burger icon
Brango Casino Australia
Log In

Privacy Policy

This Privacy Policy explains how Brango Casino at brango-au.com collects, uses, discloses and protects personal information of players and visitors. It applies to all users who access or use our website, register an account, participate in games or interact with our services in any way. By using our services, you acknowledge that you have read and understood this Privacy Policy.

Effective date: 1 January 2026

Who We Are

OBSERVE: Users must know the operator's identity, registration and how to contact us about privacy.

EXPAND: Brango Casino operates globally from Curaçao, offering services to Australian players via an offshore model and must clearly distinguish brand, website and licensing details.

REFLECT: We therefore provide the following operator and contact details.

The website brango-au.com (referred to as "Brango Casino", "Brango Casino", "we", "us", or "our") is operated by:

  • Operator: Anden Online N.V. (public limited company under the laws of Curaçao)
  • Registered number: 146632
  • Registered office / legal address: Curaçao (exact registered address not specified in the current data; updated details, if any, will be published on the main website footer and may be provided on request).
  • Gaming licence: Authorised and regulated by Gaming Curaçao under Master License no. 365/JAZ, valid and in transition under the new Curaçao LOK regime.

For privacy and data protection matters, you may contact:

  • Data Protection Contact / DPO function: Data Protection Officer, Anden Online N.V.
  • Email (primary privacy contact): [email protected]
  • Additional customer support contact: [email protected]
  • Postal contact: Data Protection Officer, Anden Online N.V., Curaçao (exact postal address may be requested via email and will be provided where required by law).

Please note that [email protected] is the official Gaming Curaçao contact for regulatory and dispute escalation and does not belong to Anden Online N.V.

What Personal Data We Collect

OBSERVE: Running an online casino for Australian players requires identification, payment handling, security monitoring and analytics, which all rely on different categories of data.

EXPAND: To comply with anti-fraud, KYC/AML and responsible gambling standards, we must collect both information you provide directly and data generated or observed through your use of our website and services.

REFLECT: Below we describe the main categories of personal information we process.

Identity and Contact Data

  • Full name, date of birth, and proof-of-age details.
  • Residential address, country of residence and, where needed, proof of address.
  • Email addresses (for example the one you use to register your Brango Casino account), and optional phone number if you provide it for verification or support.
  • Verification documents (e.g., copies of ID cards, passports, driving licences, utility bills, bank statements) supplied as part of KYC/AML checks or withdrawal procedures.

Account and Usage Data

  • Username, password (stored using industry-standard hashing techniques), security questions or other authentication data.
  • Account settings, language and communication preferences.
  • Customer support interactions, including email correspondence with [email protected], live chat logs and internal notes.

Technical and Device Data

  • IP address, geolocation information inferred from IP (country, region, city where technically feasible and lawful).
  • Device identifiers (browser type and version, operating system, device model, unique device or advertising identifiers where applicable).
  • Log data, including access times, pages viewed, clickstream data, referring URLs, session identifiers and performance logs.

Payment and Financial Data

  • Payment method details (limited card or account information depending on payment provider integration), such as cardholder name, partially masked card number, expiry date or e-wallet identifiers.
  • Transaction history, including deposits, wagers, bonuses, withdrawals and chargebacks in AUD or other supported currencies.
  • Verification data related to source of funds or source of wealth where required under AML regulations.

Behavioral and Gaming Data

  • Game activity, including game types (e.g., pokies, table games), session times, bet sizes, win/loss history, bonus usage and applied strategies where technically observable.
  • Interactions with emails and notifications (e.g., whether you open, click or unsubscribe from marketing offers).
  • Self-exclusion status, responsible gambling limits and historical changes to such limits.

Cookies and Similar Technologies

  • Cookies, web beacons, pixels and similar tracking technologies set by us or third parties.
  • Identifiers associated with cookies, session IDs, and tracking parameters used for analytics, fraud detection and advertising (where permitted).

If we combine non-identifiable data or aggregated statistics with personal data so that you can be identified, we will treat the combined information as personal data for as long as it remains combined.

Legal Basis for Processing

OBSERVE: As an offshore operator accepting Australian players and handling personal data from multiple regions, we must clearly identify our legal grounds for processing.

EXPAND: While Anden Online N.V. is established in Curaçao, we align with international data protection principles similar to the GDPR and, where relevant, other local regimes. We base processing on consent, contract, legal obligations and legitimate interests.

REFLECT: The main legal bases we rely on for Brango Casino are set out below.

  • Performance of a contract
    We process your data where it is necessary to:
    • Create, verify and manage your Brango Casino player account.
    • Provide access to games, process deposits, wagers, bonuses and withdrawals.
    • Offer customer support and resolve technical or account-related issues.
    • Execute your instructions, such as updating details or closing your account.
  • Compliance with legal and regulatory obligations
    We must process certain information to:
    • Confirm you are at least 18 years of age or higher where required.
    • Conduct KYC (Know Your Customer) and AML (Anti-Money Laundering) checks under Curaçao regulations and commonly accepted international standards.
    • Prevent, detect and report suspected money laundering, terrorism financing, fraud or other criminal activity to competent authorities where required.
    • Respond to lawful requests from regulators, courts and law enforcement.
    • Comply with record-keeping, tax or accounting rules that apply to our licensed operations.
  • Legitimate interests
    We may process personal data where necessary for our legitimate business interests, provided these are not overridden by your rights and interests, including to:
    • Maintain the security and integrity of our website, systems and games.
    • Monitor for suspicious activity, abuse of bonuses or breaches of our Terms and Conditions.
    • Perform statistical analysis to improve our products, user experience and website performance.
    • Defend our legal rights, enforce our Terms and Conditions and manage disputes.
    • Develop our services for Australian players in a responsible and sustainable manner.
  • Consent
    In some cases, we rely on your consent, which you can withdraw at any time, to:
    • Send you marketing communications about our offers, promotions and news.
    • Use certain cookies or similar technologies for advertising or advanced analytics where these are not strictly necessary.
    • Share your data with specific third parties for their own marketing where this is explicitly presented and accepted by you.

Purpose of Processing

OBSERVE: Players should understand why their data is collected and how it supports safe and lawful casino operations.

EXPAND: Our processing purposes span day-to-day operations, security, compliance and responsible gambling, as well as communication and optimisation of our services.

REFLECT: The main purposes for which Brango Casino processes personal data are:

  • Provision and management of casino services
    To register and manage your account, verify your identity, allow you to deposit funds, participate in games, receive bonuses, and withdraw winnings in line with our Terms and Conditions.
  • Customer support and communication
    To respond to your questions, complaints or requests via email (including [email protected]), live chat or other channels, and to send important service messages such as security alerts, policy updates or changes to our services.
  • Compliance and risk management
    To meet licensing, AML/KYC and responsible gambling requirements, including monitoring transactions and gaming behaviour for potentially harmful or unlawful activity, and recording decisions for audit and regulatory review.
  • Fraud prevention and security
    To detect and prevent unauthorised access, account takeovers, bonus abuse, collusion or other fraudulent behaviours by analysing device data, IP addresses, patterns of play and transaction anomalies.
  • Analytics and service improvement
    To conduct statistical and behavioural analysis (in aggregated or pseudonymised form where possible), understand how our website and games are used by Australian and other players, and improve usability, performance and game offerings.
  • Marketing and promotions
    To send you promotional emails, SMS or in-site messages about bonuses, tournaments and new features, where permitted by law and your preferences; and to personalise offers based on your previous interactions and preferences.
  • Legal claims and enforcement of terms
    To exercise, establish or defend legal claims, to enforce our Terms and Conditions and other policies, and to cooperate with regulators and law enforcement bodies.

Disclosure & Sharing

OBSERVE: Running an online casino requires interoperation with third-party services such as payment processors, hosting providers and regulators, which necessitates controlled data sharing.

EXPAND: We must ensure that any third party receiving personal data from Brango Casino is bound by adequate confidentiality, security and data protection obligations, and that we only disclose what is necessary for a defined purpose.

REFLECT: We may share your personal information in the following circumstances:

  • Payment processors and financial institutions
    We share necessary payment and identity details with banks, card schemes, e-wallet providers, crypto payment gateways and other financial institutions to:
    • Process deposits, wagers and withdrawals.
    • Perform fraud checks, AML reviews and chargeback investigations.
    • Comply with transaction monitoring requirements.
  • Technology and service providers
    Trusted third parties that support our operations, including:
    • Hosting and cloud infrastructure providers.
    • Game studios and platform providers delivering slots, pokies and table games.
    • Customer support platforms, email and SMS delivery services.
    • Analytics, security, anti-fraud and KYC/AML solution providers.
    These providers act as processors on our behalf and may only use your data according to our instructions.
  • Professional advisors
    Legal, financial, compliance or audit advisors who require limited access to personal data to provide professional services to Anden Online N.V.
  • Regulators and public authorities
    Gaming Curaçao, other competent regulators, tax authorities, law enforcement agencies or courts where disclosure is:
    • Required by law or regulation.
    • Necessary to respond to lawful requests, orders or investigations.
    • Needed to protect our rights, your safety or the safety of others.
  • Affiliates and group entities
    Other brands operated by Anden Online N.V. (such as Casino Extreme or Yabby Casino) or future group entities, for internal administrative purposes, consolidated reporting, risk management and, where legally permitted and based on your consent or legitimate interests, cross-brand marketing.
  • Advertising and marketing partners
    With your consent where required, we may share pseudonymised identifiers or cookie data with advertising networks, affiliate partners and marketing platforms to measure campaign performance, prevent fraud and deliver or limit targeted promotions.
  • Business transfers
    In connection with any merger, sale of assets, restructuring, acquisition or transfer of all or part of our business, your personal data may be transferred to the new entity, subject to continued protection consistent with this Privacy Policy.

We do not sell your personal data in the ordinary sense of that term. Any sharing for advertising or affiliate purposes is undertaken under contracts that restrict recipient use and protect your rights.

International Transfers

OBSERVE: Brango Casino is operated from Curaçao and uses global infrastructure and service providers, implying cross-border data transfers.

EXPAND: Personal information of Australian and other players may be stored or processed in countries whose data protection laws differ from those in your country of residence, including outside the European Economic Area (EEA).

REFLECT: We implement safeguards consistent with international standards to protect data during such transfers.

  • Main locations of processing
    • Curaçao - primary place of establishment and licensing of Anden Online N.V.
    • European Union / EEA - where some technical, payment or analytics providers are located.
    • Other jurisdictions - including but not limited to the United States or Asia-Pacific regions, where hosting, cloud or specialised service partners may operate.
  • Protection measures
    Where we transfer personal data internationally, we:
    • Use contractual safeguards such as Standard Contractual Clauses (SCCs) or equivalent where required by applicable law.
    • Assess the data protection standards of the destination and implement additional technical and organisational measures as needed (encryption, access controls, data minimisation).
    • Ensure that processors are contractually bound to keep the data secure, confidential and to use it only for the specified purposes.

By using our services, you understand that your personal data may be transferred to and processed in countries outside your home jurisdiction, including Curaçao and other locations where our or our providers' facilities are based, under the safeguards described above.

Data Retention

OBSERVE: Retention periods must balance regulatory requirements (e.g., AML, gaming law) with principles of data minimisation.

EXPAND: As a licensed operator, we must keep certain records for defined periods to meet legal and audit obligations, even after an account is closed, while ensuring we do not retain data longer than necessary.

REFLECT: We therefore apply the following retention practices for Brango Casino:

  • General rule
    We retain personal data only for as long as needed to fulfil the purposes described in this Privacy Policy, to comply with our legal and regulatory obligations, to resolve disputes, and to enforce our agreements.
  • Account and identification data
    Identity documents, account registration data and key KYC/AML records are generally kept for the duration of your account and for up to 5 - 7 years after account closure, depending on regulatory requirements and limitation periods for legal claims.
  • Transaction and gaming records
    Financial transaction records, betting history and game logs are usually retained for at least 5 years from the date of the relevant activity, or longer if required by applicable AML or tax regulations, or if needed in connection with ongoing disputes or investigations.
  • Marketing data
    Data used for marketing purposes is generally kept until you withdraw your consent or object to such processing, after which we will stop using it for marketing and keep minimal information on your preference (e.g., email and suppression status) to respect your choice.
  • Technical logs and security data
    Server logs, device identifiers and security-related information are kept for periods necessary to ensure system security and investigate incidents, typically from 6 months to 3 years, unless a longer period is required for a particular security case.
  • Deletion criteria
    Personal data is deleted or irreversibly anonymised when:
    • The relevant retention period expires.
    • The data is no longer needed for any legal, regulatory, or legitimate business purpose.
    • We are not required to retain it to comply with mandatory obligations or to defend against potential legal claims.

Where deletion is not immediately possible due to technical or legal reasons, we will securely store the data and isolate it from further processing until deletion is feasible.

Your Rights

OBSERVE: Regardless of where players are located, they should be able to understand and exercise core data protection rights similar to those found in the EU GDPR and other modern privacy laws.

EXPAND: Although Anden Online N.V. is based in Curaçao, we strive to align our practices with internationally recognised standards, including rights of access, correction, deletion, restriction, objection, portability and withdrawal of consent.

REFLECT: Subject to applicable law and certain limitations, you have the following rights in relation to your personal data processed by Brango Casino:

  • Right of access
    You can request confirmation of whether we process your personal data and, if so, obtain a copy of such data together with information about the purposes, categories, recipients and retention periods.
  • Right to rectification
    You may request correction of inaccurate or incomplete personal information we hold about you (for example, updating your address or contact details).
  • Right to erasure ("right to be forgotten")
    You may request deletion of your personal data where:
    • The data is no longer necessary for the purposes for which it was collected.
    • You withdraw consent and there is no other legal ground for processing.
    • You have successfully objected to processing.
    • The data has been unlawfully processed.
    This right is not absolute; we may retain data where necessary to comply with legal obligations (e.g., AML record-keeping) or to establish, exercise or defend legal claims.
  • Right to restriction of processing
    You can ask us to restrict processing of your personal data (except for storage) if:
    • You contest the accuracy of the data (for a period enabling us to verify it).
    • Processing is unlawful and you oppose deletion.
    • We no longer need the data, but you require it for legal claims.
    • You have objected to processing pending verification of our overriding legitimate grounds.
  • Right to object
    You have the right to object at any time, on grounds relating to your particular situation, to processing based on our legitimate interests, including profiling. We will stop such processing unless we demonstrate compelling legitimate grounds which override your interests, rights and freedoms, or where processing is required for legal claims. You may also object at any time to processing for direct marketing, in which case we will stop sending you marketing messages.
  • Right to data portability
    Where the processing is based on consent or on a contract and carried out by automated means, you may request to receive the personal data you provided to us in a structured, commonly used and machine-readable format and to have it transmitted to another controller where technically feasible.
  • Right to withdraw consent
    Where we rely on your consent (for example, for marketing or certain cookies), you may withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal, but we will act promptly to update your preferences.
  • Right not to be subject to solely automated decisions with legal or similarly significant effects
    If we use automated decision-making that produces legal effects concerning you or significantly affects you in a similar way, you may request human review and contest the decision, unless an exception under applicable law applies.

How to Exercise Your Rights

  • Submit a request by emailing our Data Protection contact at [email protected] or contacting customer support at [email protected].
  • Clearly state which right you wish to exercise and provide sufficient information to verify your identity (such as your username, registered email address and, where necessary, additional verification data).
  • We will acknowledge your request and respond without undue delay and, in principle, within 30 days. If your request is complex or we receive numerous requests, we may extend this period by a further 30 days, informing you of the extension and the reasons for the delay.
  • We generally handle rights requests free of charge. However, where a request is manifestly unfounded or excessive (for example, repetitive), we may charge a reasonable fee or refuse to act on the request, in line with applicable law.

If you are located in a jurisdiction that grants additional or different rights, we will respect those rights to the extent required by the applicable local law.

Cookies & Tracking Technologies

OBSERVE: Our website uses cookies and similar tools essential for operation, security, analytics and, where permitted, advertising.

EXPAND: Australian and international best practices require transparency over cookie types, purposes and user control mechanisms.

REFLECT: By explaining how we use cookies on brango-au.com, we help you make informed choices about your browsing experience.

Types of Cookies We Use

  • Session cookies
    Temporary cookies that are stored only while your browser session is active and are deleted when you close your browser. They are used to maintain your login session, remember selections during a visit and support secure navigation.
  • Persistent cookies
    Cookies that remain on your device for a defined period or until you delete them. They help us recognise you on return visits, remember your preferences (e.g., language, region) and maintain long-term statistics.
  • First-party cookies
    Cookies placed by brango-au.com to support essential website functionality, security and internal analytics.
  • Third-party cookies
    Cookies set by external providers integrated into our website, such as analytics services, payment providers or advertising networks (where applicable). These may be used to compile aggregated statistics, prevent fraud or, with your consent, deliver targeted promotions.

Purposes of Cookies

  • Strictly necessary / functional
    Required for the website to function correctly, including logging in, managing your account, preventing fraudulent activity and ensuring secure communication. You cannot opt out of these via our cookie tools because they are essential.
  • Performance and analytics
    Used to collect information about how visitors use our website (e.g., number of visitors, most viewed pages, click paths). These cookies help us understand and improve website performance and usability.
  • Advertising and marketing
    Used, where permitted by law and your preferences, to deliver relevant promotional content, measure campaign effectiveness, limit the number of times you see an advertisement and help ensure that offers are more closely aligned with your interests.

Managing Cookies

  • You can manage, block or delete cookies using your browser settings. Instructions are typically available under the "Help" or "Settings" section of your browser (e.g., Chrome, Firefox, Safari, Edge).
  • Some browsers offer "Do Not Track" or similar features; while we respect privacy-enhancing technologies, our response to such signals may vary according to technical standards and legal requirements.
  • Where available, we may provide an internal cookie or privacy settings panel on brango-au.com allowing you to adjust non-essential cookies (such as analytics or advertising cookies) without affecting strictly necessary cookies.
  • Disabling or rejecting certain cookies may impact your ability to use some features of our website, including maintaining a logged-in session or accessing specific games.

Data Security

OBSERVE: Protecting players' personal and financial data is critical to online gambling operations and regulatory expectations.

EXPAND: We must implement technical and organisational measures addressing data in transit and at rest, access controls, incident response and staff training, with reference to recognised international standards.

REFLECT: While no system is absolutely secure, Brango Casino employs robust security practices designed to safeguard your information.

  • Encryption and secure transmission
    Data exchanged between your browser and brango-au.com is protected using TLS (Transport Layer Security) version 1.2 or higher, helping to ensure confidentiality and integrity against interception. Sensitive data is encrypted in transit and, where appropriate, at rest on our systems.
  • Access controls and authentication
    Personal data is accessible only to authorised personnel who require it for their job functions. We implement role-based access controls, secure authentication procedures and, where appropriate, multi-factor authentication for privileged accounts.
  • Infrastructure and application security
    Our systems are hosted in secure environments with firewalls, intrusion detection and prevention tools, anti-malware solutions and regular patching. We apply secure development practices and conduct periodic vulnerability assessments.
  • Monitoring, audits and testing
    We conduct periodic internal reviews of our security controls and may engage external experts to perform audits or penetration tests. Logs and alerts are monitored to detect suspicious activities and potential incidents.
  • Staff training and confidentiality
    Employees and contractors with access to personal data are bound by confidentiality obligations and receive training on data protection, information security and responsible handling of customer information.
  • Incident response
    We maintain procedures to detect, assess and respond to data security incidents. In the event of a breach affecting your personal data, we will take appropriate steps to mitigate harm and, where required by law, notify relevant authorities and affected individuals without undue delay.
  • Alignment with international standards
    While Anden Online N.V. may not claim formal certification under every security framework, our controls are designed to be consistent with widely recognised standards such as ISO/IEC 27001 and SOC 2-type principles, focusing on confidentiality, integrity and availability.

Complaints & Contacts

OBSERVE: Users must be able to raise concerns, lodge complaints and contact both the operator and relevant supervisory bodies.

EXPAND: Even though Brango Casino is operated from Curaçao for Australian players, we aim to reflect best practices by offering clear complaint channels and escalation routes.

REFLECT: The following mechanisms are available if you have questions, concerns or complaints about our handling of personal data.

Contacting Us

Complaint Procedure

  1. Step 1 - Initial contact
    Submit your concern or complaint by email (preferably to [email protected]) including:
    • Your full name, username and registered email address.
    • A clear description of your concern, including any relevant dates and supporting evidence.
  2. Step 2 - Acknowledgement
    We will acknowledge receipt of your complaint as soon as reasonably possible and normally within 5 business days.
  3. Step 3 - Investigation
    Your complaint will be reviewed by appropriate staff, which may include our Data Protection contact, compliance and relevant operational teams. We may request additional information to clarify aspects of your complaint.
  4. Step 4 - Response
    We aim to provide a substantive response within 30 days of receiving your complete complaint. If more time is required due to complexity or the need to liaise with third parties or authorities, we will inform you of the extension and expected timeframe.
  5. Step 5 - Further steps
    If you remain dissatisfied with our response, you may escalate your complaint to the relevant regulatory or data protection authority, where such rights exist under your local law.

Escalation to Regulatory Authorities

  • Gaming Curaçao (licensing and gambling-related matters)
    Email: [email protected]
    Website and additional contact details are available via the official Gaming Curaçao portal.

If you are located in a jurisdiction that provides a dedicated data protection authority or similar supervisory body, you may have the right to lodge a complaint directly with that authority. We encourage you to first contact us so we can attempt to resolve your issue promptly and transparently.

Updates

OBSERVE: Privacy laws and our operations may change over time, requiring this policy to be updated.

EXPAND: We must inform users in a clear and timely manner when material changes occur and allow them to review changes and, where appropriate, exercise options such as closing accounts or adjusting preferences.

REFLECT: The following principles apply to updates of the Brango Casino Privacy Policy.

  • Version control and effective date
    This Privacy Policy is identified by the "Last updated" date below. Previous versions may be archived and made available on reasonable request.
  • Notification of changes
    For non-material changes (e.g., clarifications, typographical corrections), we may update the policy by posting a revised version on brango-au.com without special notice, though we will adjust the "Last updated" date.
  • Material changes
    Where we make material changes affecting how we process your personal data (for example, new purposes of processing, new categories of recipients, or changes to your rights or our legal bases), we will:
    • Provide notice via email to the address associated with your account, where feasible; and/or
    • Display prominent notifications on the website (such as banners or dashboard alerts) highlighting the key changes.
  • Advance notice
    For significant changes that materially impact you, we will, where practicable, provide at least 30 days' advance notice before the new policy becomes effective, giving you time to review the changes.
  • Your options
    If you do not agree with the updated Privacy Policy, you may:
    • Adjust your privacy or marketing settings where such tools are provided.
    • Contact us at [email protected] to discuss your concerns.
    • Request closure of your account and, where applicable, exercise your data protection rights as described above.
    Continued use of our services after the effective date of the updated Privacy Policy will constitute your acknowledgement of the changes.

Last updated: January 2026