burger icon
Extreme Review Australia
Log In

Privacy Policy

This Privacy Policy explains how personal information is collected, used, disclosed, and protected when you access and use the Extreme services available via the website operated on the domain extreme-aussie.com (the "Website"). It applies to all Website visitors, readers, and users, including prospective and existing players who access or use the services and links we describe or review. This Privacy Policy is effective as of 1 January 2026 and remains in force until updated or replaced in accordance with the "Updates" section below.

Who We Are

Observe: Users need to know the operator's identity and contact details. Expand: We incorporate the Curacao operator information and the AU-focused review brand. Reflect: We clearly distinguish the review site brand from the underlying gambling operator.

The Website "Extreme", operating under the brand name "Extreme" for the Australian market, is provided through the domain extreme-aussie.com. The underlying remote gambling services that may be reviewed or linked from this Website are operated by:

  • Operator legal name: Anden Online N.V.
  • Legal form: Naamloze Vennootschap (N.V.), a public limited company incorporated in Curaçao
  • Registered / legal address: Kaya Richard J. Beaujon Z/N, Curaçao
  • Licensing jurisdiction: Curaçao (Curacao eGaming / Gaming Curaçao)
  • Gaming licence reference: Curacao master licence framework historically including 1668/JAZ and 365/JAZ (exact sub-licence number to be verified against the seal displayed on the relevant gambling site footer; the licence is indicated as valid through 31 December 2026, subject to regulator confirmation).

The Website focuses on information and reviews relating to the brand "Extreme" for Australian users. It does not hold an Australian licence and is not authorised by Australian regulators.

Contact and Data Protection Responsibility

If you have questions about this Privacy Policy or about how your personal information is handled, you may contact the data protection contact using the details above.

What Personal Data We Collect

Observe: We must cover personal, technical, payment, behavioural and cookie data. Expand: We consider both Website-only data and data processed when users interact with linked gambling services. Reflect: We structure categories clearly so users understand what is collected in each context.

Identity and Contact Data

  • Personal identification details such as your full name, date of birth, and country of residence where such data is submitted in forms (for example, when you contact us, subscribe to newsletters, or create an account on any related portal).
  • Contact details including your email address, telephone number (if you choose to provide it), and any social media identifiers you use to communicate with us.

Technical and Usage Data

  • Technical identifiers: IP address, device identifiers (such as device ID, browser type and version, operating system, language settings), time zone setting, and approximate geolocation derived from your IP.
  • Usage and log data: access dates and times, pages viewed, referring URLs, clickstream data, login timestamps, and interaction logs with our Website and support channels.

Payment and Financial Data

  • Where you interact directly with the underlying gambling operator (for example by making deposits or withdrawals on a gambling site related to Extreme), payment information may be processed, including partial card details (card type, masked card number), e-wallet identifiers, bank account details (IBAN, BIC), transaction amounts, timestamps, currency, and payment provider identifiers.
  • The Website extreme-aussie.com itself generally does not process full card numbers or CVV codes; these are typically processed by secure third-party payment processors acting under strict PCI-DSS-compliant standards. However, transaction references and confirmation data may be retained to facilitate customer service, compliance, and record keeping.

Behavioural and Profile Data

  • Interaction behaviour on the Website: clicks on links and banners, pages visited, session duration, scroll depth, and engagement with review content and tools.
  • Gambling-related behaviour (where applicable): betting and gaming history, stakes and winnings, account balance and currency, bonuses used, frequency and duration of gambling sessions, responsible gambling settings (e.g., deposit limits, cool-off periods) and self-exclusion status when that data is available through the operator systems.
  • Marketing and preference data: your preferences for receiving marketing communications, records of consent or opt-out, and communication interaction (such as email opens and link clicks).

Content and Communication Data

  • Any information you voluntarily provide when contacting us, participating in surveys, posting feedback through forms, or responding to customer-service communications, including the content of emails, attachments, and records of live chat sessions (where available).

Cookies and Similar Technologies

  • Cookies: small text files stored on your device to recognise your browser and remember certain information.
  • Web beacons / pixels: small graphical elements that allow tracking of user behaviour (such as email opens or banner impressions) in an aggregated way.
  • Local storage and similar tools: technologies that help store preferences or session data in your browser.

Details of how we use cookies and how you can control them are provided in the "Cookies & Tracking Technologies" section below.

Legal Basis for Processing

Observe: We must explain lawful bases similar to GDPR and international standards, adapted to an AU-facing offshore context. Expand: We address consent, contract, legitimate interests, and legal obligations, including KYC/AML. Reflect: We provide clear mapping of purposes to legal bases.

Consent

  • We rely on your freely given, specific, informed, and unambiguous consent when:
    • sending you marketing emails or newsletters;
    • using non-essential cookies and tracking tools for analytics or advertising;
    • processing certain optional data that is not necessary for service provision (for example, participation in surveys or promotional activities).
  • You may withdraw your consent at any time as described in the "Your Rights" and "Cookies & Tracking Technologies" sections. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

Performance of a Contract

  • We process personal information where it is necessary to enter into, or perform, a contract with you, including:
    • creating and managing any user account or profile associated with our services;
    • providing access to gambling or related services operated by Anden Online N.V. or its affiliates;
    • processing deposits, wagers, withdrawals, and bonus credits;
    • providing customer support and handling your requests or complaints.

Compliance with Legal and Regulatory Obligations

  • As an entity licensed in Curaçao and operating internationally, we process certain data to comply with applicable laws and regulations, including but not limited to:
    • anti-money laundering (AML) and counter-terrorism financing (CTF) requirements, including Know-Your-Customer (KYC) checks, identity verification, and screening against sanctions and politically exposed person (PEP) lists;
    • accounting, tax, reporting, and record-keeping obligations imposed by regulatory authorities;
    • responsible gambling and player protection obligations imposed by our licensing jurisdiction.
  • This includes retention of transaction records and verification documents for legally mandated periods.

Legitimate Interests

  • We may process data where it is necessary for legitimate interests pursued by us or by third parties, provided such interests are not overridden by your rights and freedoms. These interests include:
    • fraud detection and prevention, chargeback management, and security monitoring;
    • improving the Website, services, user experience, and content relevance;
    • maintaining network and information security and preventing abuse or misuse;
    • carrying out aggregate statistics and analytics to understand and improve our business;
    • protecting and defending our legal rights and responding to disputes or claims.

Where local laws require, we will document our legitimate interest assessments and, where appropriate, provide you with additional information upon request.

Purpose of Processing

Observe: Users need a clear list of purposes. Expand: We differentiate service provision, improvement, marketing, analytics, and fraud prevention. Reflect: We link each purpose to types of data used, while keeping wording concise.

Provision and Operation of Services

  • To operate the Website, provide up-to-date reviews and information on Extreme and related gambling offers, and facilitate navigation to third-party gambling services.
  • To set up, verify, and manage any user accounts directly controlled by Anden Online N.V. or associated portals.
  • To process gaming transactions, deposits, withdrawals, promotions, and customer support interactions associated with the Extreme gambling services.

Service Improvement and Personalisation

  • To monitor and analyse Website performance and usability, identify technical issues, and optimise design and content.
  • To personalise aspects of the Website, such as displaying region-relevant content, language options, or tailored recommendations (where legally permitted).

Marketing and Communications

  • To send you newsletters, promotional messages, and information about bonuses, campaigns, or new features, where you have provided consent or where otherwise permitted by law.
  • To manage marketing preferences, track campaign performance, and measure engagement with our communications.

Analytics, Research, and Statistics

  • To produce anonymous or aggregated statistics about Website usage, player activity patterns, and market trends.
  • To conduct internal research aimed at enhancing responsible gambling tools, detecting high-risk behaviours, and assessing the effectiveness of risk-mitigation measures.

Fraud Prevention, Security, and Legal Compliance

  • To prevent and detect fraud, identity theft, money laundering, abuse of promotions, and other unlawful or suspicious activities.
  • To secure our networks, systems, data storage, and account access, including through technical and organisational security measures.
  • To comply with requests and orders from law enforcement, regulators, courts, and other competent authorities where legally required.

Disclosure & Sharing

Observe: We must explain when data is shared and with whom. Expand: We cover payment partners, service providers, regulators, affiliates, and advertising networks. Reflect: We emphasise that sharing is limited and subject to safeguards.

Group Companies and Gambling Service Providers

  • Personal information may be shared within the group of companies controlled by or affiliated with Anden Online N.V., where this is necessary to provide gambling services, customer support, payment processing, risk management, or back-office operations.
  • If the Website links you to specific Extreme gambling platforms, your data may be processed directly by those platforms as separate controllers under their own privacy policies.

Payment Processors and Financial Institutions

  • We share certain data with payment service providers, banks, card schemes, e-wallet providers, and similar entities in order to:
    • process deposits, withdrawals, and refunds;
    • verify transactions and manage chargebacks;
    • conduct fraud prevention and AML/CTF checks.

Service Providers and Technical Partners

  • We use third-party vendors who act as data processors on our behalf for services such as:
    • website hosting, content delivery networks, and data storage;
    • email delivery, customer-support tools, and communication platforms;
    • analytics providers, A/B testing tools, and performance monitoring;
    • IT security services, including intrusion detection and DDoS protection.
  • These providers are bound by contractual obligations to protect your data and only process it according to our documented instructions.

Regulators, Authorities, and Dispute Resolution Bodies

  • We may disclose data to regulatory and supervisory authorities in Curaçao or other relevant jurisdictions where required to comply with licensing, AML/CTF, tax, or gambling regulations.
  • For Australian users, please note that the Australian Communications and Media Authority (ACMA) regulates online gambling under the Interactive Gambling Act 2001, and maintains site-blocking lists at:
  • We may share relevant data with independent dispute resolution portals, such as the Central Disputes System at https://centraldisputes.com, when handling escalated player complaints.

Affiliates, Advertising Networks, and Analytics Partners

  • With your consent, we may share limited information (such as cookie identifiers or hashed emails) with affiliate partners, advertising networks, and analytics services to:
    • track the performance of marketing campaigns and referral links;
    • measure conversions and optimise advertising spend;
    • serve or measure interest-based advertising in accordance with applicable law.

Corporate Transactions and Legal Requirements

  • In the event of a merger, acquisition, reorganisation, sale of assets, or insolvency, your data may be transferred to a successor or acquiring entity, subject to appropriate safeguards and continuing protection of your rights.
  • We may disclose data where necessary to establish, exercise, or defend legal claims, or where disclosure is otherwise required by law or court order.

International Transfers

Observe: Data flows cross-border between AU users, Curaçao, and other locations. Expand: We set out typical transfer destinations and safeguards. Reflect: We explain that transfers are governed by contractual protections and security controls.

  • Your personal information may be transferred to and processed in countries outside your country of residence, including:
    • Curaçao - where Anden Online N.V. is registered and licensed;
    • European Economic Area (EEA) member states - where some IT, analytics, or support providers may be located;
    • Other jurisdictions - such as the United States, the United Kingdom, or Asia-Pacific countries, where certain cloud, hosting, payment, or marketing services operate.
  • Where we transfer data internationally, we seek to ensure that such transfers comply with applicable data-protection requirements, for example by:
    • entering into standard contractual clauses or similar model agreements that include appropriate data-protection commitments;
    • ensuring the recipient is subject to adequate data-protection laws or certifications (such as ISO 27001 or SOC 2) and robust security measures;
    • limiting access to personal data strictly to those who need it for the purposes described in this Privacy Policy.
  • Because Extreme and extreme-aussie.com focus on Australian users but are operated by an offshore entity, your data will typically be stored and processed outside Australia. By using the Website and services, you acknowledge that such international transfers may occur, subject to the safeguards described here.

Data Retention

Observe: We must define retention periods and criteria. Expand: We address distinct categories, regulatory requirements, and user requests. Reflect: We balance legal retention obligations with data-minimisation principles.

General Retention Principles

  • We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, reporting, and regulatory requirements.
  • When determining appropriate retention periods, we consider:
    • the amount, nature, and sensitivity of the data;
    • the potential risk of harm from unauthorised use or disclosure;
    • the purposes of processing and whether we can achieve those purposes by other means;
    • applicable legal and regulatory requirements in Curaçao and other relevant jurisdictions.

Specific Retention Periods

  • Account and identification data: Typically retained for the duration of your active relationship with us and, thereafter, for up to 5 years after account closure, in line with AML/CTF and gambling regulatory guidance, unless longer retention is required by law.
  • Transaction and payment records: Generally retained for 5 to 7 years from the date of the relevant transaction to comply with accounting, tax, and AML/CTF obligations.
  • Customer support communications: Retained for up to 3 to 5 years after resolution of the query or complaint, to enable follow-up, defend legal claims, and improve service quality.
  • Marketing and consent records: Retained for as long as you remain subscribed, and for a reasonable period (usually up to 2 years) after you opt out, to demonstrate compliance with marketing laws and your preferences.
  • Technical logs and security data: Retained for a shorter period, normally between 6 months and 2 years, unless the data is needed for security investigations, legal proceedings, or regulatory enquiries.

Deletion and Anonymisation

  • When personal data is no longer required, we will either:
    • securely delete or destroy it; or
    • irreversibly anonymise it so that it can no longer be linked to an identifiable individual, in which case we may use such aggregated data for analytics and business purposes indefinitely.
  • Where you exercise your rights to erasure (see "Your Rights"), we will delete data unless retention is still required or permitted by law or overriding legitimate interests (for example, unresolved disputes or legal claims).

Your Rights

Observe: Users expect rights aligned with modern privacy frameworks (e.g., GDPR-style). Expand: We describe access, rectification, deletion, restriction, objection, portability, and withdrawal of consent, with procedures and timelines. Reflect: Although the primary focus is Australia, we aim for internationally consistent rights handling and free-of-charge mechanisms.

Overview of Rights

  • Right of access: You can request confirmation of whether we process your personal data and obtain a copy of such data, along with information about how and why it is processed.
  • Right to rectification: You can ask us to correct or complete inaccurate or incomplete personal information.
  • Right to erasure ("right to be forgotten"): You may request deletion of your personal data where:
    • it is no longer necessary for the purposes for which it was collected;
    • you have withdrawn consent and there is no other legal basis for processing;
    • you have successfully objected to processing and there are no overriding legitimate grounds;
    • the data has been processed unlawfully; or
    • deletion is required to comply with a legal obligation.
  • Right to restriction of processing: You can request that we restrict processing under certain circumstances, for example while we verify the accuracy of data or assess an objection.
  • Right to object: You may object to processing based on legitimate interests, including profiling, and we will stop processing unless we demonstrate compelling legitimate grounds overriding your interests, rights, and freedoms, or where processing is necessary for legal claims. You may always object to direct marketing.
  • Right to data portability: Where processing is based on consent or contract and carried out by automated means, you may request that we provide your personal data in a structured, commonly used, machine-readable format, or transmit it directly to another controller where technically feasible.
  • Right to withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time, without affecting the lawfulness of processing before withdrawal.

Procedures for Exercising Your Rights

  • You can exercise your rights by contacting us at [email protected] or [email protected], clearly stating:
    • your full name and contact details;
    • the right(s) you wish to exercise;
    • any relevant account or transaction identifiers, if applicable.
  • We may need to verify your identity before acting on your request, to protect your privacy and security (for example by asking you to confirm certain account details or to provide identification documents).
  • We aim to respond within 30 days of receiving a valid request. In complex cases or where we receive multiple requests, this period may be extended, and we will inform you of the extension and reasons.
  • In general, no fee will be charged for handling your request. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded, excessive, or repetitive, as permitted by applicable law.
  • Even when you request erasure or restriction, we may retain certain data where this is necessary to:
    • comply with legal obligations (for example AML/CTF or tax laws);
    • establish, exercise, or defend legal claims;
    • protect the rights of another natural or legal person.

Cookies & Tracking Technologies

Observe: We must identify types of cookies, purposes, and control mechanisms. Expand: We cover session, persistent, and third-party cookies, and explain management options. Reflect: We present this in user-friendly language while preserving legal precision.

Types of Cookies We Use

  • Session cookies: Temporary cookies that exist only while your browser is open. They are used for essential functions such as remembering your navigation between pages and maintaining session state. They are deleted when you close your browser.
  • Persistent cookies: Cookies that remain on your device for a defined period or until you delete them. They help us remember your preferences (such as language and region) and analyse how you use the Website.
  • First-party cookies: Cookies set directly by extreme-aussie.com to support the operation and performance of the Website.
  • Third-party cookies: Cookies set by third parties, such as analytics services (for example, web traffic analysis tools) or advertising partners, to measure website usage, conversions, and, where allowed, to serve or measure targeted advertising.

Purposes of Cookies

  • Strictly necessary / functional cookies: Required for basic website functionality, such as page navigation, secure login (where applicable), and access to site features. The Website cannot function properly without these cookies.
  • Preference cookies: Used to remember choices you make (for example, language selection, region, or display settings) so that you do not have to reconfigure them each time you visit.
  • Analytics cookies: Help us understand how visitors interact with the Website by collecting and reporting information anonymously, such as number of visitors, most viewed pages, and error messages.
  • Advertising and affiliate cookies: Used by us and our partners to track referrals, measure campaign performance, and, where legally permitted and with your consent, tailor advertising and promotional messages to your interests.

Managing and Disabling Cookies

  • When you first visit the Website, you may be presented with a cookie notice or banner allowing you to accept or manage cookie preferences, subject to applicable legal requirements.
  • You can also manage cookies via your browser settings. Most browsers allow you to:
    • view which cookies are stored on your device;
    • delete existing cookies;
    • block cookies from particular sites or all sites;
    • block third-party cookies;
    • set notifications before a cookie is stored.
  • If you disable some or all cookies, certain features or sections of the Website may not function correctly or may become unavailable.

Data Security

Observe: Users must understand how their data is protected. Expand: We describe encryption, access controls, audits, training, and incident response. Reflect: We reference recognised standards while clarifying that certification may be at the level of specific providers.

Technical and Organisational Measures

  • Encryption in transit: Data transmitted between your browser and our systems is protected using industry-standard Transport Layer Security (TLS 1.2 or higher), helping to prevent interception or tampering.
  • Encryption at rest: Where technically and operationally feasible, sensitive data (such as authentication credentials and payment-related tokens) is stored using strong encryption algorithms and secure key-management practices.
  • Access controls: Access to personal data is limited on a "need-to-know" basis to staff and service providers who require it for the purposes described in this Privacy Policy. Role-based access control, strong authentication, and logging of access events are used to reduce unauthorised access risk.
  • Multi-factor authentication (MFA): For internal administrative accounts and critical systems, MFA or equivalent strong authentication measures are implemented to enhance security.
  • Network and infrastructure security: Firewalls, intrusion-detection / prevention systems, anti-malware tools, and regular patching are used to mitigate common cyber-threats.

Security Governance and Monitoring

  • Security audits and assessments: We perform periodic assessments of our systems, which may include internal audits, vulnerability scans, or third-party penetration tests, to identify and address security weaknesses.
  • Use of certified providers: We may engage hosting, cloud, and payment providers that adhere to recognised security frameworks, such as ISO 27001 for information security management or SOC 2 for service-organisation controls, or which otherwise demonstrate robust security practices.
  • Staff training and awareness: Personnel who handle personal data receive training on data-protection obligations, secure data handling, phishing awareness, and incident-reporting procedures.

Incident Response

  • We maintain incident-response procedures to detect, investigate, and respond to suspected data breaches or security incidents.
  • In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will take prompt steps to mitigate the impact and, where required by applicable law, notify relevant supervisory authorities and affected individuals without undue delay.
  • While we implement appropriate security measures, no system can be completely secure. You are encouraged to:
    • use strong, unique passwords;
    • keep your login credentials confidential;
    • log out of sessions when using shared or public devices;
    • notify us immediately if you suspect unauthorised access to your account or data.

Complaints & Contacts

Observe: Users must know how to contact us and how to escalate complaints. Expand: We detail step-by-step processes and reference relevant supervisory authorities. Reflect: Although this Website targets Australian users and the operator is offshore, we still provide clear escalation paths.

Contact Channels

  • Email (primary): [email protected]
  • Email (support): [email protected]
  • Postal address (operator headquarters): Data Protection Officer, Anden Online N.V., Kaya Richard J. Beaujon Z/N, Curaçao.

If a dedicated online feedback or complaint form is made available on extreme-aussie.com, you may alternatively use that form as indicated on the Website.

Complaint Procedure

  1. Initial submission: Send a detailed description of your issue, including relevant dates, account identifiers (if any), and supporting documentation, to one of the contact channels above.
  2. Acknowledgement: We will normally acknowledge receipt of your complaint within 5 business days.
  3. Investigation: We will investigate your complaint, which may involve reviewing logs, transaction records, and correspondence. Where necessary, we may request additional information from you to clarify the facts.
  4. Response: We aim to provide a substantive written response within 30 days of receiving all relevant information. If we are unable to respond within this period due to complexity or other justified reasons, we will inform you of the delay and indicate a revised timeframe.
  5. Escalation: If you are dissatisfied with our response or handling of your complaint, you may request that it be escalated internally or referred to an independent dispute resolution portal, such as the Central Disputes System at https://centraldisputes.com, where applicable to the underlying gambling services.

Regulatory and Supervisory Authorities

  • Australia: For information about the regulation of online gambling in Australia, including blocking of offshore illegal services, you may consult the Australian Communications and Media Authority (ACMA):
  • Other jurisdictions: If you are located in a country with a dedicated data-protection authority (for example, within the European Union), you may have the right to lodge a complaint with your local supervisory authority if you believe your data-protection rights have been infringed. Contact details for EU authorities are typically available through national government or data-protection websites.

We encourage you to contact us first so that we can attempt to resolve your concerns directly and efficiently.

Updates

Observe: Policies evolve and users need to know how changes are communicated. Expand: We include notification methods, version control, and advance notice for significant changes. Reflect: We provide clear expectations and options for users when changes occur.

Policy Changes and Version Control

  • This Privacy Policy may be updated from time to time to reflect changes in legal requirements, regulatory guidance, technical developments, or our business practices.
  • Each version of the Privacy Policy will be identified by a "Last updated" date. The current version is:
    • Last updated: January 2026
  • Where a change is material - for example, if we introduce new processing activities, change our legal bases, or expand the categories of recipients - we will summarise the key changes in a changelog or notice available on the Website.

Notification Procedures

  • We may notify you of significant updates through one or more of the following channels:
    • prominent banners or pop-ups on the Website;
    • notifications in any user account dashboard where available;
    • email communications sent to the address associated with your account or subscription.
  • For significant changes that materially affect your rights or the way we process your data, we will provide, where reasonably practicable, at least 30 days' advance notice before the changes take effect.

Your Options on Update

  • If you do not agree with the updated Privacy Policy, you may:
    • discontinue use of the Website and related services; and
    • request closure of your accounts (if any) and exercise your data-protection rights as described in the "Your Rights" section.
  • Continued use of the Website or services after the effective date of any updated Privacy Policy will be deemed to constitute your acceptance of the revised terms, to the extent permitted by applicable law.