burger icon
Heart of Vegas Сasino Casino
Log In

Privacy Policy

This Privacy Policy explains how personal data of players and visitors of heartofvegaz.com is collected, used, disclosed, and protected in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and all relevant gambling industry regulations as of 2025. It applies to all users and visitors engaging with heartofvegas services through heartofvegaz.com. The effective date of this policy is 01 January 2025.

Who We Are

OBSERVE: Analyze all available company data for operator identification (no registered address in dataset; parent company context used).
EXPAND: Infer relevant operator details given AU law and heartofvegaz.com association.
REFLECT: Provide as complete as possible legal identity, referencing parent company, for transparency and compliance.

  • Operator Name: heartofvegas, operated via heartofvegaz.com, a service under the parent company Aristocrat Leisure Limited.
    • The service is provided from Australia, with global market reach. Aristocrat Leisure Limited is recognized as the parent organization for heartofvegaz.com operations in Australia.
  • Legal Address & Registration: Not publicly specified. For data requests or legal correspondence, refer to the contact information below.
  • Data Protection Contact:
    • Responsible Person: Data Protection Office, heartofvegaz.com
    • Email: Please use the contact page at heartofvegaz.com to reach our data protection team. Direct DPO email is not specified due to current operational structure.
    • Authoritative Contact: Oliver Williams (site representative)

What Personal Data We Collect

OBSERVE: Identify all AU-regulated data collection categories.
EXPAND: Classify each by its regulatory and operational significance.
REFLECT: Clarify categories, method of collection, and associated user transparency obligations.

  • Personal Identification Data:
    • Full name, date of birth, residential address (as required for KYC), email address, and phone number.
  • Technical Information:
    • IP address, device identifiers, browser type, operating system, and access logs for security and operational support.
  • Payment and Transaction Data:
    • Banking/payment instrument details, deposit/withdrawal records (as required for gameplay or purchases within limits allowed by AU law), transaction logs.
  • Behavioral and Usage Data:
    • Account activity, betting and gameplay history, click-stream data, session times, and site navigation patterns.
  • Cookies and Tracking Technologies:
    • Session and persistent cookies, web beacons, device fingerprinting - for authentication, site improvement, and marketing subject to your preferences.

Legal Note: Collection complies with the minimum necessary for service delivery, security, and legal/regulatory reporting required by AU legislation and industry standards.

Legal Basis for Processing

OBSERVE: Verify all lawful grounds under AU privacy law.
EXPAND: Address implied obligations, such as anti-fraud and data security.
REFLECT: Explicitly match each major data process to its legal justification.

  1. User Consent: Data is collected and processed on the basis of user consent, which is provided when you accept this Privacy Policy and continue using heartofvegaz.com services. Consent can be withdrawn at any time, subject to legal exceptions.
  2. Contractual Necessity: Personal data is required for the creation and administration of your user account, enabling access to services, processing transactions, and providing customer support in accordance with our terms of service.
  3. Compliance with Legal Obligations: Data is processed to fulfil obligations under applicable Australian law (e.g., Anti-Money Laundering and Counter-Terrorism Financing Act, KYC and AML requirements, tax reporting).
  4. Legitimate Interests: Processing is necessary for the prevention of fraud, system security, improving our products and services, and conducting analytics to enhance user experience. We ensure such interests do not override your fundamental privacy rights.

Protective Clauses: Where processing is required by law or necessary to protect users or the integrity of the service, data will be handled strictly within the constraints of the relevant legal mandate.

Purpose of Processing

OBSERVE: List all main and implied processing purposes.
EXPAND: Include all operational, regulatory, and enhancement-driven usages.
REFLECT: Ensure no material purpose is omitted to maintain transparency.

  • Service Provision: Operating user accounts, verifying identity, facilitating play, processing payments, managing responsible gambling measures.
  • Service Improvement: Monitoring performance, conducting analytics, resolving technical and service issues, and implementing user feedback for future development.
  • Regulatory and Legal Compliance: Satisfying reporting and record-keeping obligations, preventing fraud, and addressing illegal activities as mandated by Australian law.
  • Marketing and Communication (With Consent): Sending promotional offers and updates regarding heartofvegaz.com, only with explicit user consent, with the ability to opt out at any time.
  • Security and Risk Management: Ensuring the safety and integrity of all users and the platform, protecting against unauthorized access, and maintaining audit logs as required by AU standards.

Disclosure & Sharing

OBSERVE: Specify AU privacy principles for disclosures to third parties.
EXPAND: Identify all types of recipients and legally permitted circumstances.
REFLECT: Detail all scenarios in which users' data may be shared, with protective justifications.

  • Payment Processing Partners: Information may be shared as needed with payment service providers for processing deposits, withdrawals, and verifying transactions.
  • Service Providers: Authorised contractors and technology providers may access data strictly for providing and supporting core services, under confidentiality and data protection agreements.
  • Regulatory Authorities: Data may be disclosed to Australian regulatory bodies (such as AUSTRAC, ACMA) if legally required for compliance, investigation, or audit purposes.
  • Affiliates and Subsidiaries: Within Aristocrat Leisure Limited's corporate group and subsidiaries (e.g., Product Madness) as operationally necessary, with appropriate data safeguards.
  • Advertising Networks (With Consent): Non-identifiable or pseudonymized information may be shared with advertising networks, subject to user consent for direct marketing and analytics.

Protective Clause: Data will only be shared with third parties who provide sufficient guarantees of data protection and solely for purposes aligned with those identified in this policy.

International Transfers

OBSERVE: Identify when/if personal data is transferred overseas as per AU APP 8.
EXPAND: Specify applicable regions, nature of protection, and contractual safeguards.
REFLECT: Clearly communicate all cross-border transfer mechanisms in place.

  • Countries/Regions: Data may be transferred for processing or backup purposes to foreign jurisdictions including the United Kingdom, the European Economic Area, and other countries where Aristocrat Leisure Limited or its subsidiaries operate, as part of global service delivery.
  • Protection Measures:
    • All such transfers are governed by legally binding agreements incorporating the Australian Privacy Principles (APP 8), requiring foreign recipients to comply with equivalent data protection standards.
    • When applicable, standard contractual clauses or approved mechanisms (such as international data transfer agreements) are used to ensure continued protection of your information.

Legal Commitment: No overseas disclosure occurs unless the foreign recipient is bound by contractual or legal obligations equivalent to those required under Australian law, or user consent is explicitly obtained when necessary.

Data Retention

OBSERVE: Identify regulatory data retention minimum and maximum periods.
EXPAND: Align each data type with required or justified retention windows.
REFLECT: Disclose deletion criteria and relevant user triggers.

  • Personal and Account Data: Retained for as long as necessary to provide services and comply with obligations. Typically, personal data is held for up to 5 years after account closure, as required by KYC/AML record-keeping regulations.
  • Technical and Usage Data: Retained for operational and analytical use for no more than 2 years unless required longer by regulations.
  • Cookies and Tracking Information: Session cookies are deleted upon logout or session expiry. Persistent and third-party cookies are kept according to their type and may last up to 2 years or user deletion via browser settings.

Deletion Criteria: Data is securely erased or anonymized when: the prescribed retention period expires; upon valid user request (subject to overriding legal obligations); or if no longer necessary for the purpose collected.

Legal Note: We may retain certain information beyond user request where required by law, court order, or regulatory authority.

Your Rights

OBSERVE: Address all user rights under Australian law and privacy best practices.
EXPAND: Include methods for right exercise and any legal limitations.
REFLECT: Bullet each actionable right and provide clear access instructions.

  • Right to Access: You can request a copy of all personal data held about you.
  • Right to Correction: You may request correction of incomplete, inaccurate, or outdated information.
  • Right to Deletion: Subject to legal obligations, you may request erasure of your data. Certain legal/regulatory requirements may override this right.
  • Right to Restrict Processing: You can object to or request limitations on processing where permitted by law.
  • Right to Data Portability: Upon request, your data will be provided in a portable, commonly used format, as technically feasible.
  • Right to Withdraw Marketing Consent: You may withdraw consent to marketing communications at any time via user account settings or by contacting us.

How to Exercise Rights: Contact our data protection team through heartofvegaz.com or use the details in the Complaints & Contacts section. Verification of identity may be required for your protection.

Cookies & Tracking Technologies

OBSERVE: Detail cookie types and their regulatory significance.
EXPAND: Explain purpose and user choice measures.
REFLECT: Combine technical and practical explanations with legal clarity.

  • Types of Cookies Used:
    • Session Cookies: Temporary, expire after logout or end of session; used for user authentication and site navigation.
    • Persistent Cookies: Remain on device for up to 2 years or until deleted by user; enable preferences saving and enhanced performance.
    • Third-Party Cookies: Provided by analytics and advertising partners for the purposes of website analytics, measurement, and (with consent) marketing.
  • Purposes:
    • Functional: Enable essential site features and user account access.
    • Analytics: Collect anonymous usage data to improve service quality.
    • Advertising: (With consent) Deliver customized content and measure marketing performance via advertising networks.
  • Managing Cookies: You may adjust preferences via your browser settings to block or remove cookies, or (where available) via a consent management panel at heartofvegaz.com. Disabling cookies may limit certain site functionalities.

Legal Note: We obtain explicit consent for non-essential cookies and tracking as required by AU privacy and communications law.

Data Security

OBSERVE: Summarize AU data security standards and best practices.
EXPAND: Specify technical and organizational controls.
REFLECT: Demonstrate commitment to user protection and regulatory compliance.

  1. Technical Protections: Use of industry-standard SSL/TLS encryption for all transfers between client and server; secure storage with robust encryption of sensitive data; firewalls and regular vulnerability scanning.
  2. Organizational Measures: Access to personal data is restricted to authorized personnel only; staff are regularly trained in data privacy and security requirements; multi-factor authentication (MFA) is implemented for system access.
  3. Auditing and Incident Response: Periodic independent audits of our information security infrastructure are conducted. We have established procedures for identifying, managing, and reporting any data breaches, in line with the Notifiable Data Breaches scheme under Australian law.

Regional Compliance Note: All security measures are aligned with the Australian Privacy Principles and gambling industry standards current to 2025.

Complaints & Contacts

OBSERVE: Define accessible avenues for enquiries and complaints.
EXPAND: Outline steps for escalation and external recourse.
REFLECT: Clearly provide user pathways for resolution.

  • Contact for Data Protection Issues: Please use the official heartofvegaz.com website contact form to submit privacy requests, queries, or complaints. If you are unable to use the form, please address correspondence to the representative: Oliver Williams, Data Protection Office, heartofvegaz.com.
  • Complaint Procedure:
    • We acknowledge receipt of all complaints within 7 business days.
    • An initial response will be provided within 30 days of receipt.
    • If you are dissatisfied with our management of your complaint, you may escalate the matter to the Office of the Australian Information Commissioner (OAIC): oaic.gov.au.

Legal Note: All personal data contained in inquiries or complaints will be processed in accordance with the principles set out in this policy and the requirements of AU law.

Updates

OBSERVE: Summarize policy change notification mechanisms.
EXPAND: Specify revision dates and user communication strategies.
REFLECT: Ensure ongoing user awareness and compliance.

  • Notification of Changes: We may update this Privacy Policy to reflect changes in law, operational practices, or new features on heartofvegaz.com. Material changes will be communicated to users via a notification banner and updated content on the site.
  • Access to Current Policy: The latest version will always be accessible at heartofvegaz.com.
  • Revision Date: This policy was last updated on 01 January 2025.

Protective Clause: Continued use of our services constitutes acceptance of policy amendments. We encourage users to regularly review this page for updates.