Privacy Policy

Account Registration Information

• Full legal name as it appears on government-issued identification
• Date of birth for age verification purposes
• Email address for account communications
• Telephone number for account security and verification
• Residential address for regulatory compliance
• Username and password credentials
• Security questions and answers

Identity Verification Documents

• Government-issued photo identification documents
• Proof of address documents
• Additional verification documents as required by law

Transaction and Gaming Information

• Lottery ticket purchases and transaction history
• Draw participation records and selected numbers
• Winning outcomes and prize claim information
• Account balance and deposit/withdrawal records
• Gaming preferences and play patterns

Technical and Usage Data

• IP address and device identifiers
• Browser type and operating system information
• Pages visited and time spent on our platform
• Clickstream data and interaction patterns
• Referral sources and exit pages

Location Data

• Geographic location data for regulatory compliance
• Location information for retail location finder features
• IP-based location verification

Communications Data

• Customer support correspondence
• Survey responses and feedback
• Marketing communication preferences

Account Management and Services

• Creating and maintaining your player account
• Processing lottery ticket purchases and transactions
• Managing draw entries and verifying results
• Processing prize claims and payments
• Providing customer support and responding to inquiries

Legal and Regulatory Compliance

• Verifying that you meet minimum age requirements (18+)
• Complying with Australian lottery regulations and licensing requirements
• Preventing fraud, money laundering, and other illegal activities
• Maintaining audit trails for regulatory authorities
• Reporting large winnings to tax authorities as required by law

Security and Protection

• Protecting against unauthorized access and fraudulent activity
• Monitoring for suspicious patterns or behavior
• Enforcing our terms of service and usage policies
• Securing transactions and financial information

Platform Improvement and Analytics

• Analyzing usage patterns to improve our services
• Conducting research and development for new features
• Testing and optimizing platform performance
• Understanding user preferences and behaviors

Communications and Marketing

• Sending transactional emails about your account and activities
• Providing lottery draw results and winning notifications
• Sending promotional offers and lottery updates (with your consent)
• Delivering important service announcements and policy changes

Responsible Gaming Support

• Monitoring for signs of problem gaming behavior
• Implementing self-exclusion and limit-setting tools
• Providing responsible gaming resources and support

Payment Data We Collect

• Payment method type and card details (last four digits only)
• Billing address and contact information
• Transaction amounts, dates, and confirmation numbers
• Payment processor transaction IDs
• Bank account details for prize payouts (encrypted)

Payment Security Measures

• PCI DSS Compliance: We maintain Payment Card Industry Data Security Standard certification
• Tokenization: Full payment card details are tokenized and never stored on our servers
• Encrypted Processing: All payment transactions use 256-bit SSL/TLS encryption
• Trusted Payment Processors: We partner only with licensed, certified payment service providers
• Fraud Detection: Advanced monitoring systems detect and prevent fraudulent transactions

Third-Party Payment Processors

We use the following types of payment processors:

• Credit and debit card processors
• Digital wallet services (PayPal, Apple Pay, Google Pay)
• Bank transfer services
• Alternative payment method providers

These processors have their own privacy policies and are responsible for the security of their systems. We recommend reviewing their privacy statements.

Prize Payout Information

• We collect bank account details for direct prize deposits
• Large prize winners may require additional financial verification
• Prize payment records are maintained for tax reporting purposes
• Winners may need to provide tax identification numbers as required by law

Winner Data Collection

• Full name and contact information
• Prize amount and draw details
• Date of prize claim
• Identification verification documents
• Tax identification number (for prizes above statutory thresholds)
• Bank account information for prize payment

Mandatory Winner Disclosure

Australian lottery regulations require us to:

• Regulatory Reporting: Report large prize winners to lottery regulatory authorities
• Tax Authorities: Submit winner information to Australian taxation authorities for prizes exceeding statutory thresholds
• Anti-Money Laundering: Verify winner identity and report suspicious prize claims to AUSTRAC
• Public Records: Major prize winners may be publicly announced as required by lottery license conditions

Winner Privacy Options

• We respect winners' preferences for publicity where legally permissible
• Winners may request anonymity to the extent allowed by law
• We will not use winner information for marketing without explicit consent
• Media release of winner details requires winner authorization except where mandated by law

Winner Data Retention

Winner information is retained for:

• Minimum of 7 years for tax and audit purposes
• Permanent retention for Division 1 (jackpot) winners as required by regulations
• Extended periods for dispute resolution or legal proceedings

Service Providers and Business Partners

• Payment Processors: To process transactions and manage payment methods
• Identity Verification Services: To verify age and identity in compliance with regulations
• Cloud Hosting Providers: To store and manage data securely
• Email Service Providers: To send transactional and marketing communications
• Analytics Providers: To analyze platform usage and improve services
• Customer Support Tools: To provide efficient customer service

All service providers are contractually obligated to maintain data confidentiality and use information only for specified purposes.

Lottery Operators and Draw Providers

• We share necessary information with official lottery operators for draw participation
• Draw providers receive player selections and ticket purchase details
• Prize claim information is shared with lottery organizations for payout processing

Regulatory and Government Authorities

• Australian lottery licensing and regulatory bodies
• AUSTRAC for anti-money laundering compliance
• Australian Taxation Office for prize winner reporting
• Law enforcement agencies when required by court order or legal process
• Gaming oversight and audit authorities

Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and provide options regarding your data.

Legal Requirements

• Compliance with applicable laws and regulations
• Response to subpoenas, court orders, or legal processes
• Protection of our rights, property, and safety
• Prevention and investigation of fraud or illegal activities

With Your Consent

We may share your information for purposes not described in this policy with your explicit consent.

Australian Gaming Regulations

• We maintain comprehensive records of all player accounts and transactions
• Draw participation records are preserved for regulatory audit purposes
• Prize payout documentation is retained for statutory minimum periods
• Player protection measures are implemented and monitored
• Responsible gaming data is collected to identify at-risk players

Anti-Money Laundering (AML) Compliance

• We verify customer identity as required by AUSTRAC regulations
• Suspicious transaction monitoring and reporting to authorities
• Enhanced due diligence for high-value transactions
• Ongoing monitoring of customer activity patterns
• Maintenance of transaction records for 7 years minimum

Tax Reporting Requirements

• Mandatory reporting of prizes exceeding statutory thresholds to the ATO
• Collection of Tax File Numbers for qualifying prize amounts
• Withholding tax obligations for international players
• Annual reporting of aggregate prize distributions

Privacy Act Compliance

We comply with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs), including:

• Open and transparent management of personal information
• Collection of information only when necessary and lawful
• Protection of personal information from misuse and loss
• Access and correction rights for individuals
• Cross-border disclosure compliance

Active Account Data

• Account Information: Retained while your account is active and for regulatory periods after closure
• Transaction Records: Minimum 7 years for tax and audit compliance
• Gaming History: 7 years from date of transaction
• Communications: 3 years for customer service quality and dispute resolution

Identity Verification Documents

• Retained for the duration of your account plus 7 years
• Required for anti-money laundering compliance
• Stored in encrypted format with restricted access

Payment Information

• Tokenized payment data retained for recurring payments
• Transaction records retained for 7 years minimum
• Fraud investigation records retained longer as needed

Winner Information

• Prize claim records retained for 7 years minimum
• Major prize winners' information retained permanently for historical records
• Tax reporting documentation retained per ATO requirements

Marketing Preferences

• Opt-out requests honored immediately and recorded indefinitely
• Consent records retained for 3 years after last interaction

Closed Account Data

• Account closure does not immediately delete all data
• Regulatory requirements mandate retention periods of 7+ years
• Anonymized data may be retained for statistical analysis
• After retention periods expire, data is securely deleted

Technical Security Controls

• Encryption: 256-bit SSL/TLS encryption for data transmission and AES-256 encryption for data storage
• Secure Infrastructure: Enterprise-grade cloud hosting with redundancy and disaster recovery
• Firewall Protection: Multi-layer firewall systems and intrusion detection/prevention
• Network Security: Segmented networks and secure VPN access for administrative functions
• Database Security: Encrypted databases with restricted access and audit logging

Access Controls

• Role-based access control (RBAC) limiting data access to authorized personnel
• Multi-factor authentication for administrative access
• Regular access reviews and revocation of unnecessary privileges
• Logging and monitoring of all data access activities

Application Security

• Regular security testing and vulnerability assessments
• Penetration testing by independent security firms
• Secure coding practices and code review processes
• Prompt patching of security vulnerabilities
• Web application firewall (WAF) protection

Operational Security

• Security awareness training for all employees
• Background checks for personnel with data access
• Confidentiality agreements and data protection policies
• Incident response plan and security breach procedures
• Regular security audits and compliance assessments

Monitoring and Detection

• 24/7 security monitoring and threat detection
• Automated alerts for suspicious activities
• Log analysis and anomaly detection systems
• Regular security reports and compliance reviews

Your Security Responsibilities

• Keep your password confidential and use strong, unique passwords
• Enable two-factor authentication when available
• Do not share your account credentials with anyone
• Log out of your account when using shared devices
• Report suspicious activity or security concerns immediately
• Keep your contact information up to date for security alerts

Right to Access

• Request a copy of the personal information we hold about you
• Access your account information through your online dashboard
• Receive information about how your data is being used
• Request details about data sharing with third parties

How to exercise: Submit a request through your account settings or contact privacy@luckywaltzing.com

Right to Correction

• Update or correct inaccurate personal information
• Complete incomplete personal information
• Request correction of outdated information

How to exercise: Update information in your account settings or contact our support team

Right to Deletion

• Request deletion of your personal information
• Close your account and request data removal

Limitations: We may be legally required to retain certain information for regulatory compliance, even after deletion requests. We will inform you of any such limitations.

How to exercise: Contact privacy@luckywaltzing.com with your deletion request

Right to Restrict Processing

• Limit how we use your personal information
• Object to certain processing activities
• Request temporary suspension of data processing

How to exercise: Contact privacy@luckywaltzing.com with specific restrictions you wish to implement

Right to Data Portability

• Receive your personal information in a structured, commonly used format
• Transfer your data to another service provider where technically feasible

How to exercise: Contact privacy@luckywaltzing.com to request data export

Right to Withdraw Consent

• Withdraw consent for marketing communications at any time
• Opt out of optional data processing activities
• Change your privacy preferences

How to exercise: Update preferences in account settings or click unsubscribe in marketing emails

Right to Complain

• Lodge a complaint with us about how we handle your personal information
• File a complaint with the Office of the Australian Information Commissioner (OAIC)

How to exercise: Contact privacy@luckywaltzing.com or visit oaic.gov.au for external complaints

Types of Cookies We Use

• Essential Cookies: Required for basic site functionality, account access, and security
• Performance Cookies: Collect information about how you use our site to improve performance
• Functionality Cookies: Remember your preferences and personalize your experience
• Analytics Cookies: Help us understand user behavior and site usage patterns
• Advertising Cookies: Used to deliver relevant advertisements (with your consent)

Analytics Tools

We use the following analytics services to improve our platform:

• Web analytics to track page views, session duration, and user journeys
• Heatmap tools to understand user interaction patterns
• Performance monitoring to optimize site speed and responsiveness
• Conversion tracking to measure campaign effectiveness

These analytics services may collect information including IP addresses, browser types, device information, and pages visited.

Managing Cookie Preferences

• Adjust cookie settings through our cookie consent banner
• Manage preferences in your account settings
• Configure browser settings to block or delete cookies
• Use browser privacy modes to limit tracking

Note: Disabling essential cookies may affect site functionality and your ability to use certain features.

Third-Party Cookies

Some cookies are set by third-party services integrated into our platform:

• Payment processors for transaction security
• Analytics providers for usage tracking
• Social media plugins (if you choose to use them)
• Customer support chat services

These third parties have their own privacy policies governing cookie usage.