What are you prepared to lose today? Set a deposit limit. 18+ Australian residents only 1800 858 858 gamblinghelponline.org.au
Login Join

Privacy Policy

upc0z is operated by the Operator, a licensed online wagering operator authorised by Liquor & Gaming NSW under licence number 4597/2024/WB. This Privacy Policy explains how we collect, use, hold, disclose and protect your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). By opening an account with or using upc0z, you acknowledge the practices described in this policy.

We are committed to handling your personal information openly, lawfully and securely. Because we provide a regulated wagering service, we are also subject to obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (the AML/CTF Act), the Interactive Gambling Act 2001 (Cth) and the conditions of our wagering licence.

Effective date: 2026

Version 1.0

Categories of Personal Information We Collect

We collect only the personal information reasonably necessary to provide our service, verify your identity, meet our legal obligations and protect you and other customers from gambling-related harm. The categories we collect include:

  • Identity data — your full name, date of birth, residential address, and details from government-issued identity documents (such as driver licence, passport or Medicare details) used to verify that you are an adult and that you are who you say you are.
  • Account data — your username, account preferences and settings, deposit and spend limits, time-out and cool-off arrangements, and your self-exclusion status.
  • Financial data — deposits and withdrawals, payment instrument details (such as card or bank account information), payout records and full transaction history.
  • Behavioural data — your betting activity, markets and events viewed, session activity, staking patterns and responsible-gambling indicators derived from your play.
  • Technical data — your IP address, device identifiers, browser type and version, operating system, and information collected through cookies and similar technologies. For details on cookies and how to manage them, see our Cookie Policy.
  • Communications data — messages you send to customer support, records or recordings of telephone calls, live-chat transcripts, and your interactions with our marketing communications.

We collect this information directly from you when you register and use your account, and from third parties such as identity-verification providers and payment processors where this is necessary for the purposes described below.

How and Why We Use Your Personal Information

We use your personal information for the following purposes, each connected to a lawful basis or legal obligation:

  1. 1. Providing the wagering service — to open and operate your account, accept and settle bets, and deliver the products and features you request.
  2. 2. Identity verification and AML/CTF compliance — to verify your identity and conduct customer due diligence and ongoing monitoring as required under the AML/CTF Act 2006.
  3. 3. Processing payments — to process deposits, withdrawals and refunds and to maintain accurate financial records.
  4. 4. Preventing fraud and money laundering — to detect, investigate and prevent fraud, collusion, money laundering, terrorism financing and other unlawful activity.
  5. 5. Regulatory reporting — to meet our reporting and record-keeping obligations to AUSTRAC, the Australian Communications and Media Authority (ACMA) and Liquor & Gaming NSW.
  6. 6. Responsible gambling and harm minimisation — to monitor for indicators of gambling harm, apply limits and exclusions, and provide responsible-gambling tools and support.
  7. 7. Direct marketing — to send you offers and promotions about our products where you have consented and not opted out.
  8. 8. Improving our service — to analyse usage, maintain and develop our platform, and enhance security, reliability and the customer experience.
  9. 9. Legal claims and dispute resolution — to establish, exercise or defend legal claims and to resolve complaints and disputes.
  10. 10. Complying with court orders and law enforcement — to comply with subpoenas, court orders, statutory notices and lawful requests from law enforcement and regulators.

Disclosure to Third Parties

We do not sell your personal information. We disclose it only where necessary for the purposes above, and only to the categories of recipients listed below:

  • Regulators — AUSTRAC, the ACMA, the Office of the Australian Information Commissioner (OAIC) and Liquor & Gaming NSW.
  • Racing controlling bodies — Racing NSW, Greyhound Racing NSW and Harness Racing NSW, including for integrity and betting-monitoring purposes.
  • Sporting bodies and Sport Integrity Australia — for integrity monitoring and the investigation of suspicious betting activity.
  • Law enforcement — police and other enforcement agencies where required or authorised by law.
  • Payment processors — banks and payment service providers that process your deposits and withdrawals.
  • KYC and identity-verification vendors — providers that confirm your identity and screen against relevant data sources.
  • Cloud and IT service providers — hosting, infrastructure, data storage and software providers that support our platform.
  • BetStop and the Department of Social Services — the National Self-Exclusion Register operator and the responsible department, to check and apply self-exclusion.

We require our service providers to handle your information consistently with this policy and the APPs.

Data Retention

We retain personal information only for as long as it is needed for the purposes for which it was collected or as required by law. In particular, records we are required to keep under the AML/CTF Act 2006 — including identity-verification and transaction records — are retained for at least 7 years after your account is closed.

Other categories of data are retained for periods appropriate to their purpose, after which they are securely deleted or de-identified. Where the law requires a longer retention period, or where information is relevant to an ongoing investigation, complaint or legal claim, we retain it for as long as necessary.

Direct Marketing (APP 7)

Where you have consented, we may send you direct marketing about our products and promotions by email, SMS and telephone. Every marketing message includes a simple way to opt out, and you can also withdraw your consent at any time by contacting customer support at our support email (see Contact Us) or updating your account preferences.

If you are registered with BetStop, the National Self-Exclusion Register, you will be automatically removed from all marketing communications and we will not send you gambling advertising. Opting out of marketing does not affect service messages we are required to send about your account.

Data Breach Notification

We maintain processes to detect, contain, assess and respond to data breaches. If a data breach occurs that is likely to result in serious harm to affected individuals, we will comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth). This includes promptly assessing the breach, taking steps to remediate it, and notifying both the affected individuals and the OAIC where the scheme requires us to do so.

Children's Privacy

upc0z is a wagering service restricted to adults aged 18 years and over. We do not knowingly collect personal information from anyone under the age of 18. If we become aware that we have inadvertently collected information from a minor, we will close the relevant account and securely delete that information.

How We Protect Your Information (APP 11)

We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification or disclosure. Our safeguards include encryption of data in transit and at rest, role-based access controls, network and system security monitoring, segregation of sensitive data, staff confidentiality obligations and privacy training, and secure destruction or de-identification of information that is no longer required.

Access, Correction and Our Privacy Officer (APP 12 and APP 13)

You have the right to request access to the personal information we hold about you and to ask us to correct it if it is inaccurate, out of date, incomplete, irrelevant or misleading. We have appointed a Privacy Officer who is responsible for handling these requests and overseeing our compliance with this policy.

To make a request, contact our Privacy Officer:

  • Email: our Privacy Officer (see Contact Us)
  • Post: Privacy Officer, the Operator, 101 Sheridan Street, CAIRNS QLD 4870

We will respond within a reasonable time. In some cases the law permits us to refuse access or correction (for example, where doing so would prejudice an investigation or breach another person's privacy); if we refuse, we will explain why and how you may complain.

Complaints

If you believe we have breached the APPs or mishandled your personal information, please contact our Privacy Officer at our Privacy Officer (see Contact Us) in the first instance. We will acknowledge your complaint and aim to resolve it promptly. For general or service-related complaints, see our Complaints page.

If your complaint is not resolved to your satisfaction within 30 days, you may refer it to the Office of the Australian Information Commissioner:

  • Website: oaic.gov.au
  • Phone: 1300 363 992
  • Post: GPO Box 5288 Sydney NSW 2001

Overseas Disclosure (APP 8)

Some of our service providers — particularly cloud hosting, IT and identity-verification vendors — may be located outside Australia or may store data overseas. Where we disclose personal information to an overseas recipient, we take reasonable steps to ensure the recipient handles it consistently with the APPs, including through contractual data-protection obligations and appropriate security controls. Where required, we will seek your consent before any overseas disclosure that is not otherwise permitted under APP 8.

Related Information and Cross-References

This policy should be read together with our Cookie Policy, which explains the cookies and similar technologies we use, and with the collection notice shown to you when you open an account, which provides specific detail about the information collected at registration and how it is used.

We may update this Privacy Policy from time to time. The current version and its effective date are shown at the top of this page, and material changes will be communicated to you where required.

See also: Cookie Policy, Complaints, AML and CTF.