burger icon
Zoome Casino Australia
Log In

Privacy Policy

This Privacy Policy explains how Zoome Casino, operating the Australian-facing website zoomebet-au.com as part of the Zoome Casino project (the "Site", "we", "us", "our"), collects, uses, discloses and protects your personal information. It applies to players, account holders, affiliates, and any other visitors who access or use the Site or contact us in relation to our services.

This Privacy Policy is particularly relevant to users located in Australia, but it also describes how we handle personal data in line with international standards, including (where applicable) the EU General Data Protection Regulation ("GDPR") and Mexican data protection law. By using the Site, you acknowledge that you have read and understood this Privacy Policy.

By registering an account, using our games or services, or otherwise interacting with zoomebet-au.com, you consent to our handling of your personal information as described here, to the extent that such consent is required under applicable law. If you do not agree with this Privacy Policy, you should not use the Site or our services.

Effective date: 06 February 2026

Who We Are

Operator / Data Controller

The Site is operated by:

  • Dama N.V., a company incorporated under the laws of Curaçao, with registered address at Scharlooweg 39, Willemstad, Curaçao, company registration number 152125. Dama N.V. is the operator of Zoome Casino and is responsible for the processing of your personal data in the context of zoomebet-au.com.

Payment Agent / Processor

  • Friolion Limited, a company incorporated under the laws of Cyprus, with registered address at Leandrou, 12A, 3086, Limassol, Cyprus, company registration number HE 419102, acts as a payment processing subsidiary and payment agent for Dama N.V. in connection with Zoome Casino.

Licensing Information

  • Dama N.V. is licensed and regulated for online gambling operations under Curaçao law by Antillephone N.V. under e-gaming license number 8048/JAZ2020-013, authorised by the Government of Curaçao. This licence covers the Zoome Casino brand, including its Australian-facing operations via zoomebet-au.com.

Zoome Casino is an offshore online casino and is not licensed by Australian federal or state regulators. Nothing in this Privacy Policy should be understood as implying that we are regulated by the Australian Communications and Media Authority (ACMA) or any Australian gambling regulator.

Contact for Privacy Matters

For any questions, requests, or complaints concerning this Privacy Policy or our handling of your personal information, you can contact us using the contact channels provided on the Site (such as live chat or the support/contact section). Please indicate that your request is "privacy-related" or "attention: data protection". Where we are required by law (for example under GDPR or Mexican data protection law) to designate a data protection contact, Dama N.V. acts as the responsible data controller and will handle your request through its privacy function.

What Personal Data We Collect

We collect and process various categories of personal information in connection with your use of zoomebet-au.com and our gambling services.

Identification and Contact Data

  • Basic identification details: full name, username, date of birth, gender (if provided), nationality, and other information required to verify that you are of legal age and eligible to use our services.
  • Contact details: email address, residential address, country of residence, mobile phone number, and other contact information you choose to provide.

Verification (KYC/AML) Data

  • Identity verification documents: copies or data extracted from passports, national identity cards, driving licences, or other government-issued IDs.
  • Address verification documents: utility bills, bank statements, or other official documents showing your address.
  • Source of funds / source of wealth information: where required under anti-money laundering ("AML") or counter-terrorism financing ("CTF") rules or our internal risk controls.

Account and Gameplay Data

  • Account information: account ID, registration date, account status, authentication credentials (stored in protected, hashed form), language preferences, communication preferences.
  • Gameplay and behavioural data: betting history, games played, session duration, wins and losses, bonuses used, wagering patterns, device usage patterns, responsible gambling indicators (such as self-exclusions, deposit limits, cooling-off periods) and interactions with our support team relating to gambling behaviour.

Payment and Financial Data

  • Payment details: limited card information (card type, masked card number, expiry date), e-wallet details, bank account identifiers, and transaction identifiers, as required to process deposits and withdrawals.
  • Transaction history: amounts deposited and withdrawn, currencies used (including AUD and, where applicable, supported cryptocurrencies), timestamps, payment methods, and related payment confirmations.
  • Cryptocurrency data: wallet addresses and transaction hashes when you transact using cryptocurrencies, to the extent necessary for processing and AML/CTF monitoring.

Technical and Usage Data

  • Technical identifiers: IP address, device identifiers, browser type and version, operating system, time zone setting, language settings, and similar technical information.
  • Log and interaction data: server logs, pages visited, clicks, referral URLs, login timestamps, approximate geolocation inferred from your IP address, and patterns of usage.

Marketing and Communications Data

  • Marketing preferences: your choices regarding receiving promotional emails, SMS, push notifications, and in-account messages.
  • Communications records: copies of emails, chat transcripts, call notes (if applicable), and records of complaints or requests.

Cookies and Similar Technologies

  • Cookies: small text files stored on your device that allow us to recognise your browser, maintain your session, and personalise your experience.
  • Similar technologies: web beacons, pixels, local storage, SDKs and similar tools used for analytics, security, and marketing optimisation.

We generally collect personal data directly from you (for example through registration forms, KYC uploads, or interactions with support). We may also receive certain information from third parties, such as payment providers, fraud-prevention agencies, or marketing affiliates, where permitted by law.

Legal Basis for Processing

We process your personal data only where we have a valid legal basis under applicable law. Because we serve users in multiple jurisdictions (including Australia, the European Economic Area, and Mexico), the relevant legal basis may differ depending on where you are located and the specific context of processing.

Performance of a Contract

  • Account creation and management: we must process your identification, contact, account, and gameplay data to register you as a player, provide access to games, manage your account, and provide customer support.
  • Payments and withdrawals: we use your payment and financial data to process deposits, execute withdrawals, manage balances, and verify transaction legitimacy.

Compliance with Legal Obligations

  • KYC and AML/CTF obligations: as a Curaçao-licensed casino, we are required to verify your identity, monitor transactions, and report certain activities to relevant authorities to combat money laundering and terrorist financing.
  • Responsible gambling and age verification: to ensure that only persons of legal age gamble and to comply with responsible gambling requirements.
  • Accounting, tax and regulatory reporting: retention and disclosure of certain transaction records as required by applicable law.

Legitimate Interests

  • Service improvement and analytics: analysing gameplay and usage data to improve our services, enhance user experience, and develop new features.
  • Security and fraud prevention: preventing unauthorised access, detecting suspicious activity, protecting the integrity of our systems, and safeguarding our users.
  • Defence of legal claims: retaining and using relevant records where reasonably necessary to establish, exercise, or defend legal claims or to manage disputes.

Consent

  • Direct marketing: sending you promotional emails, SMS, or push notifications, where consent is required under applicable law. You may withdraw your consent at any time via the settings in your account or by using the unsubscribe mechanisms provided.
  • Certain cookies and tracking technologies: especially those used for advertising or non-essential analytics, where required by law.

Other Legal Bases (GDPR and Mexican Law)

  • Where the GDPR applies to your data (for example, if you are in the EEA), we rely on the legal bases set out in Articles 6 and 9 GDPR, including explicit consent where needed for processing special categories of data or for specific purposes.
  • Where Mexican privacy law applies (including the Federal Law on Protection of Personal Data Held by Private Parties and its regulations), we process your data on the basis of your consent, the necessity of processing to comply with legal obligations, and other lawful grounds recognised under Mexican law.

Purpose of Processing

We use your personal data for the following purposes:

Provision of Casino and Related Services

  • Operating your account: creating and maintaining your player account, enabling logins, managing credentials, and providing customer support.
  • Enabling gameplay: providing access to casino games, processing bets, calculating wins and losses, and crediting winnings to your account.
  • Processing payments: handling deposits and withdrawals through various payment methods, including AUD and supported cryptocurrencies.

Compliance and Risk Management

  • Identity verification: confirming your identity, age, and residence through KYC checks.
  • AML/CTF monitoring: monitoring transactions and behaviours for suspicious patterns and fulfilling reporting obligations where required by law.
  • Responsible gambling: enforcing self-exclusion, deposit limits, cooling-off periods and other responsible gambling measures.

Service Improvement and Analytics

  • Usage analysis: evaluating gameplay, traffic patterns, and technical performance to improve site stability, game offerings, and user experience.
  • Product development: using aggregated and pseudonymised data to develop new features, optimised bonuses, and tailored content.

Marketing and Personalisation

  • Promotional communications: sending newsletters, bonus offers, promotions, and other marketing messages, in line with your preferences and applicable law.
  • Personalised content: tailoring game recommendations, bonuses, and promotional content based on your gameplay and interactions.

Security, Fraud Prevention and Legal Protection

  • Security monitoring: protecting our systems and users against unauthorised access, cyberattacks, and abuse.
  • Fraud prevention: identifying and preventing fraudulent transactions, bonus abuse, account takeover, and other unlawful activities.
  • Legal compliance and defence: complying with legal requests, enforcing our Terms and Conditions, and handling disputes or claims.

Disclosure & Sharing

We do not sell your personal data. We may share your personal data with the following categories of recipients, strictly on a need-to-know basis and subject to appropriate safeguards:

Group Companies and Business Partners

  • Group entities: Dama N.V. and its subsidiaries, including Friolion Limited, for internal administrative, payment processing, compliance, and support purposes.
  • Game providers: third-party software providers that supply games and platforms (for example, for the purposes of running games, calculating outcomes, and maintaining game integrity).

Service Providers and Processors

  • Payment service providers and banks: to process deposits and withdrawals, perform fraud checks, and comply with financial regulations.
  • IT and hosting providers: data centres, hosting companies, cloud service providers, and technical support vendors that host our systems and data.
  • Analytics and marketing service providers: to perform usage analytics, deliver marketing campaigns, and measure their effectiveness, where permitted by law and, where required, with your consent.
  • Identity verification and fraud prevention agencies: to conduct KYC checks, validate identity documents, and detect suspicious behaviour.

Regulators, Authorities and Dispute Bodies

  • Regulatory and law enforcement authorities: competent authorities in Curaçao and other jurisdictions, courts, police or other public bodies, where we are legally required to disclose information or where such disclosure is necessary to protect our rights or the rights of others.
  • Alternative dispute resolution bodies: where we participate in or are required to co-operate with dispute resolution schemes.

Affiliates and Advertising Networks

  • Marketing affiliates: we may share limited data (such as account IDs, country, and aggregated performance data) with marketing affiliates to calculate commissions and evaluate campaign performance.
  • Advertising networks and platforms: in some cases, we may use advertising partners to display personalised or targeted ads. Where required by law, we will obtain your consent for such processing and sharing.

Corporate Transactions

  • In the event of a merger, acquisition, restructuring, or sale of assets involving Zoome Casino or Dama N.V., your data may be disclosed to potential or actual purchasers, advisers, or other relevant parties, subject to confidentiality obligations and applicable law.

International Transfers

As an offshore online casino operator, we work with partners and infrastructure located in multiple countries. This means that your personal data may be transferred to, and processed in, countries outside your own, including:

  • Curaçao: where Dama N.V. is incorporated and licensed.
  • Cyprus: where Friolion Limited, our payment processing subsidiary, is located.
  • Other EEA or non-EEA countries: where our hosting providers, IT service providers, game providers, or payment partners operate (which may include countries such as EU Member States, the United Kingdom, or the United States).

These countries may have different data protection laws from those in your jurisdiction. Where required by law (for example, under the GDPR or Mexican privacy law), we implement appropriate safeguards to protect your personal data when it is transferred internationally, such as:

  • entering into Standard Contractual Clauses (SCCs) or other approved contractual safeguards with our service providers and partners;
  • ensuring that recipients are subject to adequate data protection obligations and security requirements;
  • limiting access to personal data to persons with a legitimate need to know.

By using zoomebet-au.com, you understand that your data may be processed in Curaçao, Cyprus and other countries in which our partners operate. Where required by applicable law, we will request your explicit consent to such transfers and provide additional information on the safeguards applied.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements, and to defend or assert legal claims. Retention periods may vary depending on the category of data and applicable law.

Indicative Retention Periods

  • Account and identification data: generally retained for the duration of your account and for a period of up to 5 years after account closure, or longer if required by AML/CTF, gambling, tax, or other applicable laws.
  • KYC/verification documents: typically retained for 5 - 7 years after the end of the business relationship or the date of the last transaction, in line with AML/CTF obligations.
  • Transaction and financial data: retained for at least 5 years from the date of the relevant transaction, or longer where required by financial or tax regulations.
  • Gameplay and behavioural data: kept for the duration of the account and for a further period necessary for dispute handling, fraud prevention, and legal defence (usually up to 5 years after account closure), after which it may be anonymised or aggregated.
  • Marketing and communications data: retained for as long as you remain subscribed to marketing communications and for a short period afterwards to record your opt-out. Records of complaints and customer support interactions are generally retained for 3 - 5 years, depending on the nature of the issue.
  • Technical logs: server logs and security-related logs are usually retained for up to 12 - 24 months, unless longer retention is required for security investigations or legal proceedings.

Deletion and Anonymisation

  • When personal data is no longer required for the purposes described in this Privacy Policy and is no longer needed to comply with legal obligations or to protect our legitimate interests, we will either delete it securely or irreversibly anonymise it.
  • If you request deletion of your data, we will comply where feasible and lawful, but may need to retain certain information (for example, transaction records or KYC data) for legal or regulatory reasons.

Your Rights

Your rights in relation to your personal data depend on the laws that apply to you (for example, Australian privacy law, the GDPR for EEA users, or Mexican privacy law). We endeavour to respect and facilitate your rights in a consistent manner, as described below.

Access and Rectification

  • Right of access: you may request confirmation of whether we process your personal data and, where we do, obtain a copy of your data and information about how we process it.
  • Right to rectification: you may request correction of inaccurate personal data and completion of incomplete data. In many cases, you can update your details directly in your account.

Erasure and Restriction

  • Right to erasure ("right to be forgotten"): you may request deletion of your personal data where, for example, it is no longer necessary for the purposes for which it was collected, you have withdrawn consent, or you believe we processed it unlawfully. We may be unable to delete data that we must retain to comply with legal obligations (such as AML/CTF laws) or to defend legal claims.
  • Right to restriction: you may request that we restrict the processing of your data in certain circumstances (for example, while we verify its accuracy or assess an objection you have raised).

Objection and Marketing Preferences

  • Right to object: where we process your data on the basis of our legitimate interests, you may object to such processing. We will evaluate your request and stop processing unless we have compelling legitimate grounds to continue or the processing is necessary for legal claims.
  • Marketing opt-out: you may opt out of direct marketing at any time by:
    • using the unsubscribe link in promotional emails;
    • changing your marketing preferences in your account (where available); or
    • contacting us via the support channels indicated on the Site.

Data Portability

  • Where the GDPR or comparable regulations (such as certain Mexican rules) apply, you may request a machine-readable copy of certain personal data that you have provided to us and that we process by automated means on the basis of your consent or a contract, and you may ask us to transmit that data to another controller where technically feasible.

Withdrawal of Consent

  • Where we rely on your consent (for example, for certain marketing activities or optional cookies), you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal, nor processing based on other legal grounds.

Rights under Australian and Mexican Law

  • Australia: under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), you have rights to access and correct personal information we hold about you, and to lodge complaints about our handling of your information. We will respond to access and correction requests within a reasonable period and in the manner requested where practicable.
  • Mexico: if Mexican privacy law applies to you (including the Federal Law on Protection of Personal Data Held by Private Parties and its regulations), you may have ARCO rights (Access, Rectification, Cancellation, Opposition) and other rights outlined in that framework. We will handle such requests in line with applicable Mexican regulations.

How to Exercise Your Rights

  • You can exercise your rights by contacting us through the privacy/support contact channels indicated on zoomebet-au.com and clearly stating:
    • your identity (we may request additional information to verify you);
    • the right(s) you wish to exercise; and
    • any relevant details (for example, dates, account IDs, or data categories).
  • We aim to respond to your request within 30 days of receipt, or within any shorter period required by applicable law. If we need more time due to complexity or volume, we will inform you.
  • We will not charge you for exercising your rights, unless your request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or decline to act, as permitted by law.

Cookies & Tracking Technologies

We use cookies and similar technologies on zoomebet-au.com to ensure the proper functioning of the Site, enhance user experience, perform analytics, and support marketing activities.

Types of Cookies We Use

  • Strictly necessary (functional) cookies: essential for the operation of the Site and to enable you to log in, manage your account, place bets, and navigate pages. The Site cannot function properly without these cookies.
  • Preference cookies: used to remember your settings and preferences, such as language, region, and display options.
  • Analytics and performance cookies: help us understand how visitors use the Site, which pages are most popular, and how the Site performs. This allows us to improve functionality and user experience. These may be first-party or third-party cookies.
  • Advertising and targeting cookies: used (where applicable and permitted by law) to deliver relevant advertisements and measure the effectiveness of our marketing campaigns. These cookies may be set by us or by third-party advertising partners.

Session, Persistent and Third-Party Cookies

  • Session cookies: temporary cookies that expire when you close your browser or log out. They are used, for example, to maintain your login session.
  • Persistent cookies: remain on your device for a defined period or until you delete them, and help us recognise you when you return to the Site.
  • Third-party cookies: placed by third-party service providers (such as analytics or advertising partners) to deliver their services on or through our Site.

Managing Cookies

  • You can control and manage cookies through your browser settings. Most browsers allow you to:
    • view which cookies are stored on your device;
    • delete cookies;
    • block cookies from all or selected websites; and
    • configure your browser to notify you when a cookie is set.
  • Blocking or deleting cookies may affect your ability to use certain features of the Site, including login and gameplay.
  • Where required by law, we will ask for your consent before placing non-essential cookies (for example, certain analytics or advertising cookies) and will provide you with a mechanism to withdraw your consent.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

Technical Measures

  • Encryption in transit: data transmitted between your browser and our servers is protected using industry-standard Transport Layer Security (TLS 1.2+) or equivalent encryption protocols.
  • Encryption at rest: sensitive data (including authentication credentials and certain financial information) is stored using strong encryption or hashing algorithms, with strict key management practices.
  • Access control: access to personal data is restricted to authorised personnel on a need-to-know basis, enforced by authentication mechanisms, access control lists, and multi-factor authentication where appropriate.
  • Network and system security: we use firewalls, intrusion detection/prevention systems, anti-malware tools, and regular patch management to protect our infrastructure.

Organisational Measures

  • Policies and procedures: internal policies govern data handling, access, retention, and incident response, and are reviewed periodically.
  • Staff training: employees and contractors with access to personal data receive periodic training on information security and data protection obligations.
  • Vendor due diligence: we seek to engage service providers that implement appropriate security measures and, where possible, maintain recognised security certifications (such as ISO 27001 or SOC 2) or equivalent controls.

Monitoring and Incident Response

  • Monitoring and audits: we perform internal checks and, where appropriate, external audits or assessments to evaluate the effectiveness of our security controls.
  • Incident response: we maintain procedures to detect, respond to, and mitigate security incidents. Where required by law, we will notify relevant authorities and affected individuals of certain data breaches without undue delay.

Despite our efforts, no system can be guaranteed to be 100% secure. You are responsible for keeping your login credentials confidential, choosing a strong password, and logging out of your account when finished. If you suspect any unauthorised access to your account, you should contact us immediately through the support channels on the Site.

Complaints & Contacts

We take privacy and data protection seriously and encourage you to contact us if you have any questions or concerns about how we handle your personal data.

Contacting Us

  • Online: you can reach us via the support or contact options available on zoomebet-au.com (for example, live chat or contact form). Please indicate that your inquiry is related to "privacy" or "personal data".
  • Postal address (operator): Dama N.V., Scharlooweg 39, Willemstad, Curaçao.
  • Postal address (payment agent): Friolion Limited, Leandrou, 12A, 3086 Limassol, Cyprus.

When contacting us, please provide sufficient information for us to identify you and understand your request or complaint. We may need to ask you for additional information to verify your identity.

Complaint Procedure

  1. Submit your complaint: contact us through the Site's support channels or by writing to the postal address above, explaining the nature of your complaint and how you believe your privacy rights have been affected.
  2. Acknowledgement: we will acknowledge receipt of your complaint within a reasonable period (generally within 7 days).
  3. Investigation: we will investigate your complaint, which may involve reviewing internal records, consulting relevant staff, and requesting additional information from you.
  4. Response: we aim to provide a substantive response to your complaint within 30 days of receipt, or within any shorter timeframe required by applicable law. If we need more time, we will inform you of the reason and the expected timeframe.
  5. Further steps: if you are not satisfied with our response, you may have the right to escalate your complaint to a relevant data protection authority, as set out below.

Escalation to Supervisory Authorities

  • Australia - Office of the Australian Information Commissioner (OAIC)
    • Website: https://www.oaic.gov.au
    • The OAIC provides guidance on how to lodge a privacy complaint under the Privacy Act 1988 (Cth).
  • Mexico - National Institute for Transparency, Access to Information and Personal Data Protection (INAI)
    • Website: https://www.inai.org.mx
    • If Mexican privacy law applies to you, you may submit a complaint to INAI regarding our handling of your personal data.
  • European Union / EEA
    • If the GDPR applies to you, you have the right to lodge a complaint with your local data protection authority in the EU/EEA, or with the authority in the Member State of your habitual residence, place of work, or place of the alleged infringement. Contact details for EU/EEA supervisory authorities are available on the European Data Protection Board website.

We encourage you to contact us first so that we have an opportunity to resolve your concerns, but you are not obliged to do so before approaching a supervisory authority.

Updates

We may update this Privacy Policy from time to time, for example to reflect changes in our services, legal requirements, or data processing practices. The updated version will be published on zoomebet-au.com, and the "Last updated" date will be revised accordingly.

Notification of Changes

  • Minor changes: for non-material updates (for example, clarifications, format changes, or reorganisation) we may simply publish the revised Privacy Policy on the Site. We encourage you to review it periodically.
  • Material changes: where changes significantly affect how we process your personal data or your rights (for example, new processing purposes or new categories of recipients), we will provide additional notice by:
    • displaying a prominent banner or notification on the Site;
    • sending an email or in-account message to registered users; and/or
    • notifying you through other appropriate channels.
  • Advance notice: where feasible and required by applicable law, we will provide at least 30 days' advance notice of material changes before they take effect.

Your Options

  • If you continue to use the Site after the effective date of an updated Privacy Policy, your use will be deemed acceptance of the updated terms, to the extent permitted by law.
  • If you do not agree with changes that materially affect your rights, you may choose to stop using the Site and request account closure. We will continue to handle your personal data in accordance with this Privacy Policy as modified, but will respect your rights under applicable law, including any rights to deletion or restriction.

Last updated: February 2026

Summary of recent material changes:

  • Clarified the role of Dama N.V. and Friolion Limited in relation to zoomebet-au.com and the Zoome Casino project.
  • Enhanced explanations of international data transfers and data retention periods relevant to Australian players.
  • Expanded the "Your Rights" and "Complaints & Contacts" sections to provide clearer alignment with GDPR and Mexican privacy law, as well as Australian privacy requirements.