burger icon
500 Casino Australia
Log In

Privacy Policy

This Privacy Policy explains how 500 Casino, operating the website 500-aussie.com (the "Website"), collects, uses, stores, discloses and protects personal information of players and website visitors. It applies to all users who access or use the Website or related services, whether registered players or casual visitors. By using the Website, you acknowledge that you have read and understood this Privacy Policy. This version is effective and valid from 1 January 2026 unless replaced by a later version as described below.

Who We Are

OBSERVE: Users need to know the legal operator, contact details and point of contact for privacy matters to comply with privacy and gambling standards.

EXPAND: 500 Casino is an Australia-facing brand of a Curaçao-licensed operator. The legal entity, address, and licence data must be clearly stated, together with a dedicated privacy contact.

REFLECT: The following identifies the data controller for activities on 500-aussie.com and how you can reach us.

Operator and Legal Entity

  • Trading brand: 500 Casino (the "Brand"), operated through 500-aussie.com as an online gambling and related services platform.
  • Operator company (data controller for most processing): Perfect Storm B.V., a private limited company (B.V.) incorporated under the laws of Curaçao.
  • Registered/Legal address: Kaya Richard J. Beaujon Z/N, Curaçao.
  • Company registration number: 150536 (Curaçao commercial registry).
  • Gaming licence: Antillephone N.V. sub-licence no. 8048/JAZ2021-088, authorized by the Government of Curaçao for online casino and related gaming activities (treated as valid through at least 2026 based on latest available information).

Contact for Privacy Matters

  • Primary privacy contact / Data Protection contact: Data Protection Officer, Perfect Storm B.V.
  • Email (privacy & complaints): [email protected] (please include "Privacy Request" in the subject line for faster handling).
  • Postal address for written requests: Data Protection Officer, Perfect Storm B.V., Kaya Richard J. Beaujon Z/N, Curaçao.
  • Website: https://500-aussie.com
  • Other legal information: Further compliance documents (including Terms of Service, AML/KYC Policy and Fairness Policy) are available via:

Regional compliance note: While 500 Casino targets Australian users, the operator is not licensed in Australia and is regulated from Curaçao. Australian users access at their own risk and should be aware that local Australian law, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), may apply to them in addition to this policy.

What Personal Data We Collect

OBSERVE: To operate an online casino, we must collect identity, contact, technical, financial, behavioural and cookie data.

EXPAND: Many of these data are necessary for KYC/AML, fraud prevention, responsible gambling and provision of services. Others are used for analytics and marketing with appropriate consent.

REFLECT: The following categories describe the types of personal data we may collect directly from you or automatically when you use 500-aussie.com.

Identity and Contact Data

  • Full name, date of birth, gender (where provided).
  • Residential address, billing address, country of residence.
  • Email address, including your primary account email and any alternative or recovery emails.
  • Telephone number and other contact details you provide.
  • Government-issued identification details (e.g. passport, national ID card, driver licence) including document number, issuing country, expiry date and images of those documents for verification.
  • Selfies, live video, voice samples or other biometric identifiers where required for enhanced verification (processed in compliance with applicable law and retained only for as long as strictly necessary).

Account and Usage Data

  • Username, account ID, passwords (stored using industry-standard hashing), security questions/answers and authentication logs.
  • Account status, verification status, VIP/loyalty tier, communication preferences and responsible gambling settings (limits, self-exclusion information).
  • In-game and on-site activity: session times, games played, bet amounts, wins/losses, bonus usage, wagering progress and cashout history.
  • Clickstream data, pages visited, navigation paths, time spent on specific areas of the Website and internal search queries.

Technical and Device Data

  • IP address, approximate geolocation derived from IP, VPN/proxy indicators, device identifiers.
  • Browser type and version, operating system, language settings, referring URLs, network provider and performance metrics.
  • Log files capturing login attempts, password reset requests, device changes and security events.

Payment and Financial Data

  • Payment method details (such as partial card numbers with masked digits, card brand, expiry date, issuing country) when you use cards.
  • E-wallet, voucher, bank transfer or cryptocurrency wallet details, depending on available methods and your choice.
  • Transaction histories including deposits, withdrawals, chargebacks, refunds, failed transactions and payment disputes.
  • Data received from payment processors, including Nine Purple and other third-party processors or banks engaged by Perfect Storm B.V. or its affiliates, to complete or review transactions and comply with AML obligations.

Regulatory, KYC and AML Data

  • Copies and verification data from identity documents, proof of address (e.g. utility bills, bank statements), source of funds and source of wealth information where required.
  • Sanctions and politically exposed person (PEP) screening results obtained from specialized providers.
  • Notes and records created by our compliance team regarding KYC, AML and responsible gambling assessments and decisions.

Marketing and Communication Data

  • Your preferences in receiving marketing communications from us and our partners.
  • Records of email engagement: opens, clicks, unsubscribe actions and related metrics.
  • Participation in promotions, surveys, feedback forms, competitions or loyalty programs.

Cookies and Similar Technologies

  • Cookies, pixel tags, local storage objects and similar technologies that store or access information on your device.
  • Third-party analytics and advertising cookies (for example from Google Analytics or ad networks) where enabled, which may track your browsing behaviour across our Website and, with your consent where required, other sites or apps.

Legal Basis for Processing

OBSERVE: Privacy and data protection frameworks (including the GDPR principles we align with, the Australian Privacy Act and comparable regimes) require a clear legal basis for each processing activity.

EXPAND: Our main grounds are contract performance, legal obligations (especially AML/KYC and gambling regulations), legitimate interests, and consent for optional activities such as certain marketing and cookies.

REFLECT: Below we set out the legal bases we rely on and how they apply to your data when you use 500-aussie.com and the 500 Casino brand.

Performance of a Contract

  • To create, verify and manage your player account with 500 Casino.
  • To provide access to games, process bets, calculate results, award winnings and manage bonuses.
  • To process deposits, withdrawals and other financial transactions through our payment partners.
  • To provide customer support and handle requests, complaints and disputes related to our services.

Compliance with Legal and Regulatory Obligations

  • To comply with applicable anti-money laundering (AML) and counter-terrorism financing laws, sanctions regulations and responsible gambling requirements imposed by our Curaçao licence and any other applicable laws.
  • To verify your identity, age and location and to keep adequate records of KYC, CDD (customer due diligence) and EDD (enhanced due diligence).
  • To respond to lawful requests from regulators, law enforcement or courts in relevant jurisdictions, including Curaçao and, where applicable, Australian or other authorities.
  • To maintain records for tax, accounting, licence audits and transaction reporting, as required by law or our licensing authority.

Legitimate Interests

  • To prevent, detect and investigate fraud, bonus abuse, collusion, money laundering and other prohibited or suspicious activities.
  • To secure our systems, prevent unauthorized access and maintain the integrity and availability of our platform.
  • To analyse usage, improve website performance, user experience, game offering and customer service.
  • To conduct non-intrusive marketing and service communications to existing customers (e.g. informing you about relevant changes, new features or similar offers), in line with applicable law.
  • To protect our legal rights, enforce our Terms of Service, pursue or defend legal claims and manage business risks.

Consent

  • For certain categories of marketing communications (such as promotional emails or SMS to prospective users in regulated markets) where explicit opt-in is required.
  • For the use of non-essential cookies and similar technologies that are not strictly necessary for the functioning of the Website.
  • For specific optional features (such as certain responsible gambling tools, surveys, or participation in public testimonials) where requested.

You may withdraw your consent at any time where consent is the legal basis, without affecting the lawfulness of processing prior to withdrawal. See "Your Rights" below for details.

Purpose of Processing

OBSERVE: Users must understand clearly why their data are collected and how they are used.

EXPAND: Our processing aligns with the operation of an online gambling platform, compliance with legal regimes and business optimisation, while avoiding incompatible secondary uses.

REFLECT: We only process personal data for the following specified, explicit and legitimate purposes.

Service Provision and Account Management

  • To register you as a player and administer your account on 500-aussie.com.
  • To allow you to place bets, participate in games and access related functionalities (e.g. bonuses, tournaments, loyalty schemes).
  • To process financial transactions, including deposits, withdrawals, internal transfers and currency conversions.
  • To provide ongoing customer support via email and any other channels we may offer.

Regulatory Compliance, Risk and Fraud Prevention

  • To perform identity verification, age checks, geolocation checks and sanctions/PEP screening.
  • To monitor gameplay, transaction patterns and device data for fraud detection, AML/CTF purposes and responsible gambling controls.
  • To comply with licence conditions, record-keeping requirements and audit obligations imposed by Antillephone N.V. and the Government of Curaçao.

Improvement, Analytics and Personalisation

  • To analyse traffic, usage trends, performance indicators and error logs, enabling us to maintain and improve our Website, apps and services.
  • To personalise your experience, for example by suggesting games, promotions or content that may be of interest based on your activity, where lawful.
  • To conduct A/B tests, usability studies and other product research, using aggregated or pseudonymised data wherever possible.

Marketing and Promotions

  • To send you promotional communications about our own products, services, competitions and events, in accordance with your marketing preferences and applicable law.
  • To manage loyalty programs, bonuses and promotional campaigns, including eligibility checks, award of benefits and communication regarding such programs.
  • To measure the effectiveness of marketing campaigns, including affiliate campaigns, and to optimize our marketing strategies.

Other Legitimate Business Purposes

  • To protect our rights, property and safety, and those of our players, staff and partners.
  • To handle disputes, enforce our Terms of Service and respond to legal claims.
  • To support corporate activities such as internal audits, business continuity planning, mergers, acquisitions or other corporate restructuring, subject to appropriate safeguards.

Disclosure & Sharing

OBSERVE: To operate an online casino and comply with law, some sharing of personal data with third parties is unavoidable.

EXPAND: We must describe who receives data, for which purposes, and the safeguards applied, including internationally.

REFLECT: 500 Casino does not sell your personal data but shares it under controlled conditions as set out below.

Group Companies and Affiliates

  • We may share data with companies that are under common ownership or control with Perfect Storm B.V., to the extent necessary for:
    • Supporting platform operations, security and maintenance;
    • Managing player accounts across related brands where lawful;
    • Consolidated reporting, risk management and compliance.

Payment Processors and Financial Institutions

  • Third-party payment processors, including entities such as Nine Purple in Cyprus and other banks or processors, receive relevant transaction and identification data in order to:
    • Process deposits, withdrawals and refunds;
    • Perform fraud and AML checks required by financial regulations;
    • Resolve payment disputes, chargebacks and investigations.

Service Providers (Processors)

  • We engage carefully selected third parties to provide services on our behalf, such as:
    • IT hosting, cloud infrastructure and data storage;
    • Customer support tools, CRM and communication platforms;
    • Analytics providers and business intelligence tools;
    • Identity verification and KYC/AML screening providers;
    • Security, anti-fraud and risk management solutions.
  • These providers process personal data only on our instructions, under written contracts that require appropriate confidentiality and security measures.

Regulators, Authorities and Law Enforcement

  • We may disclose personal data to:
    • Our licensing authority in Curaçao (including Antillephone N.V. and relevant governmental departments);
    • Courts, law enforcement and other public authorities in Curaçao, Australia or other jurisdictions where lawfully requested;
    • Other regulators when necessary for licence applications, audits or regulatory cooperation.
  • Such disclosures occur where we are legally required to do so, or where disclosure is necessary to establish, exercise or defend legal claims or protect vital interests.

Affiliates and Advertising Partners

  • With your consent where required, we may share limited information (such as pseudonymous identifiers, referral source, conversion data) with:
    • Affiliate partners who referred you to our Website, in order to attribute traffic and commissions;
    • Advertising networks and marketing platforms to deliver and measure targeted advertising campaigns.
  • We do not provide your full identity or sensitive financial details to such partners, and we require them to handle information in compliance with applicable privacy standards.

Corporate Transactions

  • In the event of a merger, acquisition, reorganisation, sale of assets or similar corporate transaction involving Perfect Storm B.V. or its assets, your personal data may be transferred to the acquiring or successor entity, subject to:
    • Continuation of protection at least equivalent to this Privacy Policy; and
    • Provision of appropriate notice to you, where feasible.

Other Disclosures

  • We may disclose information where you explicitly request or authorise us to do so (for example, for third-party verification of your winnings).
  • We may share aggregated or anonymised data that no longer identifies you, for analytical, research or statistical purposes.

International Transfers

OBSERVE: Data flows cross-border between Curaçao, the EU/EEA, Australia and other regions due to our infrastructure and service providers.

EXPAND: International transfers must be safeguarded through contractual and technical protections, aligned with global best practices such as the GDPR.

REFLECT: Users should understand where their data may go and how it is protected notwithstanding differences in local laws.

Locations of Processing

  • Data are primarily processed in:
    • Curaçao (operator headquarters and regulatory jurisdiction);
    • EU/EEA member states or the United Kingdom, where certain hosting, payment or verification providers are located;
    • Cyprus, in connection with payment processing arrangements such as Nine Purple;
    • Other countries where our carefully selected service providers operate data centres or support teams (which may include the United States or Asia-Pacific locations).
  • Australian users' data may therefore be transferred to and stored in jurisdictions outside Australia.

Safeguards for International Transfers

  • Where we transfer personal data from a jurisdiction with specific cross-border transfer rules (such as from the EU/EEA or regions applying GDPR-aligned standards) to a country that has not been deemed to provide an adequate level of protection, we implement appropriate safeguards, which may include:
    • Standard Contractual Clauses (SCCs) or equivalent data transfer agreements approved or recognized by relevant regulators;
    • Technical protections such as encryption in transit and at rest, access controls and data minimisation;
    • Organisational policies and strict internal access restrictions.
  • We also take reasonable steps to ensure that recipients in other countries are bound by obligations to protect personal data in a manner that is, overall, substantially similar to the standards described in this Privacy Policy.

Regional Compliance Note (AU)

While the primary data controller is based in Curaçao, we recognise that Australian users may benefit from protections inspired by the Australian Privacy Principles and comparable international frameworks. By using our services, you acknowledge that your data will be processed in and transferred to jurisdictions outside Australia, and that overseas recipients may not be subject to identical privacy laws as in Australia. We nonetheless contractually and technically require high standards of protection from all such recipients.

Data Retention

OBSERVE: Privacy standards require that personal data be kept no longer than necessary for the purposes for which it is processed.

EXPAND: As a regulated gambling operator, we are subject to AML, licensing and accounting retention obligations, which often mandate retention for multiple years after account closure.

REFLECT: We apply specific retention periods and criteria balancing legal requirements, business needs and your rights.

General Principles

  • We retain personal data only for as long as:
    • It is necessary for the purposes described in this Privacy Policy; and/or
    • We are legally required to retain it.
  • When data are no longer needed, we will either:
    • Securely delete or destroy them; or
    • Irreversibly anonymise them so that they no longer constitute personal data.

Indicative Retention Periods

  • Account and identification data: Normally kept for the duration of your active account and, after closure, for up to 5 - 7 years, depending on applicable AML, regulatory and accounting obligations.
  • Transaction and gameplay records: Typically retained for at least 5 years from the date of the relevant transaction or event, or longer where required by AML or tax law or necessary for dispute resolution.
  • KYC/AML-related documents: Retained for the minimum period required under applicable AML regulations (often 5 years after the end of the business relationship or the date of the last transaction) and may be extended where investigations or proceedings are ongoing.
  • Marketing data: Retained while you maintain an account and/or until you withdraw consent or object to processing, plus a short period to record your opt-out preference.
  • Technical logs and security data: Retained for a period commensurate with security needs and legal requirements (often 6 - 24 months), unless needed longer in connection with specific incidents.

Deletion and Anonymisation Criteria

  • We periodically review our databases and apply automated and manual rules to:
    • Delete or anonymise dormant accounts after a defined period of inactivity, subject to legal retention obligations;
    • Remove unnecessary copies or backups over time;
    • Minimise data fields retained where full records are not required.
  • You may request deletion of certain data, subject to our need to retain information for legal or regulatory reasons. See "Your Rights" below.

Your Rights

OBSERVE: Modern privacy frameworks, including the GDPR and comparable regimes, grant individuals specific rights regarding their personal data.

EXPAND: Even though our primary regulation is in Curaçao, we align our practices with these rights, subject to necessary limitations for gambling, AML and security obligations.

REFLECT: The rights described below are offered, where feasible, to users of 500-aussie.com, including Australian users.

Right of Access

  • You can request confirmation as to whether we process personal data about you and obtain a copy of such data, together with concise information about how it is used, shared and retained.

Right to Rectification

  • You may request correction of inaccurate or incomplete personal data. In many cases you can update details directly in your account profile. Where necessary, we may ask you to provide documentation (e.g. proof of address) to verify changes.

Right to Erasure ("Right to be Forgotten")

  • You can request deletion of personal data in certain circumstances, for example:
    • Where data are no longer necessary for the purposes for which we collected them;
    • Where processing is based solely on consent and you withdraw that consent;
    • Where you have successfully objected to processing.
  • We may not be able to delete data where we must retain it to comply with legal obligations (e.g. AML laws, record-keeping) or to establish, exercise or defend legal claims. In such cases, we will explain the limitation.

Right to Restrict Processing

  • You may ask us to restrict certain processing where:
    • You contest the accuracy of the data (for a period enabling us to verify accuracy);
    • The processing is unlawful but you oppose deletion and request restriction instead;
    • We no longer need the data but you require it for legal claims; or
    • You have objected to processing pending verification of our overriding legitimate grounds.

Right to Object

  • You may object, on grounds relating to your particular situation, to processing based on our legitimate interests, including certain profiling. We will stop such processing unless we demonstrate compelling legitimate grounds that override your interests, rights and freedoms or where processing is necessary for legal claims.
  • You have an absolute right to object at any time to the use of your personal data for direct marketing, including profiling related to direct marketing. Upon objection, we will stop using your data for this purpose.

Right to Data Portability

  • Where technically feasible and subject to legal limitations, you may request to receive certain personal data you provided to us in a structured, commonly used and machine-readable format, and to have that data transmitted to another controller where processing is based on consent or contract and carried out by automated means.

Right to Withdraw Consent

  • Where processing is based on your consent, you may withdraw that consent at any time, for example by:
    • Adjusting your marketing preferences in your account (if available);
    • Using "unsubscribe" links in emails; or
    • Contacting us at [email protected].
  • Withdrawal of consent does not affect processing that is based on other legal grounds or conducted prior to withdrawal.

Procedures, Timeframes and Cost

  • How to exercise your rights:
    • Submit a written request via email to [email protected] with "Privacy Request" in the subject line; or
    • Send a written letter to: Data Protection Officer, Perfect Storm B.V., Kaya Richard J. Beaujon Z/N, Curaçao.
  • Verification: We may need to verify your identity before acting on a request, for example by asking you to log in, confirm information or provide additional documents.
  • Timeframe: We aim to respond without undue delay and in any event within 30 days of receiving a complete request. If your request is particularly complex or we receive numerous requests, we may extend this period by a further 30 days, informing you of the extension and reasons.
  • Cost: We will normally handle your request free of charge. We may, where permitted by law, charge a reasonable fee or refuse to act on requests that are manifestly unfounded, excessive or repetitive.

Cookies & Tracking Technologies

OBSERVE: Cookies are essential for running a secure, user-friendly casino platform but also raise privacy considerations.

EXPAND: We must distinguish between necessary and optional cookies, explain their purposes and give control options.

REFLECT: The following describes how 500-aussie.com uses cookies and how you can manage them.

Types of Cookies We Use

  • Strictly Necessary (Functional) Cookies: These cookies are essential for the operation of the Website and cannot be switched off in our systems. They are typically set only in response to actions you take, such as logging in, setting privacy preferences, placing bets or filling in forms. Without them, core services such as account login, security verification and payment processing may not function properly.
  • Performance and Analytics Cookies: These cookies collect information about how visitors use the Website (e.g. pages visited, time spent, errors encountered). We use them to improve performance, understand usage patterns and enhance user experience. Data are usually aggregated and anonymised where possible.
  • Functional Preference Cookies: These remember your choices (such as language, region, display settings and login preferences) and provide enhanced, more personalised features.
  • Advertising and Targeting Cookies: Subject to your consent where required, these cookies may be set by us or by our advertising partners to build a profile of your interests and show you relevant adverts on our site or other sites. They do not store direct personal identifiers, but uniquely identify your browser or device.
  • Third-Party Cookies and Pixels: Certain third parties (for example analytics services, affiliate networks and social media platforms) may set cookies or use pixel tags when you visit our Website, in order to provide their services to us or to you.

Managing and Disabling Cookies

  • Browser Settings: Most web browsers allow you to:
    • View which cookies are stored on your device;
    • Delete cookies; and
    • Block or limit cookies for all or selected sites.
    Please refer to your browser's help section for specific instructions.
  • On-Site Tools: Where available, you may manage non-essential cookies via our on-site cookie banner or preference centre, which allows you to opt in or out of certain cookie categories.
  • Impact of Disabling Cookies: If you block or delete strictly necessary cookies, some parts of the Website may not function properly, including the ability to log in, maintain sessions or place bets.

Data Security

OBSERVE: Online gambling platforms process sensitive and high-value data, requiring robust security controls.

EXPAND: Our security measures must address confidentiality, integrity and availability of data, including technical, organisational and human factors.

REFLECT: While no system is perfectly secure, we implement multiple layers of safeguards to protect your information.

Technical Security Measures

  • Encryption in Transit: We use industry-standard Transport Layer Security (TLS 1.2 or higher) to encrypt data transmitted between your browser/device and our servers, reducing the risk of interception.
  • Encryption at Rest: Where appropriate, sensitive data are encrypted or otherwise protected at rest in our databases and storage systems.
  • Access Controls: Personal data are accessible only to authorised personnel and systems that require access for legitimate business or regulatory purposes. Role-based access control and least-privilege principles are applied.
  • Network and Infrastructure Security: Firewalls, intrusion detection and prevention systems, DDoS protection and other security technologies help safeguard our infrastructure.
  • Secure Development Practices: We use secure coding standards, regular vulnerability scanning and penetration testing to identify and remediate potential weaknesses.

Organisational and Procedural Measures

  • Policies and Governance: Internal policies govern data handling, access management, incident response and retention. These are periodically reviewed and updated.
  • Staff Training: Employees and contractors with access to personal data receive training on data protection, confidentiality, security practices and responsible handling of customer information.
  • Vendor Management: Third-party service providers are selected carefully and required to implement appropriate security and confidentiality measures through contractual obligations.
  • Incident Response: We maintain procedures for detecting, responding to and reporting security incidents. Where a personal data breach is likely to result in a high risk to your rights and freedoms, we will notify you and relevant authorities in accordance with applicable law.
  • Compliance with Standards: While not all components of our environment may be formally certified, we endeavour to align our security practices with recognised international standards such as ISO/IEC 27001 and SOC 2 principles where feasible.

Complaints & Contacts

OBSERVE: Users must have clear channels to raise concerns or complaints about privacy and data use.

EXPAND: We should provide internal resolution mechanisms and guidance on escalation to supervisory authorities where applicable.

REFLECT: The procedure below explains how to contact us and how we will handle your complaint.

Contacting Us

  • Primary contact for privacy and complaints:
    • Email: [email protected]
    • Subject line: please include "Privacy Complaint" for faster routing.
  • Postal address: Data Protection Officer, Perfect Storm B.V., Kaya Richard J. Beaujon Z/N, Curaçao.

Internal Complaint Procedure

  1. Submission: Send us a detailed description of your concern, including:
    • Your full name and account ID (if applicable);
    • Contact details where we can reach you;
    • A clear explanation of your concern or alleged privacy breach; and
    • Any relevant supporting documentation.
  2. Acknowledgement: We will acknowledge receipt of your complaint as soon as reasonably practicable, typically within 5 business days.
  3. Investigation: Our Data Protection Officer or an appointed delegate will review your complaint, consult relevant departments and assess technical and legal aspects.
  4. Response: We aim to provide a substantive response within 30 days of receiving a complete complaint. If the issue is complex or requires coordination with third parties or authorities, we may extend this period. In such a case, we will inform you of the delay and an estimated timeframe.
  5. Outcome: Our response will set out our findings, any corrective actions taken or proposed, and options available to you if you are not satisfied.

Escalation to Supervisory Authorities

Depending on your location and applicable law, you may have the right to lodge a complaint with a data protection or privacy regulator. While 500 Casino is primarily regulated from Curaçao, you may consider:

  • For users in Australia:
  • Other jurisdictions: If you reside in a country with a dedicated data protection authority (DPA), you may have the right to contact that authority. Please consult your local regulations for contact details.

We encourage you to contact us first so we can attempt to resolve your concern directly, but your right to approach a regulator remains unaffected.

Updates

OBSERVE: Privacy laws and our services evolve, making periodic updates to this policy necessary.

EXPAND: Users should be informed of changes, especially where they are material, and be given an opportunity to review and, if needed, object or close their accounts.

REFLECT: The mechanism below governs how we update and communicate this Policy.

Changes to this Privacy Policy

  • We may update or amend this Privacy Policy from time to time to reflect:
    • Changes in our services, business operations or corporate structure;
    • Updates in applicable laws, regulations or guidance; or
    • Improvements in how we explain our practices.
  • The "Last updated" date at the end of this document indicates the most recent revision.

Notification Procedures

  • Non-material changes: Minor updates (for example wording clarifications or corrections) may be implemented without prior notice. We will post the updated Policy on 500-aussie.com.
  • Material changes: For significant modifications that meaningfully affect your rights or how we process your data (such as new categories of data, new purposes or new types of disclosures), we will:
    • Provide notice at least 30 days in advance, where practicable, before the changes take effect; and
    • Use one or more of the following channels:
      • Email to your registered address;
      • Prominent banners or notifications on the Website; and/or
      • Alerts in your account dashboard where available.

Your Options in Case of Changes

  • If you do not agree with the updated Privacy Policy, you may:
    • Contact us to clarify any concerns; and/or
    • Close your account and request applicable data rights such as deletion or restriction, subject to legal retention requirements.
  • By continuing to use 500-aussie.com after changes take effect, you are deemed to have accepted the updated Privacy Policy to the extent permitted by law.

Last updated: January 2026