burger icon
On 9 Aud Review Australia
Log In

Privacy Policy

This Privacy Policy explains how On 9 Aud, operating the website on9aud-au.com (the "Website"), collects, uses, stores and discloses personal information of players and other visitors located in Australia who access or use our services. It forms part of the terms governing your use of the Website and related services. This Privacy Policy applies to all visitors, registered users and account holders.

The Policy is intended to comply with applicable Australian privacy laws and relevant international standards to the extent they apply to our activities. By using the Website, you acknowledge that you have read and understood this Privacy Policy.

Effective date: 1 January 2026

Who We Are

OBSERVE: The provided corporate profile does not specify a confirmed legal owner, registered office or licence details for On 9 Aud or On 9 Aud. This creates a transparency and compliance risk that must be addressed in the Policy text without inventing false corporate details.

EXPAND: The Website appears to operate on an offshore, online-only basis, probably under a Curaçao sub-licence structure, and targets Australian players. Australian regulators (including ACMA and OAIC) expect clear operator identification and contact details for privacy queries, even where the underlying operator is offshore.

REFLECT: Pending formal confirmation of the responsible legal entity, we must (a) be transparent about the information gap, (b) clearly identify functional responsibility for privacy compliance, and (c) provide real contact channels (email/Website) for users to exercise their rights and lodge complaints.

Operator and Responsibility

  • Service name: On 9 Aud, providing online gambling and related informational services via on9aud-au.com to users located in Australia.
  • Brand name: "On 9 Aud" (used exclusively in connection with the Website on9aud-au.com).
  • Legal operator details: As at 1 January 2026, the ultimate operating company, its precise legal form, registration number, registered office address and tax identification details have not been publicly disclosed or independently verified. Available open-source information suggests a likely Curaçao online gaming sub-licence structure (for example, under a generic Gaming Curaçao "365/JAZ" - type arrangement), but this remains unverified and may change.
  • Regulatory note: The Australian Communications and Media Authority (ACMA) has taken action against similar offshore gambling providers. However, no public record has been found that definitively identifies the corporate operator of On 9 Aud as at 15 December 2024.

Contact for Privacy Matters

  • Data Protection Contact: Privacy & Data Protection Team, On 9 Aud (functional data controller for Website operations).
  • Email (primary): [email protected] (please use subject line "Privacy request - On 9 Aud").
  • Website: https://on9aud-au.com - additional information and, where available, online feedback or contact forms may be accessed via the "Contact" or "Support" sections.
  • Postal address: A formal mailing or legal address for the operator of On 9 Aud was not specified or verified as at 1 January 2026. If a physical correspondence address is later published on the Website, that address will be deemed the official mailing address for privacy matters and will automatically form part of this Policy.

Important transparency statement: We do not intentionally conceal operator identity. As the offshore corporate information becomes available or is independently verified, we will update this section to include the full corporate name, legal address, registration number and relevant licensing details. Such updates will be treated as material changes and notified in accordance with the "Updates" section below.

What Personal Data We Collect

OBSERVE: To provide and secure online gambling services, a wide range of personal, technical, financial and behavioural data is required. Australian privacy law (including the Privacy Act 1988 (Cth) and Australian Privacy Principles) expects that individuals are clearly informed about what data is collected and why.

EXPAND: Data collected will typically include identification and contact details, transactional and payment data, device and network information, usage and behavioural metrics, and data derived from cookies and similar technologies. Some categories may constitute "sensitive information" (e.g., problem-gambling self-exclusion status).

REFLECT: The categories below are designed to be comprehensive while remaining understandable to end-users and aligned with AU privacy expectations and common global standards (e.g., GDPR-style categorisation) without suggesting the Website is formally subject to GDPR.

Identity and Contact Data

  • Full name, date of birth, and gender (where provided).
  • Residential address, country of residence and proof-of-address documentation (e.g., utility bills, bank statements).
  • Email address (including the one used to contact us, such as [email protected]) and any additional email addresses you provide.
  • Telephone or mobile numbers, instant messaging IDs or other contact details you submit.
  • Copies of identity documents (e.g., passport, driver's licence, national ID card) provided for age verification, Know-Your-Customer (KYC) and anti-money-laundering (AML) checks.

Account and Service Data

  • Username, password and other authentication credentials (stored in hashed or otherwise protected form).
  • Account settings, language preferences and communication preferences (e.g., opt-in/opt-out to marketing).
  • Customer support communications, including chat logs, emails and complaint records.
  • Responsible gambling settings (deposit limits, loss limits, time limits, self-exclusion status) where such tools are offered.

Technical and Device Data

  • IP address and approximate geolocation derived from IP (city/region/country level, where technically available).
  • Device identifiers, browser type and version, operating system, language settings, time zone, and similar device characteristics.
  • Log data such as access dates and times, pages visited, referral URLs, session identifiers and error logs.
  • Information related to device security, such as failed login attempts, device fingerprinting identifiers (where used) and account-lockout logs.

Payment and Financial Data

  • Payment method information (e.g., partial card data in tokenised form, bank account identifiers, e-wallet details), as processed by our payment providers.
  • Deposit and withdrawal amounts, currency, timestamps and payment status.
  • Transaction identifiers, payment provider references and internal anti-fraud risk scores.
  • Records of chargebacks, disputes, refunds and AML/KYC checks undertaken in relation to payments.

Behavioural and Usage Data

  • Game and betting history, including games played, stakes, wins/losses, session durations and gameplay patterns.
  • Clickstream data (buttons clicked, navigation paths, interaction with banners and promotions).
  • Response to marketing communications (email opens, link clicks, unsubscribe actions).
  • Aggregated analytics data about how groups of users interact with the Website and services.

Cookies and Similar Technologies

  • Session cookies that maintain your login state and remember actions within a single browsing session.
  • Persistent cookies that store your preferences (e.g., language, saved details) across sessions.
  • Analytics cookies (first-party or third-party) that help us understand site performance and usage trends.
  • Advertising and tracking cookies, pixels or tags used, with your consent where required, to deliver or measure personalised marketing.
  • Technical identifiers (e.g., local storage objects, device IDs) that perform similar functions to cookies.

Where we collect information that is not reasonably capable of identifying you (for example, properly anonymised or aggregated statistics), that information is not considered personal information and may be used for any lawful purpose, subject to applicable law.

Legal Basis for Processing

OBSERVE: The Website targets Australian users and is likely operated offshore. Australian law relies on concepts such as "consent" and "reasonable expectations", while many global standards (e.g., GDPR) define legal bases such as contract, legal obligation and legitimate interests.

EXPAND: To build a robust and internationally recognisable framework, it is appropriate to describe our processing by reference to these broader legal bases, while clarifying that their exact legal status may depend on applicable law to you and to the operator.

REFLECT: The following grounds describe, in transparent and user-friendly terms, why and how we lawfully process your personal information in connection with On 9 Aud and the Website on9aud-au.com.

Performance of a Contract or Steps at Your Request

  • Creating and managing your player account, including processing your registration details and verifying your age and eligibility.
  • Providing access to games and gambling services, processing your bets, displaying game outcomes and maintaining your account balance.
  • Processing deposits and withdrawals through our payment partners, and providing you with transaction records.
  • Providing customer support, responding to your queries and resolving technical or account-related issues.

Where you choose not to provide personal information that is necessary for these contractual purposes, we may not be able to open or maintain your account or provide certain services.

Compliance with Legal and Regulatory Obligations

  • Undertaking identity verification and KYC checks to meet anti-money-laundering (AML), counter-terrorism financing (CTF), fraud-prevention and age-restriction obligations under applicable laws in the operator's jurisdiction and, where relevant, in Australia.
  • Maintaining appropriate accounting, financial and transactional records as required by tax or corporate regulations.
  • Responding to lawful requests for information from law-enforcement agencies, courts, regulatory bodies or governmental authorities, where such disclosure is legally mandated.
  • Keeping certain data for minimum retention periods as required by law, including after account closure (for example, AML record-keeping requirements).

Legitimate Interests

  • Protecting the integrity and security of our systems, services, users and staff by detecting and preventing fraud, abuse, hacking and other misuse.
  • Performing analytics and statistical reporting to understand how the Website is used and to improve its functionality, performance and user experience.
  • Enforcing our terms and conditions, including investigating potential violations and protecting our rights, property and legal interests.
  • Conducting limited profiling (e.g., fraud- and risk-related scoring) necessary to secure payments and accounts.

Where we rely on legitimate interests, we balance those interests against your rights and reasonable expectations and implement safeguards (such as access controls and minimisation) to reduce privacy impact.

Consent

  • Sending you electronic marketing communications (such as promotional emails or SMS) about offers, bonuses and products relating to On 9 Aud, where consent is required and you have opted in.
  • Using certain cookies, analytics tools or advertising technologies that are not strictly necessary for Website operation, where applicable law requires prior consent.
  • Processing certain categories of data or using it for additional purposes that are clearly explained at the point of collection and which you may accept or decline.

You can withdraw your consent at any time, as explained under "Your Rights", without affecting the lawfulness of processing based on consent before its withdrawal. In some cases, withdrawal of consent may limit the services or features available to you.

Purpose of Processing

OBSERVE: Users must understand precisely why their data is processed. The purposes must be limited and compatible with reasonable expectations of an online-gambling customer.

EXPAND: The purposes can be grouped into service delivery, security and compliance, analytics and improvement, and marketing/relationship management.

REFLECT: The following list provides a clear mapping between data usage and purposes, making our practices more transparent and easier to assess.

Service Delivery and Account Management

  • Enabling registration, authentication and ongoing access to your On 9 Aud account.
  • Providing and operating games, betting options, promotions and other casino services offered through on9aud-au.com.
  • Processing deposits, wagers and withdrawals, and maintaining accurate records of your balance and transaction history.
  • Providing customer support, including responding to questions, complaints and requests made via email or any support interfaces on the Website.

Security, Fraud Prevention and Legal Compliance

  • Verifying your identity, age and location to help prevent underage gambling, fraud and misuse of the Website.
  • Monitoring transactions and behaviour for suspicious or high-risk activity and taking appropriate action where necessary.
  • Maintaining system logs, security alerts and audit trails to support incident detection, investigation and remediation.
  • Complying with AML/CTF, KYC, taxation, regulatory reporting and record-keeping obligations under applicable laws.

Improvement, Analytics and Personalisation

  • Analysing how users interact with our Website, games and content to improve functionality, stability and usability.
  • Testing new features, products or services and gathering feedback to refine them.
  • Personalising elements of your experience (for example, recommended content, language settings and interface preferences).

Marketing and Relationship Management

  • Sending you information about promotions, bonuses, tournaments and other offers related to On 9 Aud, in accordance with your marketing preferences and applicable law.
  • Carrying out segmentation and limited profiling to ensure that marketing content is relevant, subject to your consent where required.
  • Measuring the effectiveness of marketing campaigns and optimising our communication strategy.

Disclosure & Sharing

OBSERVE: Offshore gambling operators inevitably rely on third-party payment processors, game/platform providers, analytics tools and potentially affiliates. Under Australian and international privacy norms, users must know with whom, and under what safeguards, their data may be shared.

EXPAND: Data disclosures should be limited to what is necessary, subject to contracts, and accompanied by clear explanations. Particular attention is required for international transfers, marketing/affiliate sharing and disclosure to authorities.

REFLECT: The categories below aim to accurately reflect likely sharing scenarios for On 9 Aud while embedding appropriate protective clauses.

Service Providers and Processors

  • Payment partners: Banks, payment service providers, card schemes, e-wallet operators and other financial intermediaries that process deposits, withdrawals, chargebacks and related transactions on our behalf.
  • Technology and hosting providers: Companies providing hosting, cloud storage, content delivery networks, security services, email/SMS gateways and IT support required to operate on9aud-au.com.
  • Gaming and platform providers: Third-party software vendors supplying game content, platforms or related infrastructure components, where necessary for game delivery and fairness controls.
  • Professional advisers: Lawyers, auditors, accountants and consultants engaged to support our business operations, subject to professional confidentiality obligations.

These third parties are generally engaged as "processors" or equivalent and are only permitted to use your personal information in accordance with our instructions and applicable law.

Regulators, Authorities and Legal Recipients

  • Courts, law-enforcement agencies, supervisory authorities and other governmental or regulatory bodies (including, where applicable, Australian authorities) where disclosure is required by law, regulation or a valid legal process.
  • Entities involved in the prevention or investigation of fraud, money-laundering, terrorism financing or other unlawful activities.
  • Third parties to whom disclosure is necessary to establish, exercise or defend legal claims, or to protect our rights, property, users or the public.

Affiliates and Advertising Partners

  • Affiliates and marketing partners: Subject to your consent where required, we may share limited data (e.g., hashed identifiers, marketing engagement metrics) with trusted affiliates or advertising networks to:
    • Track referrals and affiliate commissions;
    • Measure performance of campaigns; and
    • Deliver or optimise targeted advertising related to On 9 Aud.
  • Where Australian or other applicable law requires your prior consent for particular marketing-related sharing or tracking, we will obtain it before such processing begins.

Business Transfers

  • In the event of a proposed or actual merger, acquisition, reorganisation, sale of assets, insolvency or similar corporate event involving On 9 Aud or the operator of on9aud-au.com, your personal information may be disclosed to relevant potential or actual purchasers, their advisers, and any successor entities, subject to appropriate confidentiality protections.

We do not sell your personal information as a standalone commercial product. Any onward sharing is restricted to the categories and purposes described above or otherwise disclosed to you at the time of collection.

International Transfers

OBSERVE: The service appears to operate from outside Australia (likely from or via Curaçao or other offshore jurisdictions) while targeting Australian players. This implies cross-border transfers of personal information.

EXPAND: Australian privacy law (and comparable frameworks) expects that organisations transferring personal information overseas take reasonable steps to ensure that the recipient protects the information consistently with applicable privacy principles.

REFLECT: The Policy must clearly state where data may go, why, and what protections are applied, while acknowledging that specific mechanisms (such as EU Standard Contractual Clauses) are illustrative and may be applied by globally distributed service providers.

Destinations of Transfers

  • Personal information collected through on9aud-au.com may be stored and processed in countries other than Australia, including but not limited to:
    • Probable operational or licensing jurisdictions such as Curaçao;
    • Countries in the European Union/European Economic Area (EU/EEA);
    • The United States, the United Kingdom and other locations where our hosting providers, platform vendors, payment processors or support teams are based.

Safeguards for International Transfers

  • We take reasonable steps to ensure that overseas recipients handle your personal information in a manner consistent with applicable privacy standards, which may include:
    • Entering into written agreements containing data-protection obligations, including where appropriate EU-style Standard Contractual Clauses or equivalent contractual mechanisms;
    • Requiring service providers to implement appropriate technical and organisational security measures;
    • Limiting transfers to what is strictly necessary for the purposes described in this Policy;
    • Conducting due-diligence checks on key service providers' privacy and security practices.
  • Where applicable law treats certain overseas recipients as not offering privacy protections substantially similar to those of your home jurisdiction, we will take additional contractual or organisational measures where reasonably practicable.

By registering an account or using the Website, you acknowledge that your personal information may be transferred, stored and processed outside Australia as described above, subject to these safeguards and applicable legal requirements.

Data Retention

OBSERVE: Both Australian and international standards emphasise that personal information should not be kept longer than necessary. Gambling and AML rules often require defined minimum retention periods for financial and KYC data.

EXPAND: We must balance regulatory obligations (which may mandate multi-year retention) with data minimisation and secure deletion for information that is no longer needed.

REFLECT: The retention periods below are indicative and may be adjusted based on legal requirements in the operator's jurisdiction and, where relevant, Australian law. Where specific legal obligations prescribe a longer period, those obligations will prevail.

General Principles

  • We retain personal information only for as long as reasonably necessary to:
    • Provide the services and manage our relationship with you;
    • Meet legal, regulatory, tax, accounting and reporting obligations; and
    • Protect our rights and manage potential disputes.
  • When personal information is no longer required, we will take reasonable steps to de-identify or securely destroy it, unless retention is required or permitted by law.

Indicative Retention Periods

  • Account and profile data: Normally kept for the duration of your account plus up to 5 years after account closure, to comply with AML/KYC and record-keeping obligations and to manage potential disputes.
  • KYC/identity documentation: Typically retained for 5 - 7 years from the date of the last transaction or account closure, depending on applicable AML/CTF laws.
  • Transaction and payment records: Retained for at least 5 - 7 years to satisfy financial, auditing and tax-related requirements.
  • Marketing data and preferences: Retained while you remain subscribed to marketing communications and for up to 2 years thereafter in anonymised or aggregated form to analyse campaign effectiveness.
  • Technical logs and security data: Retained for a period typically ranging from 6 months to 5 years, depending on the type of log and security context, with longer retention in case of security incidents or investigations.

Where you exercise your rights to deletion or objection, we may retain limited information as necessary to document that we have complied with your request, prevent future contact and meet our legal obligations.

Your Rights

OBSERVE: Although the primary focus is Australia, the requested alignment references GDPR and Mexican privacy concepts (such as ARCO rights). Users should be informed of a comprehensive set of rights that, while expressed using GDPR/Mexico terminology, are delivered in a practical, user-friendly manner.

EXPAND: Key rights include access, rectification, erasure, restriction, objection, data portability and withdrawal of marketing consent. These map broadly to Australian Privacy Principles, GDPR rights and Mexican data-protection frameworks (e.g., Federal Law on Protection of Personal Data Held by Private Parties).

REFLECT: We will provide a unified, high-standard rights framework for On 9 Aud users, while clarifying that the exact legal basis and supervising authorities may vary by user location and operator jurisdiction.

Overview of Your Rights

  • Right of access: You can request confirmation of whether we hold personal information about you and, if so, receive a copy of that information together with an explanation of how it is used.
  • Right to rectification (correction): You can request that inaccurate or incomplete personal information be corrected or updated.
  • Right to deletion ("erasure"): You can request that we delete your personal information in certain circumstances, for example where it is no longer needed for the purposes for which it was collected or where you have withdrawn consent (and there is no other legal basis for processing).
  • Right to restriction of processing: You can ask us to limit the use of your personal information while we investigate your concerns (e.g., regarding accuracy or legality of processing).
  • Right to object: You can object to certain processing activities, including direct marketing and, in some cases, processing based on legitimate interests.
  • Right to data portability: Where technically feasible and applicable, you can request a copy of certain personal information you have provided to us in a structured, commonly used and machine-readable format, and ask us to transmit it to another provider where reasonably possible.
  • Rights regarding automated decision-making: If we use automated decision-making that produces significant effects for you (e.g., certain fraud-screening or risk-based decisions), you may have the right to request human review, express your point of view and contest the decision, subject to applicable law.
  • Right to withdraw consent: Where processing is based on your consent (for example, certain marketing communications), you may withdraw that consent at any time, without affecting prior lawful processing.

How to Exercise Your Rights

  1. Submit your request: Contact us via email at [email protected] with the subject line "Privacy rights request - On 9 Aud". Clearly identify:
    • The right(s) you wish to exercise (e.g., access, correction, deletion);
    • Relevant account identifiers (username, registered email); and
    • Any specific information that will help us locate your records.
  2. Identity verification: For your protection, we may need to verify your identity before fulfilling your request, for example by asking you to confirm account details or provide identification documents.
  3. Response timeframe: We aim to respond to all valid requests within 30 days of receipt. If your request is complex or we receive multiple requests from you, we may extend this period by a reasonable additional time, in which case we will notify you of the extension and reasons.
  4. Fees: We will handle rights requests free of charge. However, we may charge a reasonable fee or refuse to act on a request that is manifestly unfounded, excessive or repetitive, where permitted by law.

Note on Mexican and GDPR alignment: While On 9 Aud primarily targets Australian users, the rights described above broadly align with GDPR rights and the ARCO (Access, Rectification, Cancellation, Opposition) rights recognised under Mexican data-protection law. Users from jurisdictions providing stronger statutory rights will receive the benefit of those rights to the extent required by law and technically feasible.

Cookies & Tracking Technologies

OBSERVE: Cookies are essential for secure sessions and service performance but also raise privacy considerations, particularly where used for analytics and advertising.

EXPAND: Australian law, as well as international best practice, requires clear explanation of cookie types, purposes and controls. Where consent is required, users must have meaningful choices.

REFLECT: The following explanation is intended to help you understand and manage cookies used by on9aud-au.com.

Types of Cookies We Use

  • Strictly necessary (functional) cookies: These session or short-term cookies are required for the Website to function properly (e.g., keeping you logged in, processing bets, securing payment pages). Without them, core features would not work.
  • Preference cookies: Persistent cookies that remember your settings and choices, such as language, region or display preferences, so you do not need to reconfigure them each time you visit.
  • Analytics and performance cookies: First-party or third-party cookies that help us understand how visitors use the Website (pages visited, links clicked, error messages) so we can improve performance and user experience. Data is generally aggregated.
  • Advertising and tracking cookies: Cookies, pixels or similar technologies used, with your consent where required, to deliver or measure personalised offers and marketing, including through affiliates or advertising networks that promote On 9 Aud.

Managing Cookies

  • You can configure your browser settings to:
    • Block all cookies;
    • Accept only certain types of cookies; or
    • Delete cookies when you close your browser.
  • Most browsers provide detailed instructions in their "Help", "Options" or "Settings" menus. Note that disabling strictly necessary cookies may impair your ability to log in, place bets or use key site features.
  • Where we offer an internal cookie or privacy preference panel on on9aud-au.com, you may use it to adjust non-essential cookie settings and withdraw consent for analytics/advertising cookies.

Further information about specific cookies used on the Website may be provided in a dedicated cookie notice or within the on-site preference tools.

Data Security

OBSERVE: Handling gambling-related personal and payment data requires robust security in line with international best practices.

EXPAND: Security controls must address data in transit and at rest, access governance, incident response and staff awareness. References to standards such as ISO 27001 and SOC 2 may be aspirational unless independently certified.

REFLECT: We will describe a strong, layered security approach, while avoiding any claim of formal certification that has not been verified.

Technical and Organisational Measures

  • Encryption in transit: Data transmitted between your browser and on9aud-au.com is protected using industry-standard Transport Layer Security (TLS) protocols (TLS 1.2 or higher), helping to prevent interception and tampering.
  • Encryption at rest: Where technically and operationally feasible, sensitive data (including certain financial and authentication data) is stored in encrypted form using strong cryptographic algorithms.
  • Access controls: Access to personal information is restricted to authorised personnel and service providers who require it for legitimate business purposes, following the principle of least privilege.
  • Authentication and account security: We implement security mechanisms such as secure password hashing and session-management controls. Where multi-factor authentication (MFA) is made available, we strongly encourage users to enable it.
  • Network and system security: Firewalls, intrusion-detection/prevention systems, anti-malware solutions and other technical safeguards are used to protect infrastructure against unauthorised access or malicious activity.
  • Monitoring and auditing: System logs and access records are regularly monitored, and periodic internal reviews or third-party assessments may be conducted to evaluate security controls.
  • Staff training: Personnel who handle personal information receive training on confidentiality obligations, data-protection principles and secure data-handling practices.
  • Incident response: We maintain procedures to detect, investigate and respond to suspected personal-data breaches. Where required by law, we will notify affected individuals and/or relevant authorities of significant breaches without undue delay.

While we strive to follow recognised security practices and frameworks (including controls broadly consistent with standards such as ISO 27001 and SOC 2), no system can be guaranteed 100% secure. You are also responsible for maintaining the confidentiality of your login credentials and promptly notifying us of any suspected unauthorised access to your account.

Complaints & Contacts

OBSERVE: Effective privacy compliance requires clear complaint channels and escalation paths. The instructions specifically reference Mexican and EU regulators; in the Australian context, the Office of the Australian Information Commissioner (OAIC) is the relevant privacy supervisory body.

EXPAND: We must provide a structured, step-by-step complaints procedure, reasonable response times and free-of-charge handling. We should also explain how to escalate issues externally if you remain unsatisfied.

REFLECT: The process below aims to meet high international standards and to reassure users that privacy concerns will be taken seriously by On 9 Aud.

Contacting Us

  • Primary email for privacy matters: [email protected]
  • Website: https://on9aud-au.com - where available, you may use any online contact or feedback forms, indicating that your message relates to privacy.
  • Mailing address: A verified mailing address for the operator is not currently specified. Once published on the Website, that address will constitute the official postal contact for privacy complaints and will be deemed incorporated into this Policy.

Internal Complaint Procedure

  1. Submit your complaint: Send a clear description of your concern (including dates, account details and any relevant evidence) to [email protected] with the subject line "Privacy complaint - On 9 Aud".
  2. Acknowledgement: We will endeavour to acknowledge receipt of your complaint within 7 business days.
  3. Investigation: Your complaint will be reviewed by our Privacy & Data Protection Team or an appropriate senior staff member. We may request additional information to clarify your concerns.
  4. Outcome: We aim to provide you with a substantive response, including any proposed resolution or corrective action, within 30 days of receiving your complete complaint. If we are unable to meet this timeframe due to complexity or other factors, we will inform you of the delay and provide an updated timeframe.

Escalation to Supervisory Authorities

If you are not satisfied with our response or believe that we are not handling your personal information in accordance with applicable law, you may have the right to lodge a complaint with a relevant data-protection authority. Examples include:

  • Australia - Office of the Australian Information Commissioner (OAIC):
  • European Union: If you are located in an EU Member State, you may contact your local Data Protection Authority (DPA). Contact details are available via the European Data Protection Board (EDPB) site: https://edpb.europa.eu.
  • Mexico: If you are subject to Mexican data-protection law, you may contact the National Institute for Transparency, Access to Information and Personal Data Protection (INAI). See https://home.inai.org.mx for current contact details.

The availability and jurisdiction of specific regulators may depend on your location and on the legal status of the operator. Nothing in this Policy restricts any rights you may have to seek other forms of legal redress under applicable law.

Updates

OBSERVE: Online services and regulatory environments change over time. Privacy policies must be kept current and users informed of material changes, especially where new processing activities are introduced.

EXPAND: A transparent update mechanism should include versioning, change notification and reasonable advance notice for significant modifications, along with user options to object or close accounts.

REFLECT: The process below aims to provide clarity about how and when this Privacy Policy may change for On 9 Aud and users of on9aud-au.com.

Policy Changes and Version Control

  • We may update this Privacy Policy from time to time to reflect:
    • Changes to our services, technologies or business practices;
    • Clarifications based on feedback from users or regulators;
    • New or updated legal and regulatory requirements in Australia or other relevant jurisdictions; and
    • Formal disclosure of the operator's corporate identity, licensing information or contact details.
  • Each version of the Policy will be identified by the "Last updated" date shown below.

Notification of Material Changes

  • For non-material updates (e.g., editorial clarifications, minor organisational changes), we will post the revised Policy on the Website and update the "Last updated" date.
  • For material changes that significantly affect how your personal information is processed (for example, new categories of data, new purposes, or major changes in sharing practices), we will:
    • Provide notice via prominent banners or pop-ups on on9aud-au.com;
    • Where feasible, send email notifications to the address registered on your account; and/or
    • Display alerts in your account dashboard (where available).
  • Where required by law, or where changes are likely to have a substantial impact on you, we will provide reasonable advance notice (normally at least 30 days) before the changes take effect, unless immediate implementation is required for legal or security reasons.

Your Options

  • By continuing to use the Website after the effective date of an updated Privacy Policy, you will be deemed to have accepted the changes, to the extent permitted by law.
  • If you do not agree with material updates, you may:
    • Adjust your privacy settings or marketing preferences (where options are provided);
    • Contact us to exercise your rights under the "Your Rights" section; and/or
    • Close your account and cease using the services, subject to any applicable withdrawal, verification or legal-compliance requirements.

Last updated: January 2026