Privacy Policy

This Privacy Policy explains how Redspin, operating via redspin-aussie.com (the "Website"), collects, uses, discloses, and protects personal information of players, account holders, and Website visitors. It applies to all persons who access or use our Website or related services, whether or not they register an account or place real-money wagers. By using the Website, you acknowledge that you have read and understood this Privacy Policy.

This Privacy Policy is effective as of 1 January 2026 and supersedes any earlier version published on the Website.

Who We Are

OBSERVE: The corporate and contact information provided to you is limited and some details have not been specified. EXPAND: To give you a clear point of contact and to comply with general privacy and online gambling industry standards, we identify ourselves functionally and provide reliable electronic contact channels. REFLECT: The information below is what you should use for all privacy-related questions and requests.

For the purposes of this Privacy Policy, references to "Redspin", "we", "us" or "our" mean the operator of the Redspin online casino offering for Australian players under the project domain redspin-aussie.com. The operator is an offshore online gambling company that purports to hold a Curaçao sub-licence under master licence 365/JAZ for the provision of online casino and gambling services.

Important notice for Australian users: We operate offshore and are not licensed under Australian law. Our services are offered in contravention of the Interactive Gambling Act 2001 (Cth). While it is not a criminal offence for individuals in Australia to access offshore gambling services, the Australian Communications and Media Authority (ACMA) has powers to block our domains and take enforcement action against us as an operator.

Because certain formal details such as our full legal company name, registered office address and company registration number are not specified in the information available to us, we designate the following as your primary privacy contact points:

• Data Protection Contact / Privacy Department: Data Protection Officer (DPO) - Redspin
• Email (primary for privacy and data requests): [email protected]
• Email (general and legal enquiries): [email protected]
• Website: https://redspin-aussie.com

Additional non-privacy-specific contact channels include:

• Sales: [email protected]
• Press: [email protected]
• HR: [email protected]

If and when we publish complete company and registration details, those will be displayed in this section and will form part of this Privacy Policy.

What Personal Data We Collect

OBSERVE: When you visit or use redspin-aussie.com, we receive a combination of information that you provide, that is generated through your use of our services, and that is collected automatically through technical means. EXPAND: These data categories are necessary for account operation, payment processing, game provision, security, analytics, and compliance. REFLECT: Below we outline the main categories of personal and technical data that Redspin may collect and process.

Identification and Contact Data

• Full name, date of birth and gender.
• Residential address, country of residence and billing address.
• Contact details such as email address, telephone number and any communication handles you choose to share (e.g. live chat nickname).
• Copies of identity documents and verification data (e.g. passport, national ID, driver's licence, utility bills, bank statements, payment card snapshots) provided for Know Your Customer (KYC), age verification, fraud prevention and Anti-Money Laundering (AML) purposes.

Account and Usage Data

• Username, account ID, password hashes and security question/answer information.
• Account status, registration date, login history, session time stamps and language or interface preferences.
• In-game and on-site preferences, such as favourite games, bet limits, reality-check settings and responsible gambling tools you enable.

Gaming and Behavioural Data

• Game play history, including games played, time and duration of sessions, bets placed, wins and losses.
• Bonus usage, promotional participation, loyalty points accumulation and redemption.
• Clickstream data and interaction logs, such as pages visited, links clicked, navigation paths, and in-website search queries.
• Flags or indicators relating to suspected bonus abuse, fraudulent behaviour or breaches of our Terms and Conditions.

Payment and Financial Data

• Deposit and withdrawal transaction records, including time, date, amount, currency and payment method used.
• Limited payment instrument information (such as masked credit/debit card numbers, card expiry date, issuing bank, or e-wallet identifiers) as required to process payments and comply with AML requirements.
• Banking or intermediary information shared with us or our payment service providers for the purposes of settlement and verification.

We do not store full card numbers or CVV security codes on our own systems where this is avoidable; such information is generally processed by our authorised payment service providers in compliance with applicable card scheme and security standards.

Technical and Log Data

• IP address and approximate geolocation inferred from it (e.g. city, state, country).
• Device identifiers and information, such as device type, operating system, browser type and version, screen resolution and language settings.
• Server logs including access dates and times, login attempt details, error logs, and system performance metrics.
• Security and integrity data, including data used for intrusion detection, firewall management, DDoS protection, and bot filtering.

Cookies and Similar Technologies

• Cookies (session, persistent and third-party), web beacons, pixels, tags, SDKs and other online identifiers used to distinguish browsers or devices, maintain sessions, remember preferences, perform analytics, and deliver or measure marketing communications.

Voluntary and Communication Data

• Contents of your communications with our support, DPO or other departments via email, live chat, internal messaging or feedback forms.
• Information you voluntarily provide in surveys, feedback requests, contest entries or social media interactions relating to Redspin.

Where we reasonably need additional information for verification, security, or compliance reasons, we may request and collect further data consistent with this Privacy Policy and our legal obligations.

Legal Basis for Processing

OBSERVE: Our processing of personal data must be grounded in recognised legal bases, even though our primary operational jurisdiction is Curaçao and we target Australian users. EXPAND: We align our practices with widely accepted data protection principles (e.g. those found in the EU General Data Protection Regulation (GDPR) and comparable standards) to clarify why we process your information. REFLECT: Each processing purpose is typically supported by one or more of the legal grounds outlined below.

Performance of a Contract

• We process your identification, contact, account, gaming and payment data to:
  • Register and maintain your Redspin account.
  • Provide access to games and related functionality.
  • Process deposits, bets and withdrawals.
  • Administer bonuses, promotions and loyalty programs.
  • Provide customer support and resolve account-related issues.
• This processing is necessary to perform the contract between you and Redspin, as set out in our Terms and Conditions.

Compliance with Legal Obligations

• We are subject to regulatory and legal duties in our licensing and operating jurisdictions (for example, under Curaçao gambling and AML frameworks), and we also seek to respect applicable Australian requirements where feasible.
• To comply with these obligations, we may process your data to:
  • Verify your identity and age (KYC and age-verification checks).
  • Conduct AML, counter-terrorist financing and sanctions screening.
  • Keep appropriate transaction and account records for prescribed periods.
  • Assist competent authorities, regulators, courts and law enforcement when lawfully required to do so.

Legitimate Interests

• We rely on our legitimate interests to process personal data where these interests are not overridden by your rights and interests. These legitimate interests include:
  • Ensuring the security and integrity of our Website, systems and services.
  • Detecting, investigating and preventing fraud, money laundering, abuse of bonuses or promotional offers, or other prohibited conduct.
  • Monitoring and improving the performance, functionality and user experience of our Website.
  • Conducting statistical, trend and business analytics on an aggregated or pseudonymised basis.
  • Protecting and enforcing our legal rights and defending against claims.

Consent

• In certain cases, we rely on your consent to process your personal data, for example:
  • Sending you electronic marketing communications (email, SMS, push notifications) that are not strictly necessary for providing our services.
  • Using certain cookies or similar technologies for advertising or advanced analytics where such consent is required.
• You may withdraw your consent at any time, as described in the "Your Rights" and "Cookies & Tracking Technologies" sections. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Protection of Vital Interests and Others

• In rare situations, we may process data where necessary to protect your vital interests or those of others, for example where we reasonably believe there is an imminent and serious risk of harm and disclosure is required to protect life or physical integrity.

Purpose of Processing

OBSERVE: Personal data is collected and processed for specific, explicit and legitimate purposes. EXPAND: These purposes stem from the operation of an online casino service, our regulatory obligations and risk management needs. REFLECT: We do not process your personal data in ways that are incompatible with the purposes outlined below.

Provision and Management of Casino Services

• Creating, verifying and maintaining your Redspin account.
• Providing access to casino games, bet placement, wagering and result settlement.
• Managing deposits, withdrawals, refunds, chargebacks and financial reconciliation.
• Operating bonuses, promotions, loyalty programmes and VIP schemes.

Customer Support and Communication

• Responding to your enquiries, complaints and requests via email, live chat or other channels.
• Sending transactional or service messages concerning important account or service issues (e.g. changes to Terms, Privacy Policy, service interruptions, security alerts).

Service Improvement and Analytics

• Monitoring performance and usage of the Website to improve user experience, design and functionality.
• Conducting aggregated and pseudonymised analytics on betting patterns, game performance and promotional effectiveness to optimise our offerings.

Marketing and Personalisation

• Providing you, where permitted, with marketing communications about Redspin products, promotions and special offers by email or other channels.
• Customising content, bonuses and promotional offers displayed to you based on your preferences, behaviour and profile, subject to applicable laws and your consent where required.

Fraud Prevention, Security and Compliance

• Verifying your identity and age, and assessing risk associated with your account.
• Detecting, investigating and preventing fraud, payment abuse, money laundering, collusion, account takeover, bonus abuse or other illegal or prohibited activities.
• Maintaining the security and integrity of our IT systems and infrastructure.
• Complying with record-keeping, reporting and cooperation obligations towards regulators, tax authorities, courts and law enforcement in relevant jurisdictions.

Disclosure & Sharing

OBSERVE: Operating an online casino involves cooperation with various third parties for technical, financial, regulatory and marketing purposes. EXPAND: Data sharing is limited to what is necessary and proportionate for those purposes and is governed by contractual or legal safeguards. REFLECT: Below we explain with whom your data may be shared and under what circumstances.

Group Companies and Operational Partners

• We may share personal data with our affiliated or successor entities involved in running or supporting the Redspin brand and the Website, for purposes consistent with this Privacy Policy (e.g. centralised customer support, IT, finance or compliance functions).

Payment Service Providers and Financial Institutions

• To process deposits, withdrawals and refunds, we share relevant identification, account and transaction data with:
  • Payment processors, card schemes and acquiring banks.
  • E-wallet providers, prepaid card issuers and other payment intermediaries.
  • Correspondent and beneficiary banks involved in wire transfers.
• These providers process your information as independent controllers or processors, as determined by applicable law and our agreements with them.

Technical and Service Providers

• We use third-party service providers for:
  • Game software provision (e.g. RTG platform providers and related systems).
  • Website hosting, content delivery networks (CDNs) and data storage.
  • Security, DDoS protection and anti-fraud tools.
  • Customer support platforms, email delivery and communication systems.
  • Analytics, performance monitoring and advertising technology.
• Where such providers process personal data on our behalf, they are bound by contractual obligations to use the data only for our specified purposes, maintain confidentiality and implement appropriate security measures.

Regulators, Authorities and Dispute Bodies

• We may disclose personal data to:
  • Regulators and licensing authorities in our operating jurisdictions (e.g. Curaçao authorities or any successor body), where required or reasonably expected under relevant gambling and AML/CTF laws.
  • Australian authorities such as ACMA or other competent government or enforcement agencies when legally compelled or where we consider such cooperation appropriate and lawful.
  • Courts, arbitration bodies and legal advisers in connection with legal claims, debt recovery or regulatory investigations.
  • Third-party dispute resolution or mediation providers, where we voluntarily participate or where such participation is agreed with you (for example, general dispute services used by RTG-powered casinos or similar mediators).

Affiliates, Marketing and Advertising Partners

• We may share limited data (often pseudonymised or aggregated) with:
  • Affiliate partners who refer players to Redspin, for the purpose of tracking referrals, calculating commissions and verifying legitimate traffic.
  • Marketing and advertising networks, subject to your consent where legally required, to deliver and measure advertising campaigns.

Corporate Transactions

• In the event of a proposed or actual merger, acquisition, restructuring, transfer of business or insolvency, we may share or transfer personal data to prospective or actual purchasers or other relevant third parties, subject to confidentiality protections and only as far as permitted by law.

Other Disclosures

• We may also disclose your information where:
  • We have your explicit consent to do so; or
  • It is necessary to protect our rights, privacy, safety or property, or those of our players, staff, affiliates or the public.

International Transfers

OBSERVE: As an offshore operator, our data processing infrastructure and third-party providers may be located in multiple countries. EXPAND: This means that your information may be transferred to, stored in or accessed from jurisdictions that may not provide the same level of data protection as your home country. REFLECT: We apply reasonable safeguards to protect your personal data during such cross-border transfers.

Locations of Processing

• Your personal data may be processed in:
  • Curaçao or other Caribbean/Latin American jurisdictions where our core operations or hosting providers are located.
  • European Economic Area (EEA) countries and the United Kingdom, where some of our technology, payment, analytics or support partners may operate.
  • Other countries (including the United States or Asia-Pacific locations) where certain cloud providers, security services, game providers or communication platforms maintain their infrastructure.

Safeguards for International Transfers

• Where required by applicable data protection regimes, we seek to ensure that international transfers of personal data are subject to appropriate safeguards, which may include:
  • Standard contractual clauses (SCCs) or equivalent contractual mechanisms approved for international data transfers.
  • Technical measures such as encryption and pseudonymisation to reduce risks when data crosses borders.
  • Contractual obligations on recipients to maintain adequate security and handle the data in accordance with applicable privacy standards.
• Because our primary licensing and data hosting structures are offshore and not governed directly by Australian privacy law, some rights and remedies you may have under domestic regimes could be limited in practice.

By using the Website, you acknowledge that your personal data may be transferred to and processed in jurisdictions outside your country of residence, including jurisdictions that may have different data protection rules than those of your country.

Data Retention

OBSERVE: We hold personal data only for as long as necessary for the purposes for which it was collected and to meet legal, regulatory and risk management obligations. EXPAND: Different categories of data are subject to different retention periods, influenced by gambling, AML, tax and limitation period requirements. REFLECT: The retention framework below is indicative; in practice, specific periods may vary within reasonable limits.

General Retention Principles

• We retain personal data for:
  • The duration of your active relationship with us; and
  • An additional period necessary to:
    • Comply with applicable laws and regulations (including AML/CTF, gambling and financial record-keeping obligations).
    • Resolve disputes, enforce agreements and protect our legal rights.
    • Maintain appropriate business and accounting records.

Indicative Retention Periods

• Account, Identity and KYC Data: Typically kept for up to five (5) years after account closure or last transaction, or longer if required under AML/CTF or gambling regulations in relevant jurisdictions.
• Transaction and Payment Data: Retained for at least five (5) years from the date of the relevant transaction, or longer where necessary for financial records, audits or legal claims.
• Gaming and Behavioural Data: Generally maintained for the life of the account and for a period of up to five (5) years after closure, with some data aggregated or anonymised earlier for analytics.
• Technical Logs and Security Data: Stored for shorter periods (typically from several months up to two (2) years) unless longer retention is justified by ongoing security investigations or legal proceedings.
• Marketing Data: Retained for as long as you remain subscribed to our marketing communications and for a reasonable period thereafter (usually up to two (2) years) in order to demonstrate compliance with consent and opt-out requests.

Deletion and Anonymisation

• When data is no longer required, we will:
  • Securely delete or irreversibly anonymise it; or
  • Segregate and store it in a secure archive with restricted access where retention is still necessary for legal, regulatory or evidential reasons.
• We may retain anonymised or aggregated information for statistical, analytical or business planning purposes without further notice to you, as such data no longer identifies you.

Your Rights

OBSERVE: Players and visitors expect transparency and a degree of control over how their personal data is used. EXPAND: While our primary regulatory regime is not the GDPR or Mexican privacy law, we seek to align with widely recognised rights standards inspired by such regulations where reasonably practicable, acknowledging that enforceability may differ depending on your jurisdiction. REFLECT: The rights below describe how you can influence our handling of your personal data and how to exercise those rights in practice.

Overview of Rights

• Right of Access: You can request confirmation of whether we process your personal data and obtain a copy of such data, together with information about how we use it.
• Right to Rectification: You can request correction of inaccurate or incomplete personal data concerning you. In many cases, you can update certain details directly through your account settings.
• Right to Erasure: You can request that we delete your personal data in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected or where you have withdrawn consent and there is no other legal ground for processing.
• Right to Restriction of Processing: You can ask us to limit the processing of your data in specific situations, such as when you contest its accuracy or object to processing based on legitimate interests.
• Right to Object: Where we rely on legitimate interests for processing, you may object on grounds relating to your particular situation. You also have an unconditional right to object to the processing of your data for direct marketing purposes.
• Right to Data Portability: Where technically feasible and relevant, you may request that we provide certain personal data you have provided to us in a structured, commonly used and machine-readable format, and have it transmitted to another controller where applicable preconditions are met.
• Right to Withdraw Consent: Where processing is based on your consent (e.g. marketing or certain cookies), you can withdraw that consent at any time, without affecting the lawfulness of processing prior to withdrawal.

Regimes such as the EU GDPR and Mexico's Federal Law on the Protection of Personal Data Held by Private Parties (Ley Federal de Protección de Datos Personales en Posesión de los Particulares) and its regulations articulate these and similar rights (often referred to as ARCO rights in Mexico: Access, Rectification, Cancellation and Opposition). While Redspin is not directly subject to all elements of those laws in all cases, we endeavour, as a matter of policy, to honour comparable rights requests to the extent feasible, subject to applicable legal and regulatory constraints (for example, AML record-keeping requirements).

How to Exercise Your Rights

1. Submit Your Request: Send an email to [email protected] or [email protected] with the subject line "Privacy Request - ". Clearly indicate:
   • The specific right(s) you wish to exercise (e.g. access, rectification, erasure, restriction, objection, portability, withdrawal of consent).
   • Relevant details that will help us identify your account and process your request (e.g. username, registered email address, approximate registration or last login date).
2. Verification: For your protection, we may ask you to provide additional information or documentation to verify your identity before acting on your request, particularly for access, portability, or erasure requests.
3. Assessment and Response: We will review your request in light of our legal obligations, technical capabilities and legitimate business needs.
4. Timeframe: We aim to respond to your request within thirty (30) days of receipt of a complete and verifiable request. If your request is complex or we receive a high volume of requests, we may extend this period by an additional thirty (30) days, in which case we will inform you of the extension and reasons.
5. No Charge: We generally handle rights requests free of charge. However, where a request is manifestly unfounded or excessive (for instance, because of its repetitive character), we may either charge a reasonable fee or refuse to act on the request, consistent with applicable standards.

Please note that certain rights may not be fully exercisable where processing is strictly necessary for compliance with binding legal obligations (for example, mandatory AML record retention) or for the establishment, exercise or defence of legal claims. In such cases, we will explain the basis on which we cannot fully comply with your request.

Cookies & Tracking Technologies

OBSERVE: Cookies and similar technologies are essential to the functioning of an online casino platform and to improving user experience. EXPAND: These technologies can be used for a variety of purposes, from basic operation to advanced analytics and marketing. REFLECT: We describe the main types we use and how you can manage them.

Types of Cookies We Use

• Strictly Necessary / Functional Cookies (Session and Persistent):
  • Used to maintain your logged-in session, remember your language and region, process bets and transactions, and provide core Website functionality.
  • Without these cookies, the Website may not function correctly or you may be unable to use certain features.
• Performance and Analytics Cookies (First- and Third-Party):
  • Collect aggregated information about how visitors use the Website, such as which pages are visited, how long users stay on each page, and any error messages encountered.
  • Used to improve Website performance, design and user experience, and may include third-party analytics providers.
• Advertising and Targeting Cookies (Third-Party):
  • Used to deliver relevant advertisements to you on our Website or on third-party websites, to measure the effectiveness of marketing campaigns, and to limit how often you see a particular advertisement.
  • These cookies may be set by us or by our advertising partners and may involve the creation of a profile of your interests based on your browsing behaviour.

Other Tracking Technologies

• We may use web beacons, pixels, tags, scripts, SDKs and similar technologies in conjunction with cookies to:
  • Track email open rates and campaign performance.
  • Understand user flows and interactions within the Website.
  • Facilitate integration with third-party services.

Managing Cookies

• Browser Settings: Most web browsers automatically accept cookies but allow you to modify your browser settings to:
  • Block all cookies;
  • Block certain categories of cookies; or
  • Delete cookies when you close your browser.
  Please refer to your browser's help or settings menu for specific instructions. If you disable essential cookies, some parts of the Website may not function properly.
• Internal Tools: Where available, we may provide in-site cookie or privacy preference tools allowing you to opt in or out of certain categories of cookies (particularly analytics and advertising cookies).
• Third-Party Opt-Outs: Some third-party analytics and advertising providers offer their own opt-out mechanisms, which you can use in addition to our tools and your browser settings.

Data Security

OBSERVE: Operating an online gambling service involves processing sensitive financial and behavioural data that requires strong protection against loss, misuse and unauthorised access. EXPAND: We apply a combination of technical, organisational and procedural measures consistent with recognised industry practices. REFLECT: While no system can be guaranteed completely secure, the measures outlined below are designed to keep your data reasonably safe.

Technical Security Measures

• Encryption in Transit: We use Transport Layer Security (TLS) 1.2 or higher to protect data transmitted between your browser or device and our servers, helping to prevent interception or tampering.
• Encryption at Rest: Where appropriate, we apply encryption, hashing and tokenisation to personal data stored on our systems and in backups, particularly for authentication and financial-related information.
• Access Controls and Authentication: Access to personal data is restricted using role-based access controls, strong authentication mechanisms and logging. Access is granted only to personnel and service providers who require it for legitimate business purposes.
• Network and Infrastructure Security: We utilise firewalls, intrusion detection and prevention systems, DDoS mitigation tools and other network security technologies to monitor, detect and respond to potential threats.

Organisational and Procedural Measures

• Internal Policies: We maintain internal policies and procedures covering data protection, information security, acceptable use and incident response, which are communicated to relevant staff.
• Staff Training: Employees with access to personal data receive regular training on privacy and security obligations, including secure handling of data, phishing awareness and incident reporting.
• Vendor Due Diligence: We conduct reasonable checks on key third-party providers, including their security and data protection practices, and require contractual safeguards where they process data on our behalf.
• Security Reviews: We periodically review our security controls and may commission external assessments or audits (e.g. in connection with RTG platform security practices or data centre certifications). While we may align with elements of standards such as ISO 27001 or SOC 2 through our partners, we do not claim full certification of Redspin itself unless explicitly stated on the Website.

Incident Response

• If we become aware of a security incident that leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your personal data, we will:
  • Take appropriate steps to contain and remedy the incident;
  • Assess the potential impact and risk to individuals; and
  • Where required by applicable law and feasible in our operational context, notify affected users and/or relevant authorities.

Complaints & Contacts

OBSERVE: Users require clear channels to raise questions or concerns about how their personal data is handled. EXPAND: While our primary operations are offshore, we provide reasonable mechanisms for complaint handling and, where possible, point to supervisory or consumer protection bodies that may assist you. REFLECT: The procedure below explains how to contact us and how we handle privacy-related complaints.

Contacting Us

• Primary Privacy and Support Contact: [email protected]
• Secondary / General Enquiries: [email protected]

In your communication, please clearly indicate that your message concerns "Privacy" or "Data Protection" to ensure it is promptly directed to our Data Protection Officer or appropriate privacy contact.

Internal Complaint Procedure

1. Submission: Send a detailed description of your concern or complaint to our privacy contact email(s). Include your account details (username and registered email), relevant dates, and any supporting documentation.
2. Acknowledgement: We aim to acknowledge receipt of your complaint within seven (7) business days.
3. Investigation: Your complaint will be reviewed by our Data Protection Officer or a designated member of our compliance team. We may request additional information from you if required to understand or verify the issues raised.
4. Response: We endeavour to provide a substantive response within thirty (30) days of receiving a complete complaint. If our investigation requires more time due to complexity, we will inform you of the delay and provide an updated timeframe.
5. Follow-Up: If you are not satisfied with our response, you may ask for your complaint to be escalated internally for further review.

Escalation to Authorities

Please note that as an offshore operator without an Australian licence, oversight and enforcement mechanisms may differ from those that apply to domestically licensed services. Nevertheless, depending on your location, you may have the option to contact relevant supervisory or consumer protection authorities, for example:

• Australian Communications and Media Authority (ACMA): For concerns regarding the offering of interactive gambling services to Australian residents, you may contact ACMA or consult the resources on its website: https://www.acma.gov.au.
• Other Data Protection or Consumer Authorities: If you are located in a jurisdiction with a dedicated data protection authority (for example, an EU Member State or Mexico's National Institute for Transparency, Access to Information and Personal Data Protection - INAI), you may have the right to lodge a complaint with such authority regarding our handling of your personal data. Contact details can usually be found on the website of the relevant authority in your country.

We emphasise that the availability, scope and effectiveness of such external remedies may vary because we are not licensed or established under Australian domestic gambling law and may not be directly subject to all foreign data protection regimes.

Updates

OBSERVE: Our services, legal environment and internal practices may evolve over time, especially given ongoing changes to online gambling regulations in Curaçao, Australia and globally. EXPAND: We therefore need to update this Privacy Policy periodically. REFLECT: The update mechanisms below ensure that you remain informed about material changes that may affect your rights or how your data is processed.

How We Notify You of Changes

• Website Publication: The current version of this Privacy Policy will always be available on redspin-aussie.com. We will indicate the "Last updated" date at the top or bottom of the Policy.
• Direct Notifications: For material changes that significantly affect how we process your personal data or your rights, we may:
  • Send you an email notification to the address associated with your account; and/or
  • Display prominent notices or banners on the Website or in your account dashboard.

Advance Notice and Consent

• Where feasible and appropriate, we will provide at least thirty (30) days' advance notice of significant changes, particularly where changes require new consents or materially alter existing practices.
• If you do not agree with the revised Privacy Policy, you may choose to:
  • Stop using the Website and close your account; and
  • Exercise any applicable rights under this Privacy Policy, such as requesting deletion or restriction of your personal data, subject to legal and regulatory retention requirements.

Version Control

• We may maintain an internal record of previous versions of this Privacy Policy and, where appropriate, provide a brief summary of material changes (for example, new categories of data collected, new purposes of processing, or new types of recipients).

Last updated: January 2026.