burger icon
Staycasino Australia
Log In

Privacy Policy

This Privacy Policy explains how your personal information is collected, used, disclosed and protected when you access or use the Staycasino version of the Staycasino online casino via the website staybet-au.com and any related services (together, the "Service"). It applies to players, prospective players, and visitors to our websites, whether you browse, create an account or interact with our customer support. By using the Service, you acknowledge that your personal information will be handled in accordance with this Privacy Policy. Effective date: 1 January 2026.

Who We Are

The Service is operated by an offshore online gambling group that targets players in Australia and globally.

Operator and Data Controller

  • Data Controller: Hollycorn N.V., a company incorporated under the laws of Curaçao.
  • Registered address: Hollycorn N.V., Scharlooweg 39, Willemstad, Curaçao.
  • Registration number: 144359 (Curaçao company register).
  • Gambling licence: Hollycorn N.V. operates the Staycasino brand, including Staycasino, under licence no. 8048/JAZ2019-015 issued by Antillephone N.V., a master licence holder authorised by the Government of Curaçao (see licence validator link in the footer of staybet-au.com).
  • Service branding: For Australian-facing users, the Service is presented as Staycasino and is accessible via the mirror domain staybet-au.com. Staycasino is a geo-targeted frontend of the Staycasino brand and is not a separate legal entity.

Payment Processing Entity

  • Payment agent / processor: Libergos Limited, a company incorporated in Cyprus.
  • Registration number: HE 371971 (Cyprus).
  • Libergos Limited acts as a payment processing subsidiary of Hollycorn N.V. and may process your payment-related data on behalf of Hollycorn N.V.

Contact for Privacy Matters

  • Data Protection Officer (DPO) / Privacy Team: appointed by Hollycorn N.V. to oversee privacy and data protection compliance for Staycasino.
  • Email: [email protected]
  • General support: 24/7 live chat available via the interface on staybet-au.com
  • Postal contact for privacy issues: Data Protection Officer, Hollycorn N.V., Scharlooweg 39, Willemstad, Curaçao.

For individuals in Australia, we handle personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) to the extent they apply to an overseas organisation dealing with Australian residents. For individuals in the European Economic Area (EEA), the UK and Mexico, we also seek to align our practices with the EU/UK GDPR and relevant Mexican privacy laws as described in the "Your Rights" section.

What Personal Data We Collect

We collect only the personal data that is reasonably necessary for providing and improving the Service, complying with our legal obligations (including gambling, KYC and AML requirements) and protecting our legitimate interests (such as fraud prevention). We may collect the following categories of personal data.

Identity and Contact Data

  • Identification details: full name, date of birth, gender, country of residence, nationality.
  • Contact details: email address, phone number, residential address, postcode, preferred language.
  • Account details: username, encrypted password, security questions/answers (where used), account ID.

Verification (KYC/AML) Data

  • Copies of identity documents (e.g. passport, national ID, driver licence), proof of address (utility bill, bank statement), payment instrument ownership confirmations.
  • Information obtained from external verification providers and sanctions/PEP screening tools where required by AML regulations.
  • Notes relating to due diligence checks and risk assessments for responsible gambling and anti-money laundering purposes.

Technical and Usage Data

  • Technical identifiers: IP address, device identifiers, browser type and version, operating system, language settings, time zone.
  • Log data: access dates and times, pages viewed, clicks, session duration, referrer URLs, error logs and performance data.
  • Device and network data: approximate location derived from IP, internet service provider, device model, screen resolution.

Payment and Financial Data

  • Transaction data: deposits, withdrawals, currency, payment method used, transaction timestamps and amounts.
  • Payment instrument data: limited card or account information (for example, masked card number, card type, expiry date) as processed by Libergos Limited and/or other payment providers; we do not store full card numbers or CVV codes in plain text.
  • Verification details relating to ownership of payment methods when legally required.

Behavioural and Profile Data

  • Gameplay and betting history: games played, stakes, wins/losses, bonuses used, session duration, betting limits, responsible gaming tools activated.
  • User preferences: preferred games, language, communication and marketing preferences, interface settings.
  • Interactions: records of communications with customer support (live chat transcripts, emails, complaints and enquiries).

Cookies and Similar Technologies

  • Cookies: small text files stored on your device that support functionality, security, analytics and marketing.
  • Local storage and similar tools: browser local storage, web beacons, pixel tags, SDKs and other tracking technologies used to remember your choices and analyse usage of staybet-au.com.
  • Identifiers associated with cookies or pixels placed by us or third parties (e.g. analytics or advertising networks), where permitted by law and your preferences.

Special Categories of Data

We do not intentionally collect sensitive personal information (such as health or religious beliefs) as defined in the GDPR or comparable laws, other than responsible gambling data that may indirectly relate to your health or vulnerability when you provide it voluntarily (for example, in self-exclusion requests). Where such information is collected, it is processed with enhanced safeguards and only where strictly necessary.

Legal Basis for Processing

We process personal data in a manner consistent with applicable privacy laws, including the Australian Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and where applicable the EU/UK GDPR and relevant Mexican privacy laws. Depending on the context, we rely on the following legal grounds.

Performance of a Contract

  • To create, administer and maintain your player account on Staycasino via staybet-au.com.
  • To provide the interactive casino services you request (placing bets, participating in games, processing deposits/withdrawals, awarding bonuses and loyalty rewards).
  • To provide customer support, handle your enquiries and resolve technical issues affecting your use of the Service.

Compliance with Legal Obligations

  • To comply with gambling, anti-money laundering (AML), counter-terrorism financing (CTF), sanctions and "know your customer" (KYC) obligations under the laws and regulations applicable to Hollycorn N.V. and its group companies.
  • To maintain adequate records for tax, accounting, audit and regulatory reporting purposes.
  • To respond to lawful requests from courts, regulators, law enforcement or other competent public authorities.

Legitimate Interests

  • To secure and protect our systems, network and users (including fraud detection, account and transaction monitoring, preventing abuse, cheating, misuse or security incidents).
  • To improve and develop the Service, including game offerings, user interface and performance, based on aggregated or pseudonymised analytics.
  • To personalise content and recommendations, tailor promotions and loyalty rewards, and measure the effectiveness of marketing campaigns.
  • To enforce our terms and conditions, protect our rights, property, operations and the safety of players and third parties.

When we rely on legitimate interests, we balance those interests against your rights and expectations and implement safeguards such as pseudonymisation, strict access controls and data minimisation.

Consent

  • For certain types of cookies, analytics and advertising technologies that are not strictly necessary for the Service, where required by applicable law.
  • For direct electronic marketing (such as email, SMS or push notifications) where your consent is required or where our legitimate interest is not sufficient.
  • For the processing of any sensitive information you voluntarily provide (for example, certain responsible gambling communications), to the extent required by law.

You may withdraw your consent at any time, as described in the "Your Rights" and "Cookies & Tracking Technologies" sections. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

Purpose of Processing

We use your personal data only for specified, explicit and legitimate purposes and do not process it in a way incompatible with those purposes. Key purposes include:

Providing and Managing the Casino Service

  • Creating and managing your Staycasino account on staybet-au.com.
  • Enabling you to deposit funds, participate in games, place bets, receive winnings and withdraw funds.
  • Providing customer support, handling complaints, verifying your identity, and communicating important service, security or account notices.

Compliance, Security and Fraud Prevention

  • Conducting KYC, AML and CTF checks, transaction monitoring, source-of-funds assessments and ongoing due diligence.
  • Monitoring gameplay and transaction patterns to detect fraud, collusion, bonus abuse, money laundering or other prohibited behaviour.
  • Maintaining logs and records necessary for audits, investigations and regulatory reporting.

Responsible Gambling

  • Supporting responsible gambling tools (such as deposit limits, loss limits, session limits and self-exclusion) and monitoring usage to detect potentially harmful behaviour.
  • Recording and honouring self-exclusion requests and related communications.

Service Improvement and Analytics

  • Analysing aggregated and pseudonymised usage data to understand how players interact with staybet-au.com.
  • Testing new features, games and user interface improvements.
  • Measuring the performance of our website, games, promotions and support channels.

Marketing and Personalisation

  • Sending you promotional communications (email, SMS, push notifications, in-site messages) regarding bonuses, tournaments, new games and loyalty offers, in line with your preferences and applicable law.
  • Profiling your gameplay and preferences to provide personalised offers and recommendations, where permitted.
  • Working with affiliates and advertising networks to run, measure and optimise marketing campaigns.

Business Operations

  • Operating, managing and expanding our business, including internal reporting, risk management and governance.
  • Managing relationships with suppliers, payment providers and game providers.
  • In connection with any corporate transaction, such as a merger, reorganisation or sale of business assets, subject to appropriate safeguards.

Disclosure & Sharing

We do not sell your personal data as a standalone product. However, we may share your data with carefully selected third parties for the purposes described in this Privacy Policy and subject to appropriate contractual safeguards.

Group Companies

  • Hollycorn N.V. and its wholly-owned subsidiary Libergos Limited may share personal data where necessary for payment processing, AML compliance, internal reporting, support and technical operations.

Payment Partners

  • Banks, payment processors, card schemes, e-wallet providers, voucher providers and other financial institutions that process deposits, withdrawals or refunds initiated by you.
  • These partners receive only the data required to execute transactions, meet their own legal obligations and prevent fraud.

Service Providers and Vendors

  • Game providers and platform providers who host and operate casino games integrated into Staycasino.
  • IT service providers (hosting, cloud infrastructure, email delivery, monitoring, security providers), analytics providers and customer support tools (including live chat).
  • Identity verification, KYC/AML, sanctions screening and fraud prevention providers.

Regulators and Public Authorities

  • Licensing and regulatory authorities (such as Antillephone N.V. and other relevant authorities in Curaçao) as required to demonstrate compliance with gambling, AML and related regulations.
  • Law enforcement agencies, courts and government bodies when we are legally obliged to disclose information or where disclosure is permitted to protect our rights or the rights of others.

Affiliates and Advertising Networks

  • Affiliate partners who refer players to staybet-au.com, for the purpose of tracking referrals, calculating commissions and preventing abuse.
  • Advertising networks and marketing partners that help us deliver or measure online campaigns. Where required, these partners operate on the basis of your consent to specific cookies or tracking technologies.

Business Transfers

  • In the event of a merger, acquisition, reorganisation, sale of assets or insolvency event, your personal data may be transferred to the acquiring or successor entity, subject to confidentiality and privacy protections consistent with this Privacy Policy.

Safeguards for Sharing

All third parties that process personal data on our behalf are bound by contractual obligations to:

  • Use personal data only for specified purposes and in accordance with our instructions.
  • Implement appropriate technical and organisational security measures.
  • Delete or return personal data once their services are completed, unless retention is required by law.

International Transfers

Because we operate a global online casino service from outside Australia, your personal data may be transferred to and stored in countries other than your country of residence. These countries may have different data protection laws, which in some cases may be less protective than those in your home jurisdiction.

Main Locations of Processing

  • Curaçao: corporate headquarters and main operational base of Hollycorn N.V.
  • Cyprus: payment processing activities performed by Libergos Limited.
  • European Union / EEA and the UK: hosting, technical, analytics and verification providers may be located in or process data from these regions.
  • Other countries: selected service providers (including cloud, analytics and marketing providers) may process data in jurisdictions such as the United States or other countries where they are established.

Legal Safeguards

  • When transferring personal data from the EEA/UK to countries without an adequacy decision, we rely on appropriate safeguards, such as:
    • Standard Contractual Clauses (SCCs) approved by the European Commission or the UK's International Data Transfer Agreement/Addendum.
    • Intra-group data transfer agreements incorporating similar safeguards.
    • Technical measures like encryption and pseudonymisation to reduce risk.
  • For Australian users, we take reasonable steps to ensure that overseas recipients do not breach the Australian Privacy Principles in relation to your personal information, as far as they apply to us as an overseas organisation.
  • Where Mexican or other local laws require specific safeguards for cross-border transfers, we implement appropriate contractual and technical protections consistent with those laws.

By using the Service, you acknowledge that your personal data may be transferred and processed in these jurisdictions under the safeguards described above.

Data Retention

We retain personal data only for as long as reasonably necessary to fulfil the purposes for which it was collected, to comply with legal and regulatory obligations, and to protect our legitimate interests (such as handling disputes or enforcing our terms). When data is no longer required, it is securely deleted, anonymised or archived.

Retention Periods by Category

Category of Data Typical Retention Period Purpose / Notes
Account and identity data For the lifetime of your account and up to 5 years after account closure To maintain records for legal, regulatory, tax and AML obligations and to manage disputes.
KYC/AML verification data Up to 5 years after the end of the business relationship or the date of the last transaction, or longer if required by applicable AML laws To comply with anti-money laundering, counter-terrorism financing and record-keeping obligations.
Gameplay and transaction history For the lifetime of your account and up to 5 years after account closure To support responsible gambling, resolve disputes and comply with licensing and tax requirements.
Technical logs (IP, device, access logs) 6 - 24 months from collection, unless needed longer for security investigations To secure the Service, detect fraud and investigate incidents.
Marketing and communication preferences Until you withdraw consent or object to marketing, and for up to 2 years after your last interaction with our marketing To manage and demonstrate your marketing choices and consent history.
Responsible gambling and self-exclusion data For the duration of the self-exclusion or other limit, and up to 5 years thereafter To honour self-exclusion and other responsible gambling measures and to prevent reactivation in breach of those measures.
Cookies and analytics identifiers Session cookies: until browser is closed; persistent cookies: generally 3 - 24 months To support site functionality, security and analytics, as explained in the Cookies section.

Deletion Criteria

  • The data is no longer necessary for the purposes for which it was collected or processed.
  • Applicable statutory retention periods or limitation periods have expired.
  • You successfully exercise your right to erasure and no legal grounds require continued processing.
  • We replace identifiable records with anonymised data for statistical and analytical purposes.

Your Rights

Depending on your country of residence and applicable law (including the Australian Privacy Act, the EU/UK GDPR and Mexican privacy law), you may have some or all of the rights described below. We will not discriminate against you for exercising these rights.

Core Rights (All Users, Where Applicable)

  • Right of access: to obtain confirmation as to whether we process your personal data and to receive a copy of your data together with certain information about how we use it.
  • Right to rectification: to have inaccurate or incomplete personal data corrected or updated. You can change many details directly in your account settings.
  • Right to erasure ("right to be forgotten"): to request deletion of your personal data where, for example, it is no longer necessary for the purposes for which it was collected, or you withdraw consent and there is no other legal basis for processing. This right may be limited where we must retain data to comply with legal obligations (such as AML and record-keeping laws).
  • Right to restriction of processing: to request that we restrict the processing of your data in certain circumstances, for example while we verify contested accuracy.
  • Right to object: to object to processing based on our legitimate interests, including profiling based on those interests. We will stop processing unless we demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or where processing is required for legal claims.
  • Right to object to direct marketing: you may opt out of direct marketing at any time, including profiling for marketing purposes. All marketing emails and SMS include opt-out mechanisms.

Rights under the GDPR (EEA/UK) and Mexican Law

  • Right to data portability (GDPR Article 20): to receive certain personal data in a structured, commonly used and machine-readable format and to transmit it to another controller, where technically feasible and where processing is based on consent or contract and carried out by automated means.
  • Rights under Mexican privacy law: for individuals in Mexico, rights that broadly align with the GDPR, including access, rectification, cancellation and opposition (ARCO rights) under the Federal Law on Protection of Personal Data Held by Private Parties and related regulations.
  • Right to withdraw consent: where processing is based on your consent (e.g. certain marketing or cookies), you may withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

How to Exercise Your Rights

  1. Submit a request: You can exercise your rights by:
    • Emailing us at [email protected], or
    • Contacting us via the 24/7 live chat on staybet-au.com and asking to be connected with the privacy team.
  2. Provide necessary information: Please indicate:
    • Which right(s) you wish to exercise.
    • Your name, username and registered email address.
    • Any additional details that will help us locate your data more easily.
  3. Identity verification: To protect you and other users, we may request additional information (including KYC information we already hold) to verify your identity before actioning your request.
  4. Response timeframe: We aim to respond to all valid requests within 30 days of receipt. If your request is complex or we receive multiple requests, we may extend this period, but we will inform you of any extension and the reasons for it.
  5. Fees: Requests are generally handled free of charge. We may charge a reasonable fee or refuse to act on requests that are manifestly unfounded, repetitive or excessive, as permitted by law.

Limitations

Some rights may not be absolute and may be restricted, for example where:

  • We must comply with overriding legal obligations, including AML and gambling regulations.
  • The rights of other individuals may be affected.
  • Requests are manifestly unfounded or excessive.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies on staybet-au.com to ensure the proper functioning of Staycasino, to improve performance, to enhance your user experience and, where permitted, to support analytics and marketing.

Types of Cookies

  • Strictly necessary cookies: essential for the operation of the site and the provision of requested services (e.g. logging in, maintaining sessions, security protections, remembering your account region). These cookies cannot be switched off through our systems, although you can configure your browser to block them (which may affect site functionality).
  • Functional cookies: enable enhanced features and personalisation, such as remembering your preferences (language, layout, game filters) and improving your overall experience.
  • Analytics and performance cookies: collect aggregated information about how visitors use the site (e.g. most visited pages, game popularity, error rates) to help us improve performance and usability.
  • Advertising and affiliate cookies: used to track the effectiveness of advertising campaigns, reward affiliate partners for referrals, limit the number of times you see the same advert and deliver more relevant marketing messages, where permitted.
  • Third-party cookies: set by third-party service providers (for example, analytics providers, advertising networks or embedded content providers). These providers may combine information collected on staybet-au.com with data from other sites where they operate.

Purposes of Cookies

  • To keep you logged into your account and maintain secure sessions.
  • To remember your language, region and gameplay preferences.
  • To analyse site traffic, performance and gameplay patterns in aggregated form.
  • To detect and prevent fraud, abuse and security threats (e.g. multiple accounts, bonus abuse).
  • To measure and improve the effectiveness of marketing campaigns and affiliate partnerships.

Managing or Disabling Cookies

  • Browser settings: Most browsers allow you to manage cookies, including blocking or deleting them. Please consult your browser's help documentation for instructions. Blocking certain cookies may impact site functionality.
  • In-site cookie tools: Where required by law, we may offer a cookie banner or preference centre on staybet-au.com, enabling you to accept or reject specific categories of cookies (other than strictly necessary cookies).
  • Third-party opt-outs: Some third-party providers offer their own opt-out mechanisms (for example, for interest-based advertising). You can refer to their privacy policies for further details.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction or damage, taking into account the nature of the data and the risks associated with online gambling services.

Technical Measures

  • Encryption in transit: Data transmitted between your browser and staybet-au.com is protected using TLS 1.2 or higher, helping to prevent interception or tampering.
  • Encryption at rest: Sensitive data (including certain account identifiers and security credentials) is stored using strong cryptographic techniques and hashing algorithms.
  • Access controls: Personal data is accessible only to authorised staff and service providers on a need-to-know basis, using role-based permissions and authentication controls.
  • Network security: Firewalls, intrusion detection/prevention systems, DDoS protection and regular monitoring are used to protect our infrastructure.
  • Secure development: Systems and applications are developed and maintained following secure coding practices, with periodic vulnerability assessments and penetration tests.

Organisational Measures

  • Policies and procedures: Internal policies govern data protection, information security, access management, incident response and retention.
  • Staff training: Employees and contractors with access to personal data receive regular training on data protection, privacy obligations and security best practices.
  • Vendor due diligence: Third-party processors are assessed for their security posture and are contractually obliged to implement appropriate safeguards.
  • Audit and monitoring: We conduct periodic audits and reviews of our security and privacy controls, and we monitor systems for suspicious activity.

Incident Response

  • We maintain incident response procedures to detect, respond to and mitigate security incidents and data breaches.
  • Where required by applicable law, we will notify the relevant supervisory authorities and affected individuals without undue delay, including providing information on the nature of the breach, likely consequences and measures taken.

While no online service can guarantee absolute security, we are committed to continually improving our security controls and aligning our practices with recognised international standards, such as ISO/IEC 27001 and SOC 2, where applicable.

Complaints & Contacts

If you have questions, concerns or complaints about how we handle your personal data, we encourage you to contact us first so we can attempt to resolve the issue directly.

How to Contact Us

  • Privacy email: [email protected]
  • Customer support / live chat: accessible 24/7 via the Staycasino interface on staybet-au.com
  • Postal address: Data Protection Officer, Hollycorn N.V., Scharlooweg 39, Willemstad, Curaçao.

Internal Complaint Procedure

  1. Submit your complaint: Please send us a detailed description of your concern, including relevant dates, your username, registered email address and any supporting documentation.
  2. Acknowledgement: We will acknowledge receipt of your complaint as soon as reasonably practicable.
  3. Investigation: The DPO or privacy team will investigate your complaint, which may include reviewing relevant records, speaking with internal stakeholders and, where necessary, asking you for additional information.
  4. Response: We aim to provide a substantive response within 30 days of receiving your complaint. If we cannot respond within this timeframe (for example, due to complexity), we will inform you of the delay and provide an updated timeline.
  5. Outcome: Our response will explain the outcome of the investigation and any corrective or improvement measures we propose.

Escalation to Supervisory Authorities

If you are not satisfied with our response or believe we are not handling your personal data in accordance with applicable law, you may have the right to lodge a complaint with a relevant data protection authority.

  • Australia: Office of the Australian Information Commissioner (OAIC)
  • European Economic Area (EEA) / EU: You may contact the data protection authority in the EEA member state of your habitual residence, place of work or alleged infringement. A list of authorities is available on the European Commission website.
  • United Kingdom: Information Commissioner's Office (ICO) - see https://ico.org.uk.
  • Mexico: Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales (INAI)
    • Website: https://www.inai.org.mx

We encourage you to contact us first so we can try to resolve your concern, but you may contact a supervisory authority at any time.

Updates

We may update this Privacy Policy from time to time to reflect changes in our services, technologies, legal or regulatory requirements, or our internal practices. When we do so, we will revise the "Last updated" date and, where appropriate, provide additional notice.

Notification of Changes

  • Minor updates: For non-material changes (for example, clarifications or organisational updates), we will update the Privacy Policy on staybet-au.com and adjust the "Last updated" date.
  • Material changes: For significant changes that affect how we process your personal data or your rights, we will provide prominent notice at least 30 days in advance by one or more of the following:
    • Email sent to the address associated with your Staycasino account.
    • In-account notifications or messages.
    • Banner or pop-up notifications on staybet-au.com.

Your Options

  • We encourage you to review the Privacy Policy regularly to stay informed about how your data is used.
  • If you do not agree with a material change, you may choose to close your account and/or stop using the Service. We will continue to process your data in accordance with the version of the Privacy Policy that applied at the time we collected it, to the extent required by law and subject to any subsequent consent or legal obligations.
  • Your continued use of Staycasino via staybet-au.com after the effective date of any updated Privacy Policy will constitute your acceptance of the revised policy, to the extent permitted by law.

Last updated: January 2026.