Privacy Policy

Information we gather

When you open an account, we record identifiers such as your full name, date of birth, residential address in Australia, and a verified email address. These details satisfy obligations imposed on us by the Tobique Gaming Commission under licence No. 0000002.

Once you begin to play, we log technical signals: device fingerprints, IP ranges, browser version, and the timing of your sessions. This information helps us deliver a stable product and identify suspicious activity.

Financial details supplied during deposits and withdrawals — including the last four digits of cards or wallet identifiers — are stored in a tokenised form so that the underlying numbers never sit on our application servers.

How the information is applied

We use your data primarily to run the service: authenticating logins, processing transactions, presenting localised content for Australian residents, and answering support tickets. Without this base layer, the casino simply cannot operate.

A second category of processing relates to legal duties. Anti-money-laundering screening, sanctions checks, and responsible-gaming oversight all require us to analyse patterns of behaviour and, where appropriate, escalate cases to internal compliance.

Finally, with your explicit opt-in we may send promotional emails or push notifications. You can disable marketing channels independently at any time from the Communication tab in your profile, and doing so has no impact on account functionality.

Sharing with third parties

Zoome Casino does not sell personal information. We do, however, work with vetted suppliers such as payment processors, KYC verifiers, hosting providers, and game studios that may handle limited data on our behalf under written confidentiality agreements.

Public authorities receive data only when a properly issued legal order compels disclosure or when sharing is necessary to prevent fraud against you or another user.

Storage periods and security

Account records and transaction histories are retained for a minimum of seven years after closure, in line with anti-money-laundering legislation. Marketing preferences and support tickets follow shorter timelines documented in our internal retention schedule.

We protect stored data through layered safeguards: encryption at rest, TLS 1.3 in transit, network segmentation, and quarterly penetration testing performed by external auditors.

Your rights and how to use them

Subject to applicable Australian and international law, you may request a copy of the information we hold about you, ask for corrections, or seek deletion of data that is no longer required for legal purposes.

Requests are processed within 30 days. We may ask you to confirm your identity before fulfilling sensitive operations, which protects you from someone else attempting to access or alter your record.