burger icon
Madnix Review Australia
Log In

Privacy Policy

This Privacy Policy explains how Madnix, operated in connection with the website madnix-aussie.com, collects, uses, discloses, and protects personal information of Australian visitors and users. It applies to all individuals who access or use madnix-aussie.com, including prospective and existing players, and to any related communication channels described in this document. By using madnix-aussie.com, you confirm that you have read and understood this Privacy Policy. This Privacy Policy is effective as of 1 January 2026 and supersedes any previous version relating to Madnix and madnix-aussie.com.

Who We Are

OBSERVE: Users need to know the legal identity, contact channels, and responsible person for privacy matters. EXPAND: We integrate Curacao licensing data and AU-facing brand information. REFLECT: This section clarifies who controls your data and how to reach us.

The Madnix project is an informational and review service operated in connection with the Australian-facing brand website madnix-aussie.com (the "Site"). The online gambling services promoted and referenced on the Site are operated by:

Operator / Data Controller (for gambling account-related data)
The Luck Factory B.V.
Legal form: Besloten Vennootschap (private limited liability company)
Registered address / legal address: Kaya Richard J. Beaujon Z/N, Curacao
Licensing reference: Curacao eGaming, Master License 1668/JAZ (CEG)
Operator jurisdiction: Curacao

Site & Brand Context
This Privacy Policy applies to the use of madnix-aussie.com in the context of Madnix as an AU-facing review and information resource. Any references to "Madnix", "we", "us", or "our" in this document refer to The Luck Factory B.V. in connection with the Madnix brand as made available via madnix-aussie.com, unless stated otherwise.

Data Protection Contact / DPO Contact

  • Email (primary privacy & support): [email protected]
  • Email (general information & legal notices): [email protected]
  • Postal contact (privacy correspondence): The Luck Factory B.V., Attn: Privacy Officer, Kaya Richard J. Beaujon Z/N, Curacao

We may designate a Data Protection Officer or equivalent privacy-responsible person. You may contact this person using the email addresses above, clearly indicating "Privacy" or "Data Protection" in the subject line.

What Personal Data We Collect

OBSERVE: AU-facing online gambling and review services process identity, technical, financial, and behavioral data. EXPAND: We distinguish account-related data from browsing and marketing data. REFLECT: This section transparently lists all main categories of information.

Identification and Contact Data

  • Basic personal details: full name, date of birth, gender (if provided), nationality, country of residence.
  • Contact information: email address, phone number, postal address, and communication preferences.
  • Verification documents: copies or data from identity documents (passport, ID card, driver's licence), proof of address, and any documents provided for Know Your Customer (KYC) or age/identity verification.

Account and Usage Data

  • Account data: username, encrypted password, security questions, account settings, language and currency preferences.
  • Service interaction data: login and logout timestamps, session identifiers, visited pages, clicks, scrolling, navigation paths, and time spent on site sections.
  • Gambling-related behavioral data: game preferences, betting history, stakes, wins and losses, bonuses used, wagering progress, self-exclusion settings, session limits, and responsible gambling tools usage.

Technical and Device Data

  • Technical identifiers: IP address, approximate geolocation derived from IP (country, region), device identifiers, browser type and version, operating system, screen resolution, and language settings.
  • Logs: server logs, error logs, access logs, and diagnostic information that may contain IP addresses, timestamps, and request metadata.

Payment and Financial Data

  • Transaction data: deposits, withdrawals, payment methods used, transaction amounts, currencies, timestamps, and status.
  • Payment instrument data: partially masked card numbers, card expiry dates, cardholder name, payment account identifiers (e.g., e-wallet IDs, bank account references), as provided via secure payment gateways.
  • Financial verification data: documents or data provided for source-of-funds or source-of-wealth checks, where required by AML/CTF regulations.

Marketing and Communication Data

  • Marketing preferences: subscription status to newsletters, promotional SMS/email preferences, opt-in/opt-out records, and consent timestamps.
  • Communication records: emails, support chats, complaints, feedback, survey responses, and call logs (if applicable).

Cookies and Similar Technologies

  • Cookie identifiers: unique cookie IDs linked to your browser or device.
  • Tracking technologies: web beacons, pixels, tags, SDKs, and local storage objects used for analytics, fraud prevention, and advertising (where permitted).

Where required by applicable law, certain information (such as optional marketing data or some cookies) will only be collected and processed if you have provided your explicit consent.

Legal Basis for Processing

OBSERVE: AU users are served by an offshore operator; primary frameworks are contract, consent, legitimate interests, and legal obligations (including KYC/AML). EXPAND: We align with international privacy principles comparable to the GDPR and similar global standards. REFLECT: This section explains why we are legally allowed to process your data.

Performance of a Contract

  • Account creation and operation: We process your identification, contact, and account data to register your account, authenticate logins, provide games and services, process deposits and withdrawals, and manage your participation in promotions.
  • Customer support: We use your contact and account information to respond to inquiries, handle complaints, and provide assistance.
  • Responsible gambling tools: We process behavioral and account data to apply self-exclusion, limits, and other tools requested or required under our terms.

Compliance with Legal and Regulatory Obligations

  • KYC / AML / CTF requirements: We process identity, verification, financial, and transactional data to meet anti - money laundering, counter-terrorism financing, and customer due diligence obligations applicable in our licensing jurisdiction.
  • Age and identity verification: We verify that users are legally permitted to gamble and that accounts are not misused.
  • Record-keeping and reporting: We maintain and, where required, report data to competent authorities (for example, Curacao regulators or other competent bodies) to comply with licensing and legal requirements.

Legitimate Interests

  • Service security and integrity: We process technical, behavioral, and account data to detect and prevent fraud, abuse, collusion, money laundering, bonus misuse, and other unlawful or inappropriate activities.
  • Service improvement and analytics: We use aggregated or pseudonymised data to analyse performance, improve user experience, test new features, optimise marketing campaigns, and maintain system stability.
  • Enforcement of our rights: We process relevant data to enforce terms and conditions, manage disputes, recover debts, and protect our legal interests.

Consent

  • Marketing communications: We send promotional emails, SMS, push notifications, or display targeted offers only where you have consented or where otherwise permitted by law. You may withdraw consent at any time.
  • Cookies and tracking for advertising: Non-essential cookies (e.g., advertising or certain analytics cookies) are used based on your consent, where required.
  • Optional data fields: Additional profile information or survey data that are not required to provide the core services may be processed based on your explicit choice to provide such data.

Vital Interests and Public Interest

  • Protection of individuals: In rare cases, we may process and share data where necessary to protect the vital interests of users or third parties (for example, when responding to law enforcement requests in emergency situations) or to contribute to the prevention of serious crimes.

Purpose of Processing

OBSERVE: Users must understand how their data is used in practice. EXPAND: We connect data categories and legal bases to concrete purposes. REFLECT: This section clarifies our processing activities in user-centric terms.

  • Provision of services: To create and manage user accounts, provide access to games and features, process payments, credit winnings, and deliver customer support.
  • Regulatory compliance: To verify identity and age, conduct KYC/AML checks, monitor transactions, maintain regulatory records, and respond to requests from competent authorities.
  • Responsible gambling: To monitor gambling activity, identify indicators of harm, offer or apply limits and self-exclusion measures, and communicate responsible gambling information.
  • Service optimisation and analytics: To measure site performance, understand usage patterns, improve navigation and game offerings, conduct A/B testing, and develop new features.
  • Fraud prevention and security: To authenticate users, protect accounts, detect suspicious behaviour, prevent chargebacks, limit cyberattacks, and maintain the integrity of our systems.
  • Marketing and personalisation: To send promotional messages (where permitted), provide personalised offers, tailor content to your interests, and measure the effectiveness of campaigns.
  • Communication and relationship management: To send service announcements, policy updates, transactional notifications (e.g., deposit confirmations), and responses to support requests.
  • Business operations: To conduct internal audits, risk management, financial reporting, and corporate governance activities relevant to The Luck Factory B.V. and associated brands.

Disclosure & Sharing

OBSERVE: Data must sometimes be shared with third parties and authorities. EXPAND: We distinguish categories of recipients and conditions for sharing. REFLECT: This section explains with whom, when, and why data may be shared.

Service Providers and Processors

  • Payment partners: Banks, card schemes, e-wallet providers, payment processors, and financial institutions receive transaction-related data necessary to process deposits, withdrawals, and chargebacks.
  • IT and hosting providers: Cloud hosting, data storage, content delivery networks, and technical support providers may process technical and limited personal data under strict contractual safeguards.
  • Verification and AML service providers: Identity verification services, KYC/AML screening tools, and anti-fraud solution providers may process your identification and transactional data for compliance and risk management.
  • Analytics and performance tools: Providers of analytics platforms and monitoring tools may process pseudonymised traffic data, subject to our instructions and applicable cookie/consent rules.

Affiliates and Group Companies

  • Associated brands: Where relevant and lawful, certain data may be shared within The Luck Factory B.V. group, including associated brands such as Winoui and Wild Sultan, for compliance, risk management, responsible gambling, and consolidated reporting.
  • Marketing affiliates: In limited circumstances and only with your consent (where required), pseudonymised data may be shared with marketing affiliates for attribution, campaign measurement, and offer optimisation.

Regulators, Authorities, and Dispute Bodies

  • Regulatory bodies: Curacao eGaming or other competent regulators may receive data in connection with licensing compliance, audits, or investigations.
  • Law enforcement and public authorities: We may disclose data when required by law, court order, or lawful request, or where we reasonably believe disclosure is necessary to prevent or investigate crime or protect the rights, property, or safety of users or third parties.
  • Alternative dispute resolution bodies: Where applicable, data relevant to a complaint or dispute may be shared with independent dispute resolution services or relevant ombudsman bodies.

Business Transactions

  • Corporate restructuring: In the event of a merger, acquisition, sale of assets, or reorganisation involving The Luck Factory B.V. or its brands, user data may be transferred to the relevant third parties, subject to confidentiality safeguards and continued protection of your rights.

Advertising Networks and Third-Party Marketing

  • Advertising partners: Where allowed by law and only with your prior consent where required, we may share pseudonymised identifiers or cookie-based data with advertising networks to deliver or measure targeted advertising.

We do not sell your personal data in the sense of directly transferring identifiable user profiles for monetary consideration. Any sharing is conducted under appropriate contracts, confidentiality obligations, and data protection safeguards.

International Transfers

OBSERVE: Data may be processed in Curacao, the EU/EEA, and other locations where our providers operate. EXPAND: We must explain safeguards for cross-border transfers. REFLECT: This section clarifies how we protect data when it leaves your country.

  • Primary processing locations: Your data may be processed in Curacao (our operator jurisdiction), in EU/EEA member states, and in other countries where our technical, payment, or support providers are located.
  • Standard data protection safeguards: When transferring personal data to countries that may not provide an equivalent level of data protection as your home jurisdiction, we implement appropriate safeguards, which may include:
    • Contractual protections such as standard or model data protection clauses approved or recommended by relevant authorities.
    • Strict confidentiality obligations and access controls for recipients.
    • Technical safeguards such as encryption in transit and at rest.
  • Service provider vetting: We carefully select third-party processors and require them to process personal data only for specified purposes, in accordance with our instructions and with adequate security measures.

By using madnix-aussie.com and related services, you acknowledge that your data may be transferred and processed outside your country of residence, including in Curacao and other jurisdictions, in accordance with this Privacy Policy and applicable law.

Data Retention

OBSERVE: Gambling operators must retain certain records for defined periods, but not indefinitely. EXPAND: We specify periods by category and explain deletion criteria. REFLECT: This section explains how long we keep your data and why.

General Retention Principles

  • We retain personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, satisfy legal, accounting, or reporting requirements, and resolve disputes.
  • When determining retention periods, we consider the nature and sensitivity of the data, potential risks of unauthorised use or disclosure, applicable legal requirements, and our legitimate business needs.

Indicative Retention Periods

  • Account and identification data: Typically retained for the duration of the customer relationship and for up to 5 - 7 years after account closure, to comply with AML, regulatory, and record-keeping obligations.
  • Transactional and financial data: Retained for at least 5 - 7 years after the relevant transaction or account closure, in line with legal and tax requirements and AML/CTF obligations.
  • Behavioral and gambling activity data: Retained for as long as the account is active and for a subsequent period of up to 5 years after closure, subject to regulatory requirements and responsible gambling considerations.
  • Verification documents (KYC/AML): Retained for the periods required by law and regulation, typically 5 - 7 years after the end of the business relationship, unless longer retention is mandated.
  • Marketing and communication data: Retained for as long as you remain subscribed to marketing communications and for a limited period (generally up to 2 years) after opt-out, solely to demonstrate compliance and maintain suppression lists.
  • Technical and log data: Retained for shorter periods (generally from several months up to 2 years), unless a longer period is required for security investigations, legal obligations, or dispute resolution.

Deletion and Anonymisation

  • When data is no longer required, we will securely delete it or irreversibly anonymise it so that you can no longer be identified.
  • In certain circumstances (for example, for statistical or research purposes), we may anonymise your personal data so it can no longer be associated with you; we may then use this information indefinitely without further notice.

Your Rights

OBSERVE: Users expect rights similar to those under modern privacy frameworks (e.g., GDPR-like standards) even when using offshore services. EXPAND: We provide a comprehensive set of rights: access, rectification, erasure, restriction, objection, portability, and withdrawal of consent. REFLECT: This section sets out how you can exercise control over your data and how we respond.

Overview of Rights

  • Right of access: You have the right to obtain confirmation as to whether we process your personal data and, if so, to receive a copy of such data, together with information on how and why it is processed.
  • Right to rectification: You may request the correction of inaccurate or incomplete personal data. In many cases, you can update certain details directly within your account.
  • Right to erasure ("right to be forgotten"): You may request deletion of your personal data where:
    • the data is no longer necessary for the purposes for which it was collected;
    • you withdraw consent (where consent is the sole legal basis);
    • you have successfully objected to the processing; or
    • the data has been unlawfully processed.
    This right is subject to important limitations where we must retain data to comply with legal or regulatory obligations (e.g., AML and record-keeping).
  • Right to restriction of processing: You may request that we restrict the processing of your personal data where:
    • you contest its accuracy (for the period we verify accuracy);
    • processing is unlawful but you oppose erasure and request restriction instead;
    • we no longer need the data but you require it for the establishment, exercise, or defence of legal claims; or
    • you have objected to processing pending verification of our overriding legitimate grounds.
  • Right to object: You may object to processing based on our legitimate interests, including profiling related to such interests. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or where processing is necessary for legal claims.
  • Right to object to marketing: You may object at any time to the processing of your data for direct marketing, including profiling for marketing purposes. We will comply with such requests without delay.
  • Right to data portability: Where processing is based on your consent or on a contract and carried out by automated means, you may request to receive certain personal data in a structured, commonly used, and machine-readable format and to have it transmitted to another controller where technically feasible.
  • Right to withdraw consent: Where we process your data based on your consent (e.g., marketing emails or certain cookies), you have the right to withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

How to Exercise Your Rights

  1. Submit a request: You can exercise your rights by:
    • Emailing us at [email protected] or [email protected], with "Data Rights Request" in the subject line.
    • Providing sufficient information to identify your account (e.g., username, registered email) and specifying the right(s) you wish to exercise.
  2. Verification: For security reasons, we may need to verify your identity before acting on your request, which may involve asking you to provide additional information or documentation.
  3. Response time: We aim to respond to all valid requests within 30 days of receipt. If your request is complex or we receive multiple requests, we may extend this period by an additional 30 days, in which case we will inform you of the extension and reasons.
  4. Fees: Requests are handled free of charge. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded, excessive, or repetitive, where permitted by applicable law.
  5. Limitations: Certain rights may be limited due to applicable legal obligations, particularly those relating to anti - money laundering, counter-terrorism financing, and regulatory reporting. Where we are unable to fully comply with your request, we will explain the reasons, unless restricted by law.

Cookies & Tracking Technologies

OBSERVE: Cookies underpin site functionality, analytics, and marketing. EXPAND: We categorise cookies, explain purposes, and give control options. REFLECT: This section describes how tracking works and how you can manage it.

Types of Cookies Used

  • Strictly necessary (functional) cookies: Essential for basic site functionality, security, and navigation (e.g., maintaining your session, remembering authentication, applying security settings). These cookies are generally set in response to actions you take and cannot be switched off in our systems.
  • Preference cookies: Used to remember your choices, such as language, region (e.g., AU), display settings, and login preferences, to provide a more personalised experience.
  • Analytics and performance cookies: Help us understand how visitors use madnix-aussie.com, which pages are visited most often, and how users interact with our content. Data is usually aggregated and used to improve site performance and user experience.
  • Advertising and targeting cookies: Used, where permitted, to deliver relevant adverts, limit the number of times you see an ad, and measure the effectiveness of campaigns. These cookies may be set by us or our advertising partners.
  • Third-party cookies: Set by third-party services integrated into the Site (e.g., analytics providers, payment processors, or embedded content providers). These third parties may collect data about your online activities over time and across different websites.

Managing Cookies

  • Browser settings: You can configure your browser to block or alert you about cookies. Instructions are available in the help section of most browsers. Blocking some types of cookies may impact your experience and the availability of certain features.
  • On-site controls (where available): We may provide internal cookie or privacy settings on madnix-aussie.com, allowing you to accept or reject specific categories of cookies (except strictly necessary cookies).
  • Opt-out mechanisms: For certain third-party analytics or advertising services, you may opt out directly via the provider's opt-out pages or industry frameworks, where applicable.

By continuing to use madnix-aussie.com without adjusting your cookie settings or, where applicable, by accepting cookies via our on-site tools, you consent to our use of cookies and similar technologies as described in this section.

Data Security

OBSERVE: Online gambling and financial data require robust safeguards. EXPAND: We address encryption, access control, audits, and incident response. REFLECT: This section explains how we protect your data and manage security risks.

Technical and Organisational Measures

  • Encryption in transit and at rest: We use industry-standard Transport Layer Security (TLS 1.2 or higher) to protect data transmitted between your device and our servers. Where appropriate, we encrypt stored data and backups to mitigate the risk of unauthorised access.
  • Access controls: Access to personal data is restricted to authorised personnel who require it for their job functions, based on the principle of least privilege. Access is controlled and monitored using authentication and logging mechanisms.
  • Multi-factor authentication and account security: Internal administrative systems and, where applicable, user accounts may use multi-factor authentication or other enhanced security measures to reduce the risk of unauthorised access.
  • Network and infrastructure security: We implement firewalls, intrusion detection and prevention systems, and regular patching and hardening procedures to protect our infrastructure.

Governance, Training, and Audits

  • Policies and procedures: We maintain internal data protection and information security policies guiding how personal data must be handled and protected across The Luck Factory B.V.
  • Employee training: Staff members who handle personal data receive training on privacy, confidentiality obligations, and secure data handling practices.
  • Audits and assessments: We conduct periodic reviews, risk assessments, and, where appropriate, engage external experts to evaluate the effectiveness of our security controls. Where feasible, we seek alignment with recognised security standards (such as ISO 27001 or SOC 2 - type control frameworks) through internal control practices and supplier selection.

Incident Response

  • Breach detection and response: We maintain procedures for identifying, reporting, and responding to suspected personal data breaches, including technical containment and investigation.
  • Notification: Where required by law, we will notify relevant authorities and affected users without undue delay of any data breach that is likely to result in a high risk to their rights and freedoms, including describing the nature of the breach, potential consequences, and measures taken or proposed.

While we implement robust measures to protect your data, no system can be completely secure. You are responsible for maintaining the confidentiality of your login credentials and for using up-to-date security software on your devices.

Complaints & Contacts

OBSERVE: Users need clear channels for raising privacy concerns and complaints. EXPAND: We define internal escalation and external supervisory avenues. REFLECT: This section explains how to contact us and seek redress.

How to Contact Us

  • Primary contact for privacy matters: [email protected]
  • General and legal inquiries: [email protected]
  • Postal address: The Luck Factory B.V., Attn: Privacy Officer, Kaya Richard J. Beaujon Z/N, Curacao

Internal Complaint Procedure

  1. Submission: Send your complaint or query via email or postal mail, providing your contact details, account identifier (if applicable), and a clear description of your issue.
  2. Acknowledgement: We aim to acknowledge receipt of your complaint within 5 business days.
  3. Investigation: Your complaint will be reviewed by our privacy or compliance team. We may contact you for additional information where necessary.
  4. Response: We will provide a substantive response within 30 days from acknowledgement, explaining our findings and any actions taken. Where more time is required due to complexity, we will inform you of the extension and expected timeframe.

Escalation to Supervisory or Regulatory Authorities

Depending on your location and circumstances, you may have the right to lodge a complaint with a data protection authority or with other relevant regulatory bodies overseeing online gambling or consumer protection. You may, for example, contact:

  • Your local data protection authority: If your country has a dedicated privacy regulator, you may raise concerns with that body in accordance with its procedures.
  • EU data protection authorities (where applicable): If you are located in the European Union or EEA, you may contact your national data protection authority. Details are typically available on the official website of each authority.

We encourage you to first contact us using the channels above so that we can attempt to resolve your concerns directly and efficiently.

Updates

OBSERVE: Privacy policies evolve over time. EXPAND: We must explain how changes will be communicated and when they take effect. REFLECT: This section describes our update and notification procedures.

Changes to This Privacy Policy

  • We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors.
  • Each version will be identified by the "Last updated" date indicated at the end of this document and may include a brief summary of material changes.

Notification of Material Changes

  • Advance notice: For material changes that significantly affect your rights or the way we process your data, we will provide advance notice of at least 30 days before the new terms take effect, where reasonably practicable.
  • Notification methods: We may inform you of changes via:
    • email to the address associated with your account;
    • prominent banners or notices on madnix-aussie.com;
    • messages or alerts in your account dashboard (if applicable).
  • User options: If you do not agree with the updated Privacy Policy, you may choose to stop using the Site and, where applicable, request closure of your account and/or exercise your data rights as described above.

Last updated: January 2026