ClickAndPlayGames.com (the “Platform”) is made available through the website at https://clickandplaygames.com (the “Website”). The Website and any related pages, games, features, content and functionalities that link to this Privacy Policy are referred to in this Privacy Policy as the “Services”. The Services are operated by DATAFORGE INNOVATIONS LTD, whose registered office is at 167-169 Great Portland Street, 5th Floor, London, England, W1W 5PF (the “Operator”, “we”, “us” or “our”).
This Privacy Policy describes how personal information is collected, held, used and disclosed in connection with the Services. This Privacy Policy is intended to comply with applicable Australian privacy laws and authoritative guidance, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (“APPs”), and to reflect guidance issued by the Office of the Australian Information Commissioner (“OAIC”). This Privacy Policy also addresses relevant Australian electronic marketing requirements (including the Spam Act 2003 (Cth)) and transparency expectations for analytics, security, fraud prevention, measurement and advertising technologies used in connection with online services.
This Privacy Policy applies when you:
- visit the Website or any other website or page we operate that links to this Privacy Policy;
- access and use our free-to-play, browser-based simulated casino-style games and related entertainment content; or
- communicate with us in any manner, including enquiries, feedback submissions, complaints, rights requests, advertising opt-out requests, or formal legal correspondence.
THE SERVICES ARE PROVIDED FOR ENTERTAINMENT PURPOSES ONLY. GAMEPLAY USES VIRTUAL CREDITS OR IN-GAME CURRENCY ONLY. NO ACCOUNT REGISTRATION OR LOGIN IS PROVIDED OR REQUIRED. NO PAYMENTS, SUBSCRIPTIONS OR PURCHASES ARE ACCEPTED OR PROCESSED. THE SERVICES DO NOT OFFER REAL-MONEY GAMBLING, WAGERING, BETTING, DEPOSITS, WITHDRAWALS, CASH PRIZES OR ANY “MONEY’S WORTH” FEATURES.
We implement reasonable technical, administrative and physical safeguards designed to protect personal information and to ensure that our practices are lawful, appropriate and transparent. We seek to apply data minimisation and purpose limitation consistent with Australian regulatory expectations.
If you wish to contact us in connection with this Privacy Policy or any privacy matter (including advertising preferences and opt-out requests), you must do so using the channels specified in Section 12 (CONTACT DETAILS AND DATA ENQUIRIES).
ADULT-ONLY SERVICES. The Services are intended solely for adult users. You must be at least eighteen (18) years of age to access or use the Services. Individuals who do not meet this requirement are not permitted to access or use the Services.
AUSTRALIAN SERVICES. The Services are Australia-facing and intended to be accessed and used in Australia. We may restrict access from locations outside Australia and may process limited location information derived from your IP address for compliance, security and service administration purposes.
By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy and our Terms of Service. Where we rely on consent (including for certain cookies and similar technologies), we will seek to obtain that consent through an appropriate notice and choice mechanism. Where we rely on other lawful bases recognised under applicable Australian law, we will handle personal information as described in this Privacy Policy and in accordance with applicable law.
We collect and handle personal information that you provide to us voluntarily and information that is collected automatically when you access or interact with the Services. The categories of personal information we handle are limited to what is reasonably necessary for the operation, security, functionality, measurement, advertising compliance and lawful administration of the Services.
“Personal information” has the meaning given in the Privacy Act 1988 (Cth). Information that does not identify you (including aggregated or de-identified information) is not personal information. However, online identifiers and technical data may constitute personal information where they can reasonably identify you, directly or indirectly.
You are responsible for ensuring that any personal information you provide is accurate, complete and up to date.
We collect, use and disclose personal information only for specific, identified and appropriate purposes, and only where permitted under applicable Australian law. The purposes for which we may handle personal information include the following:
- To provide and operate the Services:
We may process technical and usage information to deliver the games and entertainment content made available through the Services and to fulfil core operational functions (including delivering pages, serving content, maintaining functionality and ensuring technical compatibility).
- To respond to enquiries and provide support:
We may process personal information contained within enquiries, complaints, feedback, advertising preference requests, rights requests or other correspondence submitted through our contact channels in order to address your request, answer questions, manage user interactions and provide appropriate support.
- To send administrative communications:
Where reasonably necessary, we may use your contact details to send notices regarding updates to our terms, policies, operational notices, security notifications, compliance information or other service-related communications. If we offer optional marketing communications in the future, we will send such communications only where we have a lawful basis (including consent where required) and we will provide a straightforward means to unsubscribe, consistent with the Spam Act 2003 (Cth).
- To maintain the security and integrity of the Services:
We may process personal information as part of our efforts to safeguard the Services, prevent abuse, detect and mitigate fraud, protect against malicious activity, and maintain the stability and reliability of our systems. This may include the use of security logs, rate limiting, bot detection and similar measures.
- To operate analytics, performance measurement and service optimisation:
Subject to your choices and any consent requirements that apply, we may process technical and usage data to analyse how the Services are accessed and used, to identify trends, improve user experience, optimise performance, troubleshoot issues and administer internal reporting. This may include cookies and similar technologies described in Section 4.
- To conduct advertising measurement and remarketing, where enabled:
Subject to your choices and any applicable consent requirements, we may use online identifiers and technical data to measure advertising performance, attribute conversions, limit frequency, prevent fraud, and conduct remarketing and personalised advertising. Sensitive information is not used for advertising targeting or remarketing.
- To comply with legal and regulatory obligations and to protect legal interests:
We may process personal information to comply with applicable Australian laws, respond to lawful requests from courts, regulators or enforcement authorities, and to establish, exercise or defend legal rights.
- To manage quality, compliance and enforcement:
We may process personal information where reasonably necessary to review submissions, address reported issues, investigate misuse, enforce our Terms of Service, and maintain appropriate standards for the operation and governance of the Services.
We do not process personal information for user account creation, authentication, purchases, order fulfilment, payment processing or commercial transactions, as no such functions are offered by the Services.
Lawful bases
We handle personal information where it is reasonably necessary for, or directly related to, our functions or activities, and in accordance with the APPs. Where required by law or best practice (including for certain cookies and advertising technologies), we will seek your consent through an appropriate notice and choice mechanism.
We will not use personal information for a purpose that is materially different from the purposes described in this Privacy Policy without providing additional notice and, where required, obtaining additional consent.
We may disclose personal information to third parties only where reasonably necessary for the lawful operation of the Services, compliance with applicable legal obligations, protection of our legitimate interests, or where you have instructed or authorised such disclosure. Personal information is not disclosed for purposes that are incompatible with the purposes for which it was collected.
Disclosure may occur to the following categories of recipients:
(a) Infrastructure, hosting and technical service providers
We may disclose personal information to service providers that support the operation of the Services, such as hosting providers, content delivery networks, security providers, data storage vendors, and technical contractors engaged to provide reliable and secure support for the Services.
(b) Analytics and measurement providers
Subject to your choices and any applicable consent requirements, we may disclose technical usage information to analytics and measurement providers for performance measurement, aggregated analytics, service optimisation and diagnostics. Where reasonably practicable, we seek to use pseudonymised, aggregated or de-identified data for these purposes.
(c) Advertising and attribution partners
Where enabled and subject to your choices and any applicable consent requirements, we may disclose limited personal information and online identifiers to advertising and attribution partners for the purposes of:
- conversion tracking and attribution;
- advertising measurement and reporting;
- remarketing and personalised advertising; and
- fraud prevention and integrity monitoring.
We do not disclose sensitive information for advertising targeting or remarketing. We do not knowingly use advertising technologies to target minors.
(d) Legal, regulatory and governmental authorities
We may disclose personal information where required or permitted to comply with applicable law, a lawful request, court order, warrant or statutory duty, including disclosures to law enforcement, regulatory bodies and governmental departments.
(e) Professional advisers
We may disclose personal information to professional advisers (including legal, compliance, audit and risk advisers) where reasonably necessary to obtain advice, manage risk, protect our rights, or resolve regulatory, legal or contractual matters.
(f) Business succession and transactions
We may disclose personal information to prospective or actual purchasers, investors, lenders or successors in connection with any proposed or actual merger, acquisition, restructuring, financing or transfer of all or part of the Services, to the extent that such disclosure is reasonably necessary to facilitate due diligence, complete the transaction, or ensure operational continuity. Any such disclosure will be subject to appropriate confidentiality and security measures.
Service provider requirements and controls
Where we disclose personal information to service providers, we take reasonable steps to require that such recipients:
- use personal information only for purposes consistent with the services they provide to us;
- protect personal information with appropriate safeguards; and
- notify us of security incidents as required by applicable contracts or law.
We do not sell personal information and we do not rent or trade personal information to third parties.
Cross-border processing and overseas disclosures
Our service providers may process personal information outside Australia. Where personal information is processed outside Australia, it may be subject to the laws of the jurisdiction in which it is processed, and may be accessible to law enforcement or national security authorities in that jurisdiction in accordance with applicable laws.
We take reasonable steps to protect personal information processed by service providers outside Australia, including through contractual measures, due diligence, and safeguards appropriate to the sensitivity of the information and the context. Where required by the Privacy Act 1988 (Cth) (including APP 8), we will take reasonable steps to ensure that overseas recipients handle personal information in a manner consistent with the APPs, or we will otherwise handle overseas disclosures in accordance with applicable legal requirements.
The Website may use cookies and similar technologies (for example, pixels, tags, local storage and SDKs) to support the operation, security and performance of the Services and, where enabled, to support analytics, advertising measurement and remarketing.
Cookies are small data files placed on your device that help a website recognise your browser, maintain functionality, store certain preferences and understand how the Website is used. Cookies may be classified, depending on purpose and configuration, as:
- strictly necessary, meaning required for core functionality, security, fraud prevention or delivery of the Services; or
- non-essential, meaning used for measurement, analytics, diagnostics, advertising measurement, remarketing or optimisation purposes.
We may use:
- session cookies, which are stored temporarily and deleted automatically when your browser is closed; and
- persistent cookies, which remain on your device for a defined period and assist in recognising your browser on repeat visits, including for storing consent or preference settings where implemented.
Consent and choices
Where required by law and applicable platform requirements, we will provide a cookie notice and consent mechanism that allows you to accept, reject or manage categories of cookies and similar technologies. This may be implemented through a consent management platform intended to support IAB-aligned consent signals (for example, CookieYes or an equivalent provider).
You may manage cookie preferences at any time by:
- using any consent or preference controls made available via the Website (if implemented);
- adjusting your browser settings to block, delete or restrict cookies; and
- using device-level controls where available.
Refusal of non-essential cookies may reduce the availability or performance of certain features and may limit analytics, advertising measurement or remarketing functions.
Third-party technologies
We may permit authorised third-party service providers to use cookies and similar technologies for:
- aggregated analytics and performance measurement (for example, Google Analytics);
- advertising measurement, conversion tracking and remarketing (for example, Google Ads conversion tracking and Microsoft Advertising UET), where enabled and subject to your choices;
- security, anti-abuse and fraud prevention; and
- consent and preference management.
Third parties may collect technical information (for example, IP address, device information, and interaction signals) through their tools. Your choices may affect whether certain third-party tools are activated.
Browser impact
Your browser may be configured to refuse all or some cookies or to notify you when a website attempts to place cookies. Disabling cookies may affect certain features or the operation of parts of the Website, particularly where cookies are strictly necessary.
We retain personal information only for as long as is reasonably necessary to fulfil the purposes for which it was collected, or as long as required or permitted to comply with applicable laws, regulatory requirements, or applicable limitation periods. As the Services do not provide user accounts, payment services or transactional features, no retention period is linked to account duration or financial activity.
Retention periods are determined by reference to factors including:
(a) Operational necessity
Retention may be required to manage enquiries, provide responses, maintain accurate records of correspondence, ensure service continuity, resolve disputes, address misuse reports, verify historical interactions, and administer preferences (including cookie consent choices where implemented).
(b) Legal and regulatory obligations
Certain information may be retained to comply with statutory duties, including obligations under privacy law and recordkeeping obligations.
(c) Limitation periods
We may retain personal information where reasonably necessary to establish, exercise or defend legal rights, taking into account applicable limitation periods that may apply to contractual, statutory or civil claims.
(d) Security, abuse prevention and system integrity
We may retain log data or technical security records for a limited period to detect, investigate and mitigate potential security incidents, abuse or unlawful activity.
(e) Consent records and compliance evidence
Where consent is relied upon (including where consent mechanisms are implemented for certain cookies and similar technologies), we may retain records of choices and consent signals to demonstrate compliance and to administer user preferences.
When personal information is no longer required for the purposes for which it was collected, and no further legal obligation requires its retention, we will take reasonable steps to securely delete it, anonymise it, or otherwise render it non-identifying, subject to technical feasibility and applicable law.
Backup files may be retained in encrypted archival environments solely for disaster recovery, continuity and compliance purposes. Access to archived data is restricted and subject to safeguards appropriate to the risks.
We implement and maintain reasonable technical, administrative and physical measures designed to protect the confidentiality, integrity and availability of personal information processed through the Services. These measures are intended to provide a level of security appropriate to the risks associated with the processing.
Our security measures may include, where appropriate:
- encryption of data in transit using TLS;
- secure hosting environments with network controls and hardened configurations;
- access controls designed to limit access to authorised personnel and service providers;
- restricted administrative access based on least privilege principles;
- monitoring for anomalous activity, suspicious behaviour or unauthorised access attempts; and
- incident response procedures and logging designed to preserve system integrity and support investigations.
Although we apply commercially reasonable safeguards, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security and we do not warrant that unauthorised third parties will be unable to circumvent our safeguards. Transmission of personal information to or from the Services is undertaken at your own risk. You should access the Services only from secure networks and secure devices.
Security incident response
Where required under applicable Australian law, we will take reasonable steps to assess, mitigate and respond to eligible data breaches, including compliance with the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth) where it applies, and providing notifications to affected individuals and the OAIC where legally required.
We do not knowingly collect personal information from, or direct the Services to, any individual who is under eighteen (18) years of age.
The Services do not offer account registration, user profiles, messaging services or transactional features. We do not conduct age or identity verification checks as a standard feature of the Services. However, we treat any credible indication that a user may be under 18 as a matter of concern and may apply appropriate remedial measures, including restricting access.
If we become aware that personal information has been provided to us by or in respect of an individual who is under 18, we will take reasonable steps to:
(a) cease further processing of that personal information, except to the extent required to comply with legal obligations or to ensure the security and integrity of our systems;
(b) delete, anonymise, or de-identify such personal information without undue delay, insofar as technically feasible and consistent with applicable law; and
(c) consider whether notification to the OAIC is required under applicable law.
If you believe that an underage individual has accessed the Services in breach of our age restriction, or has provided personal information to us through any channel, you should notify us immediately at support@clickandplaygames.com so that we can investigate and take appropriate action.
Individuals whose personal information is handled by us may have rights and choices under the Privacy Act 1988 (Cth) and the APPs. We will respond to requests in accordance with applicable law, subject to verification of identity and applicable legal limitations and exceptions.
Certain web browsers and mobile applications allow users to send a “Do Not Track” (“DNT”) signal indicating a preference not to be tracked across websites.
At present, there is no universally adopted mechanism that requires online services to recognise or respond to DNT signals. As a result, the Website does not currently respond to DNT signals. Should a recognised technical standard or regulatory requirement emerge in the future, we will revise this Privacy Policy accordingly.
You may control certain tracking technologies through:
- any consent or preference controls made available on the Website (if implemented);
- modifying your browser settings to block, restrict or delete cookies and similar technologies; and
- using opt-out mechanisms offered by relevant technology providers, where available.
We may amend or update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, regulatory guidance or operational requirements. The most recent version of this Privacy Policy will be identified by the “Last updated” displayed at the beginning of the document.
Where a change materially affects the manner in which we handle personal information, we may take reasonable steps to bring such changes to your attention, which may include posting a notice on the Website. Continued access to or use of the Services following the publication of an updated Privacy Policy constitutes your acknowledgement of the revised policy.
You are encouraged to review this Privacy Policy periodically to remain informed about how we collect, use and protect personal information.
You may request access to, correction of, or deletion or de-identification of personal information we hold about you, subject to applicable law. These rights are not absolute and may be subject to legal and operational limitations. We may, for example, be required or permitted to retain certain information to comply with legal obligations, to establish, exercise or defend legal claims, to demonstrate compliance with regulatory requirements, to protect our legitimate interests, or to ensure the security and integrity of the Services.
To submit a request to access, update, correct, delete or de-identify personal information, or to exercise any other privacy right, you must contact us using the channels specified in Section 12 (CONTACT DETAILS AND DATA ENQUIRIES). We may require you to provide sufficient information to verify your identity before processing your request.
We will respond to valid requests within a reasonable period. If we are unable to comply with your request, we will explain, to the extent permitted by law, the reasons for our decision and describe any complaint mechanism available to you.
All enquiries, requests, complaints or correspondence relating to this Privacy Policy or any privacy matter (including advertising preferences and opt-out requests) must be submitted in writing using the contact details set out below.
Operator: DATAFORGE INNOVATIONS LTD
Registered Office: 167-169 Great Portland Street, 5th Floor, London, England, W1W 5PF
Email Address: support@clickandplaygames.com
All written communications submitted under this Section must include:
- your full legal name and valid contact details;
- a clear and precise statement identifying the subject matter and purpose of the correspondence; and
- a detailed description of the issue, request, complaint or matter raised.
Where necessary, we reserve the right to request verification of identity or additional information in order to ensure that personal information and legally sensitive material are disclosed only to the correct individual and that the correspondence is handled securely and accurately.
Responses will be provided within the timeframes required by applicable law. Where no specific statutory timeframe applies, responses will be issued within a reasonable period, taking into account the nature, complexity and volume of the correspondence received.
Play Responsibly
Enjoy the games, take breaks when needed, and keep things balanced for your wellbeing.
