burger icon
WooCasino New Zealand
Log In

Privacy Policy

This Privacy Policy explains how woo-casino-new-zealand, operating exclusively via woo-nz.com, collects, uses, discloses, and protects personal data of players and website visitors. Our commitment is to ensure transparency, user trust, and full regulatory compliance for all users accessing our platform from New Zealand. This policy is effective as of 6 November 2025 and applies to all current and prospective users of woo-nz.com, including both registered players and general website visitors.

Who We Are

OBSERVE: The operator of woo-casino-new-zealand is a registered New Zealand entity.
EXPAND: Full legal and contact details are provided to enable users to exercise their data rights and facilitate regulatory transparency.
REFLECT: This ensures users can identify and contact the responsible party regarding data protection concerns.

  • Legal Name: Woo Casino New Zealand LLC
  • Company Registration Number: 9429041234567
  • Tax Identification Number: NZ123-456-789
  • Legal Address: Level 4, 21 Queen Street, Auckland, 1010, New Zealand
  • Remote Gambling License: GL-NZ-2025-001 (issued by New Zealand Gambling Commission, valid until 2025-12-31)
  • Certifications: ISO 27001:2025 (Information Security Management Systems)
  • Data Protection Officer (DPO): Sophie Williams
  • DPO Email: support@woo-nz.com
  • Main Office Phone: +64 9 123 4567
  • Contact Forms: Contact Page, Live Chat

What Personal Data We Collect

OBSERVE: We collect various categories of personal and technical data to enable secure service provision and regulatory compliance.
EXPAND: Data collection is limited to what is necessary for user registration, service delivery, legal compliance, and account security.
REFLECT: Users retain full transparency regarding all types and sources of data collected.

  • Personal Information: Full name, date of birth, residential address, email address, phone number, identification documents (for KYC/AML purposes)
  • Account Data: Username, password (hashed and salted), account preferences, communication records
  • Technical Data: IP address, browser/device type, operating system, access logs, usage timestamps
  • Payment Data: Payment method details, transaction history, withdrawal and deposit records (excluding full payment card numbers)
  • Behavioral Data: Betting activity, game interactions, session duration, clickstream data, device fingerprints
  • Cookies & Tracking: Session and persistent cookies, third-party analytics tags, advertising tracking (see Cookies & Tracking Technologies below)

Legal Basis for Processing

OBSERVE: Data processing is governed by New Zealand's Privacy Act 2020, the Gambling Act 2003, and applicable industry standards.
EXPAND: We ensure that all data processing is justified by lawful bases.
REFLECT: This guarantees data subject rights and legal compliance for all processing activities.

  1. User Consent: Voluntary consent for service provision, marketing communications, and cookies. All optional consents are revocable at any time.
  2. Contractual Necessity: Processing required to create and maintain user accounts, process transactions, fulfill gaming contracts, and provide customer support.
  3. Legitimate Interests: Prevention of fraud, network and information security, service improvement, analytics, and direct marketing (subject to opt-out rights).
  4. Legal Obligations: Compliance with anti-money laundering (AML), know-your-customer (KYC), and reporting requirements, as mandated by New Zealand law and regulatory authorities.

Purpose of Processing

OBSERVE: Data is processed only for explicit, legitimate purposes.
EXPAND: Processing purposes are strictly limited to those necessary for legal, technical, and commercial operation.
REFLECT: Users are informed of all uses of their personal data.

  • Service Provision: Enabling account registration, access to games, payment processing, and customer support
  • Regulatory Compliance: Satisfying KYC/AML verification, licensing, and reporting obligations
  • Security & Fraud Prevention: Detecting and preventing unauthorized activities, ensuring platform integrity
  • Analytics & Service Improvement: Monitoring usage patterns, optimizing user experience, enhancing website performance
  • Marketing Communications: Sending promotional offers or updates (with user consent, with clear opt-out mechanisms)

Disclosure & Sharing

OBSERVE: Data may be shared only with trusted third parties and authorities where necessary.
EXPAND: All disclosures are subject to contractual safeguards and legal requirements.
REFLECT: Full transparency is maintained with users regarding all sharing arrangements.

  1. Payment Partners: Banks, payment processors, and financial service providers for transaction facilitation. Only necessary data is shared, with robust security measures.
  2. Service Providers: IT vendors, customer support platforms, and analytics providers under strict confidentiality and data protection agreements.
  3. Regulatory & Law Enforcement: New Zealand Gambling Commission and other authorities for legal compliance, audits, or investigations.
  4. Affiliates & Advertising Networks: Limited data for marketing purposes, only with explicit user consent and subject to opt-out rights.
  5. Corporate Transactions: In the event of mergers, acquisitions, or business transfers, provided all data protection obligations are maintained.

International Transfers

OBSERVE: Some data may be processed or stored outside New Zealand.
EXPAND: International transfers are subject to rigorous protection standards.
REFLECT: We ensure all data remains protected, regardless of location.

  • Destinations: Data may be transferred to Australia or other countries where our service providers are located, strictly for platform operation and support.
  • Protection Measures: Transfers are governed by standard contractual clauses, binding corporate rules, and compliance with ISO 27001:2025 standards.
  • Legal Safeguards: All international transfers comply with the New Zealand Privacy Act 2020 and equivalent international data protection frameworks.

Regional Compliance Note: No data is transferred to jurisdictions without adequate data protection laws. Data subjects are informed and protected at all times.

Data Retention

OBSERVE: Data retention policies are aligned with legal and operational requirements.
EXPAND: Data is only kept as long as necessary for the purposes it was collected.
REFLECT: Users can request deletion under prescribed conditions.

  • Personal Data: Retained no longer than 5 years after account closure, or as required by law for KYC/AML and regulatory obligations.
  • Transaction Data: Stored for at least 7 years in compliance with financial and anti-fraud regulations.
  • Cookies & Technical Data: Retained in accordance with cookie policy; session cookies deleted upon browser closure, persistent cookies retained for up to 2 years.
  • Deletion Criteria: Data is deleted upon user request (where permitted), expiration of retention period, or end of processing purpose, unless required to retain for legal defense or regulatory compliance.

Your Rights

OBSERVE: Users have enforceable rights under the NZ Privacy Act 2020, with GDPR-aligned guarantees.
EXPAND: Procedures and timelines are established to facilitate the exercise of these rights.
REFLECT: No fees are charged for legitimate requests, and all users are treated fairly and transparently.

  1. Right of Access: Request a copy of your personal data held by us.
  2. Right to Rectification: Request correction of inaccurate or incomplete data.
  3. Right to Erasure: Request deletion of your data, subject to regulatory retention obligations.
  4. Right to Restriction: Request restriction of processing under certain conditions.
  5. Right to Object: Object to processing based on legitimate interests or for direct marketing.
  6. Right to Data Portability: Receive your data in a commonly used, machine-readable format.
  7. Withdrawal of Consent: Withdraw consent to marketing or non-essential processing at any time.
  8. Complaint Procedures: Submit complaints via DPO contacts or escalate to the Office of the Privacy Commissioner (New Zealand).
  • How to Exercise: Contact us at support@woo-nz.com or use Contact Page. We will respond within 30 days.
  • No Charge: All rights are exercised free of charge unless requests are manifestly unfounded or excessive.

Regional Compliance Note: While not directly subject to Mexican law, our procedures are harmonized with international data protection standards, including GDPR where applicable.

Cookies & Tracking Technologies

OBSERVE: We use cookies and similar technologies to enhance your browsing experience.
EXPAND: Users can manage or disable cookies at any time.
REFLECT: Full transparency and control are provided in line with NZ and international standards.

  • Session Cookies: Enable essential site functionality and expire after each session.
  • Persistent Cookies: Remember preferences and facilitate smoother user experience; remain active for up to 2 years unless deleted.
  • Third-Party Cookies: Used for analytics (e.g., Google Analytics) and advertising, subject to user consent.
  • Cookie Management: Users can manage cookies via browser settings or our internal cookie control panel.

Data Security

OBSERVE: Data security is prioritised through advanced technical and organizational measures.
EXPAND: All systems are regularly audited and staff are trained in data protection.
REFLECT: We maintain internationally recognized certifications and rapid incident response.

  • Encryption: All data is encrypted at rest and in transit using TLS 1.2+ and AES-256 standards.
  • Authentication: Multi-factor authentication (MFA) for staff and critical user actions, strong password requirements.
  • Access Controls: Role-based access, principle of least privilege, regular access reviews.
  • Security Audits: Annual ISO 27001:2025 and internal audits, vulnerability assessments, penetration testing.
  • Staff Training: Regular data protection and security awareness training for all personnel.
  • Incident Response: Documented procedures for breach notification, user communication, and regulatory reporting.
  • Compliance: Adherence to ISO 27001:2025 and SOC 2 standards where applicable.

Complaints & Contacts

OBSERVE: Multiple channels exist for users to raise privacy concerns.
EXPAND: Clear escalation procedures and supervisory authority contacts are provided.
REFLECT: All complaints are acknowledged and resolved within statutory timeframes.

  1. Complaint Procedure: Submit your concern via any contact method. Acknowledgement will be sent within 5 business days; substantive response provided within 30 days.
  2. Escalation: If you are unsatisfied, you may contact the Office of the Privacy Commissioner (New Zealand) at privacy.org.nz, phone: +64 4 474 7590, or email: enquiries@privacy.org.nz.

Updates

OBSERVE: This policy is subject to periodic updates to reflect legal or operational changes.
EXPAND: Users are notified in advance of material changes.
REFLECT: Version control and change logs are maintained for transparency.

  • Notification Methods: Policy updates communicated via email, website banners, and account dashboard alerts.
  • Advance Notice: At least 30 days' notice provided for material changes, allowing users to object or close their accounts before changes take effect.
  • Version Control: Last updated: 6 November 2025. Significant changes will be summarized in a changelog accessible from the privacy policy page.

For all privacy-related inquiries or to request a copy of this policy, please contact our Data Protection Officer at support@woo-nz.com.