuous logging, and security monitoring.
• Regular vulnerability scanning and periodic independent penetration testing.
• Staff training, confidentiality obligations, and privacy-by-design practices.
• Vendor due diligence and data processing agreements that require confidentiality and appropriate security.

Retention and deletion

• Records are kept only for as long as needed for the purposes in this policy or as required by law. AML/CTF records may be retained for at least 7 years.
• Information that is no longer required is deleted or de-identified in line with documented retention schedules.

User rights

• Access: request a copy of personal information held.
• Correction: ask for inaccurate or incomplete information to be corrected.
• Deletion: request deletion or de-identification where there is no legal requirement to retain the data.
• Complaints: lodge a complaint using the contact methods provided. If unresolved, a complaint can be made to the Office of the Australian Information Commissioner.

Compliance

• Handling of information follows the Privacy Act 1988 (Cth), the Australian Privacy Principles, and the Notifiable Data Breaches scheme.

Personal information is used for lawful purposes that a user would reasonably expect and as set out in this policy:

• Account delivery: setting up and managing accounts, verifying identity, and providing online services.
• Transactions: processing deposits, withdrawals, bonuses, and account adjustments.
• Support: responding to requests, investigating issues, and resolving disputes.
• Security and integrity: monitoring to detect, prevent, and investigate fraud, misuse, and prohibited activity.
• Responsible gambling: applying limits, time-outs, and self-exclusion, and recording interactions related to user welfare.
• Improvement and analytics: analysing performance and usage to maintain and enhance the websites and apps.
• Regulatory compliance: meeting obligations under Australian law including AML/CTF, reporting, and lawful requests from authorities.
• Marketing and service messages: sending service and security notices. Promotional messages are sent only where the user has consented and can be controlled through preferences.

Processing is conducted in a transparent manner consistent with this document and the Australian Privacy Principles.

Users can review, update, or correct profile details in account settings where available. For other requests, contact the support team through the help centre or contact form. A request may require identity verification. A response is usually provided within 30 days where reasonable.

Corrections and deletions

• Corrections are made promptly when supported by adequate information.
• Deletion or de-identification is carried out when the information is no longer needed and there is no legal duty to retain it. Certain records must be kept for minimum periods, for example under AML/CTF laws and for dispute resolution.

Security checks and payments

• By using Ricky casino, the user consents to security checks, identity verification, sanctions screening, and fraud monitoring.
• Payment information is processed by authorised payment service providers that may store necessary personal and financial details to complete transactions. The platform may retain tokens and limited identifiers such as the last four digits of a card for verification, reconciliation, and security.

The services are intended for persons aged 18 and over. The operator does not knowingly collect information from minors.

• Age is verified during onboarding or at any later time deemed necessary. The operator cannot confirm age without identity documents.
• If a parent or guardian believes a minor has provided personal information, they should contact support. Any related account will be reviewed, and information will be deleted or de-identified where permitted by law.
• Where required for legal compliance, limited records relating to the investigation may be retained.

Personal information may be transferred to and processed in countries outside Australia where service providers, data centres, payment processors, customer support, analytics, or fraud-prevention partners operate. By using the site and services, the user consents to this overseas processing.

The operator takes reasonable steps under APP 8 to ensure overseas recipients protect confidentiality and handle information in a manner consistent with the Australian Privacy Principles, including through contractual obligations, audits where appropriate, and technical safeguards such as encryption.

Any disclaimer in this policy clarifies or limits how specific rules operate. The disclaimer applies once the user accepts this policy by signing, clicking to accept, or otherwise acceding to it. If there is any inconsistency between this policy and other privacy notices on the site, this policy takes precedence to the extent of the inconsistency. Nothing in this policy limits rights or remedies available under Australian law.

Cookies are small files stored on a device by a browser. They help the websites and apps remember settings and understand how the services are used.

How cookies are used

• Statistics and analytics to understand usage and improve performance.
• Behaviour analysis to detect fraud and maintain security.
• Personalisation to remember preferences and provide relevant content.
• Site improvement and diagnostics to maintain reliable services.

Retention

• Most cookies are stored for up to 1 year. Some may expire sooner or when a session ends.

Control

• Users can manage cookies in browser settings and through available preference tools. Blocking some cookies may affect site functionality and certain services.

Use of the services constitutes full acceptance of this privacy policy. The current version published on the website prevails over any prior version. Continued use after changes are posted constitutes acceptance of the updated document. Users who do not agree should discontinue use of the services.

Personal information may be disclosed to third parties in the following situations:

• When required by law, regulation, court order, or a lawful request from a regulator or law enforcement agency.
• To resolve disputes, investigate misuse, or enforce agreements and policies.
• To payment processors, identity verification providers, cloud hosting, customer support, analytics, marketing services (where consent is given), and fraud-prevention partners to deliver the services.

Information about key third parties may be listed on the website or within relevant product areas. If a specific partner is not listed, the purpose and scope of disclosure will be explained where practicable at or before the time of sharing. Providing information and using the services constitutes consent to such disclosures. Each third party is responsible for its own privacy practices and users should review their privacy statements.

The services may include links to external websites or apps that are operated by others and have their own privacy policies. The operator is not responsible for how those sites collect, use, or disclose information. Users should review the privacy policies of any external sites visited and take care before providing personal information.