Privacy Policy
Effective date: 27 March 2026
This Privacy Policy explains how RollXO, operating through nz-rollxo-casino.com, collects, uses, stores, shares, and protects personal data in connection with its online gambling and related services in New Zealand. It is intended to provide a clear explanation of how RollXO Casino, RollXO Casino NZ, Casino RollXO, and RollXO Casino New Zealand process information when individuals visit the website, create an account, use gaming services, make payments, complete identity checks, contact support, or otherwise interact with the platform.
RollXO acts as a data controller in relation to the personal data processed for account registration, account management, gambling operations, anti-money laundering and countering financing of terrorism checks, customer support, security monitoring, legal compliance, and service improvement. In some circumstances, service providers engaged by RollXO will act as data processors on its behalf.
By registering an account and using the website, users acknowledge that certain data processing is necessary for the performance of gambling services, the fulfilment of a legal obligation, the establishment or defence of legal claims, fraud prevention, and the protection of legitimate business and regulatory interests. Where processing is based on consent, that consent may be withdrawn at any time, although such withdrawal will not affect the lawfulness of processing carried out before withdrawal and may affect the ability to continue using some services.
This Privacy Policy has been drafted with regard to New Zealand privacy principles under the Privacy Act 2020, and it also reflects internationally recognised privacy standards commonly applied in digital gambling environments, including concepts associated with GDPR, where relevant to transparency, data processing accountability, and user rights.
1. Introduction
RollXO provides gambling-related digital services that require the collection and verification of personal data. Because gambling services involve financial transactions, age controls, identity verification, fraud prevention, and AML/CFT compliance, RollXO has a legal obligation to process certain categories of personal information. This means that some personal data cannot be deleted, restricted, or withheld while the user account remains active or while statutory retention periods continue to apply.
Registration for an account constitutes acknowledgement that:
- RollXO must process personal data to provide access to games, payment functions, and account tools.
- RollXO must verify identity, age, and source-of-funds information where required.
- RollXO may monitor transactions and account activity to detect fraud, suspicious behaviour, bonus abuse, collusion, chargeback risk, and money laundering indicators.
- RollXO may retain records for the periods required by law, regulation, dispute management, and internal audit controls.
If a user does not agree with the data processing described in this Privacy Policy, the user should not create an account or continue using nz-rollxo-casino.com.
2. Information We Collect
RollXO may collect and process the following categories of personal data.
2.1 Information provided directly by users
When a user registers, contacts support, uploads documents, or uses account features, RollXO may collect:
- Full name
- Date of birth
- Residential address
- Billing address
- Email address
- Telephone number, where provided
- Username and account credentials
- Security questions and authentication information
- Preferences relating to account settings and communications
- Any information provided in correspondence with customer support
2.2 Gambling and account usage information
To operate betting and gaming services, RollXO may collect:
- Account registration date and status
- Login history
- Deposit and withdrawal history
- Betting, gaming, and wagering records
- Bonus usage and promotional participation history
- Account balances and transaction adjustments
- Self-exclusion, cooling-off, or responsible gambling settings
- Risk indicators linked to gameplay patterns or account behaviour
2.3 Payment and financial information
RollXO may process payment-related data necessary to complete deposits, withdrawals, reversals, and compliance checks, including:
- Payment method type
- Partial payment instrument details where appropriate for security and reconciliation
- Payment processor reference numbers
- Transaction amounts, timestamps, and status records
- Bank account details where needed for withdrawals
- Chargeback, refund, and payment dispute records
RollXO does not state that it stores full payment card details unless required and handled through authorised and compliant payment service providers.
2.4 KYC, identity verification, and enhanced due diligence documents
To comply with AML, CFT, and age verification requirements, RollXO may request and process:
- Government-issued photo identification
- Proof of address documents
- Source of funds or source of wealth documentation
- Bank statements or payment method verification documents
- Selfies, live verification images, or video verification materials
- Sanctions, politically exposed person, and adverse media screening results
- Verification notes and review outcomes generated by compliance staff or approved providers
2.5 Technical and device information
When users access nz-rollxo-casino.com, RollXO may automatically collect technical data, such as:
- IP address
- Browser type and version
- Operating system
- Device identifiers
- Language settings
- Time zone data
- Referral URLs
- Cookie identifiers
- Website navigation behaviour
- Session logs and crash reports
- Geolocation information derived from IP or device settings where relevant to fraud prevention or legal restrictions
2.6 Communications and correspondence
RollXO may keep records of:
- Emails sent to or from [email protected]
- Complaints and dispute correspondence
- Verification follow-up messages
- Risk and compliance notifications
- Marketing preferences and unsubscribe records
3. How We Use Your Information
RollXO processes personal data for specific and legitimate purposes connected to the operation of RollXO Casino NZ and legal compliance.
3.1 To provide gambling and account services
RollXO uses personal data to:
- Create and manage user accounts
- Process bets, wagers, wins, and losses
- Administer deposits and withdrawals
- Provide access to games, promotions, and customer account features
- Maintain account security and authentication controls
3.2 To verify identity and eligibility
RollXO uses personal data to:
- Confirm age and identity
- Verify address and payment ownership
- Prevent underage gambling
- Assess whether a user is eligible to access services in the relevant jurisdiction
- Complete KYC and enhanced due diligence reviews
3.3 To comply with AML/CFT and other legal obligations
RollXO may process data to:
- Monitor transactions and account behaviour for suspicious activity
- Report matters to competent authorities where required by law
- Maintain statutory records
- Respond to lawful requests, court orders, or regulatory inquiries
- Support internal compliance reviews, audits, and governance procedures
3.4 To prevent fraud and protect the platform
RollXO may use data for:
- Fraud prevention and fraud investigation
- Chargeback mitigation
- Detection of account takeovers, collusion, multi-accounting, or bonus abuse
- Cybersecurity monitoring and incident response
- Enforcement of terms and conditions
3.5 To improve services and conduct research
RollXO may analyse personal data and usage trends to:
- Improve website performance and usability
- Resolve technical issues
- Review customer support quality
- Develop new features or operational controls
- Conduct aggregated analytics and internal research
Where possible, research and analytics will use de-identified or aggregated information.
4. Marketing Communication
RollXO may use contact details and account information to send marketing communications where permitted by law or where the user has opted in, as applicable. These communications may include updates about products, services, features, campaigns, or promotions associated with RollXO Casino New Zealand.
Marketing data may include:
- Email address
- Communication preferences
- Language preferences
- Activity history relevant to segmentation and relevance controls
- Records of prior marketing engagement or opt-out actions
Users can opt out of marketing communications at any time by:
- Using the unsubscribe function included in a marketing email, where available
- Contacting [email protected] and requesting removal from marketing communications
RollXO will continue to send non-marketing service messages where necessary, including messages relating to security, legal notices, transaction confirmations, account restrictions, KYC requests, self-exclusion administration, and important operational updates.
5. Obtaining Personal Information
RollXO obtains personal information through several channels.
5.1 Directly from users
Personal data is collected when users:
- Complete registration forms
- Fill in profile details
- Submit payment or withdrawal requests
- Upload verification documents
- Contact [email protected]
- Participate in surveys, promotions, or responsible gambling interactions
5.2 Automatically through website and system use
RollXO collects technical information through cookies, server logs, analytics tools, fraud detection systems, and device recognition technologies used on nz-rollxo-casino.com.
5.3 From third-party providers
RollXO may obtain personal information from reputable third parties, including:
- Identity verification providers
- AML/CFT screening and risk intelligence providers
- Payment processors and financial institutions
- Fraud prevention and cybersecurity vendors
- Game providers where transaction reconciliation or dispute investigation is required
- Public registers, sanctions lists, and lawfully accessible databases
Where information is obtained from third parties, RollXO will process it only where there is a valid legal basis or lawful purpose for doing so.
6. Data Recipients
Access to personal data is limited to persons and organisations that require the information for legitimate operational, legal, security, or compliance purposes.
Within RollXO, personal data may be accessed by:
- Customer support staff
- Payments and finance teams
- Compliance and KYC personnel
- Fraud and risk teams
- Technical, security, and system administration personnel
- Management and audit personnel on a need-to-know basis
Third-party data processors and service providers may also receive personal data where necessary to deliver services to RollXO, subject to contractual confidentiality and data protection obligations.
7. Releasing Data to Third Parties
RollXO may share personal data with third parties only where there is a lawful and necessary reason to do so. This may include:
- Payment processors for deposit, withdrawal, reconciliation, and anti-fraud controls
- Identity verification and KYC providers for document validation and screening
- AML/CFT service providers for sanctions, PEP, and adverse media checks
- Game providers where account, bet, or round data is required to operate games or resolve disputes
- IT hosting, cloud, cybersecurity, analytics, and communication service providers acting as data processors
- Professional advisers, including legal, audit, and compliance consultants, where disclosure is necessary and protected
- Competent authorities, regulators, law enforcement, courts, or government agencies when required by law, legal obligation, subpoena, warrant, or formal request
- Corporate group entities where necessary for administration, risk management, fraud prevention, reporting, or internal governance
RollXO may also disclose personal data where it is necessary to establish, exercise, or defend legal claims, investigate breaches of terms, or protect the rights, property, systems, users, or lawful interests of RollXO and affected third parties.
If a business restructuring, merger, acquisition, or asset transfer occurs, personal data may be disclosed to relevant counterparties under appropriate confidentiality protections and only to the extent lawfully permitted.
8. International Data Transfers
Because online gambling systems often use international infrastructure and specialist compliance tools, personal data may be processed or stored outside New Zealand. Where this occurs, RollXO will take reasonable steps to ensure that overseas recipients protect personal data in a manner consistent with applicable legal requirements and recognised privacy safeguards.
Such safeguards may include:
- Contractual data protection clauses
- Access controls and confidentiality obligations
- Vendor due diligence and security assessments
- Transfer only where necessary for service delivery, compliance, or fraud prevention
9. Data Retention
RollXO retains personal data only for as long as necessary for the purposes described in this Privacy Policy, including legal, regulatory, tax, accounting, dispute resolution, fraud monitoring, and security purposes.
As a general rule, AML and CFT-related records, KYC documentation, transaction history, and associated compliance records may be retained for at least 5 years after the end of the business relationship or after the completion of a relevant transaction, where required by law or compliance practice.
Retention periods may be extended where:
- There is an ongoing investigation
- A complaint, chargeback, or dispute remains unresolved
- Legal proceedings are pending or reasonably anticipated
- RollXO is required to preserve records by law or competent authority instruction
After the applicable retention period expires, RollXO will delete, anonymise, or securely archive data in accordance with legal and operational requirements. Where the right to erasure applies, users may request deletion after mandatory retention obligations have ended. That right is not absolute and may be limited where continued processing is required by legal obligation, public interest, fraud prevention, or legal claims management.
10. Security of Your Data
RollXO takes technical and organisational measures designed to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure.
These measures may include:
- Account protection through ID and password controls
- Role-based access restrictions for staff
- Encryption of data in transit using SSL or equivalent secure protocols
- Encryption and security controls for stored data where appropriate
- Logging, monitoring, and incident response procedures
- Vendor security reviews and processor oversight
- Staff confidentiality obligations and training
- Secure document handling procedures for KYC and compliance records
No online environment can guarantee absolute security. Users are responsible for maintaining the confidentiality of their login details and for notifying RollXO promptly if they suspect unauthorised use of their account or personal data.
11. Cookies and Similar Technologies
RollXO may use cookies and similar technologies to operate the website, remember preferences, maintain sessions, analyse traffic, improve performance, and support fraud prevention controls.
These technologies may be used to:
- Keep users logged in securely
- Remember language or interface preferences
- Measure site usage and performance
- Detect suspicious or automated behaviour
- Support analytics and operational diagnostics
Users may be able to control cookies through browser settings, but disabling some cookies may affect website functionality, account access, or security controls.
12. Your Rights
Subject to applicable law, users may have the following rights in relation to their personal data:
- The right to request access to personal data held by RollXO
- The right to request correction of inaccurate or incomplete information
- The right to request deletion where data is no longer required and no legal obligation prevents erasure
- The right to object to or restrict certain processing in appropriate circumstances
- The right to withdraw consent where processing is based on consent
- The right to ask how data has been collected, used, and disclosed
- The right to make a complaint to a competent supervisory or privacy authority
These rights are not unlimited. RollXO may decline a request in full or in part where an exception applies, including where the information is subject to legal privilege, would prejudice a fraud investigation, would unreasonably impact the rights of others, or must be retained to comply with AML, CFT, responsible gambling, accounting, or legal obligations.
To exercise rights, users should contact [email protected]. RollXO may request proof of identity before processing a privacy request in order to protect account security and prevent unauthorised disclosure.
13. Children and Age Restrictions
RollXO does not knowingly provide gambling services to minors or knowingly collect personal data from individuals who are below the legal age required to use the services. If RollXO becomes aware that personal data has been provided by an underage individual, it may suspend or close the account, cancel activity as permitted by applicable terms and law, and retain necessary records for legal compliance and safeguarding purposes.
14. Contacting Us
Questions, requests, corrections, and privacy-related concerns about this Privacy Policy or the handling of personal data by RollXO should be sent by email to:
RollXO will review privacy requests and complaints in accordance with applicable legal requirements and within a reasonable timeframe. If a user is not satisfied with the response, the user may lodge a complaint with the appropriate privacy or supervisory authority with jurisdiction over the matter.
15. Changes to This Privacy Policy
RollXO may update this Privacy Policy from time to time to reflect legal, technical, operational, or service changes. The latest version will be published on nz-rollxo-casino.com with an updated effective date. Where changes are material, RollXO may provide additional notice through the website or by email where appropriate.
16. Legal and Regulatory References
This Privacy Policy is informed by the following legal and regulatory sources relevant to New Zealand privacy and gambling-related compliance:
- Privacy Act 2020 (New Zealand)
- Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (New Zealand)
- Privacy principles and guidance published by the Office of the Privacy Commissioner, New Zealand
- General privacy and accountability concepts commonly recognised in international data protection practice, including GDPR terminology where used descriptively for transparency
Users should read this Privacy Policy together with any applicable Terms and Conditions, Responsible Gambling materials, and verification notices published on nz-rollxo-casino.com.
By using RollXO Casino, users acknowledge that personal data processing is an essential part of operating a secure and legally compliant gambling service.