Christchurch Casino New Zealand Privacy Policy

This Privacy Policy document outlines the data protection practices of Christchurch Casino. The policy exists to inform individuals of how their personal information is collected, used, stored, and disclosed. It explains our commitment to processing personal data lawfully and transparently in accordance with the Privacy Act 2020 and other applicable regulations in New Zealand. The document details the purposes for processing, which include account management, transaction processing, regulatory compliance, and security. It also specifies the rights individuals have regarding their personal information and the procedures for exercising those rights.

Data Collection and Categories of Personal Information

Christchurch Casino collects personal information necessary for the operation of its services and to meet its legal obligations. This collection occurs through various interactions, including account registration, financial transactions, customer support communications, and automated technical systems. The information is obtained directly from the individual, through third-party verification services, or via automated means such as website cookies and server logs.

The categories of personal data processed include, but are not limited to, the following types. Identification and contact details provided during registration, such as full name, date of birth, residential address, email address, and telephone number. Financial and transactional data, including payment method details, deposit and withdrawal history, and game play activity. Technical and usage data, such as IP address, device identifiers, browser type, operating system, pages viewed, and referring website addresses. Compliance and due diligence records, which encompass copies of identification documents, source of wealth information, and records of interactions related to responsible gambling.

Additional information may be collected for specific purposes, such as preferences for marketing communications or participation in promotional activities. For operational clarity, information related to christchurch casino meal deals or christchurch casino opening hours may be collected if an individual chooses to engage with those specific services. All data collection is conducted with a defined purpose and under a recognized lawful basis.

Purposes of Processing and Legal Bases

Personal information is processed for specific, explicit, and legitimate purposes. The primary purposes include identity verification, which is a legal requirement under New Zealand's gambling and anti-money laundering regulations. This processing ensures that only eligible individuals can access our services. Financial transaction processing is conducted to facilitate deposits, wagers, and withdrawals, and to maintain accurate financial records.

The operation and security of a player's account constitutes a core purpose, encompassing login authentication, account statement generation, and customer support. Data is also processed for the purpose of maintaining the security and integrity of our systems, including fraud detection, system monitoring, and investigation of potential breaches. Compliance with statutory obligations, including reporting to regulatory bodies and adhering to responsible gambling codes of practice, is a fundamental processing activity.

These activities are conducted under several lawful bases as defined by the Privacy Act 2020. Processing is necessary for the performance of a contract, specifically the terms and conditions governing the use of a player account. Processing is necessary for compliance with a legal obligation, such as the requirements set by the Department of Internal Affairs. Processing may also be necessary for the purposes of the legitimate interests pursued by Christchurch Casino, such as network and information security, fraud prevention, and direct marketing, provided those interests are not overridden by the individual's rights and freedoms. Where required, explicit consent is obtained, for instance, for certain types of direct marketing communications.

Data Storage, Security, and Retention Periods

Christchurch Casino implements technical and organisational measures to protect personal information against unauthorised access, disclosure, alteration, or destruction. Data is stored on secure servers located within controlled environments. Access to personal information is restricted to authorised personnel on a need-to-know basis, governed by strict access control policies and confidentiality agreements.

Security measures include, but are not limited to, encryption technologies for data in transit and at rest, firewalls, intrusion detection systems, and regular security assessments. Physical security controls are applied to areas where data is processed or stored. While reasonable steps are taken to protect information, the transmission of data over the internet cannot be guaranteed as completely secure.

Personal information is retained only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Retention periods are determined based on the nature of the information and the legal and operational requirements. For example, account data and transactional records are typically retained for a minimum period as mandated by New Zealand law following account closure. After the retention period expires, data is securely deleted or anonymised so it can no longer be associated with an individual. Archiving procedures may apply to certain records for historical or statistical purposes, where the data is rendered non-identifiable.

Individual Rights and Request Procedures

Under the Privacy Act 2020, individuals have specific rights regarding their personal information held by Christchurch Casino. These rights include the right to obtain confirmation as to whether personal data concerning them is being processed and, where that is the case, to access that data. Individuals have the right to request the correction of inaccurate or incomplete personal information. In certain circumstances, individuals may have the right to request the erasure of their personal data, to restrict the processing of their data, or to object to processing based on legitimate interests.

Individuals also have the right to data portability, which allows them to receive their personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where technically feasible. To exercise any of these rights, a formal request must be submitted. Christchurch Casino will require verification of the requester's identity to prevent unauthorised disclosure. This verification process is a security measure and a legal obligation.

Requests can be submitted via the designated contact method outlined in this policy. Christchurch Casino will respond to a valid request within the timeframes stipulated by law. In some instances, we may be legally obliged to retain certain information or refuse a request, such as when the request is manifestly unfounded or excessive, or when processing is necessary for compliance with a legal obligation. For example, data related to a christchurch casino online login no deposit bonus transaction must be retained for regulatory audit purposes. Individuals will be provided with a reason for any refusal. If an individual is not satisfied with our response, they have the right to lodge a complaint with the New Zealand Privacy Commissioner.