Privacy Policy

Popmolly Online Casino – Privacy Policy for Australian Users

Effective Date and Scope

This Privacy Policy governs the collection, use, storage, sharing, and protection of personal data by Popmolly, an online casino brand operated under a licence issued by the Government of Curaçao. This policy applies to all users who access or register on the Popmolly platform from Australia, including residents and temporary visitors who engage with our services through any digital channel, including web browsers and mobile applications. By accessing the Popmolly platform, creating an account, or engaging with any of our services, you acknowledge that you have read, understood, and agreed to the terms set out in this Privacy Policy. Popmolly is committed to handling your personal data responsibly and in compliance with applicable Australian data protection legislation, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained within that Act, as well as the obligations arising from our Curaçao gaming licence.

1. Who We Are

Popmolly is an online casino platform licensed and regulated under the jurisdiction of Curaçao. Our platform offers a range of iGaming services including but not limited to online pokie games, live dealer casino games, table games, and other interactive gambling entertainment. As a licensed operator, we are subject to regulatory obligations that require us to collect, process, and retain certain categories of personal data for operational, legal, and compliance purposes. Popmolly acts as the data controller in respect of all personal information collected through the platform. All data processing activities conducted by Popmolly are carried out in accordance with applicable law and the principles of data minimisation, purpose limitation, and lawful processing.

2. Data We Collect

Popmolly collects personal data from users through several channels and at various stages of the user journey. The categories of data we collect include the following:

• Registration data, including full legal name, date of birth, residential address, nationality, email address, and telephone number provided during account creation
• Identity verification documents such as government-issued identification, passport copies, utility bills, and other documentation required for Know Your Customer procedures
• Payment details including bank account numbers, credit and debit card information, e-wallet identifiers, and transaction histories associated with deposits and withdrawals
• Financial records including the source of funds declarations and supporting documents required for Anti-Money Laundering compliance
• Technical data such as IP addresses, device identifiers, browser type and version, operating system, session duration, and clickstream data collected automatically when you use our platform
• Cookie data and similar tracking technologies that record your preferences, browsing behaviour, and interaction patterns on the Popmolly website
• Communications data including the content of any correspondence you send to our customer support team via email, live chat, or any other communication channel
• Responsible gambling data including self-exclusion requests, deposit limit preferences, and any other information you provide in connection with safer gambling features

We collect this data directly from you at registration, during ongoing account use, through automated technical systems, and from third-party verification and compliance service providers.

3. How We Use Your Data

Popmolly processes personal data for the following lawful purposes:

• Account management, including creating and maintaining your player account, processing your gaming activity, and providing access to platform features and services
• Identity verification and Know Your Customer procedures, which are mandatory obligations under our Curaçao gaming licence and applicable anti-money laundering frameworks
• Anti-Money Laundering compliance, including monitoring transactions for suspicious activity, conducting source of funds checks, and fulfilling reporting obligations to relevant regulatory and law enforcement authorities
• Anti-fraud detection and prevention, including the use of automated systems to identify irregular account behaviour, suspicious betting patterns, and potential misuse of payment instruments
• Payment processing, including facilitating deposits and withdrawals through our approved payment service providers and maintaining accurate financial records
• Marketing communications, where you have provided consent or where we have a legitimate interest in informing you about promotions, bonuses, new games, and other relevant updates from Popmolly
• Platform analytics and performance improvement, including the use of aggregated and anonymised data to understand how users interact with our services and to improve the user experience
• Responsible gambling compliance, including monitoring player behaviour for signs of problem gambling and facilitating access to self-exclusion tools and third-party support resources
• Legal compliance, including meeting our obligations under applicable Australian law, responding to lawful requests from regulatory authorities, and defending legal claims

4. Legal Basis for Processing

Popmolly relies on the following legal bases for processing your personal data. Where processing is necessary for the performance of a contract, such as providing gaming services under our terms and conditions, we rely on contractual necessity. Where we are required by law to process your data, such as for AML and KYC compliance, we rely on legal obligation. Where you have given us your explicit consent, such as for receiving marketing communications, we rely on consent, which you may withdraw at any time. Where we have a legitimate interest in processing your data that is not overridden by your fundamental rights and freedoms, such as for fraud prevention and platform security, we rely on legitimate interests.

5. Data Sharing and Disclosure

Popmolly does not sell your personal data to third parties. However, we may share your personal data with the following categories of recipients in the circumstances described:

• Payment service providers and financial institutions that process deposits and withdrawals on your behalf, who are contractually obligated to handle your data securely and in compliance with applicable law
• Identity verification and KYC service providers who assist us in confirming the identity of our users and conducting background checks as required by our regulatory obligations
• Anti-fraud and risk management service providers who assist in detecting and preventing fraudulent activity on our platform
• Regulatory authorities, including the Curaçao Gaming Control Board and any other competent authority, where we are required by law or licence conditions to disclose information about users
• Australian law enforcement agencies and government bodies where we receive a lawful request or are obligated to report suspicious activity under applicable anti-money laundering legislation
• Legal advisers and professional consultants where disclosure is necessary for the purpose of obtaining legal advice or defending legal proceedings
• Technology and infrastructure service providers, including cloud hosting providers and cybersecurity firms, who process data on our behalf under strict data processing agreements

All third parties with whom we share personal data are required to implement appropriate technical and organisational security measures and to process data only in accordance with our instructions and applicable law.

6. Data Retention

Popmolly retains personal data only for as long as is necessary to fulfil the purposes for which it was collected. Account data is generally retained for the duration of your account and for a period of at least five years following account closure, in accordance with AML and regulatory requirements. Financial transaction records are retained for a minimum of seven years to comply with Australian financial record-keeping obligations. Technical logs and cookie data are retained for shorter periods as required for security and analytical purposes. Where data is no longer required, it is securely deleted or anonymised in accordance with our internal data retention procedures.

7. Cookie Policy

Popmolly uses cookies and similar tracking technologies to operate and improve the platform. The following categories of cookies are used:

• Essential cookies, which are strictly necessary for the operation of the platform, including session management, login authentication, and security functions. These cookies cannot be disabled without affecting the functionality of the website.
• Analytical cookies, which collect information about how users interact with the platform, including pages visited, time spent on site, and navigation paths. This data is used in aggregated form to improve platform performance and user experience.
• Preference cookies, which store user settings and preferences to personalise the experience on subsequent visits.
• Marketing cookies, which may be used to deliver relevant promotional content based on your browsing behaviour, subject to your consent where required by applicable law.

You may manage your cookie preferences through the cookie settings tool available on our website. Please note that disabling certain categories of cookies may affect the functionality of the platform.

8. Your Rights

As a user of the Popmolly platform and a data subject under applicable privacy law, you have the following rights in relation to your personal data:

• The right to access the personal data we hold about you and to receive a copy of that data upon request
• The right to request the correction of inaccurate or incomplete personal data
• The right to request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to our legal retention obligations
• The right to restrict the processing of your personal data in certain circumstances, such as where you contest the accuracy of the data or object to its processing
• The right to object to the processing of your personal data where we rely on legitimate interests as the legal basis for processing
• The right to withdraw consent for marketing communications at any time without affecting the lawfulness of processing carried out prior to withdrawal
• The right to lodge a complaint with the Office of the Australian Information Commissioner if you believe that your privacy rights have been infringed

To exercise any of the above rights, please contact our data protection team using the contact details available on the Popmolly website.

9. Data Security

Popmolly implements industry-standard technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, and destruction. These measures include encryption of data in transit and at rest, access controls and authentication protocols, regular security audits and vulnerability assessments, and staff training on data protection obligations. While we take all reasonable steps to protect your data, no method of electronic transmission or storage is entirely secure, and we cannot guarantee absolute security.

10. Responsible Gambling and Data Processing

As part of our commitment to responsible gambling, Popmolly processes certain personal data to identify and support players who may be experiencing gambling-related harm. This includes monitoring account activity for patterns indicative of problem gambling, facilitating self-exclusion requests, and maintaining records of responsible gambling interactions. This processing is carried out in accordance with our regulatory obligations under the Curaçao gaming licence and in the interests of player welfare. Data processed in this context is handled with the highest degree of sensitivity and confidentiality.

11. Changes to This Policy

Popmolly reserves the right to update or amend this Privacy Policy at any time to reflect changes in applicable law, regulatory requirements, or our data processing practices. Where material changes are made, we will notify registered users through the email address associated with their account or through a prominent notice on the platform. Continued use of the Popmolly platform following notification of changes constitutes acceptance of the updated policy. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

12. Contact Information

If you have any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data, please contact the Popmolly data protection team through the official contact channels provided on our website. We aim to respond to all data-related enquiries within a reasonable timeframe and in accordance with our obligations under applicable law.