Privacy Policy

1. Introduction

1.1 SpinBet Casino NZ ("we", "us", "our") is committed to protecting your personal information and being transparent about what data we collect and how we use it.

1.2 This Privacy Policy explains our practices regarding personal data collected from users ("you", "your") of the Site located at spinbetcasinoonline-nz.com and all related services.

1.3 By registering an account or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not create an account or use our Services.

1.4 This policy is intended to meet the requirements of applicable data protection legislation including the New Zealand Privacy Act 2020 and, where applicable, the EU General Data Protection Regulation (GDPR).

2. Personal Data We Collect

2.1 Identity & Contact Data: Full name, date of birth, email address, phone number, residential address, nationality.

2.2 Account Data: Username, password (stored encrypted), account preferences, responsible gaming settings.

2.3 Financial Data: Payment method details (card numbers are tokenised, not stored in full), deposit history, withdrawal history, transaction records, source of funds documentation.

2.4 KYC Documents: Government-issued photo ID (passport, driver's licence), proof of address, payment verification documents. These are stored securely and used solely for compliance purposes.

2.5 Technical Data: IP address, browser type and version, device type and OS, session data, login timestamps, geolocation (country level).

2.6 Usage Data: Games played, bets placed, session duration, pages visited on the Site, click patterns, search queries within the Site.

2.7 Communications Data: Email correspondence, live chat transcripts, any other communications with our support team.

3. How We Collect Your Data

3.1 Directly from you: When you register an account, make a deposit, submit KYC documents, or contact support.

3.2 Automatically: Via cookies, log files, and tracking technologies when you visit and use the Site. See Section 9 for details on cookies.

3.3 From third parties: Identity verification providers, payment processors, fraud prevention services, and regulatory databases. We only use reputable third parties subject to their own privacy and security standards.

4. Why We Process Your Data

• Account Management: To create and maintain your account, process deposits and withdrawals, and provide customer support.
• Legal Compliance: To meet our obligations under AML, KYC, and licensing regulations. We are legally required to collect and retain certain data.
• Fraud Prevention: To detect and prevent fraudulent activity, bonus abuse, and unauthorised access.
• Responsible Gaming: To monitor gambling behaviour and enforce responsible gaming tools you have activated.
• Marketing: To send you promotional emails and notifications about bonuses and offers — only if you have opted in. You may unsubscribe at any time.
• Site Improvement: To analyse usage patterns, improve the Site, and fix technical issues.

5. Legal Basis for Processing (GDPR)

Where GDPR applies, we process your data on the following legal bases:

• Contract: Processing necessary to fulfil our contract with you (e.g. processing deposits, managing your account).
• Legal Obligation: Processing required by law (e.g. KYC verification, AML record-keeping).
• Legitimate Interests: Processing for fraud prevention, site security, and analytics — where our interests do not override your rights.
• Consent: Marketing communications — you must opt in, and you can withdraw consent at any time.

6. Data Sharing

6.1 We do not sell your personal data to third parties. We share data only in the following circumstances:

• Payment Processors: To process deposits and withdrawals. Data is shared only as required to complete the transaction.
• Identity Verification Providers: To fulfil KYC requirements. Providers are contractually bound to handle data appropriately.
• Regulatory Authorities: We may be required to disclose data to regulators, law enforcement, or government agencies under applicable law.
• Self-Exclusion Schemes: If you self-exclude, we may share your details with cross-operator exclusion schemes as required.
• Service Providers: Cloud hosting, analytics, and email service providers who process data on our behalf under data processing agreements.

7. Data Retention

7.1 We retain your personal data for as long as your account is active and for a minimum of 5 years following account closure, as required by AML regulations.

7.2 KYC documents are retained for a minimum of 5 years after the end of the business relationship, in compliance with anti-money laundering legislation.

7.3 Marketing data is retained until you withdraw consent. Technical and usage logs are retained for up to 24 months and then deleted or anonymised.

7.4 Following the mandatory retention period, data is securely deleted or permanently anonymised.

8. Your Rights

Under applicable data protection law, you have the following rights:

8.1 To exercise any of these rights, contact us at [email protected]. We will respond within 30 days. We may need to verify your identity before processing the request.

9. Cookies

9.1 We use cookies and similar tracking technologies to enhance your experience, remember your preferences, and analyse Site usage.

9.2 Types of cookies we use:

• Essential Cookies: Required for the Site to function. These cannot be disabled. They include session management, security tokens, and login state.
• Analytics Cookies: Used to understand how users interact with the Site. Data is anonymised where possible. Providers include Google Analytics (with IP anonymisation enabled).
• Marketing Cookies: Used to deliver relevant advertising and track the effectiveness of our promotional campaigns. Only active if you have consented.
• Preference Cookies: Remember your settings such as language preference, currency, and display options.

9.3 You can manage cookies via your browser settings. Disabling non-essential cookies will not affect your ability to use core Site functionality. For more information on managing cookies, visit allaboutcookies.org.

10. Security Measures

10.1 We implement industry-standard technical and organisational measures to protect your personal data from unauthorised access, disclosure, alteration, or destruction.

10.2 Security measures include:

• 256-bit SSL/TLS encryption for all data in transit
• Encrypted storage for passwords and sensitive documents
• Role-based access controls for staff accessing customer data
• Two-factor authentication requirements for administrative access
• Regular security audits and penetration testing
• Automated anomaly detection for login activity

10.3 In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant regulatory authorities within 72 hours of becoming aware of the breach, as required by applicable law.

11. International Data Transfers

11.1 Your data may be transferred to and processed in countries outside New Zealand where our service providers operate. In such cases, we ensure appropriate safeguards are in place, including Standard Contractual Clauses where required by applicable law.

11.2 We only transfer data to countries that provide an adequate level of protection, or where we have implemented appropriate safeguards to ensure the security and legality of the transfer.

12. Contact & Complaints

12.1 For any privacy-related questions, requests, or complaints, contact our privacy team at: [email protected]

12.2 If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Privacy Commissioner (New Zealand): privacy.org.nz

12.3 If you are in the EU/EEA and believe your GDPR rights have been violated, you may lodge a complaint with your local supervisory authority.

This Privacy Policy was last updated in February 2026. Version 1.1.