burger icon
Cashman Review Australia
Log In

Privacy Policy

This Privacy Policy explains how Cashman, operated via the domain cashman-au.com (the "Website"), collects, uses, stores and protects personal information of Website visitors and users of Cashman-related review and informational services. It applies to all visitors, registered users, and individuals who interact with the Website or contact us by email or other channels. This Privacy Policy is effective as of 1 January 2026 and is intended to comply with applicable Australian privacy and consumer laws, as well as recognised international data protection standards where relevant.

Who We Are

Observe: The Website is an informational and review resource focused on Cashman social casino content in the Australian context. It is not the operator of the Cashman social casino game and does not provide real-money gambling services.

Expand: Based on the corporate information available, Cashman-branded social casino games are published by Product Madness Inc., a subsidiary of Aristocrat Leisure Limited, an Australian public company listed on the ASX (ASX: ALL). However, the specific legal entity operating cashman-au.com and its registered office address are not specified in the supplied data.

Reflect: Until more detailed corporate and registration information is made available, this Privacy Policy will describe the Website operator functionally and provide the primary contact channels for privacy matters.

Website operator: For the purposes of this Privacy Policy, references to "we", "us" or "our" mean the operator of cashman-au.com, acting as the data controller (or equivalent) in relation to personal information collected through this Website.

Parent and operator group (for contextual reference only):

  • Parent company: Aristocrat Leisure Limited (ASX: ALL), an Australian public company. Further legal particulars are available via its investor portal: https://aristocrat.com/investors/.
  • Operator company for Cashman social casino game: Product Madness Inc. (part of Aristocrat's Pixel United mobile-first publishing segment). See: https://productmadness.com.

Registered office / legal address: The exact legal address and company registration number of the operator of cashman-au.com are not specified in the data provided. When such details are finalised, they will be inserted into this section and clearly identified in an updated version of this Privacy Policy.

Data Protection Contact

  • Data protection contact / DPO-equivalent: Privacy Officer, cashman-au.com
  • Email: [email protected] (primary channel for privacy and data protection queries)
  • Phone: not specified (please use email as the primary contact method)
  • Website: https://cashman-au.com

If and when a dedicated postal address or online contact form for privacy matters is introduced, those details will be updated here.

What Personal Data We Collect

Observe: To provide review and informational services about Cashman, manage the Website, and enable communication with users in Australia and elsewhere, we collect several categories of information.

Expand: Even though Cashman concerns social casino content (no real-money payouts), the Website may still process personal information such as contact details, technical identifiers and behavioural data for analytics and marketing. Payment data may arise if we later introduce paid premium features, advertising relationships or affiliate tracking.

Reflect: We describe below the categories of data we may collect, with examples, to ensure transparency and compliance with Australian privacy principles and international best practices.

1. Identification and Contact Data

  • Personal identifiers: Name or display name (if you voluntarily provide it through contact forms, account registration - if enabled - or email).
  • Contact details: Email address (e.g., when you contact [email protected] or subscribe to newsletters), and any other contact information you choose to share (such as a phone number or social media handle) in free-text communications.

2. Technical and Usage Data

  • Technical identifiers: IP address, device type, browser type and version, operating system, language settings, time zone and approximate location inferred from IP.
  • Log data: Dates and times of access, pages viewed, referral URLs, clickstream data, session duration and interactions with on-site elements (e.g., buttons, links, forms).

3. Behavioural and Interaction Data

  • On-site behaviour: Pages you view on cashman-au.com, links you click, dwell time, scroll depth, search queries on the Website and interactions with embedded content.
  • Engagement with content: Responses to surveys or polls (if offered), comments or feedback you provide, and your interaction history with newsletters or promotional emails (opens, clicks, unsubscribes).
  • Casino-related behaviour (non-monetary context): If you voluntarily share details such as your experience with Cashman social casino, game preferences, or other play-related information in feedback forms or emails, we may process that data to improve content and responsible gaming information. We do not have access to your actual game account at Product Madness Inc. or Aristocrat.

4. Payment and Transaction-Related Data

At present, cashman-au.com does not operate as a real-money gambling site and does not process payments for gambling services. However, the following information may be collected if we introduce paid services (e.g., premium content, ad-free access) or affiliate-tracking integrations:

  • Limited payment metadata: Transaction ID, payment method type (e.g., credit card, digital wallet), billing country and subscription status, processed via third-party payment providers. We do not store full payment card numbers or CVV codes on our servers.
  • Affiliate and tracking IDs: Non-directly identifying IDs or tokens used to attribute referrals to partner platforms.

5. Cookies and Similar Technologies

  • Cookies: Small text files stored on your device for functionality, analytics and marketing purposes (see "Cookies & Tracking Technologies" below).
  • Pixel tags / beacons: Invisible images or scripts used to measure email or page interactions.
  • SDKs and local storage: Where applicable (especially on mobile), app-like storage mechanisms or analytic SDKs may be used to collect technical and behavioural data.

6. Special Categories of Data

We do not intentionally collect "sensitive information" (such as health data, religious beliefs or biometric identifiers) through cashman-au.com. We ask that you do not include such information in free-text fields. If you inadvertently provide it, we will treat it with a high degree of protection and, where appropriate, delete or minimise it.

Legal Basis for Processing

Observe: The Website targets primarily users in Australia but may be accessed globally. While Australian law (including the Privacy Act and Australian Consumer Law) governs our primary obligations, we also align our practices with recognised international standards such as the GDPR where appropriate.

Expand: Our main legal grounds include consent, contract performance, legitimate interests and compliance with legal obligations (e.g., consumer protection, record-keeping, responding to law enforcement or regulators such as ACMA or ACCC).

Reflect: The legal basis applicable to your data depends on the context of collection and the nature of the processing activity.

1. Consent

  • Obtaining your explicit permission for:
    • Sending you marketing communications (newsletters, offers, updates about Cashman social casino content) by email or other electronic means.
    • Using non-essential cookies and similar tracking technologies for personalised advertising or advanced analytics.
    • Including your testimonials or user stories on the Website.
  • You may withdraw your consent at any time by using the unsubscribe link in emails, adjusting cookie settings, or contacting us at [email protected].

2. Performance of a Contract or Pre-Contractual Steps

  • Processing necessary to:
    • Create and manage any user account on cashman-au.com (if such accounts are offered).
    • Provide requested services such as access to premium review content, saved favourites, or personalised settings.
    • Respond to your specific queries or support requests.
    • Administer any promotions or competitions we may run via the Website.

3. Legitimate Interests

  • Our legitimate interests include:
    • Ensuring the security, integrity and availability of the Website.
    • Performing analytics to understand Website usage, improve content and optimise user experience.
    • Preventing fraud, abuse, or misuse of the Website, including protection against bots and malicious activity.
    • Enforcing our terms of use and defending our legal rights.
  • Where we rely on legitimate interests, we balance those interests against your rights and freedoms, and we implement safeguards (such as pseudonymisation and opt-out options) where feasible.

4. Compliance with Legal Obligations

  • We may process and retain certain information to:
    • Comply with applicable Australian laws and regulations, including consumer and advertising standards, and any obligations under the Interactive Gambling Act 2001 as it relates to social gaming content and advertising.
    • Respond to lawful requests from competent authorities (e.g., courts, law enforcement, ACMA, ACCC) and comply with information disclosure obligations.
    • Maintain records necessary for tax, accounting or corporate reporting within the Product Madness / Aristocrat group where applicable.

Purpose of Processing

Observe: Users visit Cashman for information about Cashman social casino games, including reviews, responsible gaming context, and links to the official operator.

Expand: Data processing is limited to what is reasonably necessary to operate an informational site, improve quality, and conduct lawful marketing and analytics.

Reflect: We categorise our purposes to promote clarity and alignment with Australian privacy principles.

1. Provision and Maintenance of the Website

  • Operating, administering and maintaining the functionality of cashman-au.com.
  • Customising content presentation (e.g., language, layout) based on your device and preferences.
  • Maintaining backups and ensuring the resilience of our technical infrastructure.

2. Communication and Customer Support

  • Responding to your questions, feedback or complaints submitted via email or other contact channels.
  • Providing notifications about changes to this Privacy Policy or other legal documents.
  • Sending service-related messages essential to your use of the Website or any registered services.

3. Improvement, Analytics and Research

  • Analysing how users interact with the Website to:
    • Identify the most and least visited pages.
    • Detect usability issues and technical errors.
    • Develop new features and content categories.
  • Using aggregated and anonymised statistics to inform product and content decisions, including responsible gaming information aligned with research from bodies such as the Australian Institute of Family Studies (AIFS).

4. Marketing and Promotions

  • Sending you newsletters or promotional communications about:
    • New reviews and guides related to Cashman social casino and similar games.
    • Special promotions or informational campaigns relevant to Australian users.
  • Displaying tailored content or advertising on our Website or through third-party platforms, subject to your cookie and tracking preferences.

5. Security, Fraud Prevention and Legal Compliance

  • Monitoring for suspicious or fraudulent activity, including bot traffic and repeated failed access attempts.
  • Protecting our systems, users and affiliated brands (Cashman, Product Madness, Aristocrat) from threats and misuse.
  • Complying with applicable legal obligations, responding to lawful requests from authorities, and enforcing our rights.

Disclosure & Sharing

Observe: To operate cashman-au.com effectively, we may need to share limited personal information with carefully selected third parties.

Expand: Such sharing is restricted to service providers, group companies, regulators and, where you consent, marketing and advertising partners. We do not sell your personal data.

Reflect: Each disclosure is governed by appropriate contractual and security safeguards, and we share only what is reasonably necessary for the intended purpose.

1. Service Providers and Technical Partners

  • Hosting and infrastructure providers: Companies that provide servers, cloud storage, content delivery networks (CDNs) and related infrastructure for cashman-au.com.
  • Analytics providers: Tools (e.g., web analytics platforms) that help us understand Website performance and user behaviour in aggregated form.
  • Communication tools: Email service providers and customer support tools used to send newsletters and manage inquiries.
  • Security providers: Anti-DDoS, web application firewall and monitoring services to secure our infrastructure.

2. Group Companies

  • Where relevant and necessary, limited data may be shared with Product Madness Inc. and/or Aristocrat Leisure Limited or their affiliates for:
    • Internal reporting, analytics and compliance.
    • Consistency of responsible gaming messaging and brand representation across regions.
  • Any such sharing is subject to intra-group data protection arrangements and confidentiality obligations.

3. Regulators, Authorities and Legal Counterparties

  • Where required or permitted by law, we may disclose personal information to:
    • Regulators and authorities in Australia, such as the Australian Communications and Media Authority (ACMA) in connection with the Interactive Gambling Act 2001, or the Australian Competition and Consumer Commission (ACCC) under Australian Consumer Law.
    • Courts, law enforcement agencies or other governmental bodies in response to lawful requests.
    • Legal advisers, auditors and other professional advisers where necessary to protect our rights or comply with legal obligations.

4. Affiliates, Advertising and Marketing Partners

  • With your consent, we may work with:
    • Affiliates and tracking partners to attribute traffic and conversions when you click on outbound links from cashman-au.com to the official Cashman game or related offers.
    • Advertising networks that deliver tailored or contextual ads on our Website or third-party sites.
  • These partners may use cookies or similar technologies to track interactions; see "Cookies & Tracking Technologies" for details.

5. Business Transfers

  • In connection with any merger, acquisition, restructuring, or transfer of assets related to cashman-au.com, personal data may be transferred to the acquiring or successor entity, subject to:
    • Continued protection under this or a substantially similar privacy policy; and
    • Notification to you where legally required.

International Transfers

Observe: The Website is focused on Australia, but many of our service providers and group companies operate internationally (e.g., UK, USA).

Expand: This implies that your personal data may be transferred to and processed in countries outside your country of residence, which may have different data protection laws.

Reflect: We implement contractual and technical safeguards to protect information during such cross-border transfers.

1. Locations of Processing

  • Australia: Data relevant to the Australian market context may be processed and stored on servers in or accessible from Australia, particularly in relation to Aristocrat Leisure Limited as an Australian parent.
  • United Kingdom: Product Madness Inc. has a significant presence in London. Certain analytics, reporting or internal operations may be coordinated from the UK.
  • United States: Product Madness also maintains offices in Las Vegas, USA. Some infrastructure providers or group functions may operate there.
  • Other regions: Our cloud service providers may use globally distributed data centres (e.g., EU, Asia-Pacific) to ensure performance and redundancy.

2. Protection Measures

  • Where personal data is transferred to countries without an equivalent level of data protection:
    • We use contractual safeguards such as standard contractual clauses or similar instruments where appropriate and required.
    • We apply access controls, encryption and minimisation to data shared with third parties.
    • We carefully select service providers with strong security and privacy practices, including adherence to recognised standards (e.g., ISO 27001, SOC 2) where applicable.
  • By using the Website, you acknowledge that your data may be transferred and processed in these locations subject to the safeguards described.

Data Retention

Observe: Different kinds of data are needed for different lengths of time.

Expand: Retention periods must satisfy legal obligations, operational needs and user expectations while avoiding unnecessary storage.

Reflect: We apply defined retention rules and delete or anonymise information when it is no longer needed, subject to legitimate legal and business requirements.

1. General Principles

  • We retain personal data only for as long as:
    • It is necessary for the purposes defined in this Privacy Policy; or
    • We have another lawful basis for continued retention (e.g., legal obligations, dispute resolution, enforcement of rights).
  • After the relevant retention period, data is either securely deleted or irreversibly anonymised.

2. Indicative Retention Periods

  • Contact and account data: For the duration of your active relationship with us (e.g., while you are subscribed to updates or maintain an account) and for up to 5 years after the last meaningful interaction or account closure, unless a longer period is required to resolve disputes or comply with legal obligations.
  • Technical and log data: Typically retained for 12 - 24 months for security, troubleshooting and analytics, then aggregated or anonymised.
  • Marketing data: Stored while you remain opted-in to marketing communications and for up to 2 years after your last interaction with those communications (e.g., last open or click), or until you withdraw consent.
  • Payment/transaction metadata (if applicable in future): Retained in line with statutory accounting and tax requirements, generally up to 7 years after the end of the relevant financial year, subject to applicable law.
  • Complaint and correspondence records: Retained for up to 6 years after resolution to allow us to respond to future queries and defend against legal claims.

3. Deletion Criteria and Exceptions

  • We may delete data earlier when:
    • You validly exercise your right to erasure and no overriding legal basis applies.
    • The data is no longer required for any of the purposes described in this Privacy Policy.
  • We may retain data longer when:
    • Required by law, regulation or regulator-issued guidance.
    • Necessary to establish, exercise or defend legal claims.

Your Rights

Observe: Users of cashman-au.com, particularly those in Australia and other regions with advanced privacy regimes, have rights over their personal data.

Expand: While our primary legal obligations flow from Australian law, we align our practices with internationally recognised data subject rights principles such as those reflected in the GDPR. The section prompt mentions Mexican law; although the Website is AU-focused and we do not target Mexico specifically, we note that similar rights to access, rectification and erasure exist under various jurisdictions.

Reflect: The following rights are available to you subject to applicable law, verification of your identity, and certain limitations and exceptions.

1. Right of Access

  • You may request confirmation of whether we process personal data about you and obtain a copy of that data, along with information about:
    • The categories of personal data processed;
    • The purposes of processing;
    • The categories of recipients; and
    • Where possible, the envisaged retention period.

2. Right to Rectification

  • You may request that we correct or update inaccurate or incomplete personal data we hold about you (e.g., incorrect email or display name).

3. Right to Erasure (Right to be Forgotten)

  • You may request deletion of your personal data when:
    • The data is no longer necessary for the purposes for which it was collected;
    • You withdraw consent where processing was based on consent and there is no other legal ground;
    • You object to processing based on legitimate interests and your rights override ours; or
    • We have processed the data unlawfully.
  • We may retain certain data where required by law or where necessary to establish, exercise or defend legal claims.

4. Right to Restriction of Processing

  • You may request that we limit processing of your personal data (e.g., to storage only) if:
    • You contest the accuracy of the data;
    • Processing is unlawful and you oppose erasure;
    • We no longer need the data, but you require it for legal claims; or
    • You have objected to processing pending verification of overriding interests.

5. Right to Object

  • You may object at any time to:
    • Processing of your personal data for direct marketing, including profiling related to direct marketing; and
    • Processing based on our legitimate interests, on grounds relating to your particular situation.
  • If you object to marketing, we will stop such processing promptly.

6. Right to Data Portability

  • Where technically feasible and required by applicable law, you may request that we provide you with personal data you have provided to us in a structured, commonly used and machine-readable format, or that we transmit it directly to another controller, where:
    • The processing is based on your consent or on a contract; and
    • The processing is carried out by automated means.

7. Right to Withdraw Consent

  • Where processing is based on your consent (e.g., marketing, non-essential cookies), you may withdraw that consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

8. Procedure, Timeframes and Cost

  • How to exercise rights: Please contact us at [email protected] with a clear description of your request and sufficient information to verify your identity (e.g., the email address you used with us).
  • Verification: We may request additional information if necessary to confirm your identity and protect your privacy.
  • Response time: We aim to respond to all valid requests within 30 days of receipt. If your request is complex or numerous, we may extend this period by a further 30 days, in which case we will inform you of the extension and reasons.
  • Fees: Requests will generally be handled free of charge. We may charge a reasonable fee or refuse to act on manifestly unfounded or excessive requests, as permitted by law.

Cookies & Tracking Technologies

Observe: Cookies and similar technologies are used to ensure the proper functioning of cashman-au.com and to improve the user experience.

Expand: We categorise cookies by duration (session vs. persistent), origin (first-party vs. third-party) and purpose (functional, analytics, advertising).

Reflect: We provide you with information about these technologies and options to manage your preferences.

1. Types of Cookies

  • Session cookies: Temporary cookies that exist only while your browser session is open. They are typically used for basic site functionality and security and are deleted when you close your browser.
  • Persistent cookies: Cookies that remain on your device for a defined period or until deleted. They may remember your preferences or recognise your browser on subsequent visits.
  • First-party cookies: Cookies set directly by cashman-au.com to support core site functions and preferences.
  • Third-party cookies: Cookies set by external providers (e.g., analytics or advertising partners) to provide services such as traffic analysis or ad delivery.

2. Purposes

  • Strictly necessary / functional: Enable core Website functions such as page navigation, security features, and access to restricted areas. The Website cannot function properly without these cookies, and they are generally set in response to your actions.
  • Analytics and performance: Collect aggregated information about how visitors use the Website (e.g., pages visited, time spent, error messages). This helps us understand usage patterns and improve performance and content.
  • Advertising and marketing (if enabled): Used to deliver relevant advertisements on our Website or third-party sites, measure the effectiveness of campaigns and limit the frequency of ads. These may also be used to track referrals to partner sites (e.g., official Cashman game pages).

3. Management of Cookies

  • Browser settings: Most web browsers allow you to:
    • View which cookies are stored on your device;
    • Delete existing cookies; and
    • Block some or all cookies, or receive alerts before cookies are stored.
  • In-site controls (where available): We may provide a cookie banner or preferences panel enabling you to accept or reject non-essential cookies.
  • Effect of disabling cookies: If you block or delete some cookies, certain features of cashman-au.com may not function as intended, and your user experience may be reduced.

Data Security

Observe: The protection of your personal data is a high priority for Cashman and the broader Product Madness / Aristocrat group.

Expand: We implement a combination of organisational, technical and physical measures designed to protect data against unauthorised access, loss, misuse or alteration.

Reflect: While no system is entirely immune to risk, we continuously evaluate and enhance our security controls in line with industry standards.

1. Technical Measures

  • Encryption in transit: Data transmitted between your browser and cashman-au.com is protected using TLS 1.2+ or higher, helping to prevent interception by third parties.
  • Encryption at rest: Where feasible, stored data (including backups) is protected using industry-standard encryption mechanisms and secure key management practices.
  • Access controls: Access to personal data is restricted to authorised personnel who require it for legitimate business purposes and who are subject to confidentiality obligations.
  • System hardening and monitoring: Firewalls, intrusion detection/prevention systems and logging mechanisms are used to monitor for suspicious activity and protect against unauthorised access.

2. Organisational Measures

  • Policies and procedures: Internal policies govern data handling, classification, retention and incident response.
  • Staff training: Personnel who may access personal data receive training on privacy principles, security awareness, phishing prevention and secure data handling.
  • Third-party due diligence: We evaluate the security posture of service providers and include appropriate data protection and security clauses in our contracts.

3. Audits and Standards

  • Where we rely on group infrastructure or third-party platforms, we seek alignment with internationally recognised security frameworks such as ISO 27001 and SOC 2 where applicable, either directly or through our partners' certifications.
  • Regular reviews and, where required, independent assessments of our security controls may be conducted.

4. Incident Response

  • We maintain incident response procedures designed to:
    • Identify and contain security incidents promptly;
    • Assess potential impact on individuals and systems;
    • Notify affected users and relevant authorities where required by law; and
    • Implement corrective and preventive measures.

Complaints & Contacts

Observe: Users must have clear channels for raising questions or complaints regarding privacy and data protection.

Expand: We provide direct contact details for our privacy contact and explain how to escalate matters to relevant supervisory authorities, primarily in Australia. The prompt references Mexican and EU authorities; while our primary focus is AU, individuals in those regions may also have rights under their local laws and can contact their local authorities.

Reflect: Transparent, timely and fair complaint handling strengthens trust and supports compliance.

1. Contacting Us

  • Primary contact for privacy matters:
    Privacy Officer - cashman-au.com
    Email: [email protected]
  • Preferred method: Email, including:
    • Your name (or alias if you prefer);
    • The email address you used in any interactions with us; and
    • A clear description of your question or concern.
  • Postal address: Not specified in the data provided. If a dedicated mailing address is introduced, it will be added here.

2. Internal Complaint Procedure

  1. Submission: Send your complaint to [email protected] with "Privacy Complaint" in the subject line.
  2. Acknowledgement: We will acknowledge receipt of your complaint within 7 business days, where feasible.
  3. Review: Our Privacy Officer or delegate will review the matter, which may involve requesting additional information from you for clarification or verification.
  4. Response: We aim to provide a substantive response or resolution within 30 days of receiving your complete complaint. If more time is required due to complexity, we will inform you of the delay and provide an updated timeline.
  5. Outcome: Where a complaint is upheld, we will explain the steps we will take to address the issue and to prevent recurrence where appropriate.

3. Escalation to Supervisory Authorities

If you are not satisfied with our response or believe that we are not handling your personal information in accordance with applicable law, you may have the right to lodge a complaint with a relevant data protection or privacy regulator.

  • Australia: The primary authority overseeing privacy matters is the Office of the Australian Information Commissioner (OAIC).
    Website: https://www.oaic.gov.au
    Complaints information: https://www.oaic.gov.au/privacy/privacy-complaints
  • European Union / EEA (if applicable): If you are located in the EU/EEA and believe your rights under GDPR have been infringed, you may lodge a complaint with your local data protection authority. Contact details are available at: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
  • Other jurisdictions (including Mexico): While the Website is AU-focused, if your local law grants you additional rights (for example, under Mexican data protection law), you may also contact your local data protection authority. Please consult the official website of the relevant authority in your country for up-to-date contact details and complaint procedures.

Updates

Observe: Privacy laws and our business operations evolve over time.

Expand: We must update this Privacy Policy periodically to reflect changes in legal requirements, industry standards, services, and data processing practices.

Reflect: Transparent communication about policy changes helps you make informed decisions about your continued use of cashman-au.com.

1. How We Will Notify You

  • Website notice: We will post the latest version of this Privacy Policy on cashman-au.com with a clear "Last updated" date at the top or bottom of the document.
  • Email notifications: If you have provided your email address and a change is material, we may notify you by email.
  • On-site alerts: For significant changes, we may display a banner, pop-up or account dashboard notice (if accounts are available) drawing your attention to the updated policy.

2. Advance Notice and User Choices

  • For material changes that significantly affect how we process your personal data (e.g., new data types, new purposes, or meaningful changes in international transfers), we will provide, where practicable:
    • At least 30 days' advance notice before the changes take effect; and
    • An opportunity for you to review the changes and, where required, give or withhold consent to new processing activities.
  • If you do not agree with the updated Privacy Policy, you should:
    • Discontinue use of cashman-au.com; and
    • Contact us at [email protected] to exercise any applicable rights, such as data deletion or withdrawal of consent.

3. Version Control

  • Last updated: January 2026
  • Change log (summary of material changes since prior version):
    • Clarified the informational nature of Cashman and its relationship to Product Madness Inc. and Aristocrat Leisure Limited.
    • Expanded detail on categories of data collected, including behavioural data and potential future payment metadata.
    • Enhanced explanations of international data transfers and security measures.
    • Updated rights, complaints and supervisory authority sections to align with current Australian and international standards as at 2026.