Self-exclusion and personal data protection
Introduction
Self-exclusion procedures require the provision of personal information (full name, date of birth, contact details), but players have the right to know how this data is used, stored and protected. This article explains the legal framework, technical and organizational security measures, and your rights.
1. What data is collected
1. When registering with BetStop
Full name and date of birth for unambiguous identification
E-mail address and phone number for code confirmation
Postal code - for geographical verification
2. In the personal account of the casino
Login (e-mail or phone)
KYC data (passport, driver's license) - for synchronization with BetStop and exclusion of multi-accounts
3. Additional information
Access history (IP addresses, login time) - for SD compliance audit
Communication records (chat logs, e-mail) - for evidence in case of violations
2. How data is stored and protected
1. Privacy Act 1988
APP (Australian Privacy Principles) require:
Database encryption (AES-256) and TLS sessions on BetStop and operators
Regular backups and storage in secure data centers
Restrict access by role (RG specialists and administrators only)
3. Organizational measures
Policies for Data Destruction After SD Expiration
Instructions for removing paper and electronic copies of KYC
Personnel training on confidential information handling procedures
3. Data transfer and third parties
1. Inter-operator synchronization
BetStop passes the player only as "excluded" without transferring the full KYC set to operators
Operators use data hashes (SHA-256) for reconciliation without disclosing initial information
2. Regulators and law enforcement
ACMA or staff commissions may request data when investigating violations
The law obliges operators to transfer only within the framework of official requests under the agenda or through the GDPR analogue (APRA units)
3. Third-party service providers
Payment gateways and cloud providers process data under non-disclosure agreements and according to APP
4. Your rights and how to exercise them
1. Access and remediation
The right to ask BetStop or the operator for a copy of their data and correct inaccuracies
2. Delete and restrict processing
At the end of SD, the data must be destroyed or anonymized (the law requires limiting storage)
3. Violation complaint
If your Privacy Act is breached, you can file a complaint with the OAIC (Office of the Australian Information Commissioner)
4. SD Recall Privacy
In case of early withdrawal, you have the right to request that the archived lock records be deleted if they are no longer needed
5. Risk minimization recommendations
1. Use a separate e-mail/phone
Registering an SD with a new address reduces the interweaving of data with other services
2. Remove from social media
If you are logged in through Facebook/Google, untie these services after registering SD
3. Check your privacy policy
Make sure that the RG-tools section of the operator contains a link to the Privacy Policy and data retention periods
4. Timely data updates
Make changes to your profile to avoid unnecessary entries and speed up the deletion process
Conclusion
Self-exclusion requires some personal data to be entrusted to operators and BetStop, but legislation and industry standards guarantee their protection. Knowing what information is collected, how it is encrypted and who has access, you can confidently go through the SD procedure, maintaining control over privacy and minimizing the risk of leaks.
Self-exclusion procedures require the provision of personal information (full name, date of birth, contact details), but players have the right to know how this data is used, stored and protected. This article explains the legal framework, technical and organizational security measures, and your rights.
1. What data is collected
1. When registering with BetStop
Full name and date of birth for unambiguous identification
E-mail address and phone number for code confirmation
Postal code - for geographical verification
2. In the personal account of the casino
Login (e-mail or phone)
KYC data (passport, driver's license) - for synchronization with BetStop and exclusion of multi-accounts
3. Additional information
Access history (IP addresses, login time) - for SD compliance audit
Communication records (chat logs, e-mail) - for evidence in case of violations
2. How data is stored and protected
1. Privacy Act 1988
APP (Australian Privacy Principles) require:
- Collect only required data
- No longer storage than needed for SD purpose
- Using Encryption in Transmission and Storage
- 2. Technical measures
Database encryption (AES-256) and TLS sessions on BetStop and operators
Regular backups and storage in secure data centers
Restrict access by role (RG specialists and administrators only)
3. Organizational measures
Policies for Data Destruction After SD Expiration
Instructions for removing paper and electronic copies of KYC
Personnel training on confidential information handling procedures
3. Data transfer and third parties
1. Inter-operator synchronization
BetStop passes the player only as "excluded" without transferring the full KYC set to operators
Operators use data hashes (SHA-256) for reconciliation without disclosing initial information
2. Regulators and law enforcement
ACMA or staff commissions may request data when investigating violations
The law obliges operators to transfer only within the framework of official requests under the agenda or through the GDPR analogue (APRA units)
3. Third-party service providers
Payment gateways and cloud providers process data under non-disclosure agreements and according to APP
4. Your rights and how to exercise them
1. Access and remediation
The right to ask BetStop or the operator for a copy of their data and correct inaccuracies
2. Delete and restrict processing
At the end of SD, the data must be destroyed or anonymized (the law requires limiting storage)
3. Violation complaint
If your Privacy Act is breached, you can file a complaint with the OAIC (Office of the Australian Information Commissioner)
4. SD Recall Privacy
In case of early withdrawal, you have the right to request that the archived lock records be deleted if they are no longer needed
5. Risk minimization recommendations
1. Use a separate e-mail/phone
Registering an SD with a new address reduces the interweaving of data with other services
2. Remove from social media
If you are logged in through Facebook/Google, untie these services after registering SD
3. Check your privacy policy
Make sure that the RG-tools section of the operator contains a link to the Privacy Policy and data retention periods
4. Timely data updates
Make changes to your profile to avoid unnecessary entries and speed up the deletion process
Conclusion
Self-exclusion requires some personal data to be entrusted to operators and BetStop, but legislation and industry standards guarantee their protection. Knowing what information is collected, how it is encrypted and who has access, you can confidently go through the SD procedure, maintaining control over privacy and minimizing the risk of leaks.
