Neospin
Login Register
Neospin
🎁 Play Register

Neospin Privacy Policy

This policy explains, in plain English, what personal information Neospin collects from you, how we use it, who we share it with, and what rights you have over it. It is aligned with the Australian Privacy Act 1988 and the thirteen Australian Privacy Principles (APPs). Where a clause maps directly to a specific APP, we name it.

Last updated: 12 May 2026. This policy applies to all visitors and account holders accessing Neospin Casino services from Australia.

1. What We Collect (APP 3)

We collect only what we need to operate the casino lawfully and provide the service you've asked for. The categories are:

  • Identity data: Full name, date of birth, residential address, gender, occupation, source of funds where required.
  • Contact data: Email address, mobile number, preferred contact channel.
  • Verification documents: Government-issued photo ID, proof of address, proof of payment method, sometimes a selfie for liveness check.
  • Financial data: Deposit and withdrawal records, payment instrument details (we never store full card numbers — only the last 4 digits and an issuer token).
  • Play data: Games played, stake amounts, session times, wins and losses, bonus usage.
  • Technical data: IP address, browser fingerprint, device identifier, operating system, geo-location to country/state level.
  • Communications: Live chat transcripts, support emails, any feedback you submit.

We do not collect biometric data beyond a one-time selfie if KYC requires liveness verification, and that image is destroyed within 30 days of successful verification.

2. How We Collect It (APP 3)

Most of it comes directly from you when you register, deposit, withdraw or contact support. Some technical data is collected automatically when you visit our pages (see Cookies, below). Verification data may be cross-checked with regulated identity providers in Australia — currently GreenID and equivalents — to confirm the documents you've submitted are genuine.

3. Why We Collect It (APP 6)

Each category maps to a specific lawful purpose:

  • Identity and verification — to comply with the AML/CTF Act 2006 and the Interactive Gambling Act 2001 (age and identity verification), and to prevent fraud.
  • Contact data — to communicate with you about your account, send required statements, and (with consent) send promotional messages.
  • Financial data — to process deposits and withdrawals, manage your balance, and report to AUSTRAC where transaction thresholds are reached.
  • Play data — to credit your account, run our responsible gambling tools, and detect patterns that might indicate problem gambling.
  • Technical data — to secure the platform, prevent multiple accounts, and improve site performance.
  • Communications — to investigate and resolve disputes, and to maintain a quality record of interactions for both sides.

We do not use your personal data for purposes outside those listed without asking first.

4. Who We Share It With (APP 6 and APP 8)

We share specific data with the following parties only as required to provide the service:

  • Payment processors — to settle deposits and withdrawals.
  • Identity verification providers (Australian) — to confirm KYC documents.
  • Game studios — wager records and identifiers only, for fair-play and jackpot verification (no contact data).
  • Australian regulators and law enforcement — where required by law (AUSTRAC, ACMA, ATO, the Federal Police on subpoena).
  • Our auditors and legal advisors — under strict confidentiality, for legal and accounting purposes.

We do not sell your personal information to third parties, ever. We do not share data with marketing networks outside our owned channels. When we send data to a service provider, that provider is contractually bound to use the data only for the stated purpose, and APP 8 requires us to take reasonable steps to ensure they meet the same standard as we would.

5. Direct Marketing (APP 7)

If you opt in at registration, we'll send promotional emails about new pokies, bonuses, and tournaments. You can opt out at any time using the unsubscribe link in every email or by toggling marketing preferences in your account dashboard. Operational emails (deposits, withdrawals, account security, legally-required statements) are not optional — we'll continue sending these as long as your account is active.

6. Cookies and Tracking

We use four categories of cookies. Each is controllable from the cookie banner shown on first visit, and from the Privacy Settings link in your account.

  • Strictly necessary — login session, security tokens, basket integrity. Cannot be turned off (the site won't function without them).
  • Performance — page load timings, error counts. Used to fix what's slow or broken. No identification of individuals.
  • Functional — language preference, recently-played games, mute/sound state.
  • Marketing — used to measure which campaigns drove your registration. Off by default for AU visitors; on only with explicit consent.

7. Data Retention (APP 11)

The minimum retention period for closed accounts is 7 years from the date of account closure. This is required by the AML/CTF Act 2006 — we cannot shorten it, even on request. Data that is no longer needed (for example, draft KYC submissions where the account was never completed) is destroyed or de-identified within 90 days of becoming redundant. We run a quarterly destruction job to enforce this — APP 11.2 requires the destruction or de-identification of data we no longer need, and a calendar isn't enough; the job has to actually run.

8. Your Rights (APP 12 and APP 13)

You have the right to:

  • Request a copy of all personal information we hold about you. We respond within 30 days at no charge. Submit the request through live chat or by emailing [email protected].
  • Request a correction if anything we hold is wrong. We'll correct it within 30 days, or explain why we believe the existing record is correct.
  • Complain if you think we've mishandled your data. Write to [email protected] first — we have 30 days to respond. If you're not satisfied with our response, you can escalate to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

We do not charge for any of the rights above.

9. Security

We use TLS 1.3 in transit, AES-256 at rest, and tokenisation for payment instruments. KYC documents are stored separately from account records and accessed only by authorised verification staff. We run external penetration tests annually and the platform is ISO 27001-aligned. No security is perfect; if a notifiable breach occurs (one likely to cause serious harm), we'll notify affected users and the OAIC within the 30-day window required by the Notifiable Data Breaches scheme.

10. Children

Our service is not available to anyone under 18. We do not knowingly collect personal information from minors. If we discover an account belongs to a minor, we close it immediately and refund any unspent deposit.

11. Cross-Border Data Transfer (APP 8)

Some of our service providers are based outside Australia. Where we transfer data internationally, we do so only to jurisdictions with comparable privacy law, and we contractually bind providers to APP-equivalent standards. The list of these providers is available on request via [email protected].

12. Changes to This Policy

We may update this policy from time to time. Material changes will be notified by email to active account holders at least 14 days before they take effect. The latest version is always available at this URL with the last-updated date at the top.

13. Contact

Privacy enquiries: [email protected]. General support: [email protected]. Postal address available on request via email.