burger icon
CrownMelbourne Сasino Casino
Log In

Privacy Policy

This Privacy Policy describes how personal and technical data is collected, processed, and protected when you use the services of crownmelbourne through the website crown-melbourne.games. This policy applies to all players, website visitors, and individuals who interact with crownmelbourne's services or platforms. The Privacy Policy is effective as of 1 January 2025 and reflects compliance with all applicable Australian data protection laws and relevant gambling industry standards.

Who We Are

OBSERVE: Consolidate all legal identity, address, and critical contacts from profile data. EXPAND: Explicitly identify responsible data protection contacts. REFLECT: Present full operator information for user awareness and regulatory transparency.

  • Legal Operator Name: Crown Melbourne Limited, a limited company operating under the parent company Crown Resorts Limited (owned by Blackstone Inc. funds since June 2022).
  • Registered Office & Legal Address: Crown Casino and Entertainment Complex, 8 Whiteman Street, Southbank VIC 3006, Australia.
  • Registration & Licensing: Operates under Sole Casino License - Victoria, issued by the Victorian Gambling and Casino Control Commission (VGCCC), valid until 2050.
  • Main Contact: Phone: +61 3 9292 8888; General Email: [email protected]
  • Data Protection Contact: For privacy inquiries, contact our designated Data Protection Officer (DPO) at [email protected]

Regional Compliance Note: This information is provided solely for the crownmelbourne operation on the crown-melbourne.games domain, and in accordance with Victorian and Australian laws.

What Personal Data We Collect

OBSERVE: Review AU privacy obligations for data transparency. EXPAND: Identify all data categories relevant for casino operation. REFLECT: Disclose all user data types processed in compliance with informed consent requirements.

  • Personal Identification Data: Full name, date of birth, postal and legal address, email address, phone number, identification documents as required by KYC/AML standards.
  • Account and Interaction Data: Username, account settings, communication records, customer support queries.
  • Technical and Device Data: IP address, browser type, device identifiers, access logs, operating system details, geolocation (as applicable).
  • Payment Data: Banking information, transaction records, deposit and withdrawal records, payment provider details; all collected to facilitate secure transactions.
  • Behavioral Data: Betting history, game interactions, clickstream data, visit duration, activity logs.
  • Cookies & Tracking: Data collected via cookies and similar technologies (see section "Cookies & Tracking Technologies").

All categories above are collected strictly as necessary for user account management, regulatory compliance, and service improvement, consistent with Australian law.

Legal Basis for Processing

OBSERVE: Enumerate all processing bases set by Australian Privacy Act and VGCCC standards. EXPAND: Articulate explicit and implicit grounds for each processing activity. REFLECT: Communicate lawful grounds to users for all observed data uses.

  1. User Consent: Certain data processing activities, such as marketing and some analytics, rely on the user's freely given, informed, and revocable consent.
  2. Contractual Necessity: Personal and transactional data are processed as required to establish and operate user accounts, enable gameplay, process payments, and deliver requested services under the Terms and Conditions of crown-melbourne.games.
  3. Legal Obligations: crownmelbourne is obligated under anti-money laundering (AML), know-your-customer (KYC), taxation, and gambling regulations to collect and process identification and transaction data. This includes compliance with data sharing requirements with VGCCC and other authorities.
  4. Legitimate Interests: Processing is required for internal security, anti-fraud protection, service maintenance, analytics, responding to user inquiries, and service improvement, always balanced against user rights and freedoms.

Regional Compliance Note: All grounds are aligned with the Australian Privacy Act 1988 (Cth), Victorian law, and industry best practices for gambling operators.

Purpose of Processing

OBSERVE: Map all operational purposes for which personal data is needed. EXPAND: Include service delivery, regulatory, and risk management uses. REFLECT: Present a cohesive, explicit account of data purpose to ensure transparency and limit data usage as per legal requirement.

  • Service Provision: Administer user registration, gaming accounts, payment services, game access, and customer support for users of crown-melbourne.games.
  • Regulatory Compliance and Security: Satisfy all AML, KYC, and age verification mandates, fraud detection, dispute resolution, and reporting requirements demanded by VGCCC and related authorities.
  • Service Improvement & Analytics: Monitor system performance, diagnose technical issues, enhance features, tailor website experience, and conduct statistical analysis.
  • Marketing and Promotional Communications: With the user's consent, send newsletters, promotional offers, competitions, and surveys related to crownmelbourne's services on crown-melbourne.games.
  • Risk Management: Investigate and mitigate security incidents, enforce Terms and Conditions, and manage legal claims or disputes.

All processing is performed in compliance with declared purposes, with no personal data used beyond these specified objectives.

Disclosure & Sharing

OBSERVE: Identify all necessary data-sharing relationships (systemic and ad hoc). EXPAND: Address conditions, recipient types, and user notification obligations. REFLECT: Ensure users are fully informed of when and to whom their data may be disclosed, as required by law and best practice.

  • Payment & Financial Partners: Data may be disclosed to banks, payment processors, and financial institutions for secure processing of deposits and withdrawals.
  • Service Providers: Technology suppliers, hosting companies, security vendors, and compliance partners may process data on our behalf under written agreements that mandate strict confidentiality and regulatory compliance.
  • Regulators and Authorities: Personal data may be provided to the VGCCC and other government bodies or law enforcement where required to comply with legislation or court orders.
  • Affiliates and Group Companies: Within the Crown Resorts Limited group for internal administrative purposes, under equivalent legal protection.
  • Advertising Networks: With the user's explicit consent, select data may be shared with marketing partners for direct marketing or campaign measurement purposes.

Protective Clause: In all such disclosures, we ensure adequate safeguards, including data processing agreements and user notification, as required by the Australian Privacy Act and relevant industry statutes. Data is never sold to third parties.

International Transfers

OBSERVE: Identify all cross-border data flow scenarios relevant to AU operators. EXPAND: Articulate legal transfer mechanisms. REFLECT: Clearly disclose transfer protection guarantees, per AU law, to inform and protect users.

  • International Transfer Scenarios: Personal data may be stored or processed outside Australia, including in countries where technology partners or cloud services operate.
  • Data Protection Guarantees: In all such cases, crownmelbourne ensures that equivalent protection is applied, including the use of standard contractual clauses approved by regulators, contractual obligations enforcing strict confidentiality and security, and regular risk assessments.
  • User Rights Preserved: Users are assured of their data protection and legal rights regardless of where the processing occurs, with all necessary safeguards meeting the standards of Australian and international data protection law.

Regional Compliance Note: All cross-border data transfers are managed in accordance with the Australian Privacy Principles, ensuring non-diminution of privacy protections for users of crown-melbourne.games.

Data Retention

OBSERVE: Review legal minimums and industry best practices for data retention (AU and casino). EXPAND: Map specific periods to each data type. REFLECT: State deletion criteria and user rights as required by law.

  • Retention Periods: Personal and transaction data are retained for a period not exceeding 5 years after account closure or last activity, or as mandated by Australian anti-money laundering, KYC, and taxation laws.
  • Deletion & Anonymisation Criteria: Data is deleted or irreversibly anonymised once the retention period ends, processing purposes are fulfilled, or upon legitimate user request, subject to overriding legal obligations.
  • Exception Handling: Where statutory or regulatory requirements dictate longer retention periods (for example, ongoing investigations or regulatory audits), data retention may be lawfully extended strictly for the duration required.
  • User-Initiated Deletion: Users may request deletion of personal data, which will be carried out unless legal grounds require continued retention (e.g., for compliance or dispute resolution).

Your Rights

OBSERVE: Synthesize all rights given under the Australian Privacy Act and relevant gambling law. EXPAND: Reflect operational mechanisms for exercising each right. REFLECT: Clearly state user access, correction, objection, and portability mechanisms.

  • Access: Right to request confirmation and a copy of personal data held about you, free of charge (subject to legal exceptions and verification processes).
  • Correction: Right to request the correction, update, or completion of any inaccurate or incomplete personal data.
  • Deletion ("Right to Be Forgotten"): Right to request deletion of your personal data under prescribed legal circumstances (subject to retention requirements).
  • Restriction: Right to request restriction of processing in certain situations (e.g., where accuracy is contested or processing is unlawful).
  • Objection: Right to object to data processing for direct marketing or where processing is based on legitimate interests.
  • Data Portability: Right to receive a copy of your data in a structured, commonly used, and machine-readable format, and to request transmission to another provider where technically feasible.
  • Consent Withdrawal: Right to withdraw your marketing consent at any time, without affecting the lawfulness of processing prior to withdrawal.

Procedural Note: To exercise these rights, users should contact the DPO at [email protected]. Requests will be addressed within the timeframes prescribed by Australian law, generally within 30 days.

Cookies & Tracking Technologies

OBSERVE: List types, uses, and user controls for all tracking technologies on crown-melbourne.games. EXPAND: Embed legal notices for use and disablement per AU privacy standards. REFLECT: Give clear, accessible user information for compliance and transparency.

  1. Types of Cookies:
    • Session Cookies (temporary, cleared when browser is closed)
    • Persistent Cookies (remain until user deletes them or expire by design, e.g., 12 months max)
    • Third-party Cookies (set by analytics or advertising partners with the user's consent)
  2. Purposes:
    • Functional Cookies (ensure proper operation of the website and user authentication)
    • Analytics Cookies (collect anonymised data on site usage and performance)
    • Advertising Cookies (support tailored promotions and measure campaign effectiveness, with user consent)
  3. User Control: Users may control and disable cookies via browser settings or, where available, an on-site cookie management panel. Disabling certain cookies may impact site functionality.

For further details on how cookies operate and your choices, please contact [email protected].

Data Security

OBSERVE: Catalogue all technical and organizational measures required by AU data security standards. EXPAND: Specify concrete protection mechanisms. REFLECT: Demonstrate strong security controls as required by law and gaming sector best practice.

  • Technical Measures: SSL/TLS encryption for data transmissions, robust encryption for data storage, firewalls, anti-malware systems, real-time intrusion detection, and regular penetration testing.
  • Organisational Measures: Access to personal data is strictly limited to authorised personnel trained in confidentiality and data protection practices, with access levels tailored to role necessity.
  • System Audits and Reviews: Periodic security audits, data protection impact assessments, and continuous monitoring for vulnerabilities or breaches.
  • Incident Response: Clearly defined protocols for breach notification and incident management in compliance with the Notifiable Data Breaches (NDB) scheme under Australian law.

Protective Clause: While no method of transmission or storage is absolutely secure, crownmelbourne implements all measures reasonably required to protect user data on crown-melbourne.games.

Complaints & Contacts

OBSERVE: Specify contact channels and AU-specific dispute routes. EXPAND: Embed user-oriented complaints handling structure. REFLECT: Provide accessible, clear complaint mechanism plus regulatory escalation information.

  • Data Protection Officer: For privacy inquiries, data access requests, or to lodge a complaint, contact [email protected] or call +61 3 9292 8888.
  • Complaint Handling: All complaints are reviewed promptly and addressed in accordance with our internal procedures. Users should provide sufficient detail to enable resolution.
  • Escalation: If you are unsatisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) via https://www.oaic.gov.au/privacy/privacy-complaints/.

All communications will be treated confidentially and processed within applicable legal timeframes.

Updates

OBSERVE: State policy update procedures and user notification practice. EXPAND: Specify change communication method. REFLECT: Ensure clarity on version control and transparency.

  • Policy Review and Amendment: This policy is reviewed annually and whenever regulatory or operational changes require. The latest version will always be available on crown-melbourne.games.
  • User Notification: Users will be notified of material changes via on-site banner and/or direct email to their registered address.
  • Effective Date: This Privacy Policy takes effect on 1 January 2025. The last revision was on 1 January 2025.

Continued use of crown-melbourne.games services after updates constitutes acceptance of the revised policy.