Privacy Policy
Last updated: 1 January 2026
1. Introduction
At Regal Rush Casino, we take the privacy and security of your personal data seriously. This Privacy Policy explains what information we collect, why we collect it, how we use and protect it, and what rights you have regarding your data. By using our website and services, you consent to the data practices described in this document. We encourage you to read this policy carefully so you understand how your information is handled at every stage of your interaction with our platform.
2. Data We Collect
We collect personal information that you provide directly during account registration and subsequent use of our services. This includes your full name, date of birth, email address, phone number, residential address, and payment details (card numbers, e-wallet IDs, bank account information). During the KYC verification process, we may also collect copies of government-issued identification documents and proof-of-address documentation. Beyond what you provide directly, we automatically collect technical data when you visit our site: your IP address, browser type and version, operating system, device type, screen resolution, referring URL, pages visited, time spent on each page, and click patterns. We also collect gaming activity data — games played, bet amounts, win/loss records, session durations, and bonus usage. This information helps us operate the platform, improve your experience, meet regulatory requirements, and detect fraud or unusual activity.
3. How We Use Your Data
We use the data we collect for the following purposes: to create and manage your account, to verify your identity and age as required by gambling regulations, to process deposits and withdrawals securely, to provide customer support when you contact us, to personalise your gaming experience (such as recommending games based on your play history), to send promotional offers and updates (only if you have opted in), to detect and prevent fraud, money laundering, and other illegal activities, to comply with legal and regulatory obligations, and to improve our platform through analytics and performance monitoring. We do not use your data for purposes beyond what is described here without first obtaining your consent.
4. Legal Basis for Processing
We process your personal data under several legal bases depending on the specific activity. Contract performance covers data processing necessary to provide our gaming services to you — account management, payment processing, game delivery. Legal obligation covers processing required by gambling regulations, anti-money laundering laws, and tax reporting requirements. Legitimate interest covers processing for fraud prevention, platform security, service improvement, and analytics. Consent covers processing for marketing communications — you can withdraw consent at any time through your account settings or by clicking the unsubscribe link in any promotional email.
5. Who We Share Your Data With
We share your personal data only when necessary and only with trusted parties. Payment processors (POLi, Neosurf, Visa, Mastercard, Skrill, Neteller) receive the information required to process your transactions securely. Our game providers receive limited data needed to deliver games and track activity for regulatory purposes. Our licensing and regulatory authorities receive data as required by law, including player activity reports, suspicious transaction reports, and KYC documentation. We may share data with law enforcement if required by a court order or other lawful process. Our hosting and IT infrastructure providers process data on our behalf under strict data processing agreements. We also use analytics tools to monitor platform performance — these tools receive anonymised or pseudonymised data only. We never sell your personal information to third parties for marketing purposes. Every third party we share data with is contractually bound to protect it and use it only for the purposes we specify.
6. Cookies and Tracking Technologies
We use cookies and similar technologies to operate and improve our platform. Essential cookies are required for the site to function — they handle session management, authentication, and security. Without them, you cannot log in or play games. Functional cookies remember your preferences, such as language settings and display options. Analytics cookies collect anonymised data about how visitors use the site, which pages are most popular, and where users encounter issues. We use this information to improve the platform. Marketing cookies track your activity across sites to deliver relevant advertisements — these are only set with your explicit consent. You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies, though blocking essential cookies may prevent you from using certain features of our site. For more detail on the specific cookies we use, their purpose, and their expiration periods, contact our support team.
7. Data Retention
We retain your personal data for as long as your account is active and for a period thereafter as required by law. For most data categories, the retention period after account closure is 5 years, which aligns with anti-money laundering record-keeping obligations in most jurisdictions. Transaction records and KYC documentation may be retained for up to 7 years. Marketing data is deleted within 30 days of you withdrawing consent. Analytics data is anonymised after 26 months. Once the retention period expires, your data is permanently deleted from our active systems and backups using industry-standard secure deletion methods.
8. Your Rights
You have the following rights regarding your personal data. The right of access: you can request a copy of all personal data we hold about you, and we will provide it within 30 days in a commonly used electronic format. The right to rectification: if any of your data is inaccurate or incomplete, you can ask us to correct it. The right to erasure: you can request deletion of your personal data, subject to our legal retention obligations. The right to restrict processing: you can ask us to temporarily stop processing your data while a complaint or query is resolved. The right to data portability: you can request that we transfer your data to another service provider in a structured, machine-readable format. The right to object: you can object to processing based on legitimate interest, and we will cease processing unless we can demonstrate compelling legitimate grounds. The right to withdraw consent: for any processing based on your consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal. To exercise any of these rights, contact our data protection team via email or live chat. We respond to all rights requests within 30 days.
9. Security Measures
We implement robust technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. All data transmitted between your browser and our servers is encrypted using TLS 1.3 (256-bit encryption). Sensitive data at rest, including payment information and KYC documents, is encrypted using AES-256. We maintain strict access controls — only authorised staff with a legitimate business need can access personal data, and all access is logged and audited. Our infrastructure is protected by firewalls, intrusion detection systems, and continuous security monitoring. We conduct regular security audits and penetration testing to identify and address vulnerabilities. While no system is perfectly secure, we are committed to maintaining the highest practical standards to protect your information.
10. Children's Privacy
Our services are not intended for anyone under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a person under 18 has provided us with personal information, we will take immediate steps to delete that data and close the associated account. If you believe a minor has created an account on our platform, please contact our support team immediately so we can take appropriate action.
11. Policy Updates and Contact
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will revise the "Last updated" date at the top of this page. For significant changes, we will notify you via email or through a prominent notice on our platform at least 14 days before the changes take effect. We encourage you to review this policy periodically. If you have any questions about this Privacy Policy, your data, or your rights, contact our data protection team through live chat or email. We are available around the clock and aim to respond to all privacy-related queries within 48 hours. Your trust matters to us, and we are committed to being transparent about how we handle your information at Regal Rush Casino NZ.