burger icon
Roo Casino Australia
Log In

Privacy Policy

This Privacy Policy explains how Roo Casino, as part of the Roo Casino project operated through the website betroo-au.com ("Roo Casino", "we", "us", "our"), collects, uses, discloses and protects personal information of players and website visitors ("you", "your"). It applies to all users who visit, register an account, participate in games, use our payment services, contact support, or otherwise interact with betroo-au.com.

We recognise the importance of privacy for Australian players and other users accessing our offshore gambling services. This Policy is designed with reference to the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), as well as international standards such as the EU General Data Protection Regulation (GDPR) and Mexican data protection law, where these frameworks are applicable to our processing.

By accessing or using betroo-au.com, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use and disclosure of your personal information as described here. If you do not agree, you should not use our services.

Effective date: 1 January 2026

Who We Are

Roo Casino is an online casino brand focused primarily on players located in Australia and operated through the website betroo-au.com. The service is provided from offshore jurisdictions and is not licensed by any Australian state or territory gambling regulator. The Australian Communications and Media Authority (ACMA) has, from time to time, requested that Australian internet service providers block access to domains associated with Roo Casino for alleged breaches of the Interactive Gambling Act 2001.

Operational activities are primarily based in Curaçao, with certain payment processing activities conducted from Cyprus and other offshore locations. The operator has historically referenced a Curaçao eGaming framework under Master Licence 365/JAZ, although the current status of that licence is subject to verification and may change over time.

Legal entity details

The offshore company that operates betroo-au.com (the "Operator") is responsible for your personal information. Because corporate, licensing and registry information may change, the Operator's current full legal name, registered office address and company registration number are:

  • published on the Terms and Conditions page; and/or
  • made available in your account area or upon written request through our support channels.

Those details form part of this Privacy Policy by reference. Where there is any inconsistency between this summary and the information in the Terms and Conditions, the latter will prevail.

Data Protection Contact / DPO

We have designated an internal person or team responsible for privacy and data protection matters ("Data Protection Officer" or "DPO"). You can contact our DPO or privacy team using the following channels:

  • Website: via the "Contact Us" or support section on https://betroo-au.com (select "Privacy/Data Protection" where available);
  • Live chat: 24/7 on-site live chat, requesting that your message be forwarded to the privacy team/DPO;
  • Postal: Data Protection Officer, Roo Casino (betroo-au.com), Curaçao (full correspondence address available on request via support).

We do not currently provide a dedicated public telephone number exclusively for privacy matters; however, any privacy-related complaint or query submitted via the channels above will be escalated to the DPO or an appropriately qualified member of our staff.

Nothing in this section constitutes an admission that we are subject to the jurisdiction of any particular regulator or court. References to specific jurisdictions are made in good faith for transparency and informational purposes.

What Personal Data We Collect

We collect only the information that is reasonably necessary for us to operate Roo Casino, provide gambling services via betroo-au.com and meet our legal and regulatory obligations. Categories of personal information we may collect include:

Identity and contact information

  • Full name, date of birth and proof of age;
  • Residential address and country of residence;
  • Email address and one or more contact telephone numbers;
  • Government-issued identification documents (e.g. passport, driver's licence) and photographs or selfies used for identity verification;
  • Copies of utility bills or bank statements used to verify your address.

Account and behavioural information

  • Username, account ID, passwords (stored in hashed form) and security questions;
  • Account settings and preferences (language, currency, marketing preferences);
  • Gameplay and betting history, including game sessions, stakes, wins/losses, RTP statistics and bonus usage;
  • Self-exclusion status, deposit limits, session limits and other responsible gambling settings;
  • Records of communications with us (live chat transcripts, support emails, complaints, and responses).

Payment and financial information

  • Details of deposit and withdrawal methods you use (e.g. bank transfer, card details in tokenised form, Neosurf voucher references, cryptocurrency wallet identifiers);
  • Transaction records (amounts, currencies, timestamps, payment channel, country of card or bank);
  • Information required by anti-money laundering (AML) and counter-terrorism financing rules, such as source-of-funds or source-of-wealth documentation.

Technical and usage information

  • IP address, country/region of connection, and approximate geolocation derived from IP;
  • Device identifiers, device type, operating system, browser type and version, screen resolution, language settings;
  • Log files (log-in and log-out events, failed logins, password reset attempts, changes in account details, payment actions);
  • Information about how you navigate the site (pages visited, clickstream data, time spent, link interactions).

Cookies and similar technologies

  • Session cookies that enable login, navigation and basic functionality;
  • Persistent cookies that remember preferences, keep you signed in or support fraud prevention;
  • Analytics cookies and similar technologies that help us understand performance and usage patterns;
  • Advertising or tracking cookies (only where permitted and subject to your consent) that may be set by Roo Casino or our advertising partners.

We may also use other tracking technologies (such as pixel tags, web beacons and device fingerprinting) for security, anti-fraud and analytics purposes, especially given our reliance on offshore payment processing and cryptocurrency.

Information from third parties

  • Information from payment processors, banks, Neosurf and cryptocurrency service providers relating to the success or failure of your transactions and compliance checks;
  • Data from identity verification, KYC/AML and fraud-prevention providers (e.g. verification results, sanctions and watchlist checks);
  • Information from affiliates and marketing partners regarding the campaigns, websites or adverts that referred you to betroo-au.com.

Legal Basis for Processing

Because Roo Casino operates from offshore locations but targets players in multiple jurisdictions, we rely on a combination of legal bases to process your personal information. Where GDPR, Mexican privacy law or equivalent frameworks apply, our primary legal grounds include:

Performance of a contract

  • To create, maintain and administer your betting account;
  • To verify your identity and age, and to ensure that you are allowed to use our services;
  • To process deposits, wagers, bonuses and withdrawals, including AML checks linked to those transactions;
  • To provide customer support and to resolve disputes relating to the services we offer.

Compliance with legal obligations

  • To comply with AML, counter-terrorism financing and other regulatory obligations in Curaçao and any other relevant jurisdiction;
  • To keep legally required records of KYC checks, transactions and responsible gambling interventions for specific retention periods;
  • To respond to lawful requests from regulators, courts, law enforcement or tax authorities, where we are required to do so.

Legitimate interests

  • To operate, secure and improve betroo-au.com and our gaming platform, including protecting the integrity of games and preventing fraud, bonus abuse and chargebacks;
  • To manage business risks associated with grey-market operation, offshore payment processing and potential blocking actions by regulators like ACMA;
  • To conduct internal analytics and reporting, monitor performance and optimise user experience;
  • To establish, exercise or defend legal claims.

Consent

  • To send you certain electronic marketing communications (e.g. promotional emails, SMS, push notifications), where consent is required under applicable law;
  • To deploy non-essential cookies and similar tracking technologies for advertising and advanced analytics, where required;
  • To process particular categories of data where local law requires your explicit consent.

Where we rely on consent, you may withdraw it at any time using the mechanisms described in this Policy. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal and may limit your ability to use some features or receive certain promotions.

Nothing in this Policy should be interpreted as a concession that any specific law (for example, GDPR, Mexican or Australian privacy law) applies to all of our processing. References to such laws indicate the standards we aim to meet where they are relevant.

Purpose of Processing

We use your personal information for clearly defined purposes, which include:

  • Providing and administering our services: Creating and managing your account, offering casino games, processing deposits and withdrawals, maintaining account balances, and providing support through live chat and other support channels.
  • Identity verification and legal compliance: Verifying your age and identity, performing KYC and AML checks, determining your eligibility to play, and complying with regulatory and record-keeping obligations.
  • Responsible gambling and player protection: Monitoring betting patterns for signs of problem gambling, applying self-exclusions, limits and time-outs, and recording interactions relating to responsible gambling.
  • Website operation and improvement: Operating, maintaining and optimising betroo-au.com, including diagnosing technical issues, testing new features and improving the performance and stability of our systems.
  • Analytics and business management: Analysing aggregated data about account activity, transactions and marketing campaigns to better understand our customer base, manage financial and regulatory risk, and refine our business strategy.
  • Marketing and personalisation: Subject to your preferences and applicable law, sending marketing communications, promotions and bonus offers, and tailoring content, recommendations and promotions to your profile and playing behaviour.
  • Security and fraud prevention: Detecting, investigating and preventing fraud, money laundering, bonus abuse, account takeover attempts and other suspicious or illegal activities.
  • Dispute resolution and legal purposes: Handling complaints, chargebacks and disputes, enforcing our Terms and Conditions, responding to requests from regulators and law enforcement, and defending our legal interests.

Disclosure & Sharing

We may disclose your personal information to selected third parties where it is necessary for the purposes described in this Privacy Policy, or where we are legally required to do so. We do not sell your personal information to third parties.

Service providers and partners

  • Payment processors and financial institutions: Banks, card schemes, Neosurf providers, cryptocurrency exchanges and payment gateways (including entities based in Cyprus, the EU/EEA and other jurisdictions) that process your deposits and withdrawals, perform fraud checks and support AML compliance.
  • Platform and game providers: Software suppliers who provide the gaming platform, game content, random number generation, and related technical infrastructure.
  • KYC, AML and fraud-prevention providers: Third-party vendors that verify identity documents, perform sanctions and watchlist checks, and assist with risk scoring and transaction monitoring.
  • IT, hosting and security providers: Companies supplying hosting, cloud infrastructure, content delivery, security monitoring and data backup services.
  • Analytics and marketing partners: Providers that help us analyse website usage and effectiveness of marketing campaigns, as well as affiliates and advertising networks that promote Roo Casino, but only in compliance with applicable cookie and marketing consent requirements.

Group companies and corporate transactions

  • Group entities, parent companies, subsidiaries and related corporate bodies involved in managing betroo-au.com or providing support functions (such as finance, compliance and customer service);
  • Third parties in connection with any actual or proposed merger, sale of assets, restructuring, financing, or acquisition involving our business, provided that appropriate confidentiality and data protection safeguards are in place.

Regulators, authorities and enforcement bodies

  • Regulators and licensing bodies in relevant jurisdictions (for example, Curaçao authorities or other gaming regulators) where required or permitted by law;
  • Law enforcement agencies, courts, dispute resolution bodies or tax authorities, where we are compelled to do so or where disclosure is reasonably necessary to enforce our rights, protect our operations, players or others, or to investigate suspected unlawful activity.

Affiliates and advertising networks

  • Affiliates and advertising partners who direct players to Roo Casino, to whom we may disclose limited information such as anonymised or aggregated performance metrics, referral identifiers and, where lawful, certain campaign-related data;
  • Where advertising cookies or similar technologies are used, data sharing with such partners is subject to your consent and your cookie preferences.

Whenever we share personal information with third parties, we require them to handle it securely, use it only for specified purposes and comply with applicable data protection requirements. Some recipients may be located in countries that do not offer the same level of protection as your home jurisdiction; in such cases, we take steps described in the "International Transfers" section below.

International Transfers

Because Roo Casino operates as an offshore online casino with a primary focus on Australian players, your personal information may be transferred to and processed in countries outside your country of residence, including locations that may have different or less protective data protection laws.

In particular, data may be processed or stored in:

  • Curaçao (primary operational and hosting location);
  • Cyprus and other European or non-European countries used for payment processing and back-office services;
  • Australia, in the sense that your access originates there, even though our servers are offshore;
  • Other jurisdictions where our service providers, affiliates, game providers or technical partners are located (which may include the EU/EEA, the United Kingdom, and other countries).

Where GDPR or similar laws apply to specific transfers, we use appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission or equivalent contractual protections;
  • Technical and organisational measures (encryption, access controls, data minimisation) to reduce privacy risks;
  • Risk assessments of the laws and practices in destination countries, and supplementary controls where needed.

By using betroo-au.com and providing us with your information, you acknowledge that your data may be transferred to and processed in countries outside your home jurisdiction. Where required by law, we will seek your explicit consent for such transfers. You have the right to contact us for further details about the safeguards that apply to international transfers of your data.

Please note that foreign authorities (including law enforcement and regulators in those countries) may be entitled to access your personal information under their local laws.

Data Retention

We retain your personal information only for as long as is reasonably necessary for the purposes described in this Privacy Policy, or as required by applicable laws and regulations (including AML and record-keeping requirements). Different categories of data may be kept for different periods:

  • Account and identification data: Generally retained for up to 5 years after your account is closed, to comply with AML obligations, resolve disputes and maintain records of our relationship. In some cases, this period may be extended where law or regulators require longer retention.
  • Transaction and payment data: Usually retained for 5 to 7 years from the date of the relevant transaction, to meet financial reporting, tax and AML record-keeping obligations.
  • Responsible gambling and self-exclusion records: Retained while your self-exclusion or limits are active and for a further period (typically up to 5 years after account closure) to ensure that restrictions are properly and consistently enforced.
  • Customer support and complaint records: Retained for the duration of your account and typically for up to 5 years thereafter, depending on the nature of the issue and any legal limitation periods.
  • Marketing data: Retained for as long as you remain subscribed and for up to 2 years after your last active interaction with us, unless you withdraw your consent or opt out earlier.
  • Technical logs and security data: Typically retained for 12 to 24 months, though specific logs may be kept longer where necessary to investigate or prevent fraud, security incidents or abuse.
  • Cookies: Stored on your device for periods ranging from the duration of your browser session to several months or years, depending on the type and purpose of each cookie (see the "Cookies & Tracking Technologies" section).

When personal information is no longer needed, we will take reasonable steps to de-identify or securely delete it. In certain situations, we may retain anonymised, aggregated data that cannot reasonably be linked back to you for statistical or analytical purposes.

Your Rights

Depending on your location and the laws that apply to our processing of your information, you may have various rights in relation to your personal data. We aim to respect these rights for all players, including those in Australia, the EU/EEA, the UK and Mexico, to the extent reasonably practicable and technically feasible.

Core data protection rights

  • Right of access: You can request confirmation of whether we process your personal information and obtain a copy of that information, together with details about how we use it.
  • Right to rectification: You can request correction of inaccurate or incomplete personal information (for example, updating address or contact details). In some cases, you may be able to update information directly within your account.
  • Right to erasure ("right to be forgotten"): You can ask us to delete your personal information in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected or where you withdraw consent. This right is subject to important exceptions, particularly where we must retain data to comply with AML or other legal obligations or to defend legal claims.
  • Right to restriction of processing: You may request that we limit the processing of your data (for example, while we verify its accuracy or assess an objection you have raised).
  • Right to object: Where we rely on legitimate interests to process your data, you can object and we will assess whether our interests are overridden by your rights. You can also object at any time to the use of your data for direct marketing, and we will stop such processing.
  • Right to data portability: Where technically feasible and required by law, you may request a machine-readable copy of certain information you have provided to us, or ask us to transmit it to another controller.
  • Right to withdraw consent: Where processing is based on your consent (for example, marketing communications or certain cookies), you may withdraw that consent at any time, without affecting the lawfulness of processing prior to withdrawal.
  • Rights related to automated decision-making: If we use automated processes that have significant effects on you (for example, certain fraud rules or affordability checks), you may have the right to request human review and to contest the decision.

Australian, EU/EEA and Mexican law alignment

  • Australia: Under the Australian Privacy Act and APPs, you generally have rights to access and correct personal information we hold about you. We will respond to such requests in a timely manner and may refuse access in limited circumstances allowed by law (for example, where providing access would unreasonably impact the privacy of others or prejudice law enforcement activities).
  • EU/EEA and UK (GDPR-style rights): If GDPR or equivalent laws apply to our processing of your data, the rights described above apply in full, subject to the specific conditions and limitations of those laws.
  • Mexico: Under the Mexican Federal Law on Protection of Personal Data Held by Private Parties and related regulations, Mexican data subjects may exercise rights of access, rectification, cancellation and opposition (known as ARCO rights). Where that law applies, we will handle ARCO requests in accordance with its requirements.

Exercising your rights

  • How to submit a request: Contact us via the support or "Contact Us" section on betroo-au.com and specify that your message concerns "Privacy/Data Protection" or "ARCO/GDPR rights". You may also request that a live chat agent escalate your request to the DPO.
  • Identity verification: We may request additional information to verify your identity (for example, confirming certain account details or asking for ID documentation) to protect you and other players.
  • Response timeframe: We aim to respond to your request within 30 days of receipt. In complex cases or where we receive numerous requests, this period may be extended by a further 30 days, in which case we will inform you of the extension and reasons.
  • Costs: We will handle your request free of charge, unless it is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act on the request, as permitted by law.

Some rights may be limited, for example where fulfilling your request would reveal personal information about another individual, compromise security measures, affect ongoing investigations or conflict with legal obligations (such as AML record-keeping). If we decline all or part of your request, we will explain why, unless we are legally prevented from doing so.

Cookies & Tracking Technologies

We use cookies and similar technologies on betroo-au.com to ensure the site functions correctly, to enhance your experience, to perform analytics and, where permitted, to support marketing activities. Cookies are small text files stored on your device when you visit our website.

Types of cookies we use

  • Strictly necessary (session) cookies: These are essential for the operation of the website and the online casino platform. They enable functions such as login, account management, placing bets, maintaining your session and securing transactions. They are usually deleted when you close your browser.
  • Functional (persistent) cookies: These remember your preferences and settings (such as language, region, or previously used devices) and may persist for a defined period after your session ends.
  • Analytics cookies: These cookies, which may be set by us or third-party analytics providers, collect aggregated information about how visitors use betroo-au.com (e.g. pages visited, time spent, error messages). This helps us understand performance, detect technical issues and improve our services.
  • Advertising and tracking cookies: Where allowed by law and your preferences, we and our advertising partners may use cookies and similar technologies to deliver personalised promotions, track the effectiveness of campaigns and prevent misuse of bonus offers. These may track your activity across websites.

Managing cookies and preferences

  • Browser settings: You can usually configure your web browser to block or delete cookies, or to alert you when cookies are being set. Please note that blocking strictly necessary cookies may affect the functionality of the site and your ability to use your account.
  • On-site controls: Where available, you can use our cookie banner or settings panel on betroo-au.com to manage your preferences for non-essential cookies (such as analytics or advertising cookies).
  • Withdrawal of consent: If you previously consented to certain cookies, you can withdraw that consent at any time by adjusting your settings as described above. This will not affect the lawfulness of processing prior to withdrawal.

We may use other technologies with similar purposes to cookies, such as pixels or device fingerprinting, primarily for security, anti-fraud and analytics. These technologies are subject to the same controls and principles as cookies, where applicable.

Data Security

We take the security of your personal information seriously, particularly in the context of offshore online gambling and cross-border payment processing. We use a combination of technical, organisational and physical safeguards designed to protect your data from unauthorised access, misuse, loss, alteration or disclosure.

Technical security measures

  • Encryption in transit: Data transmitted between your browser and betroo-au.com is protected using industry-standard Transport Layer Security (TLS) protocols (TLS 1.2 or higher), helping to prevent interception or tampering.
  • Encryption at rest: Where appropriate, sensitive information (such as passwords and certain payment-related data) is stored using strong encryption or hashing algorithms.
  • Access controls: Access to systems and databases containing personal information is restricted to authorised personnel only, based on role and the "need-to-know" principle, with authentication and logging mechanisms.
  • Network and infrastructure security: Use of firewalls, intrusion detection/prevention systems, anti-malware tools and other security technologies to protect our infrastructure and detect suspicious activity.

Organisational and procedural measures

  • Policies and training: Staff members with access to personal information receive training on data protection, confidentiality and information security, and are subject to internal policies and contractual confidentiality obligations.
  • Vendor management: We require service providers who handle personal information on our behalf to implement appropriate security measures and to process data only according to our instructions.
  • Regular reviews: Security measures, internal controls and procedures are reviewed periodically and after significant changes to our systems or risk profile.

Incident response and breach notification

  • We maintain procedures for identifying, responding to and managing actual or suspected data breaches, including containment, investigation, remediation and documentation of incidents.
  • Where required by law, we will notify relevant authorities (such as data protection regulators) and, where appropriate, affected individuals without undue delay, taking into account the nature of the breach and the risk posed to individuals.

We aim to align our security practices with recognised international standards (such as ISO 27001 and SOC 2) where reasonably feasible for our size and risk profile, although this should not be interpreted as a formal certification claim. Despite our efforts, no system or transmission over the internet can be guaranteed to be completely secure. You also play an important role in keeping your account safe by maintaining the confidentiality of your login details and using unique, strong passwords.

Complaints & Contacts

We are committed to resolving privacy concerns in a fair and timely manner. If you have questions, concerns or complaints about how we handle your personal information, you should contact us in the first instance so we can attempt to resolve the issue directly.

How to contact us

  • Support / Contact Us: Submit a request via the support or "Contact Us" pages on https://betroo-au.com, selecting a privacy-related category where available.
  • Live chat: Contact our 24/7 live chat and state that your query is about privacy or data protection. The agent will escalate your request to the appropriate team or the DPO.
  • Postal contact: Data Protection Officer, Roo Casino (betroo-au.com), Curaçao. For the most current correspondence address, please refer to our Terms and Conditions or request the details from support.

Internal complaint handling

  1. Initial review: We will acknowledge your complaint or request as soon as reasonably practicable, typically within a few business days.
  2. Investigation: Your complaint will be reviewed by our privacy team or DPO, who may request additional information where necessary to understand and resolve the issue.
  3. Response: We aim to provide a substantive response within 30 days of receiving all relevant information. In more complex cases, we may need additional time, in which case we will inform you of the delay and expected timeframe.
  4. Outcome: We will explain the outcome of our investigation and any steps we propose to take (for example, correcting data, updating settings, or improving processes).

Escalation to supervisory authorities

If you are not satisfied with our response, or if you believe we have not handled your personal information in accordance with applicable law, you may have the right to lodge a complaint with a competent data protection authority.

  • Australia (where applicable):
    Office of the Australian Information Commissioner (OAIC)
    Website: https://www.oaic.gov.au
    Phone (within Australia): 1300 363 992
  • European Union / EEA (where GDPR applies):
    You can contact your local data protection authority. A list of EU/EEA supervisory authorities is available from the European Data Protection Board (EDPB):
    https://edpb.europa.eu/about-edpb/about-edpb/members_en
  • Mexico (where Mexican privacy law applies):
    Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI)
    Website: https://www.inai.org.mx
    Phone: +52 55 5004 2400
    Address: Insurgentes Sur 3211, Insurgentes Cuicuilco, C.P. 04530, Ciudad de México, Mexico.

Which authority is appropriate will depend on your place of residence and the specific circumstances of the processing. You may also have rights to bring a claim before a competent court in certain jurisdictions.

Updates

We may update this Privacy Policy from time to time to reflect changes in our operations, legal or regulatory developments, technological changes, or improvements in how we communicate with you. Any new version will be posted on https://betroo-au.com and will include a "Last updated" date.

How we notify you of changes

  • Website notice: We will publish the updated Privacy Policy on betroo-au.com, and may display a banner or pop-up notice drawing your attention to significant changes.
  • Email notifications: Where appropriate and where we have your email address, we may send you an email explaining material changes to this Policy.
  • Account notifications: We may also notify you via in-account messages or dashboard alerts the next time you log in after a change takes effect.

Advance notice and your options

  • For changes that materially affect your rights or the way we process your personal information, we will provide, where practicable, at least 30 days' advance notice before the changes take effect.
  • During this notice period, you may choose to close your account and cease using our services if you do not agree with the updated Policy. We will continue to handle your previously collected data in accordance with the Policy in force at the time of collection, to the extent required by law.
  • Your continued use of betroo-au.com after the effective date of any updated Privacy Policy will be deemed acceptance of the revised terms, except where applicable law requires your explicit consent.

Last updated: January 2026

This Privacy Policy applies specifically to the Roo Casino project operated via betroo-au.com and should be read together with our Terms and Conditions and any game- or promotion-specific rules published on the website.