1. Categories of data
We collect the following categories of personal information:
- Identity — full name, date of birth, residential address, identity-document details.
- Account — username, account status, preferences, verification status.
- Financial — debit-instrument details, deposits, withdrawals, transaction history.
- Behavioural — wagering activity, deposit-limit settings, responsible-gambling tool usage.
- Technical — device, browser, IP address, geo-location signals, cookies.
- Communications — correspondence with support, complaints, call records.
2. Purposes of use
We use personal information for the following purposes, each with a legal basis:
- Opening and operating accounts (contractual necessity).
- Verifying identity and age (AML/CTF Act 2006 (Cth); Customer Identification Rules).
- Conducting customer due diligence and transaction monitoring (AML/CTF Act 2006 (Cth)).
- Self-exclusion screening (Part 7B of the Interactive Gambling Act 2001 (Cth)).
- Settling wagers and processing payments under our licence (Racing and Betting Act 1983 (NT)).
- Meeting harm-minimisation obligations and NTRC directions.
- Sanctions and politically-exposed-person screening (Autonomous Sanctions Act 2011 (Cth)).
- Direct marketing, where consented (Australian Privacy Principle 7).
- Responding to complaints and disputes.
- Detecting fraud, collusion and integrity breaches.
3. Disclosure to third parties
We may disclose personal information to:
- Regulators and agencies — AUSTRAC, the Northern Territory Racing Commission, ACMA, OAIC.
- Racing controlling bodies — Racing NT, Racing Victoria, Racing NSW, Greyhound Racing NT, Greyhounds NSW, Harness Racing Victoria and equivalents, under race-fields and integrity agreements.
- Sport Integrity Australia and sports controlling bodies.
- Law enforcement, where lawfully required.
- Payment processors and banks.
- Identity-verification (KYC) vendors.
- Cloud and IT service providers.
- BetStop and the Department of Social Services for self-exclusion administration.
4. Data retention
We retain customer records for seven years after account closure in accordance with section 107 of the AML/CTF Act 2006 (Cth). Records are then securely destroyed or de-identified unless a longer period is required by law.
5. Direct marketing (APP 7)
Where you consent, we may send direct marketing by email, SMS or push. Every marketing message includes an opt-out. Customers registered on BetStop are automatically removed from all marketing. We do not sell personal information.
6. Data breach notification
We comply with the Notifiable Data Breaches scheme (Part IIIC of the Privacy Act 1988 (Cth)). We assess suspected eligible data breaches within 30 days and, where an eligible data breach is confirmed, notify the OAIC and affected individuals as required.
7. Children's privacy
Our services are not offered to persons under 18. We do not knowingly collect personal information from minors. Accounts that cannot satisfy age verification are not activated.
8. Privacy Officer
Privacy enquiries, access requests and correction requests may be directed to the Privacy Officer at privacy@earlycrown.bet.
9. Security framework (APP 11)
We take reasonable steps to protect personal information through access controls, encryption in transit, network segmentation, logging and staff training. Access is restricted to personnel who require it for their role.
10. Cookies
Our use of cookies and similar technologies is described in the Cookies notice.
11. Collection notice
An in-context collection notice under Australian Privacy Principle 5 is presented on the account-opening page before personal information is collected.
12. Version
Version 1.0. Effective 12 July 2026. Maintained by the Privacy Officer, Booki.com.au Pty Ltd.