Goldex Privacy Policy

Last updated: June 2, 2026

This privacy policy explains how NovaForge LTD, operating the NaoBet platform, collects, processes, stores and protects personal data submitted by users accessing the Goldex service. The policy applies to all interactions with the casino, sportsbook, live betting, virtual sports and account management features provided through the platform.

By registering an account or using any part of the service, users consent to data processing as described in this document. This policy reflects operational practices, legal obligations under the Anjouan remote gambling licence ALSI-152406028-FI2, and compliance with international data protection standards applicable to offshore operators serving Australian players.

Interpretation and Definitions

This section clarifies key terms used throughout the privacy policy. Definitions connect legal language to real user actions and interactions with the platform.

Defined Terms

Personal data refers to information that can identify an individual user. This includes identity details, contact information, financial records, device identifiers and browsing activity. Data processing covers any action taken with personal data, including collection, storage, use, sharing, transfer and deletion.

The account refers to the user profile created during registration. It stores personal details, transaction history, bonus records, gaming activity and communication preferences. The device includes any computer, tablet or smartphone used to access the service, along with associated IP addresses, browser type and operating system.

Service and User Identity

The service refers to the Goldex casino and sportsbook platform operated by NovaForge LTD under the NaoBet brand. User identity encompasses the combination of email, password, personal details, date of birth, country, phone number and payment ownership proof submitted during registration and verification.

The controller is NovaForge LTD, the legal entity responsible for determining how personal data is processed. Third parties include service providers, payment processors, analytics platforms and regulators who receive data for specific operational purposes.

Data Collection Methods

Goldex collects personal data through multiple channels during registration, account use, gameplay, transactions and customer support interactions. Data is captured automatically through technical systems and manually through forms submitted by users.

Registration Data

When users create an account, they provide email, password, personal details, date of birth, country and currency selection. Optional fields include promo code entry, marketing opt-in status, phone verification and two-factor authentication setup. This information establishes user identity and enables account access.

Identity data must match official documents submitted during KYC checks. Mismatched details can trigger account review, delay withdrawals or lead to account closure. The platform requires one account per player, household, address, phone number, email and IP address.

Technical and Usage Data

The platform automatically collects device identifiers, IP addresses, browser type, operating system, screen resolution, language settings and time zone. Usage data tracks pages visited, games played, bet types placed, session duration, click patterns and navigation paths.

This data supports account security, fraud prevention, payment processing, bonus compliance and platform performance monitoring. Technical data helps detect VPN or proxy use, duplicate accounts, irregular betting patterns and automated gameplay attempts.

Transaction and Payment Data

Financial data includes payment method details, deposit amounts, withdrawal requests, transaction timestamps, currency conversions, processing fees and payment ownership proof. The platform collects card numbers, bank account details, Interac e-Transfer identifiers and transaction history.

Payment data is processed by third-party payment processors who maintain separate security protocols. Goldex stores transaction records but does not retain full card numbers or sensitive payment credentials beyond what is required for dispute resolution and AML compliance.

Purposes of Data Processing

Goldex processes personal data to deliver casino and sportsbook services, manage accounts, ensure security, comply with legal obligations and improve user experience. Each processing purpose connects to specific operational functions.

Service Provision and Account Management

Data is used to create and maintain user accounts, authenticate logins, process deposits and withdrawals, activate bonuses, track wagering progress and manage VIP level upgrades. Account data enables personalized game recommendations, balance updates, transaction history display and notification delivery.

Gameplay data tracks pokies spins, live casino rounds, sportsbook bets and accumulator selections. This information calculates winnings, applies bonus rules, detects irregular play patterns and enforces betting limits during active promotions.

Security and Fraud Prevention

The platform monitors account activity for signs of duplicate accounts, VPN or proxy use, payment mismatches, bonus abuse, automated betting scripts and account sharing. Security systems analyze login patterns, device fingerprints, betting behavior and withdrawal timing.

Data processing supports identity verification through KYC checks, which can be triggered during deposit review, withdrawal requests, payment verification, risk events or profile changes. Enhanced AML reviews apply transaction history and source-of-funds documentation when large deposits, large withdrawals or unusual activity occur.

Communication and Marketing

Contact data enables account notifications, transaction confirmations, bonus updates, promotional offers and customer support responses. Users who opt into marketing communications receive emails about reload bonuses, free spins, cashback offers and tournament invitations.

Marketing messages are tailored based on gameplay preferences, deposit frequency, favourite game categories and previous bonus participation. Users can unsubscribe from promotional emails at any time through account settings or email footer links.

Legal Compliance and Reporting

Data is processed to meet obligations under the Anjouan remote gambling licence ALSI-152406028-FI2, AML regulations, responsible gambling requirements and age verification standards. The platform maintains records for regulatory audits, dispute resolution and licence compliance reporting.

Personal data may be disclosed to the Gaming Board of Anjouan, financial authorities, law enforcement agencies and dispute resolution bodies when legally required or when investigating suspected fraud, money laundering or underage gambling attempts.

Legal Basis for Processing

Goldex processes personal data under four primary legal grounds: consent, contractual necessity, legal obligation and legitimate interests. Each basis applies to specific data types and processing activities.

Consent

Users provide consent when accepting the privacy policy during registration. Consent covers the collection and use of personal data for service delivery, account management, transaction processing and security monitoring. Users can withdraw consent by closing their account, though this ends access to the platform.

Marketing consent is obtained separately through opt-in checkboxes during registration or account settings. Withdrawal of marketing consent does not affect core service provision but stops promotional communications.

Contractual Necessity

Processing is necessary to fulfill the terms of service agreement between the user and NovaForge LTD. This includes account creation, deposit and withdrawal processing, bonus activation, game access, bet settlement and customer support provision.

Without this processing, the platform cannot deliver casino and sportsbook services. Users who refuse essential data processing cannot register or maintain an active account.

Legal Obligation

Processing is required to comply with Anjouan licensing conditions, AML regulations, age verification laws and responsible gambling standards. This includes identity verification, transaction monitoring, record retention and regulatory reporting.

Data may be disclosed to regulators, financial authorities or law enforcement when legally mandated. Refusal to provide data required for compliance can result in account suspension or closure.

Legitimate Interests

The platform processes data to protect against fraud, detect bonus abuse, prevent duplicate accounts, enforce betting limits and improve service quality. Legitimate interests include maintaining platform security, ensuring fair play and optimizing user experience.

Processing under legitimate interests is balanced against user privacy rights. Users can object to processing for marketing or analytics purposes, though security-related processing cannot be restricted without closing the account.

Data Sharing and Disclosure

Goldex shares personal data with service providers, payment processors, analytics platforms, regulators and legal authorities when necessary for operational, compliance or legal purposes. Data is not sold to third parties for marketing purposes.

Service Providers and Payment Processors

Third-party providers handle website hosting, payment processing, email delivery, customer support systems and analytics platforms. These providers access personal data only to perform specific services and are contractually obligated to protect user information.

Payment processors receive transaction details, card information and bank account identifiers to facilitate deposits and withdrawals. Providers operate under their own privacy policies and security standards, though Goldex requires compliance with industry-standard data protection practices.

Affiliates and Business Partners

Data may be shared within the NovaForge LTD operator cluster for consolidated account management, fraud prevention and operational efficiency. Shared information includes account status, transaction history, verification records and bonus activity.

Business partners, including game providers such as Pragmatic Play, Red Tiger, Microgaming, Evoplay, OnAir, Hacksaw, Spinomenal, Amusnet, Yggdrasil, BGaming, Betsoft, Playson and Stakelogic, receive anonymized gameplay data for platform integration and performance monitoring.

Regulators and Legal Authorities

Personal data is disclosed to the Gaming Board of Anjouan for licence compliance reporting. Transaction records, identity documents and source-of-funds documentation may be shared with financial authorities during AML investigations.

Law enforcement agencies may request data in connection with fraud investigations, criminal proceedings or court orders. Goldex cooperates with legal requests when supported by valid jurisdiction-specific legal authority.

Data Retention and Deletion

Goldex retains personal data for the duration necessary to provide services, comply with legal obligations and resolve disputes. Retention periods vary based on data type, regulatory requirements and operational needs.

Active Account Data

Account information, transaction history, gameplay records and communication logs are retained while the account remains active. Users who close their account trigger a retention review, after which non-essential data is deleted.

Identity documents, proof of residence and payment ownership proof submitted during KYC checks are retained for regulatory purposes even after account closure. These records support compliance audits, dispute resolution and AML reporting obligations.

Regulatory and Compliance Records

Transaction data, identity verification records and AML documentation are retained for a minimum of five years following account closure or the last transaction, whichever is later. This retention period aligns with offshore licence requirements and international AML standards.

Marketing consent records, support chat logs and promotional activity data are deleted within two years of account closure unless required for ongoing dispute resolution or regulatory investigation.

Deletion and Anonymization

Users can request data deletion by contacting customer support. Deletion requests are processed within 30 days, subject to legal retention obligations. Data subject to regulatory or legal holds cannot be deleted until those obligations expire.

Anonymized data used for analytics, platform performance monitoring and game optimization is not subject to deletion requests, as it no longer identifies individual users.

User Rights and Data Control

Users have the right to access, correct, delete, restrict and port their personal data. These rights can be exercised through account settings or by submitting a request to customer support.

Access and Rectification

Users can view their personal data through account settings, including profile details, transaction history, bonus activity and communication preferences. Requests for comprehensive data exports can be submitted to support and are fulfilled within 30 days.

Incorrect or outdated information can be updated directly in account settings. Changes to identity details such as name, date of birth or address may trigger KYC review to ensure data accuracy and prevent fraud.

Erasure and Restriction

Users can request deletion of personal data by closing their account. Deletion is subject to legal retention obligations, and data required for compliance, dispute resolution or regulatory reporting cannot be removed until retention periods expire.

Restriction requests limit how data is processed without full deletion. Users can restrict marketing communications, analytics tracking or certain data sharing arrangements while maintaining account access.

Data Portability and Objection

Users can request a copy of their personal data in a structured, machine-readable format for transfer to another service. Portability requests are processed within 30 days and delivered via secure email or account download.

Users can object to data processing for marketing or analytics purposes. Objections to processing required for service provision, security or legal compliance cannot be accommodated without closing the account.

Security Measures and Data Protection

Goldex implements technical and organizational measures to protect personal data from unauthorized access, loss, misuse and disclosure. Security systems operate at multiple layers, covering data transmission, storage and internal access controls.

Encryption and Secure Transmission

All data transmitted between user devices and the platform is encrypted using SSL/TLS protocols. This protects login credentials, payment details, account information and gameplay data from interception during transmission.

Stored data is encrypted at rest using industry-standard encryption algorithms. Payment information, identity documents and sensitive account details receive additional encryption layers to prevent unauthorized access in the event of a security breach.

Access Control and Internal Monitoring

Access to personal data is restricted to authorized personnel who require it for operational, compliance or support purposes. Internal systems log all access events, enabling audit trails and anomaly detection.

Fraud prevention systems monitor account activity for signs of unauthorized access, including unusual login locations, device changes, rapid transaction patterns and betting behavior inconsistent with previous activity. Alerts trigger account review, temporary suspension or mandatory password resets.

Limitations of Security Systems

No security system can guarantee absolute protection. Users are responsible for maintaining the confidentiality of their login credentials, enabling two-factor authentication where available and reporting suspicious account activity immediately.

The platform cannot protect against user actions such as sharing passwords, accessing accounts from compromised devices or falling victim to phishing attempts. Security breaches caused by user negligence are not covered by platform liability provisions.

Cookies and Tracking Technologies

Goldex uses cookies, web beacons, device fingerprints and similar technologies to enable platform functionality, personalize user experience, analyze traffic and support marketing campaigns. Users can control cookie settings through browser preferences.

Cookie Categories

Third-Party Tracking

Analytics platforms, payment processors and game providers may set their own cookies when users interact with embedded content or payment forms. These third parties operate under separate privacy policies and data practices.

Users can block third-party cookies through browser settings, though this may affect payment processing, game loading and promotional offer eligibility. Cookie preferences do not affect essential platform functions such as login and transaction processing.

User Control and Deactivation

Users can manage cookie preferences through browser settings, including options to block all cookies, accept only first-party cookies or receive notifications before cookies are set. Mobile users can control tracking through device privacy settings.

Disabling non-essential cookies does not affect account access or core gameplay but may reduce personalization, promotional targeting and analytics accuracy. Changes to cookie settings take effect immediately but do not delete cookies already stored on the device.

Third-Party Links and External Services

The platform may contain links to external websites, affiliate partners, payment processors and social media channels. Goldex is not responsible for the privacy practices, content or security of third-party sites.

Users who follow external links leave the Goldex service and enter platforms governed by separate privacy policies, terms of service and data protection standards. Personal data shared with third parties is subject to their collection, use and disclosure practices.

Before submitting information to external sites, users should review the applicable privacy policy and terms. Goldex does not monitor, control or endorse third-party data handling practices and cannot be held liable for data breaches, misuse or unauthorized access occurring on external platforms.

Minors and Age Verification

Goldex prohibits underage gambling and restricts access to users aged 18 years and older. The platform implements age verification measures during registration and may request identity documents to confirm user age.

Age Restriction Policy

Registration requires date of birth confirmation, and accounts submitted with false age information are subject to immediate closure. Users found to be under 18 years at the time of registration will have their accounts permanently closed, and all deposits will be returned.

The platform does not knowingly collect personal data from minors. If a user under 18 years is identified, all associated data is deleted after account closure and deposit return, except for records required for compliance and fraud prevention purposes.

Parental and Guardian Controls

Parents or guardians who discover that a minor has accessed the service using false information should contact customer support immediately. The account will be closed, deposits returned and access permanently blocked.

The platform cooperates with parents, guardians and authorities to prevent underage gambling and enforce age restrictions. Reports of minors using the service are investigated promptly, and measures are taken to prevent future access from the same household or device.

Policy Updates and Amendments

Goldex reserves the right to update this privacy policy to reflect changes in operational practices, legal obligations, regulatory requirements or platform features. Updates are published on the site with a revised effective date.

Notification Methods

Users are notified of significant policy changes through account email, in-platform notifications or prominent homepage announcements. Minor updates, such as clarifications or formatting changes, may be implemented without individual notification.

Continued use of the platform after a policy update constitutes acceptance of the revised terms. Users who do not agree with updated terms should close their account before the effective date of the changes.

Review and Compliance

Users are encouraged to review this policy periodically to stay informed about data practices and rights. The most current version is always available through the footer link on all platform pages.

Questions about policy updates, changes in data handling or new processing activities can be directed to customer support or the data protection contact provided in this document.

Contact Information for Privacy Requests

Users can submit privacy-related inquiries, data access requests, deletion requests, objections and complaints through customer support channels. The platform processes privacy requests within 30 days of receipt.

Support Channels

Request Processing and Response

Privacy requests are reviewed and processed within 30 days of submission. Complex requests or those requiring legal review may take up to 60 days, with users notified of any delay.

Users must verify their identity before data access or deletion requests are fulfilled. Verification may require submission of identity documents, account details or security question responses to prevent unauthorized data disclosure.