burger icon
5 Gringos Review Australia
Log In

Privacy Policy

This Privacy Policy explains how 5 gringos, operating via the website https://5gringos-aussie.com, collects, uses, discloses, and protects personal data of players and website visitors. It applies to all natural persons who access or use our website, create an account, participate in gambling activities, or otherwise interact with our services.

By using 5gringos-aussie.com you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Policy, you should not use our services.

Effective date: 1 January 2026 (Last updated: 6 November 2025, with effect continued through 2026).

Who We Are

OBSERVE: The operator information and licensing data provided indicate an offshore online casino serving Australian players under a Curaçao licence, with separate entities for operating and payment processing.

EXPAND: For privacy compliance, we must clearly identify the data controller, its legal address and registration, and the main contact channels, including a dedicated privacy contact. Where corporate structure is undergoing restructuring, this must be transparently disclosed and subject to future clarification.

REFLECT: We specify the current controller as Rabidi N.V. while acknowledging potential successor entities, and provide contact details suitable for data subject requests from Australia and other regions.

Data Controller (Casino Operator)

  • Trading/brand name: 5 gringos (online casino brand "5 gringos" for Australian users)
  • Website: https://5gringos-aussie.com
  • Legal entity (current controller): Rabidi N.V., a private limited liability company incorporated under the laws of Curaçao
  • Company registration number: 151791 (Curaçao Commercial Register)
  • Registered / legal address: Scharlooweg 39, Willemstad, Curaçao
  • Gambling licence: 8048/JAZ issued under the master licence regime of Antillephone N.V., Curaçao (covering 5gringos.com and its Australian mirrors, including 5gringos-aussie.com)

Corporate restructuring notice

Sources indicate that the licence holder and operating entity may, during an internal restructuring, be referred to as Adonio N.V. in some documents. Where such change of operator becomes legally effective, we will update this Privacy Policy and the website footer to reflect the exact current operator name and registration details. Until such update is clearly published on 5gringos-aussie.com, Rabidi N.V. remains the designated controller for privacy purposes.

Payment processing partner

  • Entity: Tilaros Limited (Cyprus)
  • Role: Payment processing provider for certain deposit and withdrawal methods for 5gringos-aussie.com
  • Address: Located in Cyprus (full registered address will be provided to users on request, and may also appear on transactional documentation)

Data Protection Contact / DPO

We may appoint a formal Data Protection Officer (DPO) or equivalent privacy lead. Their name and direct contact, where legally required, will be made available upon request and, where applicable, in an updated version of this Policy.

What Personal Data We Collect

OBSERVE: Operating an online casino for Australian and international players requires processing account, transactional, technical, and behavioural information, as well as using cookies and similar technologies.

EXPAND: We must clearly categorise the types of data processed, distinguish between data actively provided by users and data generated by systems, and explain typical examples for each category while avoiding unnecessary or excessive collection.

REFLECT: We present transparent categories of personal data, highlighting why each category is collected and how it relates to gambling services and legal obligations.

Categories of Personal Data

  • Identification and contact data
    • Full name, date of birth, gender (where provided), nationality
    • Residential address, country of residence
    • Email address, phone number, preferred language
    • Copies or details of identity documents (passport, ID card, driving licence), proof of address, and other KYC documentation
  • Account and profile data
    • Username, password (stored in hashed form), security questions and answers
    • Account settings and preferences, including marketing preferences
    • Responsible gambling limits, self-exclusion status, and session limits where set
  • Technical and usage data
    • IP address, approximate geolocation inferred from IP
    • Device identifiers, operating system, browser type and version, screen resolution, language settings
    • Login and access logs, session identifiers, timestamps, referrer URLs
    • Technical error logs and performance information
  • Payment and financial data
    • Selected payment method, masked card numbers or other payment instrument identifiers
    • Deposits, withdrawals, balances, bonuses, and wagering records
    • Payment approvals, declines, and chargeback information
    • Bank account or e-wallet details where required for payouts
  • Behavioural and gambling data
    • Game preferences, game sessions, betting history, wins and losses
    • Bonus opt-ins, bonus use and wagering progress
    • Clickstream data, navigation paths, time spent on pages and in games
    • Interactions with customer support (chat logs, emails, call notes where applicable)
  • Communications and marketing data
    • Subscriptions to newsletters and promotional communications
    • Records of consent to receive marketing, and of any withdrawal of consent
    • Responses to surveys, feedback forms, and promotional campaigns
  • Cookies and similar technologies
    • Session cookies, persistent cookies, and third-party cookies
    • Web beacons, tracking pixels, tags and scripts used for analytics and advertising
    • Identifiers necessary to remember your choices and log-in status
  • Information from third parties
    • Verification data from identity verification providers, credit reference agencies, and fraud prevention databases
    • Payment status information from banks and payment processors
    • Data from affiliates and marketing partners, such as campaign identifiers or referral information

Legal Basis for Processing

OBSERVE: As an offshore operator serving users who may be located in the EU, Australia, and other regions, we rely on multiple legal grounds for processing under the GDPR and comparable regimes.

EXPAND: We must link each key processing activity (account operation, payments, marketing, AML checks) to one or more lawful bases, such as contract performance, legal obligation, legitimate interests, or consent.

REFLECT: We describe our legal bases in a way that is understandable to players and can be mapped to standard international privacy frameworks, even though our primary corporate jurisdiction is Curaçao.

Our Main Legal Grounds

  • Performance of a contract

    We process personal data to enter into and perform our agreement with you, including our Terms and Conditions. This includes:

    • Creating, managing and securing your player account
    • Providing access to games and related services
    • Processing deposits, wagers, wins, withdrawals and bonuses
    • Providing customer support and handling your requests
  • Compliance with legal and regulatory obligations

    We are required under applicable laws and licence conditions (including KYC/AML and responsible gambling rules under Curaçao law and international standards) to process certain data, for example to:

    • Verify your identity, age, and eligibility to gamble
    • Monitor transactions for money laundering, fraud and other criminal activity
    • Keep appropriate business, accounting and transactional records
    • Cooperate with lawful requests from regulators, courts and law enforcement authorities
  • Legitimate interests

    We process data as necessary to pursue our legitimate interests, balanced against your privacy rights. These interests may include:

    • Preventing fraud, abuse, unauthorised access and security incidents
    • Improving our website, games, and user experience
    • Conducting analytics and statistics on aggregated or pseudonymised data
    • Defending and establishing legal claims and managing disputes
    • Ensuring continuity of service and business operations

    Where required, we perform a balancing test to ensure that your interests do not override ours.

  • Consent

    In some cases we rely on your consent, which you may withdraw at any time, including for:

    • Sending you electronic marketing communications (email, SMS, push notifications) where required by law
    • Using certain non-essential cookies and similar tracking technologies for analytics or advertising purposes
    • Sharing data with selected partners for personalised offers or cross-promotion
  • Protection of vital interests and public interest

    In rare cases we may process data to protect your vital interests or those of another person, for example when we reasonably believe there is an immediate risk of serious harm, or to cooperate with public authorities in preventing serious crime.

Purpose of Processing

OBSERVE: Players need to understand why their data is collected and how it is used beyond basic account administration.

EXPAND: Purposes must cover core gambling operations, security, legal compliance, analytics, and marketing, with clear examples.

REFLECT: We group purposes logically and connect them with the earlier legal bases and data categories.

Main Purposes

  • Provision and management of casino services
    • Creating and administering your account on 5gringos-aussie.com
    • Enabling you to access games, place bets, participate in promotions and claim bonuses
    • Processing deposits, withdrawals, and other financial transactions
    • Providing customer support and resolving technical issues
  • Legal, regulatory and responsible gambling obligations
    • Conducting identity, age and address verification
    • Monitoring gameplay and transactions for suspicious or irregular activity
    • Implementing responsible gambling tools, self-exclusion and limits
    • Maintaining records for AML, counter-terrorist financing, tax and bookkeeping purposes
  • Service improvement and analytics
    • Analysing how players use our website and games to improve usability and performance
    • Testing new features, game content and user interfaces
    • Generating anonymised or aggregated statistics about our customer base and gaming behaviour
  • Marketing and personalisation
    • Sending you offers, bonuses, newsletters and promotions, subject to your consent where required
    • Customising content, promotions and recommendations based on your profile and gaming history
    • Measuring the effectiveness of marketing campaigns and affiliate activities
  • Security, fraud prevention and dispute management
    • Detecting and preventing fraudulent transactions, bonus abuse, account takeover and collusion
    • Ensuring network and information security and preventing misuse of our services
    • Handling complaints, chargebacks, legal claims and regulatory inquiries

Disclosure & Sharing

OBSERVE: Operation of an online casino involves multiple third-party providers, including game suppliers, payment services, IT hosting, and analytics partners.

EXPAND: We must explain with whom personal data may be shared, under what safeguards, and in what circumstances mandatory disclosures to regulators and authorities may occur.

REFLECT: We provide a structured overview of categories of recipients and the principles governing any transfer.

Categories of Recipients

  • Group companies and affiliates
    • Current and future entities within the same corporate group (including potential successor operator Adonio N.V. and payment processor Tilaros Limited) that support the operation of 5gringos-aussie.com
    • Affiliate partners who introduce players to our website, where necessary to track and settle commissions (using unique tracking identifiers, not full profiles, wherever commercially possible)
  • Payment service providers and banks
    • Banks, card schemes, e-wallets, prepaid card issuers, voucher providers and other financial institutions processing deposits and withdrawals
    • Anti-fraud and payment verification providers assisting with transaction security and chargeback management
  • Technical and business service providers
    • Game content suppliers, platform providers, hosting and cloud infrastructure providers
    • IT support, cybersecurity providers, data storage and backup services
    • Customer support platforms, communication tools and CRM systems
    • Analytics and business intelligence providers, including those operating cookies and tracking tools (subject to consent where required)
  • Marketing and advertising partners
    • Email and SMS delivery platforms, push notification providers
    • Advertising networks, affiliate networks and campaign measurement providers
    • These partners only receive data necessary to perform their functions and are subject to contractual confidentiality and data protection obligations; where required by law, data is only shared based on your consent.
  • Regulators, authorities and dispute bodies
    • Licensing authority in Curaçao (Antillephone N.V.) and other relevant regulatory or gambling integrity bodies
    • Law enforcement agencies, courts and administrative authorities where disclosure is required by law or necessary for the establishment, exercise or defence of legal claims
    • Alternative dispute resolution (ADR) or mediation bodies where applicable
  • Professional advisers and transactional partners
    • Lawyers, auditors, accountants and consultants under strict confidentiality obligations
    • Potential buyers, investors or counterparties in corporate transactions (e.g., merger, acquisition, restructuring), subject to appropriate confidentiality and data protection safeguards

We do not sell your personal data to third parties for their independent marketing purposes. Any sharing of data for joint marketing or cross-promotion is based on appropriate legal grounds, including, where required, your consent.

International Transfers

OBSERVE: Data is processed in multiple jurisdictions including Curaçao, Cyprus, the EU/EEA and potentially other locations via cloud and service providers.

EXPAND: International transfers must be disclosed together with safeguards, especially for users protected under the GDPR or similar frameworks.

REFLECT: We describe the cross-border nature of processing and the mechanisms we use to protect personal data when transferred internationally.

Cross-Border Data Flows

  • Main processing locations
    • Curaçao - seat of Rabidi N.V. / Adonio N.V. and primary gambling operations
    • Cyprus - location of Tilaros Limited for payment processing
    • EU/EEA and other regions - hosting, support, analytics and marketing providers may operate from or store data in these or other countries
  • Safeguards for international transfers
    • Where required by applicable data protection law, we use Standard Contractual Clauses (SCCs) or equivalent contractual instruments approved for international data transfers.
    • We assess the legal environment of the destination country and, where appropriate, implement additional technical and organisational measures (such as encryption and access controls).
    • We ensure that our data processing agreements with service providers include obligations regarding security, confidentiality, and data subject rights.

By using 5gringos-aussie.com you acknowledge that your personal data may be transferred and processed outside your country of residence, including in countries that may offer a different level of data protection than your home jurisdiction. Where required, we will seek your explicit consent to such transfers.

Data Retention

OBSERVE: Gambling and financial regulations impose minimum record-keeping periods, while privacy laws require that data not be kept longer than necessary.

EXPAND: Different categories of data need different retention periods, and post-closure retention is needed for AML, accounting, and dispute purposes.

REFLECT: We explain our retention approach by category and criteria, while giving indicative timeframes up to and beyond 2026.

Retention Periods and Criteria

  • General principle

    We keep personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, to comply with legal and regulatory obligations, and to resolve disputes. When data is no longer needed, it is securely deleted or anonymised.

  • Indicative retention periods
    • Account and identification data: Typically maintained for the duration of your active account and, after closure, for a period of 5 to 7 years to meet legal, regulatory, anti-money laundering, accounting and tax obligations, and to handle possible claims.
    • Transaction and payment data: Usually retained for 5 to 7 years from the date of the relevant transaction, in line with financial and bookkeeping requirements.
    • Gambling and behavioural data: Retained for as long as necessary to support responsible gambling, AML monitoring, and dispute management, generally aligned with the above periods.
    • Customer support communications: Typically kept for up to 5 years from the date of the last interaction, unless a longer period is required for ongoing disputes or compliance reasons.
    • Marketing data: Processed for as long as you consent to or do not object to marketing communications. If you withdraw consent or object, we will promptly stop using your data for marketing and retain only minimal information needed to honour your opt-out.
    • Cookies: Stored according to their lifespan (e.g., session cookies are deleted when you close your browser; persistent cookies are retained for a period typically ranging from a few days to a maximum of 24 months, depending on their purpose).
  • Deletion and anonymisation
    • Where feasible, we anonymise data so that it can no longer be associated with an identifiable individual, and use such data for statistical or analytical purposes.
    • When deletion is required, we take reasonable steps to ensure that data is irreversibly destroyed or rendered unreadable.

Your Rights

OBSERVE: Players may come from jurisdictions that provide strong data subject rights, including the EU GDPR and comparable frameworks such as Mexican data protection laws.

EXPAND: We must present a comprehensive, user-friendly overview of rights (access, rectification, erasure, restriction, objection, portability, consent withdrawal) and how to exercise them, with typical timeframes (30 days) and cost rules.

REFLECT: We align our practice with GDPR standards and, where relevant, principles drawn from Mexican privacy regulations, even though our primary jurisdiction is Curaçao.

Overview of Your Rights

  • Right of access

    You may request confirmation as to whether we process your personal data and obtain a copy of such data, together with information about the processing (purposes, categories, recipients, retention periods).

  • Right to rectification

    You can request that inaccurate or incomplete personal data be corrected or completed. Some details can be updated directly in your account profile; for others, we may require documentation (e.g., proof of address).

  • Right to erasure ("right to be forgotten")

    You may request deletion of your personal data where:

    • The data is no longer necessary for the purposes for which it was collected; or
    • You have withdrawn consent where processing was based on consent; or
    • You have successfully objected to processing; or
    • The data has been unlawfully processed.
    This right is subject to legal retention obligations, particularly in relation to gambling, AML and financial record-keeping, which may require us to retain certain data for a minimum statutory period.

  • Right to restriction of processing

    You may ask us to restrict processing of your data (other than storage) where:

    • You contest the accuracy of the data (for the period necessary for verification);
    • The processing is unlawful but you oppose erasure;
    • We no longer need the data, but you require it for legal claims; or
    • You have objected to processing and we are verifying our legitimate grounds.

  • Right to object

    You may object at any time, on grounds relating to your particular situation, to processing based on our legitimate interests. We will stop such processing unless we demonstrate compelling legitimate grounds that override your interests or where processing is needed for legal claims. You also have an absolute right to object to processing of your data for direct marketing, including profiling for marketing purposes.

  • Right to data portability

    Where processing is based on your consent or on a contract and carried out by automated means, you may request to receive your personal data in a structured, commonly used and machine-readable format, and to have it transmitted to another controller where technically feasible.

  • Right to withdraw consent

    Where we rely on your consent (for example, for certain marketing activities or non-essential cookies), you may withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

  • Rights under Mexican privacy law (when applicable)

    If you are protected by Mexican data protection regulations, similar rights may apply, including access, rectification, cancellation and opposition (ARCO rights). We endeavour to accommodate such requests in line with our global privacy standards and contractual obligations, provided that they do not conflict with overriding legal requirements in our primary jurisdiction.

How to Exercise Your Rights

  1. Submit your request
    • Contact our privacy contact or DPO by email at [email protected] or, if unavailable, [email protected].
    • Clearly state which right you wish to exercise and provide sufficient information to identify your account (e.g., username, registered email address).
  2. Verification
    • For security reasons we may request additional information to verify your identity before acting on your request, especially where sensitive data or financial details are involved.
  3. Response timeframe and cost
    • We aim to respond to all legitimate requests without undue delay and in any event within 30 days from receipt of a complete request.
    • In complex cases or where we receive multiple requests, we may extend this period by a further 30 days, in which case we will notify you of the extension and the reasons.
    • Requests are generally handled free of charge. We may charge a reasonable fee or refuse to comply only where requests are manifestly unfounded or excessive, in accordance with applicable law.

Cookies & Tracking Technologies

OBSERVE: Cookies and tracking tools are essential for website functionality, user experience, analytics and marketing.

EXPAND: We distinguish between types of cookies, their purposes, and ways for users to control them.

REFLECT: We provide a clear description of our cookie practices, aligned with international standards.

Types of Cookies We Use

  • Strictly necessary / functional cookies
    • Essential for the operation of 5gringos-aussie.com and enabling core features such as login, session management, account navigation and security.
    • Without these cookies, the website and games may not function properly.
  • Preference cookies
    • Store your preferences (e.g., language, region, layout) to provide a more personalised experience.
  • Analytics and performance cookies
    • Collect information about how visitors use our website, such as which pages are visited most often, and whether error messages are displayed.
    • Used to improve the performance and design of our website and games.
  • Advertising and targeting cookies
    • Used to deliver relevant advertisements and promotional messages on our website and on third-party sites.
    • May be set by us or by third-party advertising networks and affiliate partners to measure campaign performance.
  • Session vs persistent cookies
    • Session cookies are temporary and deleted when you close your browser.
    • Persistent cookies remain on your device for a specified period or until manually deleted.

Managing Cookies

  • You can manage or disable cookies through your browser settings. The method varies by browser; please refer to your browser's help function for details.
  • You may also be presented with an on-site cookie banner or preference centre on 5gringos-aussie.com that allows you to accept or reject certain categories of cookies (except strictly necessary cookies).
  • If you disable or reject certain cookies, some parts of the website or game features may not function correctly or may be less personalised.

Data Security

OBSERVE: Processing gambling and financial data demands strong security measures to protect confidentiality, integrity and availability.

EXPAND: We outline technical and organisational measures in a way that reassures users while avoiding unnecessary exposure of security-sensitive details.

REFLECT: We describe encryption, access control, audits and training practices in line with recognised standards such as ISO 27001 and SOC 2 where applicable.

Our Security Measures

  • Encryption and secure communication
    • Data in transit between your browser and our servers is protected using industry-standard TLS 1.2 or higher encryption.
    • Sensitive data (such as passwords and certain financial information) is stored using strong cryptographic methods, including hashing and, where appropriate, encryption at rest.
  • Access control and authentication
    • Access to personal data is restricted to authorised staff and service providers who need such access for legitimate business purposes.
    • Multi-factor authentication and role-based access controls are implemented for internal systems where appropriate.
  • Infrastructure and application security
    • We deploy firewalls, intrusion detection/prevention systems and other security tools to protect our network and servers.
    • Regular security testing, vulnerability assessments and, where appropriate, penetration tests are carried out on critical systems.
    • Backups and disaster recovery procedures aim to ensure continuity of service and data integrity.
  • Policies, training and confidentiality
    • Our employees are subject to confidentiality obligations and receive periodic training on data protection and information security.
    • Internal policies cover acceptable use, incident reporting, and handling of personal data.
  • Incident response
    • We maintain incident response procedures to identify, assess and respond to suspected personal data breaches.
    • Where required by law, we will notify relevant supervisory authorities and affected individuals without undue delay.

While we take appropriate measures to protect your data, no internet transmission or storage system is completely secure. You are responsible for keeping your account credentials confidential and for using strong, unique passwords.

Complaints & Contacts

OBSERVE: Users need clear channels to raise privacy concerns or complaints and, where applicable, to escalate to supervisory authorities.

EXPAND: We must provide contact details, a step-by-step process and information on external authorities, including EU and Mexican authorities where relevant.

REFLECT: We describe our internal complaint handling and indicate possible external recourse options.

Contacting Us

Internal Complaint Procedure

  1. Submit your complaint
    • Send a detailed description of your concern, including any supporting documentation, to our privacy contact email or support address.
  2. Acknowledgement
    • We will acknowledge receipt of your complaint within a reasonable period, usually within 5 business days.
  3. Investigation and response
    • We will investigate your complaint and aim to provide a substantive response within 30 days of receipt.
    • If we cannot respond within this time, we will inform you of the delay and provide an updated timeframe.

Escalation to Authorities

If you believe that your data protection rights have been violated and we have not adequately addressed your concerns, you may have the right to lodge a complaint with a competent data protection authority. Depending on your location and applicable law, this may include:

  • EU/EEA residents: Your local data protection authority in the EU/EEA. Contact details can typically be found on the official website of your national supervisory authority or via the European Data Protection Board (EDPB) website.
  • Mexico (if applicable): The National Institute for Transparency, Access to Information and Personal Data Protection (INAI), via its official channels, if Mexican data protection law applies to your case.
  • Other jurisdictions: Your local privacy or data protection regulator, where such a body exists.

Nothing in this Privacy Policy limits your rights to seek judicial remedy or to lodge a complaint with a supervisory authority in your place of habitual residence, place of work, or place of the alleged infringement, where such rights are provided by applicable law.

Updates

OBSERVE: Privacy practices and legal requirements evolve, especially in a dynamic regulatory environment such as online gambling.

EXPAND: We must explain how changes will be communicated, how version control will work, and what options users have when changes are significant.

REFLECT: We provide clear procedures to ensure transparency and ongoing consent.

Policy Changes and Notification

  • We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data processing practices.
  • Each version will be identified by the "Last updated" date at the top of the document. Material changes may also be summarised in a short changelog on the website.
  • For significant changes that materially affect your rights or how we process your data, we will provide additional notice, which may include:
    • Email notifications to the address registered to your account;
    • Website banners or pop-up notices on 5gringos-aussie.com;
    • Alerts within your account dashboard.
  • Where feasible and required by applicable law, we will provide at least 30 days' advance notice before significant changes take effect, giving you the opportunity to review the updated policy.

Your Options in Case of Changes

  • If you continue to use 5gringos-aussie.com after the effective date of an updated Privacy Policy, you will be deemed to have accepted the changes, to the extent permitted by law.
  • If you do not agree with the changes, you may object where applicable, adjust your privacy or marketing settings, or close your account and request deletion of your personal data (subject to our legal retention obligations).

Last updated: 6 November 2025 (applicable and maintained through 2026).