Rules for storage and processing of personal data according to ACMA standards
The Australian Communications and Media Commission (ACMA) imposes strict requirements on gambling operators in terms of protecting, storing and processing personal data of users. These standards are consistent with the Privacy Act 1988 and Australian Privacy Principles (APPs) and are mandatory for all casinos licensed to operate in Australia.
1. What data is protected by ACMA
Full name, date of birth, address of residence.
Passport and driver data (KYC).
Bank and card details.
IP addresses, geolocation information.
Betting history, deposits and conclusions.
Contact details (phone, e-mail).
2. Basic data storage requirements
Encryption - mandatory use of algorithms with a level of protection of at least AES-256 for storage.
Data segmentation - storage of financial and identification data in different protected systems.
Backup - regular creation of encrypted backups.
Access logging - recording of all cases of access to personal data.
Storage in Australia is a priority for ACMA licensees.
3. Data processing rules
Processing is allowed only with the consent of the user.
Use of data strictly within the objectives outlined in the privacy policy.
Data transfer to third parties is possible only if there is a legal basis (for example, at the request of the ATO or law enforcement agencies).
All requests to delete or modify data must be executed within the timeframe set by the Privacy Act.
4. ACMA Safety Standards
Two-factor authentication for players and staff.
Regular penetration testing by independent auditors.
Minimum Access Policy - The employee receives only the data that is necessary for his or her work.
Automatic blocking of accounts in case of suspicious activity.
5. Liability for violation of rules
Fines of up to several million Australian dollars.
Suspension or revocation of casino license.
Mandatory compensation for damage to users in case of data leakage.
6. Recommendations to players
Only play casinos listed as licensed on the ACMA website.
Check for Australian Privacy Principles Privacy Policy.
Use unique passwords and enable two-factor authentication.
Do not transfer your data through unprotected channels (email without encryption, social networks).
Conclusion:
1. What data is protected by ACMA
Full name, date of birth, address of residence.
Passport and driver data (KYC).
Bank and card details.
IP addresses, geolocation information.
Betting history, deposits and conclusions.
Contact details (phone, e-mail).
2. Basic data storage requirements
Encryption - mandatory use of algorithms with a level of protection of at least AES-256 for storage.
Data segmentation - storage of financial and identification data in different protected systems.
Backup - regular creation of encrypted backups.
Access logging - recording of all cases of access to personal data.
Storage in Australia is a priority for ACMA licensees.
3. Data processing rules
Processing is allowed only with the consent of the user.
Use of data strictly within the objectives outlined in the privacy policy.
Data transfer to third parties is possible only if there is a legal basis (for example, at the request of the ATO or law enforcement agencies).
All requests to delete or modify data must be executed within the timeframe set by the Privacy Act.
4. ACMA Safety Standards
Two-factor authentication for players and staff.
Regular penetration testing by independent auditors.
Minimum Access Policy - The employee receives only the data that is necessary for his or her work.
Automatic blocking of accounts in case of suspicious activity.
5. Liability for violation of rules
Fines of up to several million Australian dollars.
Suspension or revocation of casino license.
Mandatory compensation for damage to users in case of data leakage.
6. Recommendations to players
Only play casinos listed as licensed on the ACMA website.
Check for Australian Privacy Principles Privacy Policy.
Use unique passwords and enable two-factor authentication.
Do not transfer your data through unprotected channels (email without encryption, social networks).
Conclusion:
- ACMA standards in the field of storage and processing of personal data provide a high level of security and confidentiality for players. Choosing a casino that complies with these requirements minimizes the risk of leaks, fraud, and misuse of information.
