Privacy Policy

This Privacy Policy explains how Royal Ace, operated via https://royalace-aussie.com, collects, uses, discloses and protects personal information of visitors and users of our review and informational services. It applies to all website visitors, individuals who contact us, and people who interact with our content relating to Royal Ace and associated brands, but does not operate as the privacy policy of the Royal Ace casino operator itself. By accessing or using our site, you acknowledge this Privacy Policy. This Policy is effective and deemed current as of 1 January 2026.

Who We Are

Observe: The project domain is royalace-aussie.com, a review/information site referencing Royal Ace and related brands, operated separately from the casino itself. No verified corporate registration data is available from source materials.

Expand: To avoid misleading users, we must clarify that Royal Ace is an informational project, not the gambling operator, and that certain corporate details are not publicly verifiable. We still provide clear contact channels for privacy issues.

Reflect: We present a transparent "doing business as" description and highlight that this Policy does not bind or describe the data practices of the Royal Ace casino operator.

Operator identity

The website Royal Ace, available at https://royalace-aussie.com, is an independent review and information service (the "Site", "we", "us", "our"). It is not owned or operated by the Royal Ace casino or by Ace Revenue Group / Virtual Casino Group, and it does not provide gambling services.

Legal and postal address

Based on the information available up to 2026, the precise legal entity name, company registration number and registered office address of the Site operator are not publicly specified. Where required by law, such details will be provided directly to competent authorities or made available to users upon justified request sent to our contact email (see below).

Contact and data protection responsibility

• Data protection contact / responsible department: Privacy & Compliance Desk, Royal Ace
• Email (primary, critical contact): [email protected]
• Email (general queries): [email protected]
• Websites covered by this Policy:
  • https://royalace-aussie.com (this review/brand site)

Any reference on this Site to https://royalacecasino.com or other brands (including Planet 7 Oz, Silver Oak, Captain Jack, Slot Madness) is purely informational. Their respective privacy practices are governed by their own privacy policies and are outside the scope of this document.

What Personal Data We Collect

Observe: As a review site, Royal Ace primarily processes website and communication data, not gambling account data. However, we may incidentally receive some user details via contact or technical logs.

Expand: We must distinguish clearly between: (i) data we actively collect (contact details, technical logs, cookies, analytics), and (ii) data that is processed only by third-party gambling operators or advertising networks. We also note that we do not directly process KYC or payment data of casino players.

Reflect: We categorise data types and their typical sources to give users a transparent overview.

Personal identification and contact data

• Basic identifiers: name or screen name, if you voluntarily provide it (e.g. in emails or forms).
• Contact details: email address and any other contact information you supply when you:
  • write to [email protected] or [email protected], or
  • communicate with us through any feedback or dispute-related channel we might reference (for example, Central Dispute System links).
• Content of communications: the text of your messages, including any personal information you choose to include (such as account IDs with gambling operators, screenshots, or transaction data). We strongly recommend that you minimise sharing sensitive details and redact information that is not strictly necessary for your inquiry.

Technical and usage data

• Device and connection data: IP address, approximate geolocation (country/region), device type, browser type and version, operating system, referral URL, time and date of access.
• Log data: server logs, error logs and security logs relating to your use of the Site.
• Usage and behavioural data on this Site: pages visited, time spent on pages, navigation paths, clicks on internal links, and interactions with banners or outbound links to external casino sites.

Payment and financial data

Royal Ace does not process payments on this Site and does not request your credit card numbers or banking information. However:

• If you voluntarily share transaction details (for example, screenshots of deposits or withdrawals with Royal Ace or other casinos) in order to request assistance or for complaint documentation, that information will be processed solely for handling your request.
• Any actual payment processing for gambling services is performed exclusively by the relevant gambling operator and its processors under their own policies.

Behavioural data related to gambling

• On this Site: we may collect information on which reviews, guides, or bonus pages you view and which outbound links you click (e.g. links to Royal Ace or its sister sites). This helps us understand interest in particular brands or game types.
• Not on this Site: we do not have direct access to your betting history, account balance, KYC files or internal player notes held by Royal Ace or any other operator. If you provide descriptions of your play or attach evidence in communications, those details will be processed only as part of your correspondence.

Cookies and similar technologies

• Cookies: small text files stored on your device to support the functioning and analytics of the Site.
• Tracking technologies: pixels, tags, scripts and similar tools implemented either by us or by selected third parties (for example, analytics providers or advertising networks) to understand how the Site is used and how effective our links and campaigns are.

Data from third parties

• Analytics providers: aggregated statistics and anonymised or pseudonymised reports about traffic sources, user behaviour and conversion events related to our links.
• Advertising and affiliate partners: limited information about the performance of our affiliate links (for example, number of clicks, registrations, or other non-directly identifiable metrics), typically in aggregated form.
• Regulatory and public sources: information about regulatory actions (for example, ACMA blocking orders against certain gambling websites) obtained from public sources such as https://acma.gov.au/blocked-gambling-websites.

Legal Basis for Processing

Observe: Users are mainly Australian visitors; however, traffic may be global. We therefore align with widely recognised principles used in frameworks such as the EU GDPR, while focusing on Australian law and general privacy standards.

Expand: As an informational site, our main legal bases are consent (for cookies/marketing), legitimate interests (site operation, security, statistics) and, where applicable, performance of a relationship (handling your request). We may also need to comply with legal obligations (record-keeping, law-enforcement cooperation).

Reflect: We clarify each ground and tie it to specific processing activities for transparency.

Consent

• We rely on your consent when:
  • you accept non-essential cookies (e.g. advertising or advanced analytics cookies);
  • you subscribe to any optional newsletter, marketing list or notification service (if offered);
  • you voluntarily submit personal information in a contact request expecting us to handle and respond to it.
• You may withdraw your consent at any time using the mechanisms described below (see "Your Rights" and "Cookies & Tracking Technologies").

Performance of a relationship or arrangement

• When you contact us for:
  • information about Royal Ace or other reviewed casinos;
  • assistance with complaints or issues (for example, by using or referencing third-party platforms such as centraldisputesystem.com);
• we process the data you provide to handle and respond to your request. This processing is necessary to take steps at your request and to maintain communications with you.

Legitimate interests

• We process certain personal data because we have a legitimate interest in:
  • operating, maintaining and improving the Site and its content;
  • ensuring IT security, preventing fraud, abuse and unauthorised access;
  • measuring and improving the performance of affiliate links and content;
  • maintaining records necessary for the defence or establishment of legal claims.
• When relying on legitimate interests, we balance our interests against your privacy expectations and implement safeguards such as pseudonymisation, minimisation and limited retention.

Compliance with legal obligations

• We may process and retain certain information to:
  • comply with applicable laws, regulatory requirements or lawful requests from authorities (for example, in Australia under relevant communications and consumer laws);
  • respond to orders, subpoenas, or official investigations relating to our activities;
  • maintain accounting or business records where this is legally required.

Purpose of Processing

Observe: The Site primarily offers reviews, guides and links related to online gambling brands including Royal Ace, targeting Australian users for informational purposes.

Expand: We must describe how data supports service delivery, improvements, marketing and risk prevention.

Reflect: Purposes are grouped to help users understand why their data is needed and how long it may be kept.

Provision of services and communication

• To operate and provide access to royalace-aussie.com and its content.
• To respond to your questions, feedback or complaints sent to our email addresses.
• To assist, where we choose to do so, with dispute-navigation information regarding third-party casinos (purely as a review site, without acting as your legal representative).

Improvement, analytics and optimisation

• To analyse how users interact with our pages, links and content so we can:
  • improve layout, navigation and readability;
  • identify which brands or topics are of most interest (e.g., Royal Ace vs. sister sites);
  • fix errors, bugs and compatibility issues.

Marketing and monetisation

• To display or track performance of affiliate links and promotional placements relating to gambling operators.
• To send you marketing or promotional communications (if we offer such communications and only where you have opted in).
• To work with advertising networks to show relevant advertising content, where legally permitted and with appropriate cookie/consent controls.

Security, fraud prevention and legal protection

• To protect the Site, our infrastructure and users from security threats, spam, scraping and abusive behaviour.
• To detect, investigate and mitigate potential fraud or misuse of our Site and affiliate links.
• To establish, exercise or defend legal claims and to cooperate with lawful requests from regulators, such as the Australian Communications and Media Authority (ACMA) where relevant.

Disclosure & Sharing

Observe: As a review portal, we necessarily interact with third-party service providers (hosting, analytics, advertising) and may reference gambling operators and dispute platforms. We must clarify with whom data might be shared and under what safeguards.

Expand: Distinguish between disclosure to service providers, business partners, regulators, and circumstances such as legal obligations or business transfers.

Reflect: Provide a clear breakdown and emphasise that we do not sell personal data as a standalone asset.

Service providers (processors)

• We may share personal data with trusted third parties that process data on our behalf, including:
  • Hosting providers and cloud infrastructure services;
  • Analytics providers that help us understand traffic and behaviour on the Site;
  • IT security and maintenance providers who support our systems;
  • Email and communication tools used to manage correspondence with you.
• These parties are required to process data only according to our instructions and under appropriate confidentiality and security obligations.

Affiliate, advertising and commercial partners

• We work with affiliate programs and advertising networks connected to gambling operators, including (but not limited to) Royal Ace and its sister brands.
• In that context we may share or they may collect:
  • cookie identifiers and technical data;
  • information about clicks on outbound links;
  • aggregated or pseudonymised statistics on conversions or performance.
• We do not provide your direct identification data (e.g. name, email) to such partners unless:
  • you explicitly ask us to share information to help with a complaint or inquiry, and
  • you consent to such sharing for that specific purpose.

Regulators, authorities and dispute channels

• We may disclose personal data:
  • to competent authorities where required by law or where disclosure is necessary to protect our rights or the rights of others;
  • when cooperating with regulatory bodies (for example, if ACMA or another authority legitimately requests information relating to our Site);
  • where you ask us to support you with dispute-navigation and we refer to external platforms such as centraldisputesystem.com; in such a case, you will usually provide your data directly to that platform under its own privacy policy.

Corporate transactions

• If our review project is subject to a merger, acquisition, restructuring or transfer of assets, personal data reasonably necessary for the transaction may be disclosed to involved parties under confidentiality obligations and, where required, subject to your consent or additional safeguards.

No sale of personal data as a commodity

We do not sell your personal data as a standalone commercial product. Any monetisation occurs via advertising or affiliate relationships where personal data is processed under the safeguards outlined above.

International Transfers

Observe: Our users may be in Australia and elsewhere, while service providers, affiliate networks and hosting services may be located globally.

Expand: Describe typical regions of transfer (e.g., EU, US, other). Emphasise safeguards such as contractual protections and technical security, noting that some jurisdictions may have different privacy frameworks.

Reflect: Provide a transparent overview while acknowledging the cross-border nature of online services.

Regions to which data may be transferred

• Australia: primary target market and location of many users, and potential location of some infrastructure or support services.
• European Economic Area (EEA) / United Kingdom: where certain hosting, analytics or affiliate partners may be located.
• United States and other third countries: where some cloud, analytics, advertising and technical providers may process data.

Safeguards for international transfers

• We endeavour to work with service providers that implement robust security and privacy practices, including:
  • industry-standard encryption in transit and at rest;
  • access controls and data minimisation;
  • internal privacy and security programs.
• Where applicable and feasible, we seek to ensure that contractual safeguards are in place between us and our service providers, such as:
  • data processing agreements incorporating standard contractual clauses or equivalent mechanisms, where such frameworks are relevant;
  • commitments not to use personal data for purposes beyond those we specify.
• Because we are an informational review site and not a financial or gambling operator, the volume and sensitivity of the personal data we transfer internationally is generally limited; however, any transfer still occurs under the protections described in this Policy.

Data Retention

Observe: As a content site, our main retention considerations involve contact correspondence, logs and analytics data.

Expand: We should specify indicative retention periods and criteria for deletion, while remaining flexible to legal requirements and the needs of dispute handling.

Reflect: We provide category-based timelines and explain conditions that may extend or shorten retention.

General retention principles

• We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law.
• When data is no longer needed, we will either securely delete it, anonymise it, or aggregate it so it can no longer be linked to an identifiable individual.

Indicative retention periods

• Contact and correspondence data:
  • Emails and complaint-related communications are typically retained for up to 5 years after the last meaningful interaction, to allow follow-up and to document our handling of issues.
  • In cases of ongoing or threatened legal disputes, data may be kept longer until the dispute is finalised and applicable limitation periods expire.
• Technical logs and security data:
  • Server logs, security logs and similar data are usually retained for 6 to 24 months, depending on the type of log and security needs.
• Analytics data:
  • Aggregated or anonymised analytics data may be retained for a longer period as it no longer identifies individuals.
  • Where analytics data is pseudonymised, identifiers are kept only as long as needed for the analysis, typically up to 26 months unless otherwise justified.
• Marketing data:
  • If we operate email lists or similar channels, your subscription data is kept until you unsubscribe, after which we may retain minimal information (e.g. your email address) on a suppression list to ensure you are not contacted again.

Deletion criteria

• Data is deleted or anonymised when:
  • the retention period has expired;
  • you successfully exercise your right to deletion (where applicable and not overridden by legal requirements);
  • the data is no longer necessary for the purposes for which it was collected, including the defence of legal claims.

Your Rights

Observe: Users may come from jurisdictions with strong privacy regimes, such as the EU. The instructions also mention alignment with GDPR and Mexican law, even though our primary focus is Australia.

Expand: To provide a high level of protection, we describe a set of rights closely aligned with GDPR-style principles (access, rectification, erasure, restriction, objection, portability, and consent withdrawal), and we apply them as a matter of policy to the extent feasible, even though local legal frameworks may differ.

Reflect: We outline clear procedures, timeframes and cost conditions to make these rights practical and understandable.

Overview of rights

Subject to applicable law and certain limitations, you may have the following rights in relation to personal data we hold about you:

• Right of access: to obtain confirmation as to whether we process your personal data and to receive a copy of that data.
• Right to rectification: to request correction of inaccurate or incomplete personal data.
• Right to deletion ("right to be forgotten"): to request the deletion of your personal data where there is no valid reason for us to continue processing it.
• Right to restriction of processing: to request that we limit processing under certain circumstances (e.g. while we verify the accuracy of data or review an objection).
• Right to object: to object to processing based on our legitimate interests, and to opt out of direct marketing at any time.
• Right to data portability: where technically feasible and applicable, to receive certain data you provided to us in a structured, commonly used and machine-readable format and to transmit it to another controller.
• Right to withdraw consent: where processing is based on your consent (for example, marketing communications or non-essential cookies), you may withdraw that consent at any time without affecting prior lawful processing.

How to exercise your rights

1. Submit a request: Contact us at [email protected] with:
   • a clear description of the right you wish to exercise; and
   • information that reasonably allows us to verify your identity (for example, the email address used to contact us previously).
2. Verification: For your security, we may ask for additional information solely to confirm that we are interacting with the correct person and not disclosing data to an unauthorised individual.
3. Response time: We aim to respond to all valid requests within 30 days of receipt. If your request is complex or we receive multiple requests, this period may be extended, but we will inform you of the extension and the reasons.
4. Charges: Requests are generally handled free of charge. However, where requests are manifestly unfounded, excessive or repetitive, we may charge a reasonable fee or refuse to act, as permitted by applicable law.

Limitations

• We may not be able to fully comply with a request where:
  • we must retain certain data to comply with legal obligations or to resolve disputes;
  • we are unable to identify you based on the information you provide;
  • the data has already been irreversibly anonymised or deleted.
• Note that rights concerning gambling account data, betting history or KYC information held by Royal Ace or any other casino must be exercised directly with that operator under its own privacy framework.

Cookies & Tracking Technologies

Observe: Cookies are central to analytics and affiliate tracking. Some are essential, others are optional.

Expand: We categorise cookies by type and purpose, and provide control mechanisms via browser settings and, where available, internal tools.

Reflect: This helps users manage their privacy while understanding potential impacts on site functionality.

Types of cookies we use

• Session cookies: temporary cookies that exist only while your browser is open and are deleted when you close it. They support basic functions such as page navigation and remembering temporary preferences.
• Persistent cookies: cookies that remain on your device for a defined period or until you delete them. They can store preferences and help us recognise returning visitors.
• Third-party cookies: cookies set by external providers, such as analytics services or advertising/affiliate partners, when you interact with our Site or click outbound links.

Purposes of cookies

• Strictly necessary / functional cookies:
  • enable core features (e.g. page loading, security, basic navigation);
  • are generally required for the Site to operate correctly and cannot usually be disabled via our interface.
• Analytics cookies:
  • help us understand how visitors use our Site;
  • provide aggregated statistics on page views, time spent, click paths, and conversion rates of affiliate links.
• Advertising and affiliate cookies:
  • help us track when you click on links to third-party gambling operators;
  • allow our partners to recognise that you came from our Site, which may affect how we are compensated;
  • may also be used by advertising networks to show more relevant ads on other websites, subject to their own privacy and cookie policies.

Managing cookies

• Browser settings: Most web browsers allow you to:
  • view which cookies are stored on your device;
  • delete cookies partially or completely;
  • block cookies from specific sites or all sites;
  • set preferences for how future cookies are handled.
  Please consult your browser's help section for detailed instructions.
• On-site controls: Where available, our Site may present a banner or preferences tool that allows you to:
  • accept or reject non-essential cookies (e.g. analytics, advertising);
  • change your choices at a later time.
• Impact of disabling cookies: If you block or delete cookies, certain features of our Site may not function as intended, and some tracking (including affiliate tracking) may not work, which can affect how our content is funded.

Data Security

Observe: Even as a review site, we must treat personal data securely, especially communications concerning gambling or financial disputes.

Expand: We detail technical, organisational and procedural safeguards, referencing recognised security practices, while clarifying that no system is completely risk-free.

Reflect: Users gain a realistic understanding of our protective measures and residual risks.

Technical security measures

• Encryption in transit: We use modern transport layer security (TLS 1.2+ or successor protocols) to encrypt data transmitted between your browser and our servers where supported.
• Encryption at rest: Where feasible, stored data (including backups) is protected through encryption or equivalent safeguards provided by our hosting and cloud providers.
• Access control: Access to systems and data is limited to authorised personnel and service accounts strictly on a need-to-know basis, protected by strong authentication mechanisms and, where appropriate, multi-factor authentication.

Organisational and procedural measures

• Data minimisation: We collect and retain only the data reasonably necessary for the purposes stated in this Policy.
• Staff awareness: Individuals with access to personal data are expected to follow confidentiality obligations and receive guidance on data protection responsibilities.
• Vendor diligence: We endeavour to select hosting, analytics and other providers that maintain robust security practices, and we regularly review our technical setup.

Monitoring and incident response

• Systems are monitored for unusual activity, and security logs are maintained for a limited period as described above.
• In the event of a personal data breach that is likely to result in a significant risk to your rights and freedoms, we will:
  • take prompt steps to contain and investigate the incident;
  • notify affected individuals and, where applicable, relevant authorities, in accordance with legal requirements and our internal procedures.

While we apply appropriate safeguards, no online service can guarantee absolute security. You are encouraged to take your own precautions, such as using up-to-date software, secure connections and careful handling of any sensitive information you choose to share.

Complaints & Contacts

Observe: Users require clear channels to raise concerns or complaints about how we handle their personal data.

Expand: We specify contact details, internal complaint handling steps, target timelines, and escalation options to supervisory authorities that may be relevant for users, particularly in Australia or elsewhere.

Reflect: This ensures transparency and demonstrates our commitment to addressing privacy concerns.

How to contact us

• Primary privacy contact / DPO function: Privacy & Compliance Desk, Royal Ace
• Email: [email protected]
• General information email: [email protected]

If we implement any online feedback or contact forms on https://royalace-aussie.com, they will also serve as valid channels to reach us regarding privacy concerns.

Internal complaint procedure

1. Submission: Send us a detailed description of your concern, including any relevant context (e.g. dates, pages visited, copies of previous correspondence) to [email protected].
2. Acknowledgment: We will attempt to acknowledge receipt of your complaint within 7 business days.
3. Investigation: We will investigate your complaint, which may involve reviewing logs, internal records and relevant communications.
4. Response: We aim to provide a substantive response or resolution within 30 days. If we need more time due to complexity, we will inform you of the delay and the expected timeframe.

Escalation to supervisory authorities

If you believe that we have not adequately resolved your privacy concerns, you may have the right to lodge a complaint with a data protection or privacy supervisory authority in your country of residence or where you believe an infringement has occurred. For Australian users, the relevant authority is typically:

• Office of the Australian Information Commissioner (OAIC)
  Website: https://www.oaic.gov.au
  Complaint information: https://www.oaic.gov.au/privacy/privacy-complaints

For matters relating specifically to the regulation of interactive gambling services targeting Australians, information about enforcement actions (including blocking of illegal overseas gambling websites) is available from:

• Australian Communications and Media Authority (ACMA)
  Website: https://www.acma.gov.au
  Blocked gambling websites list: https://acma.gov.au/blocked-gambling-websites

Please note that these authorities primarily oversee privacy or communications law compliance. Issues relating to your gambling account with Royal Ace or any other operator (such as game fairness or withdrawal delays) should generally be raised with the operator, any relevant licensing authority or dispute resolution platform (for example, centraldisputesystem.com), in accordance with their own procedures.

Updates

Observe: Privacy laws and industry practices evolve; thus, we must update this Policy over time.

Expand: We describe how users will be informed, how we record versions and changes, and what options users have if they disagree with material updates.

Reflect: This promotes ongoing transparency and user control.

Changes to this Privacy Policy

• We may update or modify this Privacy Policy from time to time to reflect:
  • changes in our data processing practices or Site functionality;
  • evolving legal or regulatory requirements;
  • feedback from users or supervisory authorities.

Notification of material changes

• When we make material changes to this Policy, we will take appropriate steps to inform you, which may include:
  • displaying a prominent notice or banner on https://royalace-aussie.com;
  • updating the "Last updated" date at the bottom of the Policy;
  • where we have your contact details and it is appropriate to do so, sending you an email notification.
• For significant changes that materially affect your rights or how we process your data, we will endeavour to provide at least 30 days' advance notice before the new terms become effective, unless immediate changes are required by law or to address urgent security, compliance or technical issues.

User options in case of changes

• If you do not agree with the updated Policy, you should:
  • cease using the Site; and
  • contact us at [email protected] if you wish to exercise any of your rights (e.g. deletion of data we hold based on prior interactions), subject to applicable law and the limitations described above.

Last updated: January 2026