burger icon
Rocket Casino Australia
Log In

Privacy Policy

Effective date: 6 November 2026. This Privacy Policy explains how Rocket Casino (operated via https://rocketbet-au.com) collects, uses, stores, discloses, and protects personal information. It applies to visitors to our website, users of our services, and anyone who contacts us or otherwise interacts with Rocket Casino through rocketbet-au.com. A privacy policy is required to ensure transparency and accountability, to explain your choices and rights, and to help us comply with applicable privacy and gambling-related compliance obligations.

Who We Are

OBSERVE: Rocket Casino is branded as Rocket Casino on rocketbet-au.com and is owned and operated by Hollycorn N.V., registered in Curaçao. A related entity, Libergos Limited (Cyprus), is identified as a wholly-owned subsidiary used for fiat payment processing.

EXPAND: Because Rocket Casino targets users in Australia (including in a "grey market" context) and processes identity and payment data, we must provide clear operator identity, a contact channel for privacy enquiries, and practical escalation paths. Where certain details (e.g., phone number, street address of the Cyprus office) are not provided in the available business data, we must state this accurately and provide alternative channels.

REFLECT: The operator and privacy contacts for Rocket Casino on rocketbet-au.com are:

  • Operator (legal entity): Hollycorn N.V.
  • Registered address: Heelsumstraat 51 E-Commerce Park, Curaçao
  • Company registration: Curaçao Reg. No. 144359
  • Gaming licence (Curaçao): Sub-licence under Antillephone N.V. master framework, licence no. 8048/JAZ2019-015 (validation seal referenced via validator.antillephone.com in our records)
  • Payment processing subsidiary (fiat): Libergos Limited (Cyprus), Reg. No. ΗΕ 371971 (street address not specified in the available data)
  • Data Protection contact (Data Protection Department / DPO function): [email protected] (phone number not specified)
  • Website: https://rocketbet-au.com

Regional compliance note (AU): Rocket Casino is not licensed by Australian state/territory gambling regulators, and domains associated with the brand have been listed for blocking by the Australian Communications and Media Authority (ACMA). This Privacy Policy still applies to any personal information processed when you access rocketbet-au.com.

What Personal Data We Collect

OBSERVE: To operate Rocket Casino on rocketbet-au.com, we necessarily handle account, identity, transaction, device, and gameplay-related data, including data required for KYC/AML screening and security monitoring.

EXPAND: In an online gambling context, privacy risks commonly arise from: (i) identity verification and source-of-funds checks, (ii) payment processing (including chargebacks and fraud), (iii) behavioural profiling for responsible gambling and integrity, and (iv) third-party tracking for analytics/advertising. Therefore categories must be explicit, including cookies and log data.

REFLECT: We may collect the following categories of personal information:

  • Account & identity data: full name, date of birth, residential address, email address, telephone number, username, account identifiers, and verification status.
  • Verification (KYC/AML) data: identity documents (e.g., passport/driver licence), selfies/liveness checks where used, proof of address, payment ownership evidence, and information required to comply with AML/CTF screening (including sanctions/PEP screening results where applicable).
  • Payment & transaction data: deposit/withdrawal amounts, timestamps, payment method type, wallet/payment instrument identifiers, bank/payment processor references, chargeback/dispute records, and fraud-prevention signals. We do not intentionally store full card numbers where tokenisation/processor vaulting is available; some payment data is processed by payment partners.
  • Gameplay & behavioural data: betting history, game/session history, bonus usage, clicks and navigation events, responsible gambling interactions (e.g., limits, self-exclusion requests submitted via support), and customer support communications.
  • Technical & log data: IP address, device identifiers, browser type, operating system, time zone, referring URLs, access times, authentication logs, and security/audit logs.
  • Cookies & similar technologies: cookie identifiers, pixel tags, SDK identifiers (where used), and preference signals. Details are set out in the "Cookies & Tracking Technologies" section.
  • Communications data: messages sent to us (including via email to [email protected]), and records of our responses for quality, security, and dispute handling.

Regional compliance note (AU): We do not seek to collect "government identifiers" (as described in the Australian Privacy Act 1988) unless needed for verification, fraud prevention, or legal compliance, and we handle such identifiers with heightened safeguards.

Legal Basis for Processing

OBSERVE: Rocket Casino processes data to provide gambling services, process payments, meet KYC/AML expectations associated with a Curaçao-licensed operator and payment partners, and maintain security and fraud prevention. The section also requires listing legal grounds such as consent, contract, legitimate interests, and legal obligations.

EXPAND: For AU users, the primary privacy framework is the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Because this service is operated from Curaçao with cross-border processing (including Cyprus payment operations), the policy should also map to common GDPR-style bases for clarity, without overstating formal applicability. We must also address direct marketing consent/opt-out and cross-border disclosure obligations (APP 8).

REFLECT: We process personal information under the following legal grounds (used as an interpretive framework and, where applicable, to meet Australian privacy expectations):

  • Contract performance (service delivery): to create and administer your account, provide games, calculate bets and outcomes, apply bonuses, process deposits/withdrawals, and provide customer support on rocketbet-au.com.
  • Consent: for non-essential cookies, certain advertising/marketing communications, and where we request permission for optional features. You may withdraw consent at any time (see "Your Rights").
  • Legitimate interests: to secure our systems, prevent fraud and account abuse, conduct risk scoring, maintain platform integrity, run analytics to improve services, and enforce our terms - balanced against your privacy rights.
  • Compliance with legal obligations: to meet applicable obligations related to anti-money laundering and counter-terrorism financing (AML/CTF), identity verification (KYC), record keeping, responding to lawful requests, and cooperating with competent authorities and regulators in relevant jurisdictions.
  • Vital interests / safety (limited): where necessary to protect you or others from serious and imminent threats (e.g., security incidents), consistent with applicable law.

Regional compliance note (AU): Where we disclose personal information overseas, we take reasonable steps to ensure recipients handle it consistently with the APPs (see "International Transfers").

Purpose of Processing

OBSERVE: The required purposes include service provision, improvement, marketing mailings, analytics, and fraud prevention.

EXPAND: For gambling services, purposes should also include identity verification, responsible gambling administration, dispute management, legal compliance, and security monitoring. These purposes should align with the data categories listed earlier.

REFLECT: We use personal information for the following purposes:

  • Provide and operate services: register and manage accounts, provide access to games, settle bets, provide bonuses/promotions, and deliver customer support for Rocket Casino on rocketbet-au.com.
  • Payments and financial operations: process deposits and withdrawals, manage refunds, handle chargebacks, and maintain transaction records.
  • Identity, integrity, and compliance: conduct KYC/AML checks, verify age/identity where required, prevent prohibited activity, and comply with lawful requests and regulatory expectations tied to our licensing and payment arrangements.
  • Security and fraud prevention: protect accounts, detect suspicious activity, prevent collusion and cheating, mitigate cyber threats, and maintain audit trails.
  • Service improvement and analytics: troubleshoot, measure performance, improve site functionality, and develop new features.
  • Marketing and communications: send service messages (non-marketing), and - where permitted - send marketing mailings and personalised offers. You can opt out of marketing at any time.
  • Dispute handling and legal claims: investigate complaints, respond to disputes, and establish, exercise, or defend legal rights.

Disclosure & Sharing

OBSERVE: The policy must describe recipients such as payment partners, service providers, regulators, affiliates, and advertising networks (with consent). Provided data includes Libergos Limited (Cyprus) for fiat processing and Curaçao licensing context, and AU regulator enforcement context.

EXPAND: Disclosures in gambling commonly include: KYC vendors, fraud/intelligence platforms, game providers, hosting/CDN, CRM tools, analytics, and marketing tech. We should distinguish "controllers/independent recipients" vs "processors/service providers" in plain language, and note that some disclosures are legally compelled.

REFLECT: We may disclose personal information in the following circumstances:

  • Within our corporate group: to Hollycorn N.V. and its wholly-owned subsidiary Libergos Limited (Cyprus, Reg. No. ΗΕ 371971) where necessary for payment processing, operations, security, compliance, and support.
  • Payment partners and financial service providers: banks, payment gateways, e-wallet providers, crypto/fiat on-ramp providers (where used), and chargeback/dispute handlers to process transactions, manage risk, and meet compliance requirements.
  • Service providers (vendors): hosting providers, content delivery networks, identity verification/KYC providers, AML screening providers, customer support tooling, email delivery services, analytics providers, and security monitoring vendors - acting under contractual confidentiality and security obligations.
  • Game and platform providers: where required to deliver gameplay, ensure integrity, or troubleshoot technical issues.
  • Affiliates and advertising networks: only where you have provided consent for non-essential marketing/advertising cookies or where permitted by applicable law; you can manage these choices (see "Cookies & Tracking Technologies").
  • Regulators and authorities: where we must comply with lawful requests, cooperate with competent authorities in Curaçao or other jurisdictions, or respond to court orders and legal processes.
  • Business transfers: if we undergo a corporate restructuring, merger, acquisition, or asset sale, personal information may be transferred subject to appropriate safeguards and notice where required.

Important clarification (AU users): Because Rocket Casino is not licensed in Australia and may be subject to ACMA blocking actions, disclosures to Australian authorities (if any) would occur only where legally compelled or necessary to respond to formal processes. This does not limit your privacy rights regarding access, correction, or complaints.

International Transfers

OBSERVE: The service is operated by a Curaçao entity, with a Cyprus payment-processing subsidiary, and may use global vendors. Users are in Australia. Therefore cross-border disclosure is inherent.

EXPAND: For AU compliance, APP 8 requires reasonable steps to ensure overseas recipients do not breach the APPs, or to rely on exceptions (e.g., informed consent). We should specify likely regions (Curaçao, Cyprus, EU/EEA, UK, US) without inventing exact vendor locations; include safeguards such as contractual clauses, security controls, and due diligence. "Privacy Shield" is obsolete; use SCCs and equivalent contractual/data transfer tools.

REFLECT: Your information may be transferred to, stored in, or accessed from locations outside Australia, including (as applicable):

  • Curaçao: where Hollycorn N.V. is registered and where certain operational and compliance functions may be performed.
  • Cyprus (EU): where Libergos Limited provides fiat payment processing support.
  • Other jurisdictions: where our service providers, hosting, analytics, security, KYC/AML, and communications vendors operate (which may include the EU/EEA, the United Kingdom, and the United States).

We apply safeguards designed to protect cross-border transfers, including:

  • Contractual protections: data processing agreements, confidentiality obligations, and (where appropriate) EU Standard Contractual Clauses (SCCs) or equivalent transfer mechanisms.
  • Due diligence: vendor assessments focused on security, sub-processing transparency, and incident handling.
  • Technical controls: encryption in transit and at rest, access controls, and monitoring (see "Data Security").

Regional compliance note (AU): Where we disclose personal information to overseas recipients, we take reasonable steps to ensure handling consistent with the APPs unless an exception applies (including where you provide informed consent to the cross-border disclosure).

Data Retention

OBSERVE: The section requires retention periods per category and an example of "no more than 5 years after account closure," plus deletion criteria. The business also must retain compliance records for AML, fraud, and disputes.

EXPAND: Gambling operators typically retain KYC/AML and transaction records for multi-year periods to meet regulatory and audit needs. Because exact statutory periods vary by jurisdiction and contractual obligations with payment providers, we should provide clear standard periods and explain that some data may be retained longer where required or to establish/defend legal claims.

REFLECT: We retain personal information only for as long as necessary for the purposes described in this Policy, unless a longer retention period is required or permitted by law, regulatory expectations, or to resolve disputes. Standard retention periods are:

  • Account profile data: kept while your account is active and up to 5 years after account closure, unless longer retention is required for compliance, fraud prevention, or dispute handling.
  • KYC/AML verification records: typically retained for at least 5 years after account closure (or longer if required by applicable legal/compliance obligations or ongoing investigations).
  • Payment and transaction records: typically retained for 5 to 7 years to meet accounting, audit, chargeback, and legal requirements.
  • Gameplay and behavioural records: typically retained for up to 5 years for integrity checks, responsible gambling administration, and dispute resolution, unless longer retention is justified.
  • Security and access logs: typically retained for 6 to 24 months, unless required for incident investigation or legal claims.
  • Marketing preferences and consent logs: retained while you remain subscribed and for a reasonable period thereafter to demonstrate compliance with consent/opt-out requirements.
  • Customer support communications: typically retained for up to 5 years, depending on the nature of the request (e.g., self-exclusion administration may require longer record-keeping).

We delete, de-identify, or anonymise personal information when:

  • Processing purposes expire and there is no lawful basis to keep the data;
  • You request deletion and no exception applies (e.g., we must retain data for legal compliance or to defend legal claims);
  • Retention periods end under our internal schedules and compliance obligations.

Your Rights

OBSERVE: This section demands "detailed GDPR and Mexican privacy law alignment," including rights (access, correction, deletion, restriction, objection, portability, withdrawal of marketing consent), procedures, 30-day timeframe, free-of-charge guarantee, and references to Mexican regulations. Target jurisdiction is AU, so we must present AU rights while also providing the requested alignment as an additional framework without misrepresenting applicability.

EXPAND: Australia's Privacy Act/APPs provide rights to access and correction, and complaint mechanisms; deletion is not a general right but can be requested in some circumstances. GDPR-style rights (erasure, portability, restriction) may be offered contractually as best practice. Mexican law: LFPDPPP (Ley Federal de Protección de Datos Personales en Posesión de los Particulares) and its Regulations provide ARCO rights (Access, Rectification, Cancellation, Opposition). We should explain that Mexican/EU frameworks apply where legally relevant (e.g., if user is located there), and otherwise are used as internal standards. Include identity verification to protect accounts and a 30-day response target.

REFLECT: Subject to applicable law and necessary identity verification, you may exercise the following rights regarding your personal information used by Rocket Casino on rocketbet-au.com:

  • Access: request a copy of personal information we hold about you (APP 12; GDPR Art. 15; Mexico ARCO "Access").
  • Correction/Rectification: request correction of inaccurate, out-of-date, incomplete, irrelevant, or misleading information (APP 13; GDPR Art. 16; Mexico ARCO "Rectification").
  • Deletion / Cancellation: request deletion/cancellation where data is no longer necessary, consent is withdrawn, or processing is unlawful (GDPR Art. 17; Mexico ARCO "Cancellation"). Note (AU): we may need to retain certain records for compliance (e.g., KYC/AML), security, or legal claims.
  • Restriction / Limitation: request that we limit processing in certain cases (GDPR Art. 18; supported as a best-practice control where feasible).
  • Objection / Opposition: object to processing based on legitimate interests, and object to direct marketing at any time (GDPR Art. 21; Mexico ARCO "Opposition").
  • Data portability: request a portable copy of certain data you provided to us (GDPR Art. 20) where technically feasible and lawful.
  • Withdraw consent: withdraw consent for optional processing (e.g., non-essential cookies, some marketing). Withdrawal does not affect processing already performed.

How to Exercise Your Rights

  1. Submit a request: email [email protected] with the subject line "Privacy Request - Rocket Casino".
  2. Verify identity: we may request additional information to verify you and protect your account (especially for access/deletion requests).
  3. Specify scope: tell us which right you want to exercise and provide relevant details (account email/username, dates, transaction references if applicable).
  4. Response timeframe: we aim to respond within 30 days. If a request is complex, we will explain any extension and the reasons.
  5. Fees: we generally process requests free of charge. If a request is manifestly excessive or repetitive, we may charge a reasonable administrative fee or refuse the request, where permitted by law, and will explain our decision.

Mexican Privacy Law References (Alignment)

  • Applicable framework: Ley Federal de Protección de Datos Personales en Posesión de los Particulares (LFPDPPP) and its Regulations recognise ARCO rights and require clear notice, purpose limitation, and security measures.
  • ARCO mechanism (if applicable): if you are in Mexico or Mexican law otherwise applies, you may submit an ARCO request to [email protected]; we will handle it consistent with the LFPDPPP principles, including identity verification and lawful exception handling (e.g., mandatory retention).

Regional compliance note (AU): If you are in Australia, your primary statutory rights arise under the Privacy Act 1988 (Cth) and APPs. Where GDPR/Mexico rights are not legally mandated in your circumstances, we treat them as a service standard to the extent feasible and lawful.

Cookies & Tracking Technologies

OBSERVE: This section must list cookie types (session, persistent, third-party), purposes (functional, analytics, advertising), and management/disable methods (browser settings, internal panel). Contact form is "not specified," so we must not reference a specific cookie portal URL; we can reference an "internal cookie/preferences panel where available."

EXPAND: For AU compliance, users must be informed and given meaningful choices, especially for marketing/targeting. Also note that blocking cookies may affect functionality. Mention mirror domains only insofar as they exist in provided data; however, brand usage must stay in rocketbet-au.com context - so we describe cookies on rocketbet-au.com and note that mirrors may have different cookies if accessed.

REFLECT: rocketbet-au.com uses cookies and similar technologies to operate Rocket Casino and to help us understand usage and improve services.

Types of Cookies

  • Session cookies: temporary cookies that expire when you close your browser (e.g., login session continuity, security tokens).
  • Persistent cookies: remain on your device for a defined period (e.g., remembering preferences, recognising returning users).
  • First-party cookies: set by rocketbet-au.com to ensure core site functionality and security.
  • Third-party cookies: set by service providers (e.g., analytics or advertising partners) where implemented and permitted.

Cookie Purposes

  • Strictly necessary / functional: authentication, fraud prevention, load balancing, language and interface preferences.
  • Performance / analytics: understand how users navigate pages, measure performance, and improve features.
  • Advertising / marketing (consent-based where required): measure campaign effectiveness, limit repeated ads, and (where enabled) show more relevant promotions.

How to Manage Cookies

  • Browser/device settings: you can delete or block cookies using your browser controls. Blocking may affect login and gameplay features.
  • On-site preferences: where available on rocketbet-au.com, you can use our cookie/preferences controls to accept or reject non-essential cookies.
  • Marketing opt-out: you can opt out of marketing emails via the unsubscribe link or by contacting [email protected].

Note: Mirror domains referenced in public materials may change availability; this Privacy Policy is intended for data processing on rocketbet-au.com.

Data Security

OBSERVE: The section must include TLS 1.2+ encryption, encryption at rest/in transit, MFA, access controls, audits, staff training, incident response, and mention ISO 27001/SOC 2 "where applicable." We must not falsely claim certification; we can state "aligned with" or "benchmarked against" where not confirmed.

EXPAND: Gambling platforms face heightened fraud and account takeover risks; security must cover payment data, KYC documents, and operational logs. We should include least privilege, segregation, monitoring, vendor security, and breach notification approach consistent with AU Notifiable Data Breaches (NDB) scheme where applicable.

REFLECT: We implement organisational, technical, and physical safeguards designed to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure, including:

  • Encryption in transit: use of TLS 1.2+ (or higher where supported) to protect data transmitted between your device and our servers.
  • Encryption at rest: encryption and/or cryptographic protections for sensitive datasets (e.g., identity documents and security tokens) where appropriate.
  • Access controls: role-based access, least-privilege principles, and administrative access restrictions to limit internal access to authorised personnel only.
  • Multi-factor authentication (MFA): MFA for privileged/admin access and enhanced controls for sensitive operational functions where available.
  • Monitoring and logging: security monitoring, anomaly detection, and audit logging to detect suspicious activity and support investigations.
  • Secure development and change management: patching, vulnerability management, and controlled deployments.
  • Vendor and payment security: contractual security obligations for key processors and service providers; payment data is handled using industry-standard controls (e.g., tokenisation) where available.
  • Staff training: privacy and security awareness training for staff and contractors with access to personal information.
  • Incident response: documented procedures to assess, contain, remediate, and learn from security incidents.

Where applicable, our security program is designed to be aligned with recognised international standards (such as ISO/IEC 27001 concepts and SOC 2 principles). We do not represent that any specific certification is held unless explicitly stated in our official compliance documentation.

Regional compliance note (AU): If we experience a security incident involving personal information that is likely to result in serious harm, we will assess the event and, where required, comply with Australia's Notifiable Data Breaches (NDB) scheme obligations (including notifying affected individuals and the Office of the Australian Information Commissioner (OAIC)).

Complaints & Contacts

OBSERVE: Must provide complaint channels (email, phone, online form, postal address), step-by-step procedure with response times, and escalation to Mexican authority and EU authorities "where applicable" with direct contact info. Provided data: email [email protected]; phone "not specified"; contact form "not specified"; postal legal address in Curaçao.

EXPAND: For AU users, OAIC is the supervisory authority. The prompt requests Mexico and EU as well; provide INAI (Mexico) contact and an EU note about the relevant authority by residence (EDPB directory) without inventing an EU establishment. Keep steps clear and time-bound.

REFLECT: If you have questions, concerns, or complaints about privacy or how Rocket Casino handles your information on rocketbet-au.com, you can contact us through:

  • Email (primary): [email protected]
  • Phone: not specified
  • Online contact form: not specified
  • Postal address (operator): Data Protection Department, Hollycorn N.V., Heelsumstraat 51 E-Commerce Park, Curaçao

Complaint Procedure

  1. Submit your complaint: send details (account email/username, issue description, relevant dates, and the outcome you seek) to [email protected].
  2. Acknowledgement: we aim to acknowledge receipt within 7 days.
  3. Investigation: we review relevant records (e.g., account, security logs, consent status) and may request additional information to verify identity.
  4. Outcome: we aim to provide a substantive response within 30 days. If more time is needed due to complexity, we will explain the reason and provide an updated timeframe.
  5. Escalation: if you are not satisfied, you may escalate to an appropriate supervisory authority depending on your location.

Supervisory Authorities (Escalation)

  • Australia (OAIC): Office of the Australian Information Commissioner - https://www.oaic.gov.au (privacy complaints and guidance).
  • Mexico (INAI): Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales - https://www.inai.org.mx.
  • European Union (where applicable): you may contact your local data protection authority. A directory is available via the European Data Protection Board (EDPB): https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Regional compliance note (AU): Using OAIC channels does not limit any other rights you may have under applicable law.

Updates

OBSERVE: Must explain update notification (email, banners, dashboard), include "Last updated: " and changelog of material changes, provide minimum 30 days' notice for significant changes, and user options to object or close accounts. Also "extend all dates/timeframes to 2026."

EXPAND: We must not imply we have dashboard features beyond what is known; but we can state "account dashboard alerts where available." Provide a concise changelog entry for this version and describe prior/future changes generically.

REFLECT: We may update this Privacy Policy to reflect changes in technology, legal requirements, or our business practices for Rocket Casino on rocketbet-au.com.

  • Last updated: November 2026
  • Version control: we maintain an internal record of prior versions and the rationale for material changes.

How We Notify You

  • Email notice: where we have your email and the change is material, we may notify you by email.
  • Website banner: we may post a prominent notice on rocketbet-au.com.
  • Account notice: where available, we may display an alert in your account/dashboard area.

Advance Notice and Your Options

  • Significant changes: for material changes that affect how we use or share personal information, we will aim to provide at least 30 days' notice before the change takes effect, unless an earlier change is required to meet legal or security obligations.
  • Your options: you may object to certain processing (e.g., direct marketing), adjust cookie preferences where available, request clarification, or choose to close your account if you do not agree with the updated policy (subject to lawful retention obligations described in "Data Retention").

Changelog (Material Changes)

  • November 2026: Initial publication for Rocket Casino on rocketbet-au.com; added cross-border transfer explanation (Curaçao/Cyprus operations), clarified retention periods, and expanded rights/complaints pathways including OAIC (AU), INAI (Mexico), and EU authority directory (where applicable).