burger icon
Shazam Review Australia
Log In

Privacy Policy

This privacy policy explains how Shazam, operated via the website shazam-au.com, collects, uses, stores, and discloses personal information of website visitors and users of our review and information services relating to the Shazam brand. It applies to all visitors to our website and to individuals who contact us by email or via any other channels linked from this site. This policy is effective as of 1 January 2026 and replaces any previous privacy notices published on this domain.

Who We Are

Observe: The project domain is shazam-au.com, the brand name is Shazam, and the operator company identified in licensing information is Alistair Solutions N.V. The Australian presence is as an informational/review site, not as a licensed gambling operator in Australia.

Expand: As the underlying gambling operator (Alistair Solutions N.V.) is licensed in Curaçao and listed on the ACMA blocked sites register for Australian players, it is important to distinguish between: (a) the gambling operator, and (b) this Australian-facing review and information service. The contact information available for this site is an email address only; no verified postal or office address is provided.

Reflect: We clearly state who controls data for Shazam, how to contact us, and clarify that we are not licensed in Australia to provide gambling services.

Data controller for Shazam

The data controller for personal information collected through https://shazam-au.com (the "Website") is:

  • Trading/project name: Shazam (Shazam AU review brand)
  • Operator / owning company (gambling brand licence holder: Alistair Solutions N.V., a private limited liability company incorporated under the laws of Curaçao, holder of sub-licence GLH-OCCHKTW0706152021 under licence 365/JAZ (Gaming Curaçao / Antillephone)
  • Registered / legal address: not publicly specified by the operator in the materials available to us. For any privacy-related correspondence, please use the email contact below.

Important regulatory note for Australian users

The Shazam gambling brand associated with Alistair Solutions N.V. is not licensed in Australia and is listed on the Australian Communications and Media Authority (ACMA) blocked gambling sites register as operating in breach of the Interactive Gambling Act 2001. The Website is an informational and review resource and does not itself provide gambling services or process bets for Australian residents.

Data Protection Contact

  • Email (main contact / privacy inquiries): [email protected]
  • Phone: not specified
  • Mailing address: not specified; please contact us by email in the first instance.

For the purposes of this policy, references to "we", "us" or "our" refer to Shazam as operated through shazam-au.com in connection with the Shazam brand.

What Personal Data We Collect

Observe: The Website collects data from visitors, including technical identifiers and interaction data. We may also receive limited personal details when users contact us. In addition, some data may be collected by third-party partners (analytics, advertising, dispute resolution links, etc.).

Expand: We need to differentiate clearly between data collected through shazam-au.com and any data that may be processed by the underlying gambling operator or third-party services that users access by following links (e.g., payment providers, Central Disputes System, or research institutions such as the Australian Institute of Family Studies). On our side, we typically handle website usage data, cookies, and correspondence data.

Reflect: The following categories of personal and technical data may be collected in relation to Shazam.

Personal identification and contact data

  • Basic contact details: If you choose to contact us (for example, via email), we may collect:
    • Full name (if provided)
    • Email address
    • Any phone number or other contact detail you voluntarily include in your message
  • User-generated content: Any information you provide in free-text fields, support requests, complaints, or feedback, which may incidentally contain additional personal data.

Technical and usage data

  • Technical identifiers:
    • IP address
    • Device information (device type, operating system, browser type and version)
    • Language and region settings
  • Server logs: Date and time of access, pages viewed, referral URL, approximate geolocation derived from IP address (country/region level), error logs, and interaction with site security mechanisms.

Behavioural and interaction data

  • On-site behaviour: Clicks, scrolls, time spent on each page, navigation paths, and interactions with banners or external outbound links (for example to Shazam Casino, Central Disputes System, or research reports such as AIFS studies).
  • Marketing and preference data: Your preferences regarding cookies, marketing communications (if any subscription function becomes available), and feedback regarding our content.

Payment and gambling-related data

  • Directly via shazam-au.com: We do not collect or process payment card details, bank account numbers, or detailed betting history on the Website itself.
  • Via third-party gambling services: If you follow links from shazam-au.com to gambling operators (including Shazam Casino) or payment providers, those third parties may collect:
    • Payment data (card details, e-wallet information, bank details)
    • Detailed betting and transaction history
    • KYC/AML documentation (identity documents, proof of address)
    Those activities are governed by the privacy policies of the respective third parties, and we do not control their data handling.

Cookies and similar technologies

  • Cookies: Small text files stored on your device containing identifiers and preference information.
  • Tracking pixels / tags: Code embedded on pages to measure traffic and conversion events.
  • Analytics tools: Third-party analytics that may use cookies or similar technologies to understand usage patterns and improve our Website.

Legal Basis for Processing

Observe: The Website targets Australian users and provides information about an overseas-gambling brand that is not licensed locally. Privacy obligations arise primarily from general privacy and consumer law principles, with additional alignment to international standards (e.g., GDPR principles) where users' rights are concerned.

Expand: We must set out the legal bases on which we process different kinds of personal information, including consent, contract, legitimate interests, and legal obligations. Although we are not a licensed Australian gambling operator, we must align processing activities with fair and lawful processing principles and clearly justify each basis.

Reflect: Our processing rests on the following legal grounds, depending on the context.

  • Consent
    • We rely on your explicit consent for:
      • Non-essential cookies and similar technologies used for analytics and advertising.
      • Receiving marketing communications about the Shazam brand or related offers (if we introduce any subscription function).
    • You may withdraw your consent at any time (see "Your Rights"). Withdrawal does not affect the lawfulness of processing prior to withdrawal.
  • Performance of a contract or pre-contractual steps
    • Where we provide you with information, customer support, or respond to your queries, we process your contact and communication data as necessary to:
      • Provide the requested information or assistance; and
      • Manage any ongoing exchanges with you.
    • If specific terms of use or user agreements are concluded with you in relation to the Website, our processing may be necessary to fulfil those terms.
  • Legitimate interests
    • We may process your data where necessary for our legitimate interests, provided they are not overridden by your rights and interests. These include:
      • Securing and maintaining the integrity of the Website, including detection, prevention, and investigation of fraud, abuse, or technical issues.
      • Analysing Website performance and audience engagement to improve our services and content quality.
      • Documenting interactions and complaints for quality assurance and dispute handling.
    • Where we rely on legitimate interests, we balance our interests against your privacy expectations and apply appropriate safeguards (e.g., aggregation, pseudonymisation where feasible).
  • Compliance with legal obligations
    • We may be required to retain or disclose certain data to:
      • Respond to lawful requests from regulators, law enforcement, courts, or other public authorities in applicable jurisdictions.
      • Comply with consumer protection, anti-money laundering (AML), or know-your-customer (KYC) requirements to the extent these are engaged through our relationship with the underlying gambling operator or related service providers.
      • Maintain appropriate business records and respond to legal claims.

Purpose of Processing

Observe: User data is collected primarily to run the Website, provide information and support, conduct analytics, and manage risk. Additional purposes may include compliance and limited marketing where lawful.

Expand: Given the sensitivity of gambling-related content and the fact that the Shazam brand is blocked for Australian players, it is important that our processing purposes avoid promoting unlawful gambling and remain focused on informational, analytical, and support functions.

Reflect: We describe each purpose clearly and link it to the categories of data we process.

  • Providing and operating the Website and services
    • To display content and reviews relating to Shazam and similar services.
    • To route traffic correctly, manage load, and ensure technical functionality.
    • Data used: technical data, cookies (essential), server logs.
  • Responding to inquiries and providing support
    • To reply to questions sent to [email protected], including privacy requests, complaints, or feedback.
    • Data used: identification and contact data, communication content and metadata.
  • Website improvement and analytics
    • To understand how visitors use the Website, which pages are most visited, and where users encounter technical issues or confusing content.
    • To develop, test, and refine features and informational materials, including responsible gambling information.
    • Data used: behavioural data, technical data, analytics cookies (subject to consent, where required).
  • Marketing and promotional communications
    • To send you information about our content or promotional offers related to the Shazam brand if you have actively signed up to receive such communications.
    • To measure the effectiveness of marketing campaigns and referral links.
    • Data used: contact details, marketing preferences, limited behavioural data; used only where allowed by law and based on consent or legitimate interests as applicable.
  • Fraud prevention, security, and risk management
    • To protect the Website, infrastructure, and users from fraud, abuse, and security incidents (e.g., DDoS attacks, credential stuffing, automated scraping).
    • To monitor for possible misuse in relation to ACMA blocking measures and other regulatory restrictions.
    • Data used: IP address, logs, device data, and behaviour patterns indicative of misuse.
  • Compliance, enforcement, and dispute resolution
    • To comply with potentially applicable obligations in relevant jurisdictions, including requests from ACMA or other regulators.
    • To record and resolve disputes or complaints relating to the Website, referral relationships, or information accuracy.
    • Data used: user communications, logs, and any documentation relevant to the matter.

Disclosure & Sharing

Observe: Data sharing occurs with third-party providers such as hosting, analytics, advertising networks (subject to consent), and in certain circumstances with regulators and dispute resolution bodies. For gambling-specific matters, users may be directed to independent dispute providers such as Central Disputes System.

Expand: We must describe, in a transparent manner, the categories of recipients and the safeguards in place. Given the ACMA listing and cross-border nature of services, it is important to highlight that some data may be processed or stored outside Australia (e.g., in the EU, UK, Curaçao, or the US).

Reflect: We do not sell your personal data. We share personal information only where necessary and subject to appropriate safeguards.

  • Service providers (processors)
    • Hosting and infrastructure providers: Companies that host our servers, provide content delivery networks, and maintain our technical environment.
    • Analytics and performance tools: Third-party tools used to analyse traffic and user behaviour on the Website.
    • IT security and maintenance providers: Entities that support us in monitoring, securing, and maintaining systems.
    • These providers are engaged under contractual terms requiring them to:
      • Process data only on our instructions;
      • Maintain confidentiality and adequate security;
      • Not use data for their own purposes without your consent.
  • Affiliates and business partners
    • Gambling operators and affiliate partners: Where permitted by law, we may share limited data (typically aggregated or pseudonymised referral statistics) with gambling brands and partners, including Shazam, to:
      • Measure conversions and performance of our affiliate links;
      • Settle commissions and verify traffic sources.
    • We do not provide gambling operators with direct access to your identity or contact information collected solely via shazam-au.com, unless:
      • You explicitly request or consent to such sharing; or
      • It is strictly necessary for resolving a complaint or dispute, and appropriate safeguards are in place.
  • Advertising and marketing networks
    • Where we use third-party advertising technologies, they may collect or receive information from our Website and other Internet sources to provide measurement services and deliver targeted ads, subject to your cookie choices.
    • Such sharing typically involves cookies or online identifiers rather than directly identifying information.
  • Regulators, authorities, and legal counterparties
    • We may disclose data where required by law or in response to valid legal requests, including from:
      • Regulators and enforcement agencies (e.g., ACMA in Australia, relevant authorities in Curaçao or the EU).
      • Civil courts, arbitrators, or other dispute-resolution bodies.
    • We may also share data to establish, exercise, or defend legal claims, or to investigate and prevent suspected unlawful activities or breaches of applicable rules.
  • Independent dispute resolution bodies
    • If you pursue a dispute concerning the underlying Shazam gambling service, you may be referred to third-party dispute resolution services such as Central Disputes System or others mandated by the licence holder.
    • Any personal data you provide directly to such bodies is handled under their own privacy policies. We may, on your request and where lawful, share limited contextual information with them to help facilitate resolution.
  • Business transfers
    • In the event of a reorganisation, merger, acquisition, or transfer of the Website or associated assets, personal data may be transferred to the relevant successor entity, subject to the requirement that it continues to be used in a manner consistent with this policy.

International Transfers

Observe: Our hosting, analytics, and affiliate partners may be located in various jurisdictions. The gambling operator is based in Curaçao and uses a licence regime associated with the Caribbean Netherlands. External research references and dispute resolution bodies may be based in the EU, UK, or other regions.

Expand: Although Australian law allows transfers abroad, we should align our practice with international standards such as the GDPR, explaining safeguards like contractual clauses and risk assessments, even where these are not formally mandated.

Reflect: We ensure that, when personal information is transferred outside your country, it is subject to an appropriate level of protection.

  • Locations of processing
    • Your personal data may be processed in:
      • Australia (where services or networks are accessed from, or where regulators operate);
      • Member states of the European Economic Area (EEA) and the United Kingdom;
      • Curaçao and other Caribbean jurisdictions associated with licence 365/JAZ;
      • The United States or other countries where third-party service providers (such as cloud hosting, analytics, or email services) maintain their infrastructure.
  • Safeguards for international transfers
    • Where we transfer personal data from jurisdictions with transfer restrictions (e.g., from the EEA/UK), we rely on appropriate safeguards, such as:
      • Standard Contractual Clauses (SCCs) approved by the European Commission or equivalent UK transfer mechanisms;
      • Contractual commitments requiring recipients to maintain equivalent standards of data protection and security;
      • Technical measures such as encryption and access controls to limit risks to data in transit and at rest.
    • We monitor developments in international data transfer law and adjust our practices as required.
  • User responsibilities
    • By using the Website and providing personal data, you acknowledge that it may be processed in countries outside your own, which may have different data protection laws. Where required by law, we will seek your explicit consent for such transfers.

Data Retention

Observe: We must retain personal data only for as long as necessary for the purposes described, while also observing regulatory and contractual requirements that may require longer retention (for example, for dispute handling and recordkeeping).

Expand: Because the Website is informational and not a full gambling platform, retention periods for data collected through shazam-au.com can generally be shorter than those for full transactional systems. Nonetheless, AML/KYC-related data processed in cooperation with the gambling operator may be subject to multi-year retention requirements.

Reflect: We set default retention periods and explain criteria for earlier deletion or anonymisation.

  • Contact and communication data
    • Emails and related correspondence are generally retained for up to 5 years from the date of the last interaction, to:
      • Respond to follow-up queries;
      • Resolve complaints or disputes;
      • Maintain evidence of communications for legal purposes.
    • Where there is no ongoing need (for example, a simple enquiry fully resolved), we may delete or anonymise the correspondence sooner.
  • Technical logs and security data
    • Standard web server logs are typically retained for 6 to 24 months, depending on the criticality of the system and security requirements.
    • Logs relevant to specific incidents, investigations, or legal matters may be retained for the duration of the matter and for up to 7 years thereafter where legally necessary.
  • Analytics and behavioural data
    • Analytics data linked to cookies or similar identifiers is usually retained in an identifiable form for up to 24 months, after which it may be aggregated or anonymised for long-term trend analysis.
  • Marketing data
    • Information about your marketing preferences and consent status is retained while you remain subscribed and for a short period (generally up to 2 years) after you unsubscribe, solely to maintain records of your choices.
  • Dispute and compliance records
    • Where data is relevant to ongoing or reasonably anticipated legal, regulatory, or dispute matters (for example, ACMA inquiries, Central Disputes System involvement, or court proceedings), we may retain such data for as long as necessary to protect our rights and comply with binding obligations, generally not exceeding 7 years after resolution.
  • Deletion criteria
    • Data is securely deleted or irreversibly anonymised when:
      • The applicable retention period expires;
      • It is no longer required for any of the purposes described in this policy;
      • You successfully exercise your right to erasure and no overriding lawful grounds for retention apply.

Your Rights

Observe: Users should have accessible rights to control their personal information. While Shazam is focused on Australian users, the requested alignment refers to GDPR-style rights and also mentions Mexican law, although we primarily operate under AU and international standards.

Expand: We will outline a rights framework comparable to GDPR (access, rectification, erasure, restriction, objection, portability, withdrawal of consent) and explain processes and timeframes. References to Mexican regulations are included for completeness where our processing may interact with users located in Mexico or where partners are subject to such law; however, this Website does not actively target the Mexican market.

Reflect: The following rights are available to you, subject to applicable law, and are exercised free of charge.

Access, correction, and deletion

  • Right of access: You may request confirmation of whether we process your personal data and obtain a copy of such data, together with information about how we use it.
  • Right to rectification: You may request that inaccurate or incomplete personal data be corrected or completed.
  • Right to erasure ("right to be forgotten"): You may request deletion of your personal data, particularly where:
    • The data is no longer necessary for the purposes for which it was collected;
    • You withdraw consent and there is no other legal basis for processing;
    • You validly object to processing and there are no overriding legitimate grounds;
    • The data has been unlawfully processed.
    We may retain certain information where necessary for compliance with legal obligations or for the establishment, exercise, or defence of legal claims.

Restriction, objection, and portability

  • Right to restriction of processing: You may request that we limit the processing of your personal data (e.g., temporarily suspend use) where:
    • You contest the accuracy of the data;
    • Processing is unlawful but you oppose deletion;
    • We no longer need the data but you require it for legal claims;
    • You have objected to processing and verification of our legitimate grounds is pending.
  • Right to object: You may object at any time to:
    • Processing based on our legitimate interests, on grounds relating to your particular situation;
    • Processing for direct marketing purposes, including profiling to the extent related to direct marketing. If you object to direct marketing, we will stop such processing.
  • Right to data portability: Where processing is based on your consent or on a contract and is carried out by automated means, you may request a copy of the personal data you have provided to us in a structured, commonly used, machine-readable format, and ask us to transmit this data to another controller where technically feasible.

Consent management and marketing preferences

  • Withdrawal of consent: If we rely on your consent (for example, for optional analytics cookies or marketing emails), you may withdraw that consent at any time by:
    • Adjusting your cookie settings through the tools we provide or via your browser; or
    • Using unsubscribe links in emails or contacting us at [email protected].
  • Withdrawal will not affect the lawfulness of processing prior to withdrawal but will apply going forward.

Procedures, timeframes, and cost

  • How to exercise your rights: You can exercise any of the rights described above by contacting us at [email protected] and clearly stating:
    • Your identity (we may ask for reasonable information to verify it);
    • The right you wish to exercise; and
    • Any relevant details that can help us locate your data.
  • Response timeframe: We aim to respond to all valid requests within 30 days of receipt. Where requests are complex or numerous, we may extend this period by a further 30 days, in which case we will inform you of the extension and reasons.
  • Fees: Requests are handled free of charge. However, we may charge a reasonable fee or refuse to act on requests that are manifestly unfounded, excessive, or repetitive.

Note on Mexican and EU privacy alignment

  • While Shazam is focused on Australian users, some principles in this policy (including the rights listed above) align with high-level standards from the EU General Data Protection Regulation (GDPR) and comparable international frameworks.
  • Where users are located in jurisdictions such as Mexico or EU member states, we will consider applicable local data protection rules in responding to rights requests, in addition to the standards described here. For Mexico, this may include principles similar to those in the Federal Law on Protection of Personal Data Held by Private Parties, such as rights of access, rectification, cancellation, and opposition (ARCO rights).

Cookies & Tracking Technologies

Observe: The Website uses cookies and similar technologies to enable core functions, remember preferences, and perform analytics and possibly advertising.

Expand: We must classify cookies by duration (session, persistent) and by purpose (strictly necessary, functional, analytics, advertising). For Australian users, transparency and opt-out mechanisms are important, particularly for marketing and profiling.

Reflect: We explain the categories used and how users can manage them.

Types of cookies used

  • Session cookies:
    • Temporary cookies that exist only for the duration of your browsing session and are deleted when you close your browser.
    • Used for basic functions such as navigating pages and maintaining temporary preferences.
  • Persistent cookies:
    • Cookies that remain on your device for a specified period or until you delete them.
    • Used for remembering your choices (e.g., cookie preferences), recognising returning visitors, and compiling aggregated statistics.
  • First-party cookies:
    • Set directly by shazam-au.com to support core functionality and security.
  • Third-party cookies:
    • Set by third-party domains (e.g., analytics providers, advertising networks, social media platforms) to provide measurement, analytics, and ad-related services.

Purposes of cookies

  • Strictly necessary / functional cookies:
    • Required for the Website to work correctly (e.g., load balancing, security, basic navigation).
    • These cookies cannot be switched off in our systems, but you may still block them in your browser, which may affect site functionality.
  • Preference cookies:
    • Used to remember choices you make, such as language preferences or acknowledgment of notices.
  • Analytics cookies:
    • Help us understand how visitors use the Website (e.g., pages visited, time spent, bounce rates).
    • We use this information to improve content relevance, navigation, and performance.
    • Where required, these cookies are only set with your consent.
  • Advertising and affiliate cookies:
    • Used to measure the performance of referral and affiliate links (e.g., clicks from shazam-au.com to gambling operators and related services).
    • May also be used for interest-based advertising by third parties, subject to your choices.
    • These cookies are not essential and will be used only where permitted under applicable law and your preferences.

How to manage cookies

  • Browser settings:
    • You can configure your browser to:
      • Block all cookies;
      • Block cookies from specific sites;
      • Delete cookies when you close your browser.
    • Please consult your browser's help documentation for detailed instructions.
  • On-site tools:
    • Where available, you can use our cookie banner or preferences panel to accept or reject specific categories of cookies (e.g., analytics or advertising).
    • Your selection will be stored (using a cookie) so that we can remember your choices.
  • Third-party opt-outs:
    • Certain third-party providers offer their own opt-out mechanisms for analytics or targeted advertising.
    • Links to such tools may be included in our cookie or privacy notices, where relevant.

Data Security

Observe: Handling personal and technical data related to gambling content presents particular sensitivity. Robust security measures are required to manage these risks effectively.

Expand: We must cover encryption, access control, authentication, security testing, staff awareness, and incident response, aligning with recognised standards even if full certification (e.g., ISO 27001, SOC 2) is not explicitly claimed.

Reflect: Security is a continuous process. While no system is completely secure, we implement a range of measures to protect your information.

  • Encryption and transmission security
    • Data transmitted between your browser and our servers is protected using Transport Layer Security (TLS) version 1.2 or higher, helping to prevent interception or tampering in transit.
    • Where feasible, sensitive data stored in our systems is encrypted at rest using industry-standard algorithms.
  • Access controls and authentication
    • Access to personal data is restricted to authorised personnel and service providers who require such access for legitimate purposes described in this policy.
    • We apply role-based access controls and authentication mechanisms (including multi-factor authentication for administrative accounts where available).
  • Systems hardening and monitoring
    • We maintain and update systems to address known security vulnerabilities.
    • Logging and monitoring tools help us detect suspicious activity, attempted intrusions, or misuse.
  • Security reviews and testing
    • We conduct periodic internal reviews of our technical and organisational security controls.
    • Where appropriate, we may engage specialist providers to perform penetration tests or security assessments of key components.
  • Staff awareness
    • Authorised personnel with access to personal data are informed of their confidentiality and security obligations and receive appropriate guidance and training.
  • Incident response
    • We maintain procedures for identifying, assessing, and responding to data breaches or security incidents.
    • Where required by law, we will notify affected individuals and relevant authorities (for example, in the EU/UK or other jurisdictions) without undue delay, taking into account the nature and scope of the incident.
  • Compliance with recognised standards
    • Our security framework is designed to be consistent with widely acknowledged good practices (e.g., principles from ISO/IEC 27001 and SOC 2), focusing on confidentiality, integrity, and availability of data.
    • Unless explicitly stated, we do not claim formal certification under these standards.

Complaints & Contacts

Observe: Users must be able to contact us easily for any privacy questions or complaints, and must be informed about avenues for escalation to supervisory authorities.

Expand: While the Website primarily targets Australian users, some individuals may seek recourse from other regulators if they reside in other jurisdictions (e.g., EU), or if data processing is subject to GDPR. The prompt also refers to Mexican authorities; we acknowledge them in a general way but emphasise that we do not specifically target the Mexican market.

Reflect: We describe a step-by-step complaints process and summarise external escalation options.

How to contact us

  • Primary contact for privacy matters:
    • Email: [email protected]
    • Phone: not specified
    • Postal address: not specified; please contact us by email first, and we will provide appropriate correspondence details if required.

Internal complaint procedure

  1. Submit your complaint: Send an email to [email protected] with:
    • A clear description of your concern or the suspected privacy breach;
    • Any relevant details (dates, pages visited, correspondence history);
    • Your preferred contact details and language (English is the default).
  2. Acknowledgment: We will acknowledge receipt of your complaint within 7 business days, where possible, and provide a reference or summary of the issue.
  3. Investigation: We will investigate your complaint, which may include:
    • Reviewing system logs and configuration;
    • Consulting with relevant technical or legal personnel;
    • Contacting you for clarification or further information if needed.
  4. Response: We aim to provide a substantive response within 30 days of receiving a complete complaint. If we cannot meet this timeframe due to complexity or volume, we will inform you of the delay and provide an updated timeline.
  5. Outcome and further steps: Our response will explain the outcome of our investigation, any corrective or remedial steps taken, and information about further options if you remain unsatisfied.

Escalation to supervisory authorities

  • Australia:
    • If you are located in Australia and are dissatisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
    • For matters specifically relating to interactive gambling and the ACMA blocked sites register, you may also contact:
  • European Union / EEA:
    • If you are located in the EU/EEA and believe your GDPR rights have been infringed, you may lodge a complaint with your local data protection authority. Contact details are available via the European Data Protection Board (EDPB) website.
  • Mexico:
    • Although we do not specifically target the Mexican market, individuals in Mexico may have rights under local data protection laws (for example, enforced by the National Institute for Transparency, Access to Information and Personal Data Protection, INAI). You may contact the relevant Mexican authority if you believe your rights under Mexican law have been infringed.

We encourage you to contact us first so we can attempt to resolve your concerns directly and efficiently.

Updates

Observe: Privacy policies must be kept current and users informed of changes, particularly when the nature of processing or legal environment changes (for example, developments in ACMA enforcement or affiliate relationships).

Expand: We must set out how we will notify users, maintain version control, and allow users to react to significant changes (e.g., by objecting or ceasing to use the service).

Reflect: This section defines our update and notification practices through 2026.

  • Policy updates
    • We may update this privacy policy from time to time to reflect:
      • Changes in our services, technology, or business structure;
      • Adjustments in how we work with Shazam or other partners;
      • Developments in applicable laws or regulatory guidance (including actions by ACMA or other authorities).
    • The "Last updated" date at the bottom of this document indicates when the policy was most recently revised.
  • Notification of material changes
    • For material changes that significantly affect how we process your personal data or your rights (for example, introduction of new categories of data sharing or new direct marketing activities), we will:
      • Provide notice on the Website, such as a banner or pop-up;
      • Where we have your email address and where appropriate, send you a direct email notification.
    • Where feasible, we will provide at least 30 days' advance notice before material changes take effect, giving you an opportunity to review them.
  • Your options regarding changes
    • If you do not agree with the updated policy, you may:
      • Discontinue your use of the Website; and
      • Contact us to exercise your rights in relation to any personal data already collected (see "Your Rights").
    • Continued use of the Website after the effective date of changes will be taken as acknowledgment of the updated policy, to the extent permitted by law.
  • Version control and recordkeeping
    • We maintain records of previous versions of this privacy policy and, on reasonable request, may provide you with access to prior versions relevant to the period during which your data was collected.

Last updated: January 2026