Cosmo Casino New Zealand Privacy Policy

This Privacy Policy outlines how Cosmo Casino collects, uses, stores, and protects personal information in connection with its services offered to players in New Zealand. The policy is designed to provide transparency regarding our data handling practices. We process personal information to fulfill our contractual obligations, comply with legal and regulatory requirements, manage player accounts, and maintain the security of our services. This document explains the types of information we collect, the purposes for which it is used, the legal bases for processing, and the rights available to individuals under applicable laws, including the Privacy Act 2020.

Data Collection and Categories of Personal Information

Cosmo Casino collects personal information necessary to provide its services, operate accounts, and meet legal obligations. This information is obtained directly from you during registration and interaction with our services, and automatically through your use of the platform. The primary categories of personal data processed are as follows.

Registration and identification data includes information provided when creating an account or verifying your identity. This typically encompasses your full name, date of birth, residential address, email address, and telephone number. For verification purposes, we may also process copies of identification documents, such as a driver's licence or passport.

Financial and transactional information relates to deposits, withdrawals, and gaming activity. This includes payment method details, transaction histories, account balances, and game play records. Technical and usage data is automatically collected and may include your IP address, device identifiers, browser type, operating system, pages viewed, and other interaction data. We also maintain records related to regulatory compliance, such as communication histories, responsible gambling interactions, and records of queries or complaints.

Purposes of Processing and Legal Bases

Cosmo Casino processes personal information for specific, defined purposes. Each processing activity is conducted under a recognised lawful basis as required by data protection principles. The primary purposes and corresponding legal bases are detailed below.

Account administration and service provision form the core of our processing. We use your data to create and manage your account, process transactions, provide customer support, and communicate essential service information. The lawful basis for this processing is the performance of our contract with you. We are under a legal obligation to verify your identity, prevent money laundering, and promote responsible gambling. Processing for these compliance purposes is necessary to adhere to laws including the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 and the Gambling Act 2003.

We process data for security and fraud prevention to protect our services and users. This includes monitoring for fraudulent activity, investigating security incidents, and ensuring system integrity. The lawful basis for this processing is our legitimate interest in safeguarding our operations and users. With your explicit consent, we may process data for additional purposes, such as sending marketing communications. You may withdraw consent at any time through your account settings.

Information Storage, Security, and Retention Periods

Cosmo Casino implements technical and organisational measures to protect personal information from unauthorised access, disclosure, alteration, or destruction. Data is stored on secure servers located in controlled environments. Access to personal information is restricted to authorised personnel who require it to perform their duties, and all access is logged and monitored.

We employ industry-standard security technologies, including encryption for data in transit and at rest, firewalls, and intrusion detection systems. Specific security measures are applied to sensitive data, such as financial information. Despite these measures, no data transmission over the internet can be guaranteed as completely secure.

Personal information is retained only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Retention periods are determined based on the nature of the data and the legal or operational need. For example, account data is retained for a period after account closure to meet regulatory obligations, after which it is securely archived or anonymised. Transactional records are typically retained for a minimum of seven years as required by financial regulations. Once the retention period expires, data is securely deleted or anonymised so it can no longer be associated with an individual.

Individual Rights and Request Procedures

Under the Privacy Act 2020, individuals in New Zealand have specific rights regarding their personal information. Cosmo Casino has established procedures to facilitate the exercise of these rights. To protect your information, all requests are subject to a verification process to confirm your identity.

You have the right to request access to the personal information we hold about you and to receive a copy of that information. You may also request correction of any inaccurate or incomplete personal data. In certain circumstances, you have the right to request the erasure of your personal data, to object to or restrict its processing, or to request data portability, which allows you to obtain and reuse your data for your own purposes across different services.

To exercise any of these rights, you must submit a formal request via our designated privacy contact channel. The request must include sufficient detail to identify you and specify the right you wish to exercise. We will respond to your request within the timeframes stipulated by law. We may refuse a request in specific circumstances permitted by law, such as where the request is frivolous, vexatious, or would compromise the privacy of others. If we refuse a request, we will provide you with reasons for our decision. You have the right to complain to the New Zealand Privacy Commissioner if you are not satisfied with our response.