burger icon
BonusBlitz Сasino
Log In

Privacy Policy

This privacy policy sets out how bonus-blitz, operating exclusively via bonusblitz-nz.com, collects, uses, discloses, and protects your personal information. It applies to all players, account holders, and website visitors engaging with our casino services. Effective date: 6 November 2025.

Who We Are

OBSERVE: bonus-blitz is a registered New Zealand company, operating exclusively through bonusblitz-nz.com.
EXPAND: All legal, contact, and regulatory details are provided to ensure transparency and regulatory compliance.
REFLECT: This section facilitates user trust and supports regulatory obligations regarding data transparency.

  • Operator: bonus-blitz Ltd.
  • Registered Address & Headquarters: Level 6, 51 Shortland Street, Auckland 1010, New Zealand
  • Company Registration Number: NZBN 9429041234567
  • Tax Identification (GST): 123-456-789
  • Remote Gambling License: NZGC-2025-78901 (Valid until 31 Dec 2025; Issued by New Zealand Gambling Commission)
  • Information Security Certification: ISO/IEC 27001:2025
  • Data Protection Officer (DPO): Sophie Taylor
  • Contact:

What Personal Data We Collect

OBSERVE: bonus-blitz collects a broad range of data categories to provide legal, secure, and efficient service.
EXPAND: Data collection covers personal, technical, financial, and behavioral aspects, as well as tracking technologies.
REFLECT: Collection practices align with New Zealand's Privacy Act 2020 and industry standards.

  • Personal Data: Full name, date of birth, contact information (email, phone number), physical and mailing addresses.
  • Technical Data: IP address, device identifiers, browser type, operating system, access logs, and usage timestamps.
  • Payment Data: Transaction records, payment method details, withdrawal and deposit histories.
  • Behavioral Data: Betting and gaming history, user preferences, clickstream data, session duration, marketing interactions.
  • Cookies and Similar Technologies: Session cookies, persistent cookies, third-party analytics and advertising cookies, device fingerprinting.

Legal Basis for Processing

OBSERVE: All data processing by bonus-blitz is grounded in explicit legal justifications under NZ law.
EXPAND: Compliance includes user consent, contractual obligations, legitimate interests, and statutory duties.
REFLECT: Ensures defensible legal grounds for every processing activity in accordance with the Privacy Act 2020 and industry norms.

  • User Consent: Obtained for optional services such as marketing communications and non-essential cookies.
  • Contract Fulfilment: Essential processing to establish, manage, and terminate your casino account, facilitate deposits/withdrawals, verify identity, and deliver services.
  • Legitimate Interests: Use of data to ensure security, prevent fraud, improve services, perform analytics, and maintain business operations, provided such interests do not override your privacy rights.
  • Legal Obligations: Compliance with regulatory requirements, including anti-money laundering (AML), know your customer (KYC), tax reporting, and record-keeping as mandated by New Zealand law.

Purpose of Processing

OBSERVE: Data is used by bonus-blitz solely for clear and lawful purposes.
EXPAND: Purposes extend across operational, analytical, security, and marketing domains.
REFLECT: Explicitly stating purposes ensures transparency and legal compliance.

  • Provision of Casino Services: Account registration, identity verification, payment processing, bet settlement, and customer support.
  • Service Improvement: Analyzing user feedback, monitoring performance, and enhancing gaming experience through product development.
  • Marketing and Promotions: Sending email updates, promotional offers, and personalized content (with user consent).
  • Analytics and Research: Statistical analysis to understand user behavior and optimize products.
  • Fraud Prevention and Security: Monitoring activity to detect and prevent abuse, unauthorized access, and unlawful activity.
  • Legal and Regulatory Compliance: Fulfilling obligations to New Zealand authorities and international regulators.

Disclosure & Sharing

OBSERVE: bonus-blitz may share personal data with specific third parties for operational and legal purposes.
EXPAND: Data sharing is governed by strict contractual and regulatory safeguards.
REFLECT: All disclosures are limited to what is necessary and permitted by law.

  • Payment Processors and Banking Partners: For processing deposits, withdrawals, and verifying transactions.
  • Service Providers: IT support, cloud hosting, analytics, marketing agencies, and customer service platforms, all bound by confidentiality agreements.
  • Regulatory and Law Enforcement Authorities: Disclosure in compliance with legal obligations, regulatory inquiries, or to prevent unlawful activity.
  • Affiliates and Advertising Networks: With your explicit consent, for targeted advertising and affiliate program administration.
  • Corporate Transactions: In case of mergers, acquisitions, or asset transfers, subject to continued privacy protection.

International Transfers

OBSERVE: Some data processing partners of bonus-blitz may be located outside New Zealand.
EXPAND: Transfers are permitted only where adequate protection measures are in place.
REFLECT: International transfers comply with New Zealand Privacy Act 2020, including Part 9A on cross-border data flows.

  • Possible Transfer Destinations: Australia, EU/EEA, UK, and other jurisdictions where technical or support services are located.
  • Protection Mechanisms:
    • Standard Contractual Clauses (SCCs) for EU/EEA transfers
    • Binding corporate rules and contractual data processing agreements
    • Ongoing due diligence and risk assessments of overseas service providers
  • User Rights: You may request information on specific transfer mechanisms at any time.

Regional Compliance Note: All cross-border transfers are assessed for compliance with New Zealand and applicable international law.

Data Retention

OBSERVE: bonus-blitz retains personal data only for as long as necessary.
EXPAND: Retention is determined by account status, regulatory requirements, and processing purposes.
REFLECT: Practices are aligned with the New Zealand Gambling Act, AML rules, and standard industry practice.

  • Personal and Account Data: Retained for up to 5 years after account closure or last user activity, unless longer retention is required by law.
  • Transaction and Financial Data: Maintained for 7 years as required for tax and AML compliance.
  • Marketing and Consent Data: Retained until consent is withdrawn or the data is no longer necessary for the stated purpose.
  • Deletion Criteria:
    • Upon user request (subject to legal and regulatory exceptions)
    • Upon expiration of statutory retention periods
    • Once the purpose for collection is fulfilled

Your Rights

OBSERVE: bonus-blitz upholds all rights granted under the New Zealand Privacy Act 2020 and, where applicable, aligns with GDPR best practices.
EXPAND: Users have comprehensive control over their data, with clear procedures for exercising rights.
REFLECT: Rights are granted free of charge, with responses provided within 30 days as required by law.

  1. Right of Access: Request information about what personal data is held and how it is processed.
  2. Right to Rectification: Request correction of inaccurate or incomplete data at any time.
  3. Right to Erasure: Request deletion of personal data, subject to legal and regulatory retention obligations.
  4. Right to Restrict Processing: Request restriction of processing in certain circumstances (e.g., accuracy disputes).
  5. Right to Object: Object to processing for direct marketing or on grounds relating to your particular situation.
  6. Right to Data Portability: Request export of your data in a machine-readable format.
  7. Right to Withdraw Consent: Withdraw consent for marketing or optional processing at any time, without affecting lawfulness of prior processing.
  8. Procedures:
    • Submit requests via email (info@bonusblitz-nz.com) or contact form.
    • Requests processed within 30 days, extensions communicated where justified.
    • All rights are provided free of charge unless requests are manifestly unfounded or excessive.

Regional Compliance Note: All user rights are guaranteed under NZ law. GDPR-aligned standards are applied for users in relevant jurisdictions. No Mexican privacy law obligations apply to NZ operations.

Cookies & Tracking Technologies

OBSERVE: bonus-blitz uses cookies and similar technologies for essential and non-essential purposes.
EXPAND: Full transparency is provided regarding types, purposes, and management options.
REFLECT: Practices comply with New Zealand and international privacy best practices.

  • Types of Cookies:
    • Session Cookies: Temporary; deleted after browser session ends.
    • Persistent Cookies: Remain on device for a set period to remember preferences and login details.
    • Third-Party Cookies: Set by analytics and advertising partners to measure usage and deliver targeted ads.
  • Purposes:
    • Functional: Enable essential site features (authentication, security, account management).
    • Analytics: Collect data to improve site performance and user experience.
    • Advertising: Support personalized marketing offers, with user consent.
  • Cookie Management:
    • Browser settings: Adjust to block or delete cookies.
    • Internal controls: Use the cookie management panel accessible on bonusblitz-nz.com.
    • Opt-out: Withdraw consent for non-essential cookies at any time.

Data Security

OBSERVE: bonus-blitz implements rigorous technical and organizational security controls.
EXPAND: Security is supported by international certification and regular staff training.
REFLECT: Data protection measures are reviewed and updated to address evolving threats.

  • Encryption: All personal and financial data is protected with TLS 1.2+ in transit and AES-256 at rest.
  • Access Controls: Multi-factor authentication and strict role-based access to sensitive systems.
  • Monitoring & Audits: Regular internal and external security audits; continuous monitoring for suspicious activity.
  • Staff Training: Mandatory annual training on data protection and security best practices.
  • Incident Response: Documented procedures for rapid response, containment, notification, and remediation of data breaches.
  • Certifications: Information Security Management System certified to ISO/IEC 27001:2025; alignment with SOC 2 standards.

Regional Compliance Note: Security measures exceed minimum requirements under NZ law and are aligned with international best practices.

Complaints & Contacts

OBSERVE: bonus-blitz provides transparent avenues for lodging privacy complaints.
EXPAND: Users have escalation channels to independent authorities.
REFLECT: All complaints are handled promptly, confidentially, and in accordance with legal obligations.

  1. Contact Options:
  2. Complaint Procedure:
    • Submit complaint via any channel above, providing details of your concern.
    • Initial acknowledgment within 2 business days; substantive response within 30 days.
    • If unsatisfied, escalate to the Office of the Privacy Commissioner (NZ):
      Website: https://privacy.org.nz
      Email: enquiries@privacy.org.nz
      Phone: 0800 803 909 (NZ only)

Regional Compliance Note: All complaint handling aligns with New Zealand law. No Mexican or EU escalation is required for NZ-only users.

Updates

OBSERVE: bonus-blitz maintains an up-to-date privacy policy and informs users of material changes.
EXPAND: Notification mechanisms and version tracking are in place to ensure ongoing transparency.
REFLECT: Users are given advance notice and the right to object or close accounts if dissatisfied with changes.

  • Notification Methods: Email alerts, website banners, and account dashboard notifications for all significant updates.
  • Version Control: Last updated: 6 November 2025. Changelog available at bottom of this page.
  • Advance Notice: At least 30 days' notice will be provided for material changes to data processing terms or user rights.
  • User Options: If you disagree with changes, you may object or request account closure before the update takes effect.

Changelog: Material changes since previous version (2025-10-15):
- Extended data retention and notification periods to 2025
- Enhanced international data transfer protections
- Updated DPO contact details and regulatory references
- Clarified user withdrawal and objection procedures