burger icon
Sky Crown Review Australia

Privacy Policy

This Privacy Policy explains how Sky Crown, operated via the website skycrownbet-au.com (the "Website"), collects, uses, discloses, and protects personal information of players and other visitors from Australia and elsewhere. It applies to anyone who accesses or uses the Website, whether or not they register an account or place bets. By using the Website, you acknowledge that you have read and understood this Privacy Policy. This Privacy Policy is effective as of 1 January 2026 and supersedes any previous versions published on the Website.

Who We Are

OBSERVE: Identify the legal entities behind Sky Crown and provide clear contact points for privacy matters.

EXPAND: Connect the operational, licensing, and payment-processing structures to ensure transparency about who handles users' data.

REFLECT: Present a concise but complete description of the controller and key partners handling personal data.

The Website associated with Sky Crown and branded as "Sky Crown" at skycrownbet-au.com is operated by:

  • Operator: Hollycorn N.V., a private limited liability company incorporated under the laws of Curaçao
  • Registration number: 144359
  • Registered / legal address: Heelsumstraat 51, E-Commerce Park, Curaçao
  • Gaming licence: Antillephone N.V. licence no. 8048/JAZ2019-015, Curaçao, currently valid and extended to 2026

Certain payment-processing and merchant-of-record services related to the Website may be provided by:

  • Payment partner / merchant of record: Libergos Ltd
  • Registration number: HE 371971
  • Registered address: Boumpoulinas, 1-3, BOUBOULINA BUILDING, Flat/Office 42, 1060, Nicosia, Cyprus

For the purposes of data protection law, Hollycorn N.V. is generally the data controller for processing of personal data in connection with Sky Crown on skycrownbet-au.com. Libergos Ltd may act as a joint controller or processor in relation to payment and billing data, depending on the specific transaction.

Data Protection Contact

  • Data protection / privacy contact: Data Protection Officer (DPO), Hollycorn N.V.
  • Email (primary): [email protected]
  • Email (general information): [email protected]
  • Postal address for privacy matters: Data Protection Officer, Hollycorn N.V., Heelsumstraat 51, E-Commerce Park, Curaçao

Please specify "Privacy" or "Data Protection" in the subject line of your email or postal correspondence so that your request can be routed appropriately.

What Personal Data We Collect

OBSERVE: Identify all data types collected from Website users and players.

EXPAND: Cover both direct and indirect identifiers, technical and behavioural information, and data from cookies and payments.

REFLECT: Categorise data in an accessible structure that aligns with applicable privacy standards.

Account and Identification Data

  • Registration data: full name, date of birth, country of residence, address details, email address, mobile/phone number, chosen username, password or other login credentials.
  • Verification / KYC data: copies or scans of identity documents (e.g. passport, ID card, driver's licence), proof of address (e.g. utility bill, bank statement), selfies or live video for identity checks, and any information required to comply with know-your-customer (KYC) and anti-money laundering (AML) obligations.

Technical and Usage Data

  • Technical identifiers: IP address, device identifiers, browser type and version, operating system, language settings, time zone, screen resolution, and similar technical information.
  • Log data: login and logout times, session duration, pages viewed, referring URL, clickstream data, error logs, and other actions taken on the Website.

Payment and Financial Data

  • Transaction data: payment method used, partial card details or tokenised identifiers (where applicable), e-wallet or payment account identifiers, transaction dates, amounts, currencies, refunds, chargebacks, and bonuses or promotional credits applied.
  • Payment verification: information required by payment providers for fraud prevention and regulatory compliance, which may include limited financial information and confirmation of funding sources.

Behavioural and Gambling-Related Data

  • Gaming and betting history: games played, stakes, wins and losses, bet types, frequency and duration of play, bonuses used, loyalty points, and other in-game decisions.
  • Interaction data: clicks, scrolling, navigation patterns, and responses to on-site messages or offers.
  • Responsible gambling data: self-exclusion settings, deposit or loss limits, cooling-off periods, and any communications or assessments relating to responsible gambling.

Communications and Support Data

  • Support communications: content of emails, live chats, or other messages sent to [email protected] or [email protected], including recordings or transcripts where applicable.
  • Feedback and surveys: responses to questionnaires, reviews, or customer satisfaction surveys.

Cookies and Similar Technologies

  • Cookies: small text files stored on your device to recognise your browser and remember your preferences.
  • Web beacons / pixels: small graphic files used to track usage patterns or measure campaign effectiveness.
  • Device and tracking identifiers: identifiers provided by your device or browser that allow us or third parties (e.g. analytics or advertising networks) to recognise your device over time.

Where required by applicable law, we will seek your consent before setting or reading cookies that are not strictly necessary for the functioning of the Website.

Legal Basis for Processing

OBSERVE: Identify the legal grounds on which personal data is processed.

EXPAND: Align processing bases with international standards such as GDPR, noting that the service is operated under Curaçao law but accessed from Australia and other jurisdictions.

REFLECT: Clearly map categories of processing to specific legal bases, including consent, contract, legal obligation and legitimate interests.

Performance of a Contract

We process personal data where it is necessary to enter into and perform our agreement with you, including:

  • creating and managing your player account;
  • providing access to games, promotions and related services;
  • processing deposits, wagers and withdrawals;
  • providing customer support and responding to your queries;
  • verifying your identity and eligibility to use the Website.

Compliance with Legal and Regulatory Obligations

We process personal data to comply with applicable legal obligations in relevant jurisdictions, including but not limited to:

  • anti-money laundering (AML), counter-terrorist financing (CTF) and fraud-prevention regulations;
  • know-your-customer (KYC) and age verification requirements;
  • record-keeping, accounting and tax obligations for Hollycorn N.V. and, where applicable, Libergos Ltd;
  • obligations imposed by our Curaçao gaming licence (Antillephone N.V. 8048/JAZ2019-015), including reporting to regulators and responding to lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided that such interests are not overridden by your fundamental rights and freedoms. These legitimate interests include:

  • securing and protecting the integrity of the Website, our systems and players' accounts;
  • preventing, detecting and investigating fraud, abuse, bonus misuse, and other unlawful or suspicious activities;
  • conducting statistical analysis, analytics and reporting to improve our services, user experience, and business operations;
  • defending and exercising legal claims and managing legal disputes;
  • ensuring effective administration of our operations and compliance programmes.

Consent

In certain situations, we rely on your consent to process personal data, for example:

  • sending you marketing communications by email, SMS or other electronic means, where required by law;
  • using non-essential cookies and similar technologies for analytics and advertising purposes;
  • processing sensitive information, if ever applicable, where local law requires explicit consent.

You can withdraw your consent at any time as described in the "Your Rights" and "Cookies & Tracking Technologies" sections. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Purpose of Processing

OBSERVE: Identify the specific reasons we use personal data.

EXPAND: Link purposes to service delivery, regulatory compliance, security, analytics and marketing.

REFLECT: Provide clarity so users understand why each category of data is processed.

Service Provision and Account Management

  • To create, verify and manage your player account.
  • To operate the Website and offer games, betting and related services.
  • To process deposits, bets, winnings and withdrawals.
  • To provide technical and customer support, including troubleshooting and incident resolution.

Security, Integrity and Fraud Prevention

  • To monitor and protect the security of the Website, our systems and your account.
  • To detect and prevent fraud, collusion, money laundering, bonus abuse and other prohibited activities.
  • To investigate and respond to security incidents, complaints or disputes.

Legal and Regulatory Compliance

  • To carry out checks required by AML/CTF and KYC legislation.
  • To retain records for auditing, accounting, tax and regulatory reporting.
  • To comply with orders and requests from courts, law enforcement and licensing authorities.

Analytics and Service Improvement

  • To analyse performance and usage of the Website, games and features.
  • To enhance user experience, develop new features and optimise site performance.
  • To compile aggregated or anonymised statistics that no longer identify individuals.

Marketing and Personalisation

  • To send promotional offers, bonuses and newsletters where permitted by law and, where required, based on your consent.
  • To personalise content and offers based on your profile, activity and preferences.
  • To measure the effectiveness of marketing campaigns and promotions.

Disclosure & Sharing

OBSERVE: Identify third parties and categories of recipients to whom data may be disclosed.

EXPAND: Include payment processors, service providers, group entities, regulators and advertising partners, with conditions and safeguards.

REFLECT: Provide transparent information on when and why data is shared, including cross-border elements.

Group Companies and Operational Partners

  • Hollycorn N.V. and affiliates: Personal data may be shared within Hollycorn N.V. and its affiliated entities when necessary for operations, support, risk management, compliance and internal administration.
  • Libergos Ltd (Cyprus): Payment-processing and merchant-of-record services, transaction reconciliation, chargeback handling, fraud prevention and regulatory compliance.

Payment Service Providers and Financial Institutions

  • Banks, card schemes, e-wallet providers, payment gateways and other financial intermediaries that process your deposits and withdrawals.
  • These entities process your payment and limited personal data in accordance with their own legal obligations and privacy policies.

Service Providers and Contractors

We engage third-party service providers who act on our instructions to support Website operations, including:

  • IT hosting, cloud and infrastructure providers;
  • customer support platforms and communication tools;
  • identity verification, KYC and AML screening providers;
  • analytics services and tools for performance monitoring;
  • security, anti-fraud and risk-management providers.

These providers are bound by contractual obligations to protect personal data and use it only for the specified purposes.

Regulators, Law Enforcement and Public Authorities

  • Gaming regulators and licensing authorities in Curaçao or other relevant jurisdictions.
  • Law enforcement agencies, courts, governmental or regulatory bodies that lawfully request information.
  • Authorities responsible for enforcing local gambling laws, including in Australia and other countries where access may be restricted, subject to applicable law.

Affiliates, Marketing and Advertising Partners

  • Affiliates and marketing partners who refer players to the Website for commission or performance-based arrangements.
  • Advertising networks and digital marketing providers that may use cookies and similar technologies to deliver or measure advertising, where permitted by law and, where required, with your consent.

Corporate Transactions

  • In the event of a merger, acquisition, sale of assets, reorganisation, restructuring, or insolvency, personal data may be transferred as part of the transaction, subject to appropriate safeguards.

Other Disclosures

  • Where necessary to protect our rights, privacy, safety or property, and/or that of our users or others.
  • Where we have obtained your explicit consent to a specific disclosure.

International Transfers

OBSERVE: Identify cross-border flows of data between Curaçao, Cyprus, Australia and other locations.

EXPAND: Explain safeguards such as contractual protections and industry-standard security measures.

REFLECT: Clarify that data may be processed globally while striving to maintain an adequate level of protection.

Due to the international nature of online gambling services, personal data collected in connection with Sky Crown may be transferred to, stored in and processed in multiple countries, including:

  • Curaçao: where Hollycorn N.V. is established and licensed, and where core operational and compliance functions are performed.
  • Cyprus: where Libergos Ltd and certain payment-processing and support services are located.
  • Other countries: where our hosting providers, IT service providers, analytics providers, or support teams are based, which may include locations in the European Economic Area (EEA) and outside it.

Where we transfer personal data across borders, we take reasonable steps to ensure that an adequate level of protection is provided in accordance with applicable data protection principles. These steps may include:

  • entering into data-processing agreements and, where relevant, standard or model contractual clauses with service providers and partners;
  • conducting due diligence and risk assessments on third parties' data protection and security practices;
  • implementing appropriate technical and organisational security measures to protect data in transit and at rest.

Because our operations are based in Curaçao, your data may not benefit from the same level of statutory protection available in some other jurisdictions. By using the Website, you acknowledge these international transfers and consent to them where required by law.

Data Retention

OBSERVE: Define how long different types of data are kept and the criteria used.

EXPAND: Reconcile operational and regulatory requirements (e.g. AML, licence conditions) with data minimisation principles.

REFLECT: Provide clear guidance so users understand typical retention periods and deletion triggers.

General Retention Principles

  • We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, regulatory, accounting and reporting requirements, resolving disputes, and enforcing our agreements.
  • Where laws or licensing conditions in Curaçao or other relevant jurisdictions impose specific minimum retention periods (particularly for AML, CTF, KYC and transactional records), we retain the relevant data for at least those periods.

Indicative Retention Periods

  • Account and identification data: typically retained for the duration of your account and for up to five (5) years after closure of your account, unless a longer period is required for legal or regulatory reasons.
  • KYC and verification documents: generally retained for at least five (5) years after the end of the business relationship or the date of the last transaction, in line with AML/CTF obligations.
  • Transaction and gambling history: kept for at least five (5) years after account closure or last activity to meet regulatory, taxation, dispute-resolution and anti-fraud requirements.
  • Marketing data: retained until you opt out of marketing communications or withdraw consent, after which it may be kept in a suppression list to respect your preference.
  • Technical logs and security data: retained for a period typically ranging from six (6) months to five (5) years, depending on the type of log and security relevance.

Deletion and Anonymisation

  • When personal data is no longer required for its original purposes or to meet legal obligations, we will securely delete, anonymise or aggregate it so that it no longer identifies you.
  • Where deletion is not technically feasible in a timely manner, we will take steps to securely store the data and isolate it from further active use until deletion is possible.
  • We may retain anonymised or aggregated data indefinitely for analytics, research and statistical purposes, provided it does not identify any individual.

Your Rights

OBSERVE: Identify the key privacy rights recognised by internationally accepted standards such as the GDPR, as a benchmark for good practice.

EXPAND: Explain how users can exercise rights including access, rectification, erasure, restriction, objection, portability and withdrawal of consent, along with timeframes and cost.

REFLECT: Provide a rights framework that, while the service is operated from Curaçao, is broadly aligned with high-level global privacy principles.

Overview of Rights

Subject to applicable law and certain limitations, you may have the following rights in relation to your personal data:

  • Right of access: to obtain confirmation of whether we process your personal data and, if so, to receive a copy and certain information about how it is processed.
  • Right to rectification: to request correction of inaccurate or incomplete personal data.
  • Right to erasure: to request deletion of personal data in certain circumstances, for example where it is no longer needed for the purposes for which it was collected, or where processing is based solely on your consent and you withdraw that consent.
  • Right to restriction of processing: to request that we limit processing of your data in certain circumstances, such as while we verify its accuracy or consider an objection.
  • Right to object: to object to processing based on our legitimate interests, on grounds relating to your particular situation, and to object at any time to processing for direct marketing purposes.
  • Right to data portability: to receive certain data in a structured, commonly used and machine-readable format and to request that we transmit it to another controller, where technically feasible and applicable.
  • Right to withdraw consent: where processing is based on your consent, you may withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

How to Exercise Your Rights

  1. Submit a request: Send an email to [email protected] or [email protected] with "Data Subject Request" in the subject line, or write to the postal address indicated in the "Who We Are" section.
  2. Provide identification: For security and confidentiality, we may ask you to provide information reasonably necessary to verify your identity before acting on your request.
  3. Clarify scope: Indicate which right(s) you wish to exercise and provide relevant details (for example, the specific data you want to access or correct).

Response Timeframes and Cost

  • We aim to respond to your request within one (1) month (30 calendar days) of receipt. Where requests are particularly complex or numerous, this period may be extended in accordance with applicable standards, in which case we will inform you of any extension and the reasons for it.
  • We will handle your request free of charge. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded, excessive or repetitive, where permitted by applicable principles.

Please note that your rights may be limited where the exercise of a right would conflict with our legal obligations (for example, retaining certain data for AML/CTF, tax or regulatory reasons), the rights and freedoms of others, or ongoing legal proceedings.

Cookies & Tracking Technologies

OBSERVE: Identify the types of cookies and tracking technologies used on the Website.

EXPAND: Explain their purposes and how users can manage or disable them.

REFLECT: Provide a transparent overview, consistent with good practice cookie standards.

Types of Cookies We Use

  • Session cookies: temporary cookies that are stored on your device only while your browser session is active. They enable core functionality such as keeping you logged in as you navigate the Website and ensuring correct page display.
  • Persistent cookies: cookies that remain stored on your device for a specified period or until you delete them. They remember your preferences (e.g. language or game settings) and help us recognise you on subsequent visits.
  • First-party cookies: cookies set directly by skycrownbet-au.com to enable essential Website functions and improve user experience.
  • Third-party cookies: cookies set by external service providers such as analytics tools, advertising networks or affiliate partners to measure performance, prevent fraud or display relevant ads on other websites.

Purposes of Cookies and Tracking

  • Strictly necessary / functional: required for the Website to function correctly, including login authentication, security features, and enabling transactions or preferences essential for the service.
  • Performance and analytics: used to collect aggregated information about how visitors use the Website (pages visited, time spent, errors encountered) so we can improve performance and usability.
  • Advertising and marketing: used to deliver or measure advertising, track the success of campaigns, and tailor promotional content based on your interests and activity, where permitted by law.

Managing Cookies

  • Browser settings: Most web browsers allow you to manage cookies through their settings, including blocking or deleting cookies. Please note that disabling certain cookies may affect the functionality and performance of the Website.
  • In-site controls: Where available, we may provide in-site controls (such as a cookie banner or preference centre) that allow you to manage non-essential cookies, including analytics and advertising cookies.
  • Third-party opt-outs: Some third-party providers offer their own opt-out mechanisms or tools; you should review their privacy and cookie policies for more information.

Data Security

OBSERVE: Identify the security measures in place to protect personal data.

EXPAND: Cover technical, organisational and procedural safeguards, including incident response and staff training.

REFLECT: Provide assurance about our security posture while avoiding promises that exceed what can reasonably be guaranteed.

Technical Security Measures

  • Encryption in transit: We use TLS 1.2 or higher to encrypt data transmitted between your browser and our servers, helping to protect it from interception.
  • Encryption at rest: Where feasible, sensitive data is stored using industry-standard encryption or tokenisation techniques to reduce the risk of unauthorised access.
  • Access controls: Access to personal data is restricted to authorised personnel and service providers who require it for their duties and are subject to confidentiality obligations.
  • Network and system security: We utilise firewalls, intrusion detection and prevention systems, anti-malware tools and other controls to help protect our infrastructure.

Organisational and Procedural Safeguards

  • Policies and procedures: We maintain internal policies and procedures for data protection, information security, incident management and access control.
  • Staff training: Employees and contractors who handle personal data receive appropriate training on data protection and security requirements and are required to follow our policies.
  • Vendor management: We conduct due diligence on key suppliers and service providers who process personal data on our behalf and require them to implement suitable security measures through contractual arrangements.
  • Security reviews: We periodically review our security controls and may conduct assessments or audits, internally or with qualified third parties, to evaluate effectiveness.

Incident Response

  • We maintain processes for identifying, assessing and responding to potential data breaches or security incidents.
  • In the event of a data breach involving your personal data, we will take all reasonably appropriate steps to mitigate the impact and to comply with applicable notification obligations.

While we take reasonable measures to protect your personal data, no system or transmission is completely secure. You are responsible for maintaining the confidentiality of your login credentials and for ensuring that your devices are appropriately protected.

Complaints & Contacts

OBSERVE: Provide users with clear channels to raise questions or complaints about privacy.

EXPAND: Describe the internal complaint process and available escalation paths to relevant authorities, where applicable.

REFLECT: Encourage users to contact us first while acknowledging their right to approach supervisory bodies.

Contacting Us

If you have questions, comments or concerns about this Privacy Policy or our handling of your personal data, you may contact us using any of the following channels:

  • Email (support): [email protected]
  • Email (general information): [email protected]
  • Postal address: Data Protection Officer, Hollycorn N.V., Heelsumstraat 51, E-Commerce Park, Curaçao

Internal Complaint Procedure

  1. Submission: Send your complaint or enquiry to one of the contact points listed above, describing in detail the issue you are raising and including any relevant supporting information.
  2. Acknowledgement: We will aim to acknowledge receipt of your complaint within seven (7) working days.
  3. Investigation: We will review your complaint, which may include consultation with internal teams or relevant service providers, and we may request additional information from you if needed.
  4. Response: We will endeavour to provide a substantive response within one (1) month (30 calendar days) of receiving your complaint or of receiving any additional information requested from you.
  5. Further steps: If you are not satisfied with our response, you may request that the matter be escalated internally for further review.

Escalation to Authorities

The Website is operated under the laws of Curaçao, and there may not be a dedicated local data protection authority comparable to that in some other jurisdictions. Depending on your location, you may have the right to lodge a complaint with your local data protection or consumer protection authority, or with relevant gambling regulators, if you believe your rights have been infringed.

Without limiting the generality of the above, users located in the European Union or other regions with dedicated data protection authorities may contact the authority in their country of residence, place of work or place of alleged infringement, where applicable. We encourage you, however, to contact us first so we can attempt to resolve your concerns directly.

Updates

OBSERVE: Acknowledge that privacy practices and legal requirements evolve over time.

EXPAND: Describe how users will be informed of changes, including notice periods for material updates.

REFLECT: Provide transparency by indicating version control and user options if they disagree with changes.

Changes to This Privacy Policy

We may update or modify this Privacy Policy from time to time, for example to reflect changes in our practices, technologies, legal or regulatory requirements, or other operational reasons.

Notification of Changes

  • When we make material changes, we will take reasonable steps to notify you in advance, which may include:
    • sending an email notification to the address associated with your account;
    • displaying a prominent notice or banner on the Website;
    • providing notices within your account dashboard (where applicable).
  • We will generally provide at least thirty (30) days' notice before material changes take effect, unless immediate implementation is required by law or necessary to protect the Website, our players or others.

Version Control and Effective Date

  • The "Last updated" date at the end of this Privacy Policy indicates when it was most recently revised.
  • Earlier versions may be archived and made available upon reasonable request, where practicable.

Your Options in Case of Changes

  • If you do not agree with the updated Privacy Policy, you should discontinue use of the Website and may request closure of your account by contacting [email protected].
  • Continued use of the Website after the effective date of any changes will constitute your acknowledgment of the updated Privacy Policy.

Last updated: January 2026