Privacy Policy

This Privacy Policy explains how Spin Samurai, operated in connection with spinsamurai-aussie.com, collects, uses, discloses, and protects personal information of players and website visitors from Australia and other locations. It applies to all use of the website, associated review content, and related communication channels. By accessing or using our services, you acknowledge that you have read and understood this Privacy Policy. This Privacy Policy is effective as of 01 January 2026 and supersedes any earlier version published on spinsamurai-aussie.com or related review pages.

Who We Are

OBSERVE: Users need to know who is responsible for data, including operator, location, and contact details. EXPAND: The gambling service is operated offshore under a Curaçao licence; Australian users must be clearly informed of the offshore nature and applicable privacy responsibilities. REFLECT: We set out the legal entities and primary contacts in a concise, verifiable form.

The online gambling service reviewed at Spin Samurai and accessed through https://spinsamurai-aussie.com is operated by:

• Operator: Dama N.V., a company incorporated under the laws of Curaçao.
• Registration number: 152125.
• Legal and registered address: Scharlooweg 39, Willemstad, Curaçao.
• Gambling licence: 8048/JAZ2020-013, issued under Master Licence 8048/JAZ by Antillephone N.V., Curaçao, for online gambling activities (stated as valid through 2026 unless revoked by the issuer).

Certain payment processing and ancillary services for the brand Spin Samurai may be handled by a subsidiary:

• Payments subsidiary: Strukin Ltd (Cyprus-based entity, address not specified in this notice) - involved in payment handling and related support functions.

Data protection and privacy contact:

• Data Protection Officer / Privacy contact: Data Protection Department, Dama N.V.
• Email (primary privacy contact): [email protected]
• Email (support-related privacy queries): [email protected]
• Postal contact for privacy correspondence: Dama N.V., Data Protection Department, Scharlooweg 39, Willemstad, Curaçao.

When we refer to "we", "us", or "our" in this Privacy Policy, we mean Dama N.V. in its role as controller or equivalent under applicable privacy and data protection laws, in relation to the Spin Samurai brand and the Spin Samurai pages on spinsamurai-aussie.com.

What Personal Data We Collect

OBSERVE: Different data types are required to register accounts, process payments, ensure game integrity, and run the review website. EXPAND: Collection must comply with Australian privacy expectations and international standards, including clear categorisation and examples. REFLECT: We classify data into understandable groups and link each to typical use cases.

Identity and Contact Data

• Registration data: Full name, date of birth, residential address, country of residence, and gender (if requested).
• Contact details: Email address (e.g., used with [email protected]), telephone number (if provided), and communication preferences.
• Verification/KYC data: Copies or details of identity documents (passport, ID card, driver's licence), proof of address (utility bill, bank statement), and other documents required for Know Your Customer (KYC) and Anti-Money Laundering (AML) checks.

Account and Behavioural Data

• Account information: Username, encrypted password, security questions, account status, language preferences, and responsible gambling settings (limits, self-exclusions).
• Gameplay and betting data: Game sessions, games played, stakes, wins/losses, bonus usage and wagering progress, timestamps of bets, and related logs.
• Website interaction data: Pages viewed, clicks, traffic sources, time spent on pages (including on Spin Samurai review content), and navigation paths.

Technical and Device Data

• Device identifiers: IP address, browser type and version, operating system, device model, and other technical identifiers.
• Log data: Access times, login attempts (successful and failed), session identifiers, crash reports, and system performance data.
• Location-related data: Approximate geolocation inferred from IP address (e.g., Australia), used, among other things, to comply with geo-blocking and regulatory controls.

Payment and Financial Data

• Transaction data: Deposits, withdrawals, bonuses credited, payment methods used, currency, timestamps, and transaction identifiers.
• Limited payment instrument data: Last four digits of credit/debit card number, card type and expiry date, e-wallet identifiers, bank account references and payment processor IDs (full card or bank numbers are generally processed by PCI-compliant payment providers rather than stored by us).
• Fraud and chargeback data: Information related to chargebacks, disputes, sanctions, or blocks applied to payment accounts.

Communications and Support Data

• Customer support records: Emails sent to [email protected], [email protected], or other addresses, live chat transcripts, and internal notes about your enquiries.
• Marketing communication data: Newsletter subscriptions, marketing preferences, opt-in/opt-out records, and interactions with our marketing emails.
• Feedback and survey data: Responses to surveys, ratings, and other feedback regarding the Spin Samurai brand or the Spin Samurai content.

Cookies and Similar Technologies

• Cookie identifiers: Unique identifiers associated with your browser or device, used for session management, authentication, analytics, and advertising (where allowed).
• Tracking technologies: Web beacons, pixels, local storage objects, and similar technologies used on spinsamurai-aussie.com and associated domains.

Where we collect personal data from third parties (such as payment service providers, affiliates, or identity verification services), we do so in accordance with this Privacy Policy and applicable laws.

Legal Basis for Processing

OBSERVE: Our operations are subject to Curaçao licensing, Australian privacy expectations, and widely recognised principles similar to GDPR. EXPAND: Each processing activity must link to a clear legal ground, such as consent, contract, legitimate interests, or legal obligation. REFLECT: By mapping purposes to bases, users can understand when they may object or withdraw consent.

Consent

• We rely on your explicit consent for:
  • Sending direct electronic marketing communications (email newsletters, promotional offers related to Spin Samurai or similar brands), where required by law.
  • Using certain non-essential cookies and tracking technologies for analytics and advertising purposes.
  • Processing optional information you choose to provide in surveys or feedback forms.
• You may withdraw your consent at any time, as described in the "Your Rights" and "Cookies & Tracking Technologies" sections.

Contractual Necessity

• We process personal data where necessary to enter into and perform a contract with you, including:
  • Creating and managing your player account.
  • Processing deposits, bets, gameplay, bonuses, and withdrawals.
  • Providing customer support and addressing technical issues.
• Without this data, we cannot provide the core gambling services or maintain your account.

Legitimate Interests

• We process personal data based on our legitimate interests, which are balanced against your rights and freedoms, for example:
  • Ensuring the security and integrity of our platforms, games, and payment systems.
  • Preventing, detecting, and investigating fraud, abuse, and suspicious activities.
  • Improving our services, website usability, and user experience, including analysing aggregated gameplay data.
  • Protecting our legal rights and defending ourselves in case of disputes or claims.

Compliance with Legal and Regulatory Obligations

• We may be legally required, under Curaçao regulations, AML/KYC laws, taxation, corporate reporting, and similar frameworks, to:
  • Verify your identity and age.
  • Monitor transactions and report certain activities to competent authorities.
  • Maintain records of transactions and customer information for minimum statutory periods.
• We also align with key principles of the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) to the extent reasonably applicable, even though our operations are offshore and not licensed locally in Australia.

Purpose of Processing

OBSERVE: Users need clarity on why their data is used beyond mere collection. EXPAND: Purposes must cover operational, security, marketing, compliance, and analytical needs. REFLECT: Grouping purposes helps demonstrate data minimisation and necessity.

Provision and Management of Casino Services

• To create, verify, and maintain your Spin Samurai player account and related profiles.
• To process deposits, bets, gameplay, bonuses, loyalty rewards, and withdrawals.
• To provide personalised content, game recommendations, and user interface adjustments.

Customer Support and Communication

• To respond to enquiries sent to [email protected], [email protected], and other channels.
• To send transactional communications, such as account notifications, password resets, KYC requests, and service-related alerts.
• To manage feedback and resolve technical or service-related issues.

Compliance, Security, and Fraud Prevention

• To perform identity verification, age checks, and ongoing KYC/AML monitoring.
• To protect our systems and users against fraud, money laundering, bonus abuse, account takeovers, and prohibited behaviours.
• To enforce our Terms and Conditions, bonus rules, and responsible gambling measures.

Analytics, Service Improvement, and Research

• To analyse anonymised or pseudonymised data (e.g., from BGaming RNG testing information or aggregated gameplay logs) to improve fairness, game selection, and user experience.
• To produce internal reports and statistics about game performance, website usage, and marketing effectiveness.
• To support responsible gambling research and align with emerging best practice, including external research sources (e.g., gambling-related studies referenced in our materials).

Marketing and Personalisation

• To send newsletters, promotional offers, and marketing communications where permitted by law and based on your consent or our legitimate interests.
• To personalise marketing content, including recommendations of games and campaigns likely to be of interest to you.
• To cooperate with affiliates and advertising partners in tracking the performance of campaigns, subject to consent where required.

Disclosure & Sharing

OBSERVE: Data is shared with a range of third parties to operate an online casino and review site. EXPAND: Sharing must be transparent, limited, and accompanied by safeguards such as contracts and security standards. REFLECT: We identify each category of recipient and the reasons for disclosure.

Group Companies and Operational Partners

• Operator group entities: Dama N.V. and its subsidiaries, including Strukin Ltd (Cyprus), may access your data as necessary for payments processing, risk management, customer support, and back-office operations.

Payment Service Providers and Financial Institutions

• We share necessary transaction and identity data with:
  • Banks, card schemes, e-wallet providers, and alternative payment providers involved in deposits and withdrawals.
  • Payment processors and gateway providers acting on our behalf.
• These entities process your data under their own regulatory obligations (e.g., PCI-DSS, AML) and under contractual arrangements with us.

Technical, Security, and Support Service Providers

• We engage third-party providers for:
  • Website hosting and infrastructure.
  • Game content and RNG providers (including BGaming, whose games are tested by independent labs such as iTechLabs).
  • IT security, DDoS protection, monitoring, and logging solutions.
  • Customer support tools, email delivery services, and analytics platforms.
• These providers act as data processors or equivalent and may only process your data in accordance with our instructions and applicable law.

Affiliates and Advertising Partners

• We may share limited data with:
  • Affiliate partners who refer players to us, for the purpose of tracking and attributing referrals and calculating commissions.
  • Advertising networks and marketing agencies, with your consent where required, for campaign performance analysis and targeted advertising.

Regulators, Authorities, and Dispute Resolution Bodies

• We may disclose personal data to:
  • Regulators and licensing authorities in Curaçao or other jurisdictions as required by law, licence conditions, or AML/KYC rules.
  • Law enforcement agencies, courts, or other governmental bodies where necessary to comply with legal obligations or to establish, exercise, or defend legal claims.
  • Supervisory or dispute resolution bodies, where you file complaints or disputes concerning our services.

Business Transfers

• If we undergo a corporate transaction such as a merger, acquisition, restructuring, or asset sale involving the Spin Samurai brand or the spinsamurai-aussie.com assets, your personal data may be transferred as part of the transaction, subject to confidentiality and continuity of protection.

We do not sell your personal data to third parties in the sense of direct monetary sale; any data sharing for marketing or analytics purposes is governed by strict contractual and legal safeguards.

International Transfers

OBSERVE: Data flows cross-border between Curaçao, Cyprus, EU, and potentially other regions, including Australia. EXPAND: Users need assurance of protections, such as contractual clauses and security controls. REFLECT: We specify destinations and safeguards, aligned with global best practice.

• Your data is primarily processed in:
  • Curaçao - where Dama N.V. is incorporated and where core gambling operations are based.
  • Cyprus - where Strukin Ltd and some payment and support operations may be located.
  • European Union / European Economic Area (EEA) - where some service providers, hosting, and security partners may be based.
  • Other jurisdictions - where specific technology or support vendors operate, including servers outside your country of residence (e.g., for Australian players).
• Where personal data is transferred internationally:
  • We seek to use service providers that implement robust security and privacy standards (e.g., ISO 27001, SOC 2 where applicable).
  • Where required by applicable data protection laws (for example, in relation to EU/EEA data subjects), we use mechanisms such as:
    • Standard Contractual Clauses (SCCs) approved by the European Commission or equivalent instruments.
    • Contractual clauses ensuring adequate protection, confidentiality, and restricted onward transfers.
• By using the services from Australia or other countries, you understand that your data will be transferred to and processed in countries that may have different data protection laws than your country of residence. We implement appropriate safeguards to ensure that your data remains protected in accordance with this Privacy Policy.

Data Retention

OBSERVE: Gambling services must retain certain data for legal and security reasons but not longer than necessary. EXPAND: Retention periods differ by category (e.g., KYC vs. marketing). REFLECT: We provide clear timelines and criteria while accounting for statutory requirements and dispute periods.

• Account and identification data:
  • Stored for the duration of your active account and generally for up to 5 years after account closure, to meet AML/KYC and record-keeping obligations and to manage potential disputes or audits.
• Transaction and financial records:
  • Stored for a minimum of 5 - 7 years from the date of the relevant transaction, depending on applicable legal and tax requirements.
• Gameplay and behavioural logs:
  • Retained for as long as necessary for security, anti-fraud, responsible gambling analysis, and regulatory purposes, typically up to 5 years after account closure, after which they may be anonymised or securely deleted.
• Customer support communications:
  • Stored for up to 3 - 5 years from the date of the last interaction, depending on the nature of the enquiry and any related disputes.
• Marketing data:
  • Processed until you withdraw your consent or object to direct marketing. We will then stop sending marketing but may retain limited records of your opt-out choice.
• Cookies and tracking data:
  • Stored according to their individual lifetimes (see "Cookies & Tracking Technologies"), typically from the end of the session up to 24 months, unless you clear them earlier.

When deciding retention periods, we consider legal obligations, regulatory expectations, limitation periods for claims, security requirements, and the principle of data minimisation. When data is no longer required, it is securely deleted, anonymised, or aggregated.

Your Rights

OBSERVE: Users must be informed of their privacy rights in a way compatible with EU-style standards and comparable frameworks. The prompt refers to GDPR and Mexican alignment; we interpret this as a requirement to provide a comprehensive rights framework, while our primary user base in this context is Australia. EXPAND: We align our rights explanation with GDPR-like rights and Australian privacy expectations. REFLECT: We explain each right, outline processes and timeframes, and clarify that exercising rights is generally free of charge.

Overview of Your Rights

• Right of access: To obtain confirmation of whether we process your personal data and receive a copy of your data, along with information about how it is used.
• Right to rectification: To request correction of inaccurate or incomplete personal data.
• Right to deletion (erasure): To request deletion of your personal data in certain circumstances, for example where it is no longer needed or you have withdrawn consent (subject to legal retention obligations).
• Right to restriction: To request that we limit processing of your data in certain situations (e.g., while a dispute about accuracy or legality is being resolved).
• Right to object: To object to processing based on legitimate interests or to direct marketing at any time.
• Right to data portability: To receive personal data you have provided in a structured, commonly used and machine-readable format, and to request that we transmit it to another controller where technically feasible.
• Right to withdraw consent: Where processing is based on your consent (e.g., marketing, non-essential cookies), you may withdraw it at any time, without affecting the lawfulness of processing before withdrawal.

How to Exercise Your Rights

1. Submit a request:
   • Contact us via email at [email protected] or [email protected] with the subject line "Privacy Request".
   • Specify the right you wish to exercise and provide sufficient information for us to identify your account (e.g., username, registered email address).
2. Identity verification:
   • We may request additional information to verify your identity before acting on your request, especially for access, deletion, or portability, to protect your account and data.
3. Response timeframes:
   • We aim to respond to all valid requests within 30 days of receipt.
   • If your request is particularly complex or we receive multiple requests, this period may be extended; we will inform you of any extension and reasons.
4. Cost:
   • We process your requests free of charge, unless they are manifestly unfounded or excessive (e.g., repetitive). In such cases, we may charge a reasonable fee or refuse to act on the request, in line with applicable laws.

Even where specific regulations such as GDPR or Mexican privacy laws are not directly applicable, we strive to honour comparable rights consistent with international best practices and Australian privacy expectations, subject to our legal and regulatory obligations (for example, AML/KYC retention requirements may limit full deletion in some cases).

Cookies & Tracking Technologies

OBSERVE: Cookies support sign-in, security, and analytics on spinsamurai-aussie.com and Spin Samurai pages. EXPAND: Users must know what types exist, their purposes, and how to manage them. REFLECT: We summarise categories and empower users with control tools.

Types of Cookies We Use

• Session cookies: Temporary cookies that exist only while your browser is open. They are essential for navigating the site, maintaining login sessions, and ensuring secure interactions.
• Persistent cookies: Cookies stored on your device for a defined period, allowing us to remember preferences (such as language, region, or saved settings) between visits.
• First-party cookies: Cookies set directly by spinsamurai-aussie.com to support core site functionality and analytics.
• Third-party cookies: Cookies set by service providers such as analytics platforms, security tools, affiliate networks, and advertising partners.

Purposes of Cookies

• Strictly necessary / functional: Required for the website to function correctly, including account login, session management, and security features. These cannot be disabled via our internal cookie settings without impacting core services.
• Analytics and performance: Used to understand how visitors interact with Spin Samurai review content and other pages (e.g., pages visited, links clicked), to improve layout, content relevance, and technical performance.
• Advertising and affiliate tracking: Used to measure the effectiveness of marketing campaigns, ensure correct attribution to affiliate partners, and (where permitted) tailor advertising to your interests.

Managing and Disabling Cookies

• Browser settings: Most web browsers allow you to:
  • Block some or all cookies.
  • Delete cookies already stored on your device.
  • Configure notifications when a site attempts to place cookies.
• In-site preferences: Where available, our site may offer a cookie banner or settings panel allowing you to:
  • Accept or reject non-essential cookies (e.g., analytics, advertising).
  • Review your cookie choices at any time.
• Effect of disabling cookies: Disabling or blocking certain cookies may affect the operation of the site or limit your ability to log in, place bets, or access some features.

Data Security

OBSERVE: Online gambling and review platforms process sensitive financial and behavioural data, attracting heightened security expectations. EXPAND: We must demonstrate layered safeguards, referencing contemporary standards. REFLECT: We explain technical, organisational, and procedural controls without exposing vulnerabilities.

Technical Security Measures

• Encryption in transit: Data transmitted between your browser and our servers is protected using industry-standard Transport Layer Security (TLS) protocols (TLS 1.2 or higher), helping prevent interception or tampering.
• Encryption at rest: Sensitive data, including critical account and financial information, is stored in encrypted form where appropriate, with cryptographic keys managed under strict controls.
• Access controls: Access to production systems and databases is restricted to authorised personnel on a need-to-know basis, using strong authentication, role-based permissions, and logging of administrative activities.
• Multi-factor authentication (MFA): MFA is implemented for internal administrative accounts and may be offered for player accounts where technologically feasible.

Organisational and Procedural Measures

• Security policies and training: Staff involved in handling personal data receive regular training on data protection, confidentiality, and security best practices.
• Vendor due diligence: Third-party providers are assessed for security and privacy practices, and bound by appropriate contractual obligations, including, where relevant, adherence to standards such as ISO 27001 or SOC 2.
• Regular security audits: Systems are subject to periodic security assessments, vulnerability scans, and penetration testing to identify and remediate potential weaknesses.

Incident Detection and Response

• Monitoring and detection: Security monitoring tools are used to detect unusual or suspicious activities, including unauthorised access attempts and anomalous transaction patterns.
• Incident response procedures: We maintain incident response plans outlining roles, responsibilities, and escalation paths in the event of a suspected data breach or security incident.
• Notification: Where required by applicable law, we will notify relevant authorities and affected individuals without undue delay if a data breach is likely to result in a high risk to your rights and freedoms.

While we take appropriate measures to safeguard your data, no system can be guaranteed as completely secure. You are encouraged to use a strong, unique password and to keep your account credentials confidential.

Complaints & Contacts

OBSERVE: Users need clear channels to raise concerns and escalate complaints. EXPAND: We define internal steps and external supervisory options, including Australian regulators for online content and privacy where relevant. REFLECT: We provide structured pathways and realistic expectations.

Contacting Us

• Primary privacy contact: [email protected]
• Customer support for general enquiries: [email protected]
• Press and media: [email protected]
• Postal address: Data Protection Department, Dama N.V., Scharlooweg 39, Willemstad, Curaçao.

Internal Complaint Procedure

1. Submit your complaint:
   • Send an email to [email protected] with a detailed description of your concern (e.g., data access, deletion, marketing, security).
2. Acknowledgement:
   • We will acknowledge receipt of your complaint within 7 business days, where feasible.
3. Investigation and response:
   • We will investigate your complaint and aim to provide a substantive response within 30 days. If more time is required due to complexity, we will inform you of the reasons and the expected timeframe.

Escalation to Supervisory Authorities

• Australian Communications and Media Authority (ACMA): For matters related to offshore gambling services targeting Australians, you may refer to:
  • Website: https://acma.gov.au
• Australian privacy regulator: If you believe your privacy rights under Australian law have been infringed, you may contact the Office of the Australian Information Commissioner (OAIC). Contact details are available at https://www.oaic.gov.au.
• Other supervisory authorities: If data protection law in your jurisdiction provides for a data protection authority or equivalent body, you may have the right to lodge a complaint with that authority. Where EU/EEA data protection laws apply, you may contact the competent EU supervisory authority in your country of residence.

We encourage you to contact us first so that we may attempt to resolve your concerns directly before you approach external authorities.

Updates

OBSERVE: Privacy practices and regulations evolve, particularly for online gambling and cross-border services. EXPAND: Users must know how changes will be communicated and when they take effect. REFLECT: We implement versioning, notice periods for material changes, and user options.

Changes to This Privacy Policy

• We may update this Privacy Policy from time to time to reflect:
  • Changes in our services, technology, or business structure (including developments in the Spin Samurai brand or spinsamurai-aussie.com).
  • Updates in applicable laws, regulations, or best practice standards.
  • Feedback from users or guidance from regulators.

Notification Procedures

• Minor changes: For non-material updates (e.g., clarifications, formatting improvements), we will post the updated version on spinsamurai-aussie.com with a revised "Last updated" date.
• Material changes: For significant changes affecting how your personal data is processed, we will:
  • Provide notice via email (where feasible) to the address associated with your account.
  • Display prominent notices on the website (e.g., banners, pop-ups, or dashboard alerts) on the Spin Samurai pages and other relevant sections.
• Advance notice: Where reasonably possible and where changes are material, we will provide at least 30 days' advance notice before the new terms take effect.

User Options in Case of Changes

• If you do not agree with the updated Privacy Policy, you may:
  • Adjust your privacy settings, cookie preferences, or marketing consents.
  • Request closure of your account and, where applicable, exercise your rights under the "Your Rights" section.

Last updated: January 2026.