burger icon
Fafabet 9 Review Australia
Log In

Privacy Policy

This Privacy Policy explains how Fafabet 9, operated via the website fafabet9-aussie.com and related online interfaces (collectively, the "Site"), collects, uses, discloses, and protects personal information of players and other visitors. It applies to anyone who accesses or uses the Site, whether or not they create an account or place bets. By using the Site, you acknowledge that you have read and understood this Privacy Policy.

This Privacy Policy is effective as of 1 January 2026 and is intended to reflect our practices as at that date. We may update it from time to time as described in the "Updates" section below.

Who We Are

OBSERVE: The corporate structure and licensing for Fafabet 9 are linked to offshore online gambling operations associated with Curacao licensing under master licence 8048/JAZ, but the specific operating entity and registered office details for this particular mirror domain are not publicly specified in the data provided.

EXPAND: To provide transparency while avoiding misrepresentation, we describe the operator in functional terms, reference the Curacao licensing framework, and clearly state where information is not specified. We provide a primary privacy contact for all data protection queries.

REFLECT: The following information sets out who controls your data for the purposes of this Privacy Policy.

Data controller / operator (functional description):

  • Brand: Fafabet 9 (accessible via fafabet9-aussie.com)
  • Legal operator name: not specified in available documentation for this mirror. Operations are described as being conducted through private offshore entities associated with Curacao online gambling frameworks.
  • Licensing framework: Curacao, under Antillephone N.V. master licence 8048/JAZ (offshore licensing framework). Some mirror sites may operate without a visible licence footer and may be treated by regulators as effectively unlicensed.
  • Registered / legal address: not specified.
  • Headquarters / mailing address: not specified.

Privacy contact / data protection contact

  • Responsible department: Data Protection & Compliance Team for Fafabet 9
  • Email: [email protected] (designated contact for all privacy-related matters)
  • Telephone: not specified; please contact us by email in the first instance.
  • Website: https://fafabet9-aussie.com

If and when full corporate identity and address details become available or change, they will be reflected in an updated version of this Privacy Policy.

What Personal Data We Collect

OBSERVE: Online gambling operations require various categories of data including identity, contact, technical, transactional, and behavioural data, in addition to cookies and tracking technologies.

EXPAND: Some data are provided directly by you (for example when registering), while others are collected automatically (such as device and usage data) or derived (such as risk scores for anti-fraud).

REFLECT: We group the data we collect as follows:

Identity and contact data

  • Personal identifiers: full name, date of birth, gender (where provided), username, and account identifiers.
  • Contact details: email address, mobile and/or landline telephone number, country of residence, postal address (where provided).
  • Verification information: copies or details of identification documents (such as passport, ID card, driver licence), proof of address (utility bill, bank statement), and other KYC (Know Your Customer) data as required by our compliance and risk procedures.

Technical and device data

  • Technical identifiers: IP address, approximate geolocation inferred from IP, device identifiers, browser type and version, operating system, language settings.
  • Usage and log data: dates and times of access, pages visited, referral URLs, clickstream data, session duration, errors or crashes, and similar log information generated by our servers.

Payment and financial data

  • Payment method details: limited card or e-wallet information (for example, masked card numbers), transaction identifiers, payment status. We typically rely on third-party payment providers who process your full payment card details on our behalf.
  • Transaction history: deposits, withdrawals, bonuses credited, chargebacks, refunds, and any associated correspondence.
  • Financial risk and AML data: information gathered as part of anti-money-laundering and fraud-prevention checks, including source-of-funds documentation where requested.

Behavioural and gambling activity data

  • Betting and gaming history: games played, stakes, wins and losses, frequency and duration of sessions, bonus usage, and any self-exclusion or limits applied.
  • Interactions and preferences: clicks on banners and offers, responses to promotions, communication preferences, and internal behavioural scores or profiles used for responsible gambling and risk management.

Communication and support data

  • Customer support records: emails, chat logs, complaint records, and other communications with our support or compliance teams.
  • Feedback: surveys, ratings, reviews, or other feedback you choose to provide.

Cookies and similar technologies

  • Cookies: small text files stored on your device, including session cookies and persistent cookies, used for authentication, preferences, analytics, and advertising (where applicable).
  • Other identifiers: tracking pixels, tags, scripts, local storage, and similar technologies that help us recognise your browser or device.

Where required by applicable law, we will request your consent for the use of non-essential cookies and similar technologies.

Legal Basis for Processing

OBSERVE: As an offshore operator targeting Australian players in a grey-market context, our processing must rest on accepted legal bases under general data protection principles (such as consent, contract, legitimate interests, and legal obligations), even though specific GDPR or Australian Privacy Act duties may apply in different ways.

EXPAND: We align our practices with internationally recognised standards by clearly mapping activities to appropriate legal bases. In some regions, your explicit consent may be required, especially for marketing communications and certain cookies.

REFLECT: The main legal grounds on which we rely are:

  • Performance of a contract: We process your data where it is necessary to:
    • create and manage your Fafabet 9 account;
    • provide access to games and betting services;
    • process deposits, bets, and withdrawals;
    • manage bonuses, promotions, and loyalty schemes;
    • provide customer support and handle your requests.
  • Compliance with legal and regulatory obligations: We process data to:
    • conduct identity checks, age verification, and KYC/AML screening;
    • monitor for suspicious or fraudulent transactions;
    • respond to lawful requests from regulators, law enforcement, or courts in relevant jurisdictions (for example, Curacao authorities, or other competent bodies);
    • comply with record-keeping and reporting obligations under applicable law.
  • Legitimate interests: We process data where necessary for our legitimate business interests, provided these are not overridden by your rights and interests, including:
    • maintaining network and information security;
    • preventing fraud, abuse, bonus misuse, and chargebacks;
    • improving the Site, our products, and the user experience;
    • performing analytics and statistics on aggregated or pseudonymised data;
    • defending our legal rights and handling disputes or claims.
  • Consent: We may rely on your consent to:
    • send you certain types of direct marketing communications (email, SMS, push notifications) where required by law;
    • place or read non-essential cookies or similar technologies for advertising or advanced analytics;
    • share data with specific third parties for marketing or advertising purposes.

    You may withdraw your consent at any time as described in the "Your Rights" and "Cookies & Tracking Technologies" sections. Withdrawal of consent will not affect the lawfulness of processing prior to withdrawal.

Purpose of Processing

OBSERVE: The purposes for which an online gambling operator processes personal data include service provision, security, compliance, marketing, and analytics.

EXPAND: Some purposes are strictly necessary for operating the Site, while others (especially marketing and certain analytics) may be optional and based on your preferences.

REFLECT: We use your personal data for the following purposes:

  • Provision and operation of services
    • creating, verifying, and managing your account;
    • enabling you to place bets and participate in casino games;
    • processing deposits, withdrawals, and bonuses;
    • providing customer service and technical support.
  • Regulatory compliance and risk management
    • conducting KYC/AML checks and ongoing monitoring;
    • detecting and investigating fraud, money laundering, bonus abuse, or other prohibited conduct;
    • complying with record-keeping and reporting duties where applicable.
  • Service improvement and optimisation
    • monitoring performance and usage of the Site;
    • analysing aggregated or pseudonymised data to improve games, features, and UX;
    • testing and deploying new products and functionalities.
  • Marketing and personalisation
    • sending you promotional communications, offers, and newsletters (in accordance with your preferences and legal requirements);
    • customising content, bonuses, and recommendations based on your activity and preferences;
    • measuring the effectiveness of our campaigns and promotions.
  • Security and integrity of the platform
    • protecting accounts from unauthorised access;
    • preventing DDoS, hacking attempts, and other security threats;
    • maintaining secure backups and logs to investigate incidents.
  • Legal claims and business operations
    • handling complaints, disputes, and legal proceedings;
    • enforcing our Terms and Conditions and other agreements;
    • supporting audits, mergers, acquisitions, or restructuring, subject to appropriate safeguards.

Disclosure & Sharing

OBSERVE: Data sharing is necessary with payment providers, IT vendors, regulatory and law enforcement bodies, and sometimes affiliates and advertising partners.

EXPAND: Sharing should be limited to what is necessary, governed by contracts, and, where required, based on consent. Special care is required given the offshore, grey-market nature of the operations and the Curacao licensing context.

REFLECT: We may disclose your personal data as follows:

  • Payment service providers and financial institutions
    • to process deposits, withdrawals, and refunds;
    • to verify payment methods and prevent fraud and chargebacks;
    • to comply with their own regulatory obligations (such as AML checks).
  • Technical and operational service providers
    • hosting providers, cloud infrastructure, and data storage services;
    • IT security, fraud detection, and risk-scoring providers;
    • analytics, email, SMS, and customer support platforms.
    • These providers process data under contracts that limit their use of your data and require appropriate security measures.
  • Regulators and public authorities
    • Curacao licensing and supervisory bodies (e.g., Antillephone N.V., where applicable);
    • law enforcement, courts, or governmental agencies that lawfully request information, where we are legally compelled or permitted to do so;
    • other competent authorities in relevant jurisdictions, subject to applicable laws.
  • Affiliates, partners, and advertising networks
    • affiliates and marketing partners who refer players to us, for tracking and commission-calculation purposes;
    • advertising networks and partners, but only where permitted by law and, where required, based on your consent for marketing and cookies;
    • all such partners are expected to process personal data in accordance with applicable laws and contractual obligations.
  • Professional advisers and transactional counterparties
    • lawyers, auditors, consultants, and similar professionals, to obtain advice or protect our legal rights;
    • third parties involved in mergers, acquisitions, financing, or other corporate transactions, subject to confidentiality and appropriate safeguards.
  • Group and related entities
    • where operations are conducted through related or parent companies or service entities, your data may be shared within that corporate structure to provide services and ensure compliance, always subject to appropriate safeguards.

We do not sell your personal data in the sense of directly transferring it for monetary consideration as a standalone product. Any sharing for marketing or advertising purposes is conducted in line with your preferences and applicable law.

International Transfers

OBSERVE: The Site targets users in Australia but is operated via offshore infrastructure and licensing in Curacao under Antillephone N.V. 8048/JAZ. Data is therefore likely to be transferred internationally.

EXPAND: Transfers may occur between multiple countries including those without an equivalent level of data protection. Industry-standard safeguards and contractual protections are needed.

REFLECT: Our approach to international data transfers is as follows:

  • Primary locations of processing
    • servers and core infrastructure may be located in the European Union, Curacao, and/or other data centre locations that we or our service providers use;
    • support and operational teams may operate from various countries, including in Europe, Asia, or Latin America, depending on our providers.
  • Transfers outside your country
    • by using the Site, your personal data may be transferred from your country (for example, Australia) to other jurisdictions that may have different data protection rules;
    • where we rely on service providers or partners based outside your country, we endeavour to ensure that they provide an adequate level of protection for your data.
  • Safeguards
    • we use contractual safeguards such as data protection clauses modelled on standard contractual clauses or equivalent contractual mechanisms where applicable;
    • we require service providers to implement appropriate technical and organisational security measures;
    • where possible, we use pseudonymisation, minimisation, and access controls to reduce risks in cross-border transfers.

Given the offshore licensing framework and grey-market operation with respect to Australia's Interactive Gambling Act 2001 and ACMA blocking regime, some transfers may not be subject to the same regulatory oversight as domestic operators. By continuing to use the Site, you acknowledge that your data may be processed in such jurisdictions, subject to the safeguards described above.

Data Retention

OBSERVE: Gambling operators must retain some data for regulatory and anti-money-laundering reasons for specified periods, while other data should be kept only as long as necessary.

EXPAND: Retention periods should reflect legal obligations, limitation periods for legal claims, and operational needs, with clear criteria for deletion or anonymisation.

REFLECT: We apply the following retention principles:

  • General rule
    • we keep personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, including for satisfying legal, accounting, or reporting requirements.
  • Typical retention periods
    • Account and identity data: normally retained for the life of your account and for up to five (5) years after account closure, to comply with AML/KYC and record-keeping obligations and to handle potential disputes.
    • Transaction and betting history: generally retained for five (5) years from the date of the relevant transaction or account closure (whichever is later), subject to applicable laws and limitation periods.
    • Customer support and complaints data: typically retained for three (3) to five (5) years after resolution of the issue, depending on the nature of the case.
    • Marketing and communication preferences: retained until you opt out, withdraw consent, or your account is closed, plus a short period (usually up to six (6) months) to implement and document your request.
    • Technical logs and security data: retained for a shorter period, typically from ninety (90) days up to two (2) years, depending on the type of log and the security purpose.
  • Deletion, anonymisation, and restriction
    • when data are no longer required, we will securely delete or irreversibly anonymise them;
    • in some cases, instead of deletion we may restrict processing (for example, where data must be retained for legal reasons but should not be actively used);
    • backups may retain copies of data for limited periods until overwritten in the normal backup cycle.

The above periods are indicative and may be adjusted to reflect applicable legal requirements, regulatory guidance, and business needs as of 2026.

Your Rights

OBSERVE: Users generally expect rights similar to those provided under modern data protection regimes such as the GDPR and leading national frameworks. The prompt also refers to alignment with Mexican law; however, the Site targets Australia and operates offshore.

EXPAND: We implement a rights framework broadly consistent with GDPR-style rights (access, rectification, erasure, restriction, objection, portability, and consent withdrawal) and provide clear procedures and timeframes.

REFLECT: Regardless of your location, we will use the following principles when handling rights requests, within the limits of applicable law and our regulatory obligations.

Available rights

  • Right of access: you may request confirmation of whether we process your personal data and receive a copy of such data together with information about how we use it.
  • Right to rectification: you may request correction of inaccurate or incomplete personal data. In many cases you can update your details directly in your account settings.
  • Right to erasure ("right to be forgotten"): you may request deletion of your personal data where:
    • the data are no longer necessary for the purposes for which they were collected;
    • you have withdrawn consent (where processing is based on consent);
    • you have successfully objected to processing; or
    • the data have been unlawfully processed.

    This right is subject to important exceptions, especially where we must retain data for legal, regulatory, or AML/KYC reasons.

  • Right to restriction of processing: you may request that we restrict processing of your data in certain circumstances (for example, while we verify accuracy or consider an objection).
  • Right to object: you may object to processing based on our legitimate interests, including profiling, on grounds relating to your particular situation. You also have the right to object at any time to the use of your data for direct marketing.
  • Right to data portability: where technically feasible and legally required, you may request that we provide you or a third party with a structured, commonly used, machine-readable copy of certain personal data you have provided to us and which we process based on consent or contract.
  • Right to withdraw consent: where processing is based on your consent (for example, marketing communications or certain cookies), you may withdraw that consent at any time. This will not affect the lawfulness of processing prior to withdrawal.

How to exercise your rights

  1. Submit a request: send an email to [email protected] from the email address associated with your account, clearly stating:
    • your full name and username;
    • the right(s) you wish to exercise;
    • any relevant details that will help us locate your data.
  2. Verification: we may request additional information to verify your identity and ensure that we do not disclose data to unauthorised persons.
  3. Response time: we aim to respond to all valid requests within thirty (30) days of receipt. If your request is complex or we receive many requests, we may extend this period by a further thirty (30) days, in which case we will inform you of the extension and reasons.
  4. Fees: we will handle your request free of charge. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded, repetitive, or excessive, where permitted by law.
  5. Limitations: certain rights may be limited where we must retain data to comply with legal obligations (for example, AML regulations), to protect the rights of others, or for the establishment, exercise, or defence of legal claims.

Note on Mexican and EU references: While this Privacy Policy strives to align with international best practices including GDPR-style rights, the primary regulatory references for players in Australia will be Australian and offshore (Curacao) laws. References to Mexican or EU supervisory authorities in later sections concern escalation options where relevant and available, but they may not always have jurisdiction over this Site.

Cookies & Tracking Technologies

OBSERVE: Cookies and similar technologies are key to user experience, analytics, and marketing. Some are strictly necessary; others require user control or consent.

EXPAND: We classify cookies by lifespan and function and provide guidance on how to manage them.

REFLECT: By using the Site, you agree to our use of cookies as described here, subject to any consent mechanisms we provide.

Types of cookies we use

  • By duration:
    • Session cookies: temporary cookies that remain on your device only while your browser is open and are deleted when you close it. They support navigation, login, and session management.
    • Persistent cookies: remain on your device for a predefined period or until you delete them. They help remember your preferences and improve your experience on subsequent visits.
  • By purpose:
    • Strictly necessary / functional cookies: required for the operation of the Site (for example, to log in, manage sessions, prevent fraud, and enable core features). These cannot be switched off in our systems.
    • Preference cookies: remember your choices such as language, region, or display settings so that the Site can provide a more personalised experience.
    • Analytics and performance cookies: collect aggregated information about how visitors use the Site (pages visited, time spent, errors encountered) to help us improve performance and usability.
    • Advertising and targeting cookies: used to deliver relevant advertisements and promotions, measure campaign performance, and limit the number of times you see a particular ad. They may be set by us or by third-party advertising partners.
  • Third-party cookies:
    • some cookies on the Site may be set by third parties (for example, analytics providers, affiliate tracking systems, or ad networks). These third parties may use information about your visits to this and other websites to provide targeted advertising or aggregated statistics.

Managing cookies

  • Browser settings: most web browsers allow you to:
    • view which cookies are stored on your device;
    • delete cookies, including those already stored;
    • block all cookies or specific types of cookies;
    • receive notifications before a cookie is placed.

    If you block or delete cookies, some features of the Site may not function properly, and your user experience may be affected.

  • Internal controls: where available, we may offer an internal cookie or privacy settings panel on the Site, allowing you to manage optional cookies (such as analytics or advertising) and update your preferences.
  • Opt-out tools: for certain third-party services (for example, some analytics or advertising providers), you may be able to opt out directly through their own opt-out mechanisms.

Data Security

OBSERVE: Online gambling platforms process sensitive financial and behavioural data and are frequent targets for cyberattacks.

EXPAND: We adopt multiple layers of technical and organisational controls, including encryption, access management, monitoring, and incident response, in line with recognised security practices such as ISO 27001 and SOC 2, where feasible.

REFLECT: While no system can be 100% secure, we are committed to protecting your data.

  • Encryption and data transmission
    • we use TLS 1.2 or higher to encrypt data in transit between your browser and our servers;
    • where appropriate, we encrypt sensitive data at rest using industry-standard cryptographic algorithms;
    • we regularly review our encryption configurations to address emerging threats as of 2026.
  • Access controls and authentication
    • access to personal data is restricted to authorised personnel who require it for their roles;
    • we implement role-based access controls and approval workflows for privileged access;
    • we encourage strong passwords and may support or require multi-factor authentication (MFA) for certain administrative or high-risk operations.
  • Infrastructure and application security
    • we deploy firewalls, intrusion detection and prevention systems, and other security tools to monitor and protect our infrastructure;
    • we apply security patches and updates in a timely manner;
    • we conduct internal and, where appropriate, external security assessments and audits of critical systems.
  • Organisational measures
    • staff with access to personal data receive periodic training on data protection, confidentiality, and security best practices;
    • we maintain policies on information security, acceptable use, and incident management;
    • we require contractors and service providers to implement appropriate security measures.
  • Incident response
    • we maintain procedures for responding to data security incidents, including detection, containment, investigation, and remediation;
    • where required by law, we will notify relevant authorities and affected individuals of significant data breaches without undue delay.

While we strive to protect your data, you are responsible for maintaining the confidentiality of your login credentials and for securing your own devices and internet connection.

Complaints & Contacts

OBSERVE: Users must have clear channels for questions and complaints, and information on how to escalate to supervisory authorities where available.

EXPAND: While the Site is offshore and primarily subject to Curacao and other international frameworks, we outline a practical complaint process and indicate possible external escalation paths, noting potential jurisdictional limits.

REFLECT: The following mechanisms are available if you have questions, concerns, or complaints about our handling of personal data.

Contacting us

  • Primary contact for privacy matters:
    • Email: [email protected]
    • Postal address: not specified; please contact us by email to obtain the most appropriate correspondence details, if available.
  • Online forms: if an online contact or complaint form is made available on fafabet9-aussie.com, you may use it to submit your request or complaint.

Complaint procedure

  1. Initial submission: send us a detailed description of your concern, including relevant dates, account identifiers, and any supporting evidence.
  2. Acknowledgement: we will acknowledge receipt of your complaint within seven (7) business days, where feasible.
  3. Investigation: we will review your complaint, consult relevant internal teams, and may request additional information from you.
  4. Response: we aim to provide a substantive response within thirty (30) days. If more time is needed due to complexity, we will inform you of the delay and expected timeframe.
  5. Further steps: if you are not satisfied with our response, you may request that your complaint be escalated internally for further review.

Escalation to supervisory authorities

Given the offshore and grey-market nature of operations:

  • Australia: The Office of the Australian Information Commissioner (OAIC) is the main regulator for privacy under the Australian Privacy Act. However, its jurisdiction over offshore gambling operators may be limited. Further information:
  • EU data protection authorities: If you are located in the European Union and believe your rights under EU law have been infringed, you may have the right to lodge a complaint with your local supervisory authority. Contact details are available via the European Data Protection Board:
  • Mexican data protection authority (IFAI/INAI): The Instituto Nacional de Transparencia, Acceso a la Información y Protección de Datos Personales supervises privacy in Mexico. This may be relevant only if our operations directly fall within its jurisdiction:
    • Website: https://home.inai.org.mx

Please note that the ability of any particular authority to take action against Fafabet 9 or fafabet9-aussie.com may be constrained by the offshore Curacao licensing framework and the cross-border nature of our activities.

Updates

OBSERVE: Privacy practices evolve due to legal, technical, and business changes.

EXPAND: Users should be informed of material changes through multiple channels, with reasonable notice where changes significantly affect them.

REFLECT: We maintain version control and notification procedures as follows:

  • Changes to this Privacy Policy
    • we may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors;
    • each version will be identified by the "Last updated" date at the end of the document.
  • Notification methods
    • Email: where you have an active account, we may send you an email notice regarding material changes;
    • Website banners or pop-ups: we may display notices on fafabet9-aussie.com to inform you of important updates;
    • Account dashboard: we may post alerts or messages in your account area.
  • Advance notice for significant changes
    • for changes that materially affect your rights or the way we use your data (for example, new categories of data or new purposes), we will, where feasible, provide at least thirty (30) days' advance notice before the changes take effect;
    • during this period, you may review the updated policy and decide whether to continue using the Site.
  • Your options
    • if you do not agree with the updated Privacy Policy, you may stop using the Site and, where applicable, request account closure by contacting us;
    • continued use of the Site after the effective date of an updated Privacy Policy will constitute your acceptance of the changes, to the extent permitted by law.

Last updated: January 2026