burger icon
Spinanga Australia
Log In

Privacy Policy

This Privacy Policy explains how Spinanga, operated via the website https://spinanga-aussie.com, collects, uses, discloses, and protects personal information of players and website visitors. It applies to all users who access, browse, or use our services, including real-money gaming, account management, and support channels. By using our website or creating an account, you acknowledge that you have read and understood this Privacy Policy and agree to its terms, as updated from time to time. If you do not agree, you must not use the services. This Privacy Policy is effective and applies to processing activities occurring on and after 1 January 2026.

Who We Are

OBSERVE: The operator and corporate structure for Spinanga and its website spinanga-aussie.com involve offshore entities and payment intermediaries. To ensure transparency, we identify the operator, related entities, and contact points for privacy matters.

EXPAND: While some registration details and precise registered office addresses are not publicly specified, we must still provide clear points of contact and describe the corporate roles in operating and supporting the website, including licensing jurisdictions and payment processors.

REFLECT: We present the available legal-entity information and designate a responsible contact for privacy and data protection queries.

Operator and Group Structure

  • Brand: The online gambling services offered under the name "Spinanga" are provided exclusively through https://spinanga-aussie.com ("Site").
  • Operating company: The Site is operated by Liernin Enterprises Ltd, a company incorporated under the laws of the Marshall Islands. Liernin Enterprises Ltd acts as the data controller for personal data collected through the Site, to the extent applicable law recognizes that role.
  • Historical and supporting entities:
    • Rabidi N.V., a Curaçao company, historically operated the Spinanga brand under Antillephone N.V. master license 8048/JAZ2020-001. This information is provided for transparency about historical operations and infrastructure.
    • Tilaros Limited, a Cyprus-based company, acts as a payment processor for certain card transactions and may process payment-related personal data on our behalf.
  • Licensing jurisdictions (current or recent): Our group entities hold or have held online gaming licences in jurisdictions including Curaçao, the Philippines (PAGCOR, via Liernin Enterprises Ltd), and Anjouan. These licensing bodies may have oversight responsibilities and, in some circumstances, receive limited personal data for regulatory or audit purposes.

Contact for Privacy Matters (DPO / Data Protection Contact)

  • Primary contact email: [email protected]
  • Purpose of contact: You may use this email for:
    • Questions about this Privacy Policy
    • Requests to exercise your privacy or data protection rights
    • Security or privacy incident notifications
    • Complaints about how we process your personal data
  • Designated responsibility: Our internal Data Protection Contact (DPC) or equivalent privacy team member is responsible for reviewing and responding to privacy-related communications sent to this address. While a formal Data Protection Officer under EU GDPR or other laws may not be mandated for our structure, we treat all privacy requests with equivalent seriousness.
  • Postal address: Our precise legal and mailing addresses are not published for security and operational reasons. If a physical address is required by applicable law in your jurisdiction for the exercise of a privacy right, we will provide it individually upon written request to the email above, subject to verification of your identity and legal entitlement.

What Personal Data We Collect

OBSERVE: Online gambling services require collection of identity, contact, financial, technical, and behavioural data to operate accounts, meet anti-fraud and AML obligations, and personalise services. Cookies and tracking technologies also capture technical usage patterns.

EXPAND: We must distinguish categories of data, explain examples within each category, and clarify that some data is provided directly by you, while other data is generated or collected automatically.

REFLECT: We list the relevant categories of personal data and explain how they arise in the context of Spinanga's services on spinanga-aussie.com.

Categories of Personal Data

  • Identification and contact data:
    • Full name, date of birth, and nationality
    • Residential address and country of residence
    • Email address (for example, the address associated with your gaming account)
    • Telephone number or mobile number (if provided)
    • Government-issued identification details (ID card, passport, driver licence), including document number, issuing authority, and expiry date, where KYC checks are required
    • Copies or photos of identity documents and proof of address (e.g. utility bill, bank statement)
  • Account and profile data:
    • Username, password (stored in hashed or otherwise protected form), language preference, preferred currency (e.g. AUD)
    • Account status, verification status, self-exclusion or cooling-off settings
    • Communication preferences, including marketing consents and opt-outs
  • Financial and payment data:
    • Payment instrument details (such as partially masked card numbers, card brand, card expiry date) processed via payment intermediaries like Tilaros Limited
    • Deposit and withdrawal records, including amount, currency, timestamp, method (e.g. card, PayID, Neosurf), and transaction identifiers
    • Verification data associated with AML/CTF checks, source-of-funds or source-of-wealth information, where required by applicable regulations
    • Billing and payout history linked to your account
  • Technical and device data:
    • IP address and approximate geolocation (country, region) derived from it
    • Device identifiers, operating system, browser type and version, screen resolution, and settings
    • Log data such as time and date of visits, pages viewed, clickstream data, session duration, and referring URLs
    • Security logs including login attempts, failed logins, device fingerprinting data, and account change history
  • Behavioural and usage data:
    • Gameplay history: games played (e.g. pokies, table games, live casino), stakes, wins and losses, duration of play
    • Betting patterns, bonuses used, wagering activity, and responsible gambling metrics (session length, frequency of deposits)
    • Clicks, scrolling, and interaction data on the Site used for user experience improvement and fraud monitoring
  • Communication data:
    • Content of communications with our support team via email ([email protected]) or any on-site chat, including complaints and requests
    • Records of consent, withdrawal of consent, and preferences captured through your account or other channels
  • Cookies and similar technologies:
    • Cookie identifiers, session IDs, and tracking pixels used to recognise your browser or device
    • Information regarding how you interact with banners, promotions, and advertisements
    • Data collected via third-party analytics tools and advertising networks, subject to your consent where required

Legal Basis for Processing

OBSERVE: In many jurisdictions, including where our infrastructure or service providers are located, we must identify legal bases for processing personal data, typically aligned with GDPR-like frameworks: consent, contract, legitimate interests, and legal obligations.

EXPAND: Although Spinanga targets players in Australia, our processing activities may be subject to multiple legal regimes (e.g. EU-style standards adopted contractually, regional privacy expectations). We adopt a harmonised approach based on recognised international standards.

REFLECT: We describe the main legal grounds and link them to specific processing activities.

Contractual Necessity

  • We process your personal data because it is necessary to enter into and perform a contract with you. This includes:
    • Creating and managing your gaming account
    • Processing deposits, wagers, and withdrawals
    • Providing access to games and related services
    • Verifying your identity and eligibility to use the services
    • Communicating with you about your account, transactions, and service changes

Legal and Regulatory Obligations

  • We process certain data to comply with legal obligations imposed by licensing authorities, anti-money laundering (AML) and counter-terrorism financing (CTF) rules, responsible gambling requirements, financial reporting laws, and record-keeping obligations. This may include:
    • Collecting identification documents for KYC/AML checks
    • Monitoring and reporting suspicious transactions
    • Retaining transaction records for mandated periods

Legitimate Interests

  • We rely on our legitimate interests where such interests are not overridden by your rights and freedoms. These interests include:
    • Preventing, detecting, and investigating fraud, abuse of bonuses, and other unlawful or irregular activities
    • Ensuring network and information security, including protecting our systems against attacks and misuse
    • Conducting analytics to improve our services, user experience, and business performance
    • Enforcing our Terms and Conditions and defending our legal rights

Consent

  • In certain cases we rely on your consent, which you may withdraw at any time without affecting the lawfulness of processing before withdrawal. These cases typically include:
    • Sending direct marketing communications (email, SMS, push notifications) about promotions and offers, where required by law
    • Using non-essential cookies and similar technologies for targeted advertising or enhanced analytics
    • Sharing data with certain third-party advertising networks or affiliates for personalised marketing, where applicable law or platform policies require consent

Purpose of Processing

OBSERVE: The same categories of personal data may be used for multiple purposes, including service provision, compliance, marketing, and security.

EXPAND: For transparency, we link high-level purposes to practical activities on spinanga-aussie.com and clarify that we do not process data in ways incompatible with these purposes.

REFLECT: We list the key purposes in a structured way.

Core Service Delivery

  • Setting up and managing user accounts for Spinanga
  • Providing access to online casino games, including pokies, table games, and live dealer products
  • Processing deposits, wagers, and withdrawals in AUD and other supported currencies
  • Providing customer support via [email protected] and any on-site tools

Compliance and Risk Management

  • Conducting KYC checks and ongoing monitoring to meet AML/CTF and responsible gambling obligations in relevant licensing jurisdictions
  • Monitoring for fraud, bonus abuse, payment irregularities, and suspicious behaviour
  • Retaining records necessary for audits, regulatory reporting, and defence of legal claims

Service Improvement and Analytics

  • Analysing aggregated and pseudonymised data to understand how players use the Site
  • Improving site layout, navigation, content, and game offering for better user experience
  • Testing new features, payment methods (such as PayID and Neosurf integrations), and promotional structures

Marketing and Personalisation

  • Sending you promotional communications about bonuses, tournaments, and new games, subject to your consent where required
  • Tailoring offers and content based on your account profile and playing history, within the limits of applicable law and your preferences
  • Measuring the performance of our marketing campaigns and affiliate relationships

Security and Integrity of the Platform

  • Ensuring the security and integrity of spinanga-aussie.com, including preventing account takeover and misuse
  • Using technical and behavioural signals (IP address, device data, login patterns) to detect anomalies and potential threats
  • Maintaining backup copies and logs for business continuity and incident investigation

Disclosure & Sharing

OBSERVE: To operate an online casino, we must share data with controlled third parties such as payment processors, game providers, IT vendors, and regulators.

EXPAND: We differentiate categories of recipients, emphasise contractual safeguards, and note that certain disclosures are mandatory under law or licensing conditions.

REFLECT: We specify the types of recipients, circumstances of disclosure, and applicable protections.

Service Providers and Processing Partners

  • Payment processors: Entities such as Tilaros Limited (Cyprus) and other banks or financial intermediaries that process card payments, PayID, vouchers (including Neosurf), and other methods on our behalf. They receive payment-related data necessary to complete transactions and perform fraud checks.
  • Game and platform providers: Third-party casino software developers and platform operators that supply games and related infrastructure. They may receive user identifiers, session information, and gameplay data to provide the games and ensure their fairness and security.
  • IT and security providers: Hosting providers, content delivery networks (CDNs), analytics providers, customer support tools, email service providers, and cybersecurity firms that assist us in operating, securing, and improving the Site.

Group Companies and Corporate Transactions

  • We may share personal data with other companies in our group or with entities related to the Spinanga brand (such as Rabidi N.V. for historical infrastructure and migration purposes), to the extent necessary for:
    • Consolidated reporting, risk management, and internal administration
    • Platform migration, technical maintenance, and licensing transitions
  • In the event of a merger, acquisition, restructuring, or sale of assets, personal data may be transferred to the relevant third parties, subject to strict confidentiality and continuity of protection.

Regulators, Authorities, and Legal Requirements

  • We may be required to disclose personal data to:
    • Gaming regulators and licensing bodies (e.g. in Curaçao, the Philippines, Anjouan) for audits, compliance reviews, or investigations
    • Law enforcement agencies, courts, or governmental authorities where necessary to comply with legal obligations or respond to valid legal processes
    • Financial intelligence units or similar bodies in relation to AML/CTF reporting obligations

Affiliates and Advertising Networks

  • We may share limited data with marketing affiliates and advertising networks to:
    • Attribute traffic and conversions to particular marketing sources
    • Measure campaign performance and prevent affiliate fraud
  • Where required by law, sharing for interest-based advertising or personalised offers is performed only with your prior consent and subject to opt-out mechanisms.

Other Disclosures

  • We may disclose data where necessary to:
    • Protect our rights, privacy, safety, or property, and that of our users or others
    • Enforce our Terms and Conditions or other agreements
    • Pursue available remedies or limit damages we may sustain

International Transfers

OBSERVE: Our operations, licensing, and technical infrastructure involve multiple jurisdictions outside Australia, including the Marshall Islands, Curaçao, Cyprus, the Philippines, and Anjouan.

EXPAND: Data may be stored or accessed from servers in various countries and processed by service providers globally. While not all jurisdictions have the same level of data protection laws, we implement contractual and organisational safeguards inspired by international standards.

REFLECT: We explain where data may go and how we protect it in cross-border transfers.

Locations of Processing

  • Your personal data may be processed in, or transferred to:
    • Jurisdictions of our operator and group entities (e.g. Marshall Islands, Curaçao, Cyprus, Philippines, Anjouan)
    • Countries where our hosting providers, game providers, payment processors, and other vendors maintain infrastructure or support teams
    • Other countries from which you access the Site, depending on routing and content delivery networks

Protection Measures for International Transfers

  • Where required by applicable law or adopted by us as a best-practice standard, we use:
    • Contractual protections, such as data processing agreements and clauses imposing confidentiality, security, and limited-purpose obligations on recipients
    • Technical safeguards like encryption in transit and at rest, access controls, and data minimisation to reduce risks during transfer and storage
    • Organisational measures, including internal policies, staff training, and audit rights over certain service providers
  • Where transfers involve regions subject to EU-style restrictions, we may adopt mechanisms analogous to Standard Contractual Clauses or similar safeguards, even if not legally required, to align with recognised international standards.

Data Retention

OBSERVE: Gambling and financial regulations require us to keep data for minimum periods, particularly for AML/CTF and transactional records, but we must not keep data longer than necessary for the purposes described.

EXPAND: Retention varies by category, purpose, and applicable law. We must explain typical timeframes and criteria for deletion or anonymisation.

REFLECT: We provide indicative retention periods aligned with industry practice and legal expectations.

Retention Periods by Category

  • Account and identification data: Generally retained for the duration of your account and for up to 5 years after account closure, to comply with AML/CTF, gambling licence, and record-keeping requirements, or longer where required by specific regulations or necessary for legal claims.
  • Transaction and financial records: Retained for 5 to 7 years from the date of the relevant transaction, depending on applicable financial and tax laws in relevant jurisdictions.
  • Gameplay and behavioural data: Retained for the life of the account and typically up to 5 years after closure, in order to respond to disputes, regulatory inquiries, and to support responsible gambling and fraud-prevention reviews.
  • Marketing and communication data: Retained while you remain subscribed to marketing communications and for a reasonable period (typically up to 2 years) after you opt out, to maintain opt-out suppression lists and evidence of compliance.
  • Technical logs and security data: Retained for periods ranging from a few months to up to 2 years, depending on the nature of the logs, the need for security investigations, and legal obligations.

Deletion and Anonymisation Criteria

  • We delete or irreversibly anonymise personal data when:
    • The retention period described above has expired
    • The data is no longer needed for any of the purposes described in this Privacy Policy
    • No overriding legal obligation or legitimate interest requires further retention
  • If you submit a valid deletion request, we will:
    • Erase data that we are not required or permitted to retain by law, and
    • Restrict access to retained data to only those personnel and purposes strictly necessary (for example, legal or regulatory purposes).

Your Rights

OBSERVE: Data protection regimes worldwide, including the EU GDPR and various national laws, recognise rights such as access, rectification, deletion, restriction, objection, and data portability. The prompt also mentions alignment with Mexican privacy law (e.g. ARCO rights) for structural guidance, even though Spinanga targets Australian players.

EXPAND: Regardless of your location, we implement a unified set of rights-handling procedures broadly aligned with GDPR and ARCO principles, subject to any limitations under applicable law, our licensing conditions, and retention obligations.

REFLECT: We describe these rights, explain how to exercise them, and outline our procedures, timelines, and cost-free guarantees.

Overview of Rights

  • Right of access: You may request confirmation of whether we process your personal data and receive a copy of the data and related information we hold about you.
  • Right to rectification (correction): You may request that we correct inaccurate or incomplete personal data.
  • Right to deletion ("erasure"): Subject to legal and contractual limitations, you may request that we delete personal data that is no longer necessary or that has been processed unlawfully.
  • Right to restriction of processing: You may request that we restrict processing of your data (for example, while we verify your objections or the accuracy of data).
  • Right to object: You may object to processing based on our legitimate interests, including profiling, and to direct marketing at any time. We will stop processing unless we demonstrate compelling legitimate grounds or must continue for legal reasons.
  • Right to data portability: Where technically feasible and legally required, you may request a copy of certain personal data in a structured, commonly used, and machine-readable format, and ask us to transmit it to another controller.
  • Rights relating to consent: Where processing is based on your consent, you may withdraw that consent at any time, without affecting the lawfulness of processing conducted before withdrawal.

Procedures for Exercising Your Rights

  1. Submission of request: Send an email to [email protected] clearly stating:
    • Your full name, username, and email address used on spinanga-aussie.com
    • The specific right(s) you wish to exercise (e.g. access, rectification, deletion)
    • Any additional information that helps us locate your data (for example approximate dates of use)
  2. Verification: To protect your privacy, we may ask you to provide additional information or documentation to verify your identity before acting on the request, particularly for access, portability, and deletion.
  3. Assessment and response time: We aim to respond to all valid requests within 30 days of receipt. If your request is complex or numerous, we may extend this period by an additional 30 days, informing you of the reasons and the extension period.
  4. Cost: We process your requests free of charge, unless they are manifestly unfounded or excessive (for example, repetitive requests). In such cases we may charge a reasonable fee or refuse to act, consistent with applicable law.
  5. Limitations: Certain rights may be limited where:
    • We must retain data to comply with AML/CTF, gambling, tax, or other laws or regulatory requirements
    • Disclosure would adversely affect the rights and freedoms of others
    • Retention is necessary for the establishment, exercise, or defence of legal claims

Marketing Opt-Out

  • You can opt out of marketing communications by:
    • Clicking the "unsubscribe" link in the email
    • Adjusting your communication preferences within your account settings (if available)
    • Contacting [email protected] with your request
  • Even if you opt out of marketing, we may still send you service-related communications (for example, transaction confirmations, security alerts, or changes to terms).

Cookies & Tracking Technologies

OBSERVE: Cookies and similar technologies support core functionality, analytics, security, and marketing. Users should understand cookie types and management options.

EXPAND: We distinguish session vs persistent and first-party vs third-party cookies, and refer to browser controls and any in-site tools for consent and management.

REFLECT: We summarise the main categories of cookies used on spinanga-aussie.com.

Types of Cookies We Use

  • Session cookies: Temporary cookies that exist only while your browser is open. They enable core features such as logging in, maintaining your session, and keeping items in your account during a visit. They are deleted when you close your browser.
  • Persistent cookies: Cookies that remain on your device for a defined period or until you delete them. They remember your preferences (e.g. language, region, login status) and help us recognise you as a returning visitor.
  • First-party cookies: Set by spinanga-aussie.com to support site functionality, security, and basic analytics.
  • Third-party cookies and similar technologies: Set by third-party service providers such as analytics platforms, advertising networks, and affiliate partners. They may collect information about your online activities over time and across different websites, subject to applicable law and your consent where required.

Purposes of Cookies

  • Strictly necessary / functional: Necessary for you to navigate the Site, log in, access secure areas, process payments, and display content correctly. Disabling these may impact basic operation.
  • Performance and analytics: Used to collect aggregated information about how visitors use the Site (for example, which pages are visited most often, and error messages). This helps us monitor performance and improve usability.
  • Advertising and targeting: Used to deliver more relevant advertisements and promotions, limit how often you see an ad, and measure campaign effectiveness. These cookies may be set by us or by approved third-party advertising networks and affiliates.

Managing Cookies

  • You can manage or disable cookies through your browser settings. Each browser provides tools to control or delete cookies; please refer to your browser's help section for details.
  • If we provide in-site cookie management tools (such as a cookie banner or preferences panel), you can use these to:
    • Accept or reject non-essential cookies
    • Change your preferences at any time
  • Blocking or deleting cookies may affect your ability to use some features of spinanga-aussie.com, including access to certain games or account features.

Data Security

OBSERVE: Online gambling platforms handle sensitive financial and identity data and must implement strong technical and organisational safeguards.

EXPAND: We must cover encryption, access control, authentication, monitoring, staff training, and incident response, referencing recognised standards as aspirational benchmarks.

REFLECT: We present a concise but comprehensive overview of our security approach.

Technical Measures

  • Encryption in transit: Data transmitted between your browser and spinanga-aussie.com is protected using TLS 1.2 or higher, helping prevent interception and tampering.
  • Encryption at rest: Where feasible, sensitive data (including certain financial and authentication data) is stored using strong encryption or hashing techniques, with encryption keys managed securely.
  • Access controls: Personal data is accessible only to authorised personnel and systems, following the principle of least privilege and role-based access controls.
  • Secure development and testing: Our systems and platforms are developed and maintained using secure coding practices, regular patching, and vulnerability assessments.

Organisational and Procedural Measures

  • Authentication and account security: We implement measures such as strong password requirements and may offer or use additional controls (for example, multi-factor authentication for internal access). Suspicious login activity may trigger additional verification.
  • Monitoring and logging: Security-relevant events are logged and monitored for unusual patterns or potential incidents.
  • Staff training: Employees and contractors with access to personal data receive training on confidentiality, data protection, and information security obligations.
  • Third-party security: We assess and contractually require key suppliers (including hosting and payment providers) to maintain appropriate security safeguards, referencing internationally recognised standards such as ISO 27001 or SOC 2 where applicable.

Incident Response

  • We maintain procedures to detect, investigate, and respond to suspected personal data breaches or security incidents.
  • Where required by applicable law, we will notify relevant supervisory authorities and affected individuals of a qualifying data breach, without undue delay and within applicable time limits.

Complaints & Contacts

OBSERVE: Users must have clear channels to contact us, raise concerns, and lodge complaints, and they should be informed of escalation options to supervisory or regulatory authorities, including privacy regulators where applicable.

EXPAND: While Spinanga targets Australian users and operates offshore, we align with international expectations by offering transparent complaint-handling procedures and acknowledging the role of data protection and gambling regulators.

REFLECT: We describe contact methods, internal complaint handling, and external escalation options.

How to Contact Us

  • Email (primary channel): [email protected]
  • Purpose: You may use this email address to:
    • Ask questions about this Privacy Policy
    • Submit privacy or data protection requests
    • Lodge complaints about our handling of your personal data
    • Report suspected security incidents
  • Online forms: If online contact or complaint forms are introduced on spinanga-aussie.com, they may also be used to submit privacy-related queries. Such forms will link to or reference this Privacy Policy.

Complaint Procedure

  1. Initial submission: Send your complaint or concern to [email protected], providing:
    • Your full name, username, and contact details
    • A clear description of your concern or complaint
    • Any supporting documentation (for example, screenshots, email copies)
  2. Acknowledgement: We aim to acknowledge receipt of your complaint within 5 business days.
  3. Investigation and response: We will investigate your complaint and provide a substantive response within 30 days of receipt, where possible. If additional time is needed, we will inform you of the delay and expected timeframe.
  4. Escalation: If you are not satisfied with our response, you may request further review internally or pursue external remedies as available under the laws and regulations that apply to you.

Escalation to Authorities

  • Depending on your location and the applicable legal framework, you may have the right to lodge a complaint with:
    • A data protection or privacy authority in your country of residence or in the country where you consider your rights to have been infringed.
    • Relevant gambling regulators or licensing authorities supervising our group entities, such as those in Curaçao, the Philippines, or Anjouan, in relation to regulatory compliance matters.
  • We will provide further information about appropriate supervisory bodies upon request, taking into account your jurisdiction and the nature of your complaint.

Updates

OBSERVE: Privacy laws and our operations evolve over time, requiring updates to this Privacy Policy.

EXPAND: We must explain how we will notify users of changes, maintain version control, and provide advance notice of material modifications.

REFLECT: We describe our update practices and how they affect continued use of the services.

Changes to This Privacy Policy

  • We may update this Privacy Policy from time to time to reflect:
    • Changes in our services, technologies, or corporate structure
    • Updates to applicable laws, regulations, or industry standards
    • Feedback from regulators or users
  • The "Last updated" date below indicates the effective date of the current version:
    • Last updated: January 2026

Notification of Material Changes

  • For significant changes that materially affect your rights or the way we process your data, we will provide advance notice of at least 30 days where practicable, by one or more of the following means:
    • Prominent notice on spinanga-aussie.com (for example, banner or pop-up)
    • Notification through your account dashboard
    • Email communication to the address associated with your account
  • For minor or editorial changes that do not materially affect your rights, we may update the policy without separate notice other than updating the "Last updated" date.

Your Options Following Updates

  • By continuing to use spinanga-aussie.com after an updated Privacy Policy becomes effective, you are deemed to have accepted the revised terms.
  • If you do not agree with material changes:
    • You may stop using the services and request account closure
    • You may exercise your rights under this Privacy Policy, including access, rectification, or deletion, subject to legal and regulatory constraints