burger icon
Casino Classic New Zealand
Log In

Privacy Policy

A privacy policy is required to inform players and visitors of casino-classic-nz.com about how their personal information is collected, used, and protected. This policy applies to all users engaging with casino-classic-new-zealand's online gambling services and website features. Effective as of 6 November 2025.

Who We Are

OBSERVE: The operator of casino-classic-nz.com is Fresh Horizons Ltd., a limited company registered in the British Virgin Islands, acting on behalf of casino-classic-new-zealand for New Zealand users. The company operates under the Casino Rewards Group and holds relevant iGaming certifications.

  • Legal Entity: Fresh Horizons Ltd., Road Town, Tortola, British Virgin Islands
  • Legal Entity Type: Limited (Ltd.)
  • Registration Number / Tax ID: Not specified
  • Casino Brand: casino-classic-new-zealand (used exclusively on casino-classic-nz.com)
  • Licensing: Kahnawake Gaming Commission (KGC), License Validity: 2025
  • Certifications: eCOGRA Safe and Fair (valid through 2025)
  • Contact Information:

Regional Compliance Note: For NZ users, all inquiries regarding data privacy should be directed to the designated DPO contact above, ensuring compliance with local and international data protection standards.

What Personal Data We Collect

OBSERVE: Collection of personal and technical data is necessary to provide secure, compliant gaming services. EXPAND: All categories are specified below. REFLECT: Only data required for lawful operation, regulatory compliance, and service improvement is collected.

  • Personal Identification Data: Full name, date of birth, email address, phone number, country of residence, physical address (if required by law or for verification purposes).
  • Account Data: Username, account ID, password (encrypted), account activity logs.
  • Payment Information: Credit/debit card details, bank account information, e-wallet identifiers, transaction records (all processed via PCI DSS-compliant partners).
  • Technical Data: IP address, device type, browser data, operating system, access times, server logs.
  • Behavioral Data: Betting history, game participation records, transaction amounts, site navigation, clickstream data.
  • Cookies and Tracking Technologies: Session cookies, persistent cookies, third-party analytics and advertising cookies (see Cookies & Tracking Technologies section).

Legal Obligation: All data collection is performed in compliance with NZ law, international standards, and KGC licensing requirements.

Legal Basis for Processing

OBSERVE: Processing of personal data is governed by lawfulness, fairness, and transparency principles. EXPAND: Each processing purpose is mapped to a valid legal ground as required under NZ and international data protection regimes. REFLECT: The following legal bases apply:

  1. User Consent: Explicit consent is obtained for processing activities not strictly necessary for service provision, such as marketing communications and use of non-essential cookies.
  2. Contractual Necessity: Data processing is required to fulfill contractual obligations, including account creation, access to games, deposits, withdrawals, and customer support.
  3. Legal Obligations: Compliance with NZ anti-money laundering (AML), know your customer (KYC), responsible gambling, and regulatory reporting requirements necessitates processing and retention of user data.
  4. Legitimate Interests: Processing is justified by legitimate business interests, such as security monitoring, fraud prevention, service analytics, and internal business administration, provided such interests do not override user rights.

Regional Compliance Note: Legal bases are aligned with the NZ Privacy Act 2020 and international standards applicable to the online gambling sector.

Purpose of Processing

OBSERVE: Data processing serves multiple essential and ancillary purposes. EXPAND: Each purpose is limited to what is necessary for lawful and efficient operation. REFLECT: Users are informed of the following processing purposes:

  • Provision of Gambling Services: To create, manage, and maintain user accounts, facilitate access to casino games, process payments, and administer promotions.
  • Regulatory Compliance: To meet KYC, AML, responsible gaming, and other legal requirements applicable in NZ and under the Kahnawake license.
  • Customer Support & Communication: To respond to user inquiries, provide technical and account assistance, and deliver essential service notifications.
  • Service Improvement & Analytics: To monitor site usage, analyze user behavior, and optimize website performance and game offerings.
  • Marketing & Promotions: To send promotional materials, newsletters, and special offers (subject to user consent).
  • Fraud Prevention & Security: To detect, investigate, and prevent fraudulent or unauthorized activities, ensuring the security and integrity of user accounts and financial transactions.

Disclosure & Sharing

OBSERVE: Disclosure of user data is restricted to specified third parties and strictly for lawful purposes. EXPAND: Only essential data is shared; protective measures are applied. REFLECT: Data may be disclosed as follows:

  • Payment Partners: To facilitate deposits, withdrawals, and transaction verifications via PCI DSS-compliant payment processors and banks.
  • Service Providers: To trusted vendors providing IT, hosting, analytics, security, and customer support services, bound by strict confidentiality and data protection agreements.
  • Regulatory Authorities: To the Kahnawake Gaming Commission, NZ regulators, law enforcement, and other authorities as required for legal compliance, audits, or investigations.
  • Affiliates: To Casino Rewards Group and authorized affiliates for legitimate operational, compliance, or marketing purposes (only with user consent).
  • Advertising Networks: To third-party networks for targeted marketing and analytics, subject to user consent and opt-out options.

Legal Protections: All third parties are contractually obligated to process data in compliance with this policy and applicable data protection laws.

International Transfers

OBSERVE: User data may be transferred internationally as part of global service operations. EXPAND: Transfers are limited to countries with adequate data protection. REFLECT: The following safeguards are applied:

  1. Transfer Destinations: User data may be transferred to the British Virgin Islands (Fresh Horizons Ltd. HQ), Canada (Kahnawake), and other jurisdictions where service providers or group companies are located.
  2. Protection Measures: Standard Contractual Clauses (SCCs), data processing agreements, and technical security controls are implemented to ensure adequate protection consistent with NZ Privacy Act 2020 and international standards.
  3. Third-Party Compliance: All recipients must comply with applicable data protection laws and maintain confidentiality and security of user data.

Regional Compliance Note: Users are informed of potential international transfers and their rights under NZ law; data is not transferred to countries lacking adequate legal protection without additional safeguards.

Data Retention

OBSERVE: Data retention periods are determined by law, operational necessity, and user protection. EXPAND: Each data category has a defined retention policy. REFLECT: Users are informed as follows:

  • Personal Data: Retained for the duration of the user relationship and up to 5 years following account closure or last transaction, in accordance with AML and KYC legal requirements.
  • Transaction & Payment Records: Maintained for at least 5 years from the date of transaction to comply with regulatory and accounting obligations.
  • Technical & Behavioral Data: Retained as necessary for security, analytics, and fraud prevention, typically no longer than 3 years unless required for ongoing investigations.
  • Cookies & Tracking Data: Retention periods vary by cookie type, as detailed in the Cookies & Tracking Technologies section.
  • Deletion Criteria: Data is deleted or anonymized upon user request (where permitted), expiration of retention period, or when processing purposes are fulfilled, subject to legal and regulatory exceptions.

Legal Obligation: Retention and deletion practices fully comply with NZ Privacy Act 2020, KGC, and AML requirements.

Your Rights

OBSERVE: casino-classic-nz.com recognizes and upholds all user rights as mandated by NZ, GDPR (where applicable), and international standards. EXPAND: The following rights and procedures apply to all users:

  1. Right of Access: Users may request confirmation of whether their data is processed and obtain a copy of their personal information held by casino-classic-new-zealand.
  2. Right to Rectification: Users may request corrections to inaccurate or incomplete personal data.
  3. Right to Erasure ("Right to be Forgotten"): Users may request deletion of their data, subject to legal retention obligations (e.g., for AML/KYC compliance).
  4. Right to Restriction of Processing: Users may restrict processing of their data under certain conditions (e.g., contesting accuracy or lawfulness of processing).
  5. Right to Data Portability: Users may request transfer of their data in a structured, commonly used, machine-readable format to another provider upon request and verification.
  6. Right to Object: Users may object to certain forms of processing, including direct marketing. Marketing communications will cease promptly upon objection or withdrawal of consent.
  7. Right to Withdraw Consent: Where processing is based on consent (marketing, cookies), users may withdraw consent at any time via account settings or by contacting support.
  8. Procedure for Exercising Rights: Submit requests via email to [email protected] (attn: Data Protection Officer). Requests are processed within 30 days, free of charge unless manifestly unfounded or excessive.

Legal Protections: All rights are implemented in accordance with the NZ Privacy Act 2020 and international standards. Users may contact the NZ Privacy Commissioner or other supervisory authorities if unsatisfied with casino-classic-nz.com's response.

Cookies & Tracking Technologies

OBSERVE: casino-classic-nz.com uses cookies and similar technologies for multiple purposes. EXPAND: Users are informed of types, purposes, and management options. REFLECT: Transparent cookie management is provided for user control.

  • Session Cookies: Temporary cookies necessary for secure login and navigation. Deleted when the browser is closed.
  • Persistent Cookies: Remain on the device for a defined period to remember user preferences and enhance user experience.
  • Third-Party Cookies: Set by analytics providers (e.g., Google Analytics), advertising networks, or affiliates for aggregated statistics and targeted marketing.
  • Purposes: Functional (site operation), analytics (usage tracking), advertising (personalized promotions), and security (fraud detection).
  • Management: Users may manage or disable cookies via browser settings or, where available, through the account privacy panel. Disabling essential cookies may affect site functionality.

Data Security

OBSERVE: casino-classic-nz.com implements advanced security measures to safeguard personal data. EXPAND: Security controls operate at technical, organizational, and procedural levels. REFLECT: The following protections are in place:

  1. TLS Encryption: All data transmitted between user devices and casino-classic-nz.com servers is protected with TLS 1.2 or higher encryption.
  2. Data Encryption at Rest and in Transit: Sensitive data is encrypted both during transmission and while stored on secure servers.
  3. Multi-Factor Authentication (MFA): MFA is implemented for internal access to sensitive systems and user accounts where supported.
  4. Access Controls: Strict access controls ensure that only authorized personnel may access personal data, based on role and necessity.
  5. Security Audits: Regular security assessments and audits are performed, including compliance reviews for ISO 27001 and SOC 2 standards.
  6. Staff Training: All staff receive regular data protection and cyber security training.
  7. Incident Response: A documented incident response plan is in place to promptly detect, report, and mitigate data breaches or security threats. Users will be notified of breaches in accordance with legal requirements.

Legal Obligation: These security measures meet or exceed NZ, KGC, and international iGaming industry standards.

Complaints & Contacts

OBSERVE: casino-classic-nz.com provides multiple channels for privacy-related complaints and inquiries. EXPAND: Users are guided through complaint procedures and escalation mechanisms. REFLECT: Full transparency and user protection are prioritized.

  • DPO Contact: Data Protection Officer (Oliver Williams), [email protected]
  • Online Channels: Submit inquiries or complaints via the website support email or, where available, contact forms on casino-classic-nz.com.
  • Postal Address: Fresh Horizons Ltd., Road Town, Tortola, British Virgin Islands (for formal written complaints).
  1. Complaint Procedure: Submit your complaint via the above channels with relevant details. All submissions are acknowledged within 5 business days. A substantive response will be provided within 30 days.
  2. Escalation: If unsatisfied, users may escalate their complaint to the NZ Privacy Commissioner:
    Office of the Privacy Commissioner (NZ)
    PO Box 10094, Wellington 6143, New Zealand
    Phone: +64 4 474 7590
    https://www.privacy.org.nz
  3. International Users: Users in other jurisdictions may contact their relevant supervisory authorities if necessary.

Legal Protections: No user will be penalized or disadvantaged for raising privacy-related concerns or complaints.

Updates

OBSERVE: This privacy policy may be updated to reflect changes in law, operations, or technology. EXPAND: Users will be notified of all material changes. REFLECT: The following procedures apply:

  • Notification Methods: Advance notice of significant changes will be provided via email, website banners, and account dashboard alerts.
  • Version Control: The current version is effective as of 6 November 2025. Changelog of material updates will be maintained and available for review.
  • Advance Notice Period: Where material changes affect user rights or obligations, at least 30 days' notice will be provided before implementation.
  • User Options: Users may object to changes or close their accounts before new terms take effect without penalty.

Last updated: 6 November 2025