Lizaro Privacy Policy

Last updated: May 21, 2026

Lizaro operates under Sligo Limited and processes personal data to deliver secure casino and sportsbook services to Australian players. This policy explains what data is collected, how it is used and the legal grounds that support processing activities. All data handling aligns with international privacy standards and operational requirements set by Ireland's remote bookmaker framework.

When users access Lizaro services, personal information is collected through registration forms, payment transactions and browsing behaviour. Data processing supports account management, payment verification, security controls and compliance with anti-money laundering regulations. Users retain control over their information through access, correction and deletion rights explained in this document.

Definitions and Scope

This section translates privacy terminology into language users encounter during registration, deposit and withdrawal actions. Definitions clarify what personal data means in practice and how Lizaro services interact with user information. Understanding these terms helps users recognise when data collection occurs and why specific details are requested.

Interpretation of Terms

Personal data refers to any information that identifies a user directly or indirectly, including name, email address, phone number, date of birth and payment details. Processing covers collection, storage, use, disclosure and deletion of this information. The operator, Sligo Limited, acts as the data controller responsible for deciding how personal data is processed across Lizaro services.

Account means the user profile created during registration, which stores identity details, transaction history and preferences. Device refers to the computer, smartphone or tablet used to access Lizaro casino and sportsbook platforms through web browsers. Third parties include payment processors, identity verification providers and platform service partners who support operational functions.

Policy Application

This policy applies to all users who access Lizaro casino services through lizaro-casino-official.com and associated mirror domains. It covers data collected during account creation, gameplay, payment processing and customer support interactions. The policy does not extend to external websites linked from Lizaro pages, which operate under separate privacy frameworks.

Users who visit the site without registering still generate technical data through cookies and server logs. Active account holders provide additional personal information required for identity verification, payment processing and compliance checks. All processing activities described in this document relate to services delivered under Remote Bookmaker Licence 1020369.

Categories of Personal Data

Lizaro collects different types of personal information based on user actions. Registration forms capture identity details, while payment transactions generate financial records. Browsing activity produces technical data that supports platform functionality and security monitoring. Each category serves specific operational purposes explained throughout this policy.

Identity Information

Identity data includes full name, date of birth, gender, nationality and government-issued identification numbers. During registration, users provide email addresses, phone numbers and create passwords. KYC verification requires passport details, driver licence numbers or Medicare card information to confirm identity before the first withdrawal.

Proof of address documents such as utility bills or bank statements validate residential details. Users may submit additional source-of-funds documentation during enhanced due diligence reviews triggered by large deposits or unusual transaction patterns. Verification photos showing payment cards with visible details support ownership confirmation for card deposits.

Contact Details

Contact data consists of email addresses, phone numbers, postal addresses and communication preferences. Email serves as the primary account identifier and receives transaction confirmations, bonus notifications and policy updates. Phone numbers enable two-factor authentication and account recovery processes.

Residential addresses appear on proof-of-address documents and must match details provided during registration. Marketing preferences control whether users receive promotional emails about reload bonuses, tournaments and cashback offers. Users can adjust these settings through account management tools or by contacting support at support@lizaro.com.

Technical and Usage Data

Technical data captures IP addresses, device types, browser versions, operating systems and screen resolutions. Cookies store session identifiers, language preferences and browsing behaviour across visits. Server logs record timestamps, page views, click patterns and navigation paths through the casino and sportsbook sections.

Usage data tracks games played, bet amounts, win and loss records, deposit and withdrawal frequencies. Login history shows timestamps, device fingerprints and geolocation signals used for security monitoring. Payment method selections, currency preferences and bonus participation patterns contribute to user profiles that support service personalisation and fraud detection.

Purposes of Data Processing

Personal information supports core functions required to operate casino and sportsbook services. Data processing enables account creation, payment transactions, regulatory compliance and platform security. Each purpose connects to specific user actions and operational requirements that make services functional and legally compliant.

Service Delivery

Lizaro processes identity data to create user accounts, authenticate logins and maintain profile information. Contact details enable transaction confirmations, password resets and customer support responses. Technical data supports website functionality, session management and compatibility across devices.

Payment information facilitates deposits through cards, e-wallets, bank transfers and cryptocurrency. Withdrawal processing requires verification of payment method ownership before cashouts reach user accounts. Bonus eligibility checks cross-reference deposit history, wagering progress and account status to apply promotional terms correctly.

Compliance and Verification

KYC procedures use identity documents to confirm user age, name and address before processing withdrawals. Anti-money laundering controls analyse transaction patterns, source-of-funds documentation and payment method ownership. Licence obligations under Remote Bookmaker Licence 1020369 require maintaining records of player verification, transaction histories and responsible gambling interactions.

Fraud prevention systems monitor login behaviour, device fingerprints and betting patterns for duplicate accounts, bonus abuse or unauthorised access attempts. Risk reviews trigger manual checks when large payments, profile changes or unusual activity patterns indicate potential security concerns. Compliance teams retain records for audit purposes and regulatory reporting to Irish Revenue Commissioners.

Analytics and Improvement

Usage data supports analysis of game performance, popular payment methods and user navigation patterns. Aggregated statistics inform platform updates, game selection decisions and payment provider integrations. Technical logs diagnose performance issues, identify browser compatibility problems and optimise loading speeds.

Behavioural data tracks bonus conversion rates, wagering completion patterns and game preferences. These insights shape promotional strategies, loyalty rewards and VIP tier structures. All analytics processing uses de-identified or aggregated data where individual user identification is unnecessary for operational improvement purposes.

Legal Grounds for Processing

Lizaro relies on specific legal bases that justify collection and use of personal data. Different activities operate under different legal grounds, ranging from user consent to contractual necessity. Understanding these foundations clarifies why certain data requests are mandatory while others remain optional.

Consent and Contract

Users provide consent during registration by accepting terms and creating accounts. This consent covers processing necessary to deliver requested casino and sportsbook services. Marketing communications require separate opt-in consent, which users can withdraw through account settings or email unsubscribe links without affecting core service access.

Contractual necessity justifies processing required to perform the user agreement. Account creation, payment processing, game delivery and customer support fall under this basis. Without identity verification and payment details, Lizaro cannot fulfill withdrawal requests or maintain secure accounts, making this processing essential to the service relationship.

Legal Obligations

Licence conditions under Remote Bookmaker Licence 1020369 impose data retention and verification requirements. Anti-money laundering legislation mandates identity checks, transaction monitoring and suspicious activity reporting. Age verification ensures compliance with the 18-plus restriction applicable to online gambling services.

Regulators may request player records during audits or investigations. Tax authorities require transaction documentation for financial reporting. Data retention periods align with statutory timelines that exceed operational needs, ensuring records remain available for compliance purposes even after account closure.

Legitimate Interests

Fraud prevention represents a legitimate interest that protects both users and the platform from unauthorised access and payment abuse. Security monitoring detects duplicate accounts, VPN usage and irregular betting patterns that violate terms. These controls maintain platform integrity without requiring explicit user consent for each security measure.

Business analytics support operational decisions that improve service quality and user experience. Technical optimisation relies on performance data to enhance loading speeds and compatibility. Direct marketing to existing customers constitutes a legitimate interest, balanced against user rights to opt out of promotional communications.

Data Sharing and Disclosure

Lizaro shares personal information with third-party service providers who support platform operations. Data disclosure occurs in specific circumstances related to payment processing, identity verification and regulatory compliance. No user information is sold to advertisers or unrelated commercial entities.

Service Providers

Payment processors receive transaction details, card numbers and billing addresses to complete deposits and withdrawals. E-wallet providers like Skrill, Neteller and MiFinity process payments through their systems. Bank transfer services including PayID and Osko handle AUD transactions between user accounts and Lizaro cashier systems.

Identity verification vendors analyse passport scans, driver licence images and proof-of-address documents during KYC checks. GMBL Tech provides platform services that support account management, game integration and technical infrastructure. Cloud hosting providers store user data on secure servers located in jurisdictions with adequate data protection standards.

Regulatory Disclosure

Irish Revenue Commissioners may request player records during licence compliance audits. Anti-money laundering authorities receive suspicious activity reports when transaction patterns trigger investigation thresholds. Law enforcement agencies obtain data through legal processes such as court orders or subpoenas related to criminal investigations.

Licensing bodies access operational records to verify compliance with responsible gambling, age verification and player protection requirements. Tax authorities receive transaction summaries for financial reporting and audit purposes. All regulatory disclosures follow formal request procedures and include only information necessary to fulfill legal obligations.

Business Transfers

Corporate restructuring, mergers or acquisitions may transfer user data to successor entities. In such events, users receive notification about ownership changes and policy updates. Data protection obligations continue under new ownership, ensuring consistent privacy standards across business transitions.

Bankruptcy or insolvency proceedings may include user databases as business assets subject to transfer or liquidation. Regulatory approvals govern these transactions to ensure data protection remains intact. Users retain rights to access, correct or delete personal information regardless of ownership structure changes.

Data Retention Periods

Lizaro retains personal information for defined periods based on operational needs and legal requirements. Active accounts maintain full data access while inactive accounts undergo progressive data minimisation. Deletion timelines vary by data category and regulatory obligations that extend beyond account closure.

Account Lifecycle

Active accounts retain complete user profiles, transaction histories and verification documents indefinitely while registration remains valid. Inactive accounts without logins for 12 consecutive months receive email notifications about pending data review. Accounts inactive for 24 months enter dormant status with restricted data retention limited to compliance records.

Closed accounts by user request trigger immediate service termination but maintain financial and compliance records for regulatory periods. Identity documents, transaction logs and bonus history remain stored for five years after closure to meet anti-money laundering and tax reporting obligations. Marketing data is deleted within 30 days of account closure unless ongoing legal claims require retention.

Transaction Records

Payment histories, deposit receipts and withdrawal confirmations remain stored for seven years to satisfy financial auditing and tax compliance requirements. Bet records, game session logs and wagering histories support dispute resolution and responsible gambling monitoring for five years after transactions occur.

KYC documents including passports, driver licences and proof-of-address records remain archived for five years post-closure. Source-of-funds documentation and enhanced due diligence files follow the same retention schedule. Technical logs and IP address records are deleted after 12 months unless flagged for security investigations or legal proceedings.

Deletion Procedures

Users can request account closure and data deletion through customer support at support@lizaro.com. Deletion requests undergo verification to confirm account ownership before processing begins. Non-compliance records including identity documents and transaction histories remain stored beyond deletion requests to meet regulatory obligations.

Automated deletion processes remove marketing data, session cookies and technical logs after defined retention periods expire. Aggregated statistics stripped of personal identifiers remain stored indefinitely for business analytics. Backup systems maintain deleted data for 90 days before permanent removal to enable recovery from technical failures.

User Rights and Controls

Users hold rights over their personal data that enable access, correction and deletion requests. Exercising these rights requires contacting customer support with verification details. Limitations apply when legal obligations or security concerns override deletion or restriction requests.

Access and Portability

Users can request copies of personal data held in Lizaro systems by emailing support@lizaro.com with account verification details. Access requests receive responses within 30 days containing identity information, transaction histories and profile settings. Data portability requests deliver structured files in machine-readable formats suitable for transfer to other services.

Account dashboards provide direct access to transaction histories, bonus records and active payment methods. Users view deposit and withdrawal summaries, wagering progress and loyalty point balances through self-service tools. KYC document copies require manual support requests due to security protocols governing identity file access.

Correction and Deletion

Users correct profile details including email addresses, phone numbers and postal addresses through account settings or support requests. Name and date-of-birth changes require verification documents to prevent identity fraud. Incorrect transaction records or bonus calculations are reviewed by support teams who investigate discrepancies and apply corrections when errors are confirmed.

Deletion requests trigger account closure procedures that remove marketing data and session information within 30 days. Compliance records including KYC documents and transaction histories remain stored for regulatory periods despite deletion requests. Users receive confirmation when deletion processes complete and explanations of retained data categories.

Restriction and Objection

Users can restrict processing by requesting temporary account suspension while disputes or verification issues are resolved. Marketing opt-outs stop promotional emails immediately while maintaining account access and transactional communications. Objections to legitimate interest processing require case-by-case review to balance user rights against operational security needs.

Withdrawal of consent halts optional data processing such as analytics cookies and behavioural tracking. Core service functions relying on contractual necessity continue despite consent withdrawal. Users who object to all processing must close accounts, as service delivery requires minimum data collection for identity verification and payment processing.

Security Measures

Lizaro implements technical and organisational controls to protect personal data from unauthorised access, disclosure and loss. Security systems operate across network infrastructure, application layers and data storage environments. Protection measures balance operational requirements against evolving cyber threats and regulatory expectations.

Technical Protections

SSL encryption secures data transmission between user devices and Lizaro servers during login, payment and account management sessions. Database encryption protects stored personal information including identity documents, payment details and transaction records. Password hashing prevents exposure of user credentials even if databases are compromised.

Firewalls restrict network access to authorised systems and block malicious traffic patterns. Intrusion detection monitors server activity for unauthorised access attempts and suspicious behaviour. Regular security updates patch vulnerabilities in platform software, payment integrations and third-party services.

Access Controls

Role-based permissions limit employee access to personal data based on job functions. KYC review teams access identity documents while payment processors view transaction details. Administrative access requires multi-factor authentication and generates audit logs tracking data queries and system changes.

User account security relies on password complexity requirements and optional two-factor authentication. Login monitoring detects unusual access patterns including new devices, foreign IP addresses and rapid login attempts. Suspicious activity triggers account reviews and temporary restrictions until identity is reconfirmed through support channels.

Incident Response

Data breach procedures activate immediate containment measures to limit unauthorised access and secure affected systems. Impact assessments determine which user records were exposed and what risks arise from the breach. Notification processes inform affected users within 72 hours when significant privacy impacts are identified.

Security teams investigate breach causes, patch vulnerabilities and implement additional controls to prevent recurrence. Regulatory reporting follows licence obligations under Irish oversight frameworks. Post-incident reviews update security policies and employee training to address identified weaknesses.

Cookies and Tracking

Lizaro uses cookies and similar technologies to support website functionality, personalise user experience and analyse platform performance. These small data files are stored on user devices and enable session management, preference retention and behavioural tracking. Users control cookie settings through browser configurations and on-site management tools.

Cookie Categories

Essential cookies cannot be disabled without impairing core platform functions. Functional, analytics and marketing cookies require user consent during initial site visits. Consent choices apply across all Lizaro domains and remain active until users modify cookie preferences or clear browser data.

Tracking Technologies

Pixel tags embedded in emails track open rates and link clicks for promotional campaigns. Web beacons monitor page engagement and user flow through registration, deposit and gameplay sequences. Device fingerprinting combines browser settings, screen resolution and installed fonts to detect duplicate accounts and bonus abuse patterns.

Third-party analytics services including Google Analytics collect aggregated usage statistics. Social media pixels track referrals from Facebook and Twitter campaigns. Affiliate cookies attribute new registrations to marketing partners and calculate commission payments based on player activity.

User Controls

Browser settings allow users to block or delete cookies across all websites. Chrome, Safari and Firefox provide cookie management tools in privacy preference menus. Mobile users control tracking through iOS and Android system settings that restrict cross-site data sharing.

Lizaro cookie management panels accessed through site footers enable granular control over analytics and marketing cookies. Disabling optional cookies does not affect account access but may reduce personalisation features. VPN and proxy usage combined with cookie blocking can trigger security reviews due to fraud prevention protocols.

Third-Party Links

Lizaro pages contain links to external websites operated by game providers, payment processors and affiliate partners. These third parties maintain independent privacy policies and data handling practices. Users who navigate to external sites leave Lizaro's privacy framework and enter separate data protection environments.

External Websites

Game providers like Pragmatic Play, Evolution and NetEnt host content accessed through embedded frames within Lizaro pages. Payment processors including Skrill, Neteller and cryptocurrency exchanges manage transactions on their platforms. Affiliate sites and review portals link to Lizaro registration pages but operate under distinct ownership and policies.

Social media integrations enable sharing casino achievements on Facebook and Twitter. Responsible gambling resources link to external support organisations like Gambling Help Online. These third parties collect data according to their privacy policies, which users should review before providing personal information.

Responsibility Boundaries

Lizaro does not control data practices of linked websites or guarantee their privacy standards. Users who submit payment details to e-wallet providers or identity documents to verification services interact directly with those entities. Disputes arising from third-party data handling fall outside Lizaro's responsibility and require resolution through respective service providers.

Affiliate partnerships involve data sharing limited to referral tracking and commission calculations. Marketing partners receive aggregated conversion statistics without access to individual user profiles. Payment processors obtain transaction details necessary to complete deposits and withdrawals but do not receive broader account information.

Children and Minors

Lizaro prohibits registration and gameplay by individuals under 18 years of age. Age verification procedures prevent minors from creating accounts and accessing casino services. Data collected from underage users is deleted immediately upon discovery, and accounts are closed permanently.

Age Restrictions

Registration forms require date-of-birth entry with automated checks blocking submissions indicating age below 18. KYC verification reviews identity documents to confirm birth dates match registration details. Accounts flagged for potential underage access undergo manual review with suspension until age is verified through government-issued identification.

Parental control software and device restrictions help prevent minors from accessing gambling sites. Marketing materials include age restriction warnings and avoid imagery appealing to children. Responsible gambling resources provide guidance for parents concerned about underage gambling exposure.

Data Removal

Accounts confirmed as belonging to minors are closed immediately with full data deletion within 48 hours. Transaction histories, identity documents and contact information are purged from active systems. Regulatory reports document underage access incidents and corrective measures taken to prevent recurrence.

Deposits from underage accounts are refunded to source payment methods after verification of parental ownership. Winnings are voided and account balances forfeited per terms prohibiting minor participation. KYC records are retained only as long as required for regulatory reporting before permanent deletion occurs.

International Transfers

Lizaro processes data across multiple jurisdictions through hosting providers, payment processors and service partners located outside Australia. International transfers rely on adequacy decisions, standard contractual clauses and security measures that maintain protection levels during cross-border data flows.

Transfer Mechanisms

Cloud hosting infrastructure stores user data on servers located in Europe and North America. Payment processors route transactions through international banking networks spanning multiple countries. GMBL Tech platform services operate from jurisdictions with data protection frameworks recognised as providing adequate safeguards.

Standard contractual clauses govern data sharing with third parties in countries lacking adequacy decisions. These legal instruments impose binding obligations on data recipients to maintain protection standards equivalent to Australian expectations. Service agreements include audit rights and breach notification requirements.

Data Protection Standards

International partners implement encryption, access controls and security monitoring equivalent to measures used within Australia. Technical safeguards protect data in transit and at rest regardless of server location. Contractual obligations require third parties to notify Lizaro of security incidents and cooperate with regulatory investigations.

Users acknowledge that international transfers are necessary for service delivery involving payment processing, game provision and platform operation. Objections to specific transfer destinations may limit available payment methods or game selections. Withdrawal of consent for international transfers prevents account maintenance and requires service termination.

Policy Updates

Lizaro reviews this privacy policy periodically to reflect operational changes, regulatory updates and service expansions. Modifications take effect immediately upon publication with notification through email, account messages or homepage banners. Continued use after updates constitutes acceptance of revised terms.

Change Notifications

Material changes affecting user rights or data processing purposes trigger direct email notifications to active account holders. Minor updates correcting errors or clarifying existing practices are published without individual notice. The last-updated date at the top of this document reflects the most recent revision.

Users who disagree with policy changes can close accounts and request data deletion before new terms take effect. Continued gameplay, deposits or account access after notification periods indicates acceptance of updated privacy practices. Regulatory changes imposed by licensing authorities may require immediate implementation without advance notice.

Review Frequency

Annual reviews assess policy accuracy against current operational practices and regulatory requirements. Service expansions including new payment methods, game providers or marketing channels prompt interim updates. User feedback and support inquiries identifying unclear policy sections trigger clarification amendments.

Archived policy versions remain accessible through customer support requests for users who need historical documentation. Legal disputes or regulatory audits may reference previous policy versions applicable at the time of specific transactions or data processing activities.

Contact Information

Users exercise privacy rights, submit data requests or raise concerns by contacting Lizaro customer support. Email and live chat channels handle privacy inquiries alongside standard account assistance. Response times vary based on request complexity and verification requirements.

Support Channels

Email support@lizaro.com for data access requests, correction submissions, deletion inquiries or consent withdrawals. Include account email, username and verification details to expedite identity confirmation. Support teams respond within 72 hours with request status updates or additional information requirements.

Live chat provides immediate assistance with privacy questions during 24/7 availability periods. Complex requests requiring legal review or data retrieval are escalated to specialised privacy teams. Phone support is not available, but email and chat channels ensure comprehensive coverage of privacy inquiries.

Request Processing

Data access requests deliver complete user profiles within 30 days through secure email attachments or account dashboard downloads. Correction requests update profile details immediately after verification checks confirm accuracy. Deletion requests trigger account closure procedures with compliance records retained per regulatory schedules.

Objections to processing require case-by-case review balancing user rights against legal obligations and security needs. Marketing opt-outs take effect within 48 hours across email, SMS and in-platform promotional channels. Complex privacy disputes may involve escalation to data protection officers or regulatory authorities for resolution.