Privacy Policy

Popmolly Online Casino — Privacy Policy

Effective Date and Scope

This Privacy Policy governs the collection, use, storage, sharing, and protection of personal data by Popmolly, an online casino brand operating under a gaming licence issued by the Government of Curaçao. This policy applies to all users who access, register with, or otherwise interact with the Popmolly platform, including through any associated websites, mobile applications, or digital services made available to players in Australia and other permitted jurisdictions. By registering an account, accessing the platform, or submitting any personal information to Popmolly, you acknowledge that you have read, understood, and agreed to the terms set out in this Privacy Policy. If you do not agree with any part of this policy, you should discontinue your use of the platform immediately.

Popmolly is committed to protecting the privacy and personal data of its users in accordance with applicable data protection principles, including those consistent with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained therein. As a licensed operator, Popmolly is also subject to obligations arising from anti-money laundering legislation, know-your-customer requirements, and responsible gambling regulations, all of which necessitate the collection and processing of certain categories of personal data.

1. Who We Are

Popmolly is an online casino brand operating under a licence issued by the Curaçao Gaming Control Board. The platform provides a range of online gambling services, including but not limited to casino games, live dealer experiences, and other interactive gaming products. As the operator of this platform, Popmolly acts as the data controller responsible for determining the purposes and means by which personal data is processed. All data processing activities conducted by Popmolly are carried out in accordance with applicable legal obligations, regulatory requirements, and the principles outlined in this Privacy Policy.

2. Data We Collect

Popmolly collects personal data from users at various stages of their interaction with the platform. The categories of data collected include the following:

• Registration data, including full legal name, date of birth, residential address, email address, phone number, and username selected at the time of account creation.
• Identity verification documents, including copies of government-issued identification such as passports or driver’s licences, proof of address documents, and any additional documentation required to fulfil KYC obligations.
• Payment and financial information, including bank account details, credit or debit card numbers, e-wallet identifiers, transaction histories, and records of deposits and withdrawals made through the platform.
• Technical and usage data, including IP addresses, device identifiers, browser types, operating system information, session durations, pages visited, and clickstream data generated during your interaction with the platform.
• Cookie data and tracking information collected through essential and analytical cookies as described in the Cookie Policy section of this document.
• Communications data, including records of correspondence between users and the Popmolly support team, including emails, live chat transcripts, and any documentation submitted in connection with a complaint or inquiry.
• Responsible gambling data, including any self-exclusion requests, deposit limits, session limits, or cooling-off periods applied to an account.

Popmolly collects only the data that is necessary for the purposes described in this policy and does not engage in the collection of excessive or irrelevant personal information.

3. Purpose of Data Processing

Popmolly processes personal data for a range of legitimate purposes directly connected to the operation of a licensed online casino. These purposes include:

• Account creation and management, including verifying user identity, maintaining account records, and providing access to platform services.
• Processing financial transactions, including deposits, withdrawals, bonus payments, and the resolution of payment disputes.
• Conducting know-your-customer procedures to verify the identity and age of users in compliance with licensing conditions and applicable regulatory requirements.
• Performing anti-money laundering checks in accordance with obligations under Australian anti-money laundering legislation and the requirements of the Curaçao gaming licence, including monitoring transactions for suspicious activity and reporting to relevant authorities where required.
• Fraud prevention and platform security, including detecting and investigating unauthorised account access, collusion, bonus abuse, and other forms of fraudulent behaviour.
• Delivering marketing communications, including promotional offers, bonuses, and platform updates, to users who have provided consent to receive such communications. Users may withdraw this consent at any time by following the opt-out instructions provided in each communication or by contacting the support team directly.
• Providing customer support and resolving disputes raised by users in connection with their accounts or gameplay activity.
• Complying with legal and regulatory obligations, including responding to lawful requests from government authorities, regulatory bodies, and law enforcement agencies.
• Conducting responsible gambling assessments and implementing player protection measures where required by platform policy or applicable regulations.
• Analysing platform performance and user behaviour to improve the quality of services offered through the platform.

4. Legal Basis for Processing

Popmolly processes personal data on the following legal grounds depending on the nature of the processing activity:

• Contractual necessity, where processing is required to fulfil the terms of the user agreement entered into upon account registration.
• Legal obligation, where processing is necessary to comply with applicable laws, including anti-money laundering legislation, gaming regulations, and tax obligations.
• Legitimate interests, where processing is necessary for the purposes of fraud prevention, platform security, and the improvement of services, provided that such interests are not overridden by the rights and freedoms of the data subject.
• Consent, where processing is based on a freely given, specific, and informed consent provided by the user, particularly in the context of direct marketing communications.

5. Data Sharing and Disclosure

Popmolly does not sell personal data to third parties. However, in order to operate the platform effectively and comply with applicable legal and regulatory obligations, Popmolly may share personal data with the following categories of third parties:

• Payment service providers and financial institutions responsible for processing deposits and withdrawals made through the platform.
• Identity verification and KYC partners engaged to conduct document verification, age verification, and background screening services on behalf of Popmolly.
• Anti-fraud and AML service providers that assist in monitoring transactions and identifying suspicious activity.
• Technology and infrastructure providers, including cloud hosting services, content delivery networks, and platform maintenance vendors who process data solely on behalf of Popmolly under strict data processing agreements.
• Regulatory authorities and licensing bodies, including the Curaçao Gaming Control Board and relevant Australian regulatory agencies, where disclosure is required by law or licence conditions.
• Law enforcement agencies and government bodies where Popmolly is legally compelled to disclose information in response to a court order, subpoena, or other lawful request.
• Responsible gambling organisations and self-exclusion registries where required to give effect to a user’s self-exclusion request or to comply with player protection obligations.

All third parties with whom Popmolly shares personal data are required to handle that data in accordance with applicable data protection standards and are prohibited from using it for purposes other than those specified in their agreements with Popmolly.

6. Data Retention

Popmolly retains personal data for as long as is necessary to fulfil the purposes for which it was collected, to comply with legal and regulatory obligations, and to resolve any disputes or enforce agreements. In practice, this means that account data and transaction records are retained for a minimum period consistent with anti-money laundering legislation and gaming licence requirements, which typically extends to a period of five years following the closure of an account or the completion of a transaction. Technical logs and usage data may be retained for shorter periods depending on their operational relevance. When personal data is no longer required, it is securely deleted or anonymised in accordance with Popmolly’s internal data management procedures.

7. Cookie Policy

Popmolly uses cookies and similar tracking technologies on its platform to ensure functionality, improve user experience, and gather analytical data. The following categories of cookies are used:

• Essential cookies, which are strictly necessary for the operation of the platform and cannot be disabled. These cookies enable core functions such as user authentication, session management, and security features. Without these cookies, the platform cannot function properly.
• Analytical cookies, which are used to collect information about how users interact with the platform, including which pages are visited most frequently, how long users spend on particular sections, and what actions are taken during a session. This data is used in aggregate form to improve platform performance and user experience.
• Marketing cookies, which may be used to deliver personalised promotional content to users based on their browsing behaviour and preferences, subject to the user’s consent.

Users may manage their cookie preferences through the cookie consent tool available on the platform or through their browser settings. Please note that disabling certain categories of cookies may affect the functionality of the platform.

8. Data Security

Popmolly implements a range of technical and organisational measures to protect personal data against unauthorised access, loss, destruction, or disclosure. These measures include encryption of data in transit and at rest, access controls limiting data access to authorised personnel only, regular security assessments and vulnerability testing, and staff training on data protection obligations. While Popmolly takes all reasonable steps to protect personal data, no online platform can guarantee absolute security, and users are encouraged to take appropriate steps to protect their own account credentials.

9. User Rights

Users whose personal data is processed by Popmolly have the following rights in relation to that data:

• The right to access personal data held by Popmolly, including the right to receive a copy of that data in a structured and readable format.
• The right to request correction of inaccurate or incomplete personal data.
• The right to request deletion of personal data where it is no longer necessary for the purposes for which it was collected, subject to any legal or regulatory obligations that require Popmolly to retain the data.
• The right to restrict the processing of personal data in certain circumstances, including where the accuracy of the data is contested or where processing is unlawful.
• The right to withdraw consent to data processing activities based on consent, including the right to opt out of marketing communications at any time.
• The right to lodge a complaint with a relevant data protection authority if you believe that your personal data has been processed in a manner that is inconsistent with applicable law.

To exercise any of these rights, users may submit a request through the official contact channels provided on the Popmolly platform. Popmolly will respond to all valid requests within a reasonable timeframe and in accordance with applicable legal requirements.

10. Responsible Gambling and Data Processing

As a licensed operator, Popmolly is committed to promoting responsible gambling and protecting vulnerable users. In this context, Popmolly may process personal data to identify patterns of behaviour that may indicate problem gambling, to apply account restrictions where appropriate, and to facilitate access to responsible gambling resources. Data processed in connection with responsible gambling measures is handled with the highest degree of confidentiality and is not used for any purpose other than the protection of the user and the fulfilment of regulatory obligations.

11. Changes to This Privacy Policy

Popmolly reserves the right to update or amend this Privacy Policy at any time to reflect changes in applicable law, regulatory requirements, or platform operations. Users will be notified of material changes through the platform or by email. Continued use of the platform following the publication of an updated Privacy Policy constitutes acceptance of the revised terms. Users are encouraged to review this policy periodically to remain informed about how their personal data is being processed.

12. Contact Information

If you have any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data, please contact the Popmolly data protection team through the official support channels available on the platform website. Popmolly is committed to addressing all privacy-related inquiries promptly and in a manner consistent with its legal and regulatory obligations.