Customer Data Protection In The Online Casino Industry

Protection of users’ information is one of the most complex areas that any gambling provider should address. This data is rather sensitive and a security breach may lead to serious consequences from losing loyal players to lawsuits and a drop in a share price. Here are only a few examples: AOL made 20 million search requests public by mistake, while Sony PlayStation lost 77 million records after a hack. They estimated the breach cost over $170 million.

But what data protection means for us, regular players? Which information we should never reveal and how the government protects us? Today we want to tell you more about the NZ legislation in gambling, as well as your rights as a user. We are sure that this data will be extremely useful and may potentially save your information and money.

Current Legislation

New Zealand gambling providers and venues are regulated by the Department of Internal Affairs and the 2003 Gambling Act. According to them, online gambling is prohibited and the only exceptions are Race Board, Lotteries Commission, and sales promotion. In 2004 the Gambling Commission was formed and since then it monitors New Zealand gambling, deals with complaints and ensures that personal information is safe. And if you don’t believe the officials, turn to trusted internet sources in the iGaming industry like Casino HEX, which contains all information on reputable providers and games.

Privacy Policy: Definition

The most important feature of an online casino in terms of data protection is the privacy policy, which explains how the provider will deal with the collected information. Read it attentively because this document discloses how the company uses account details and what it will do in case of hacks. Personal data, the basic set of details, usually includes your name, address, date of birth, phone number, email, as well as records of transactions. The privacy policy explains why each set of information is collected, how it is stored, and whether it’s shared with third parties.

The three pillars of customer data protection are the privacy policy, the General Data Protection Regulation (GDPR), and the Data Protection Act. Due to them, online operators are obliged to inform users how personal information is stored, shared, and protected.

Your Privacy Policy Rights

One may think that privacy policy doesn’t grant players with any rights and simply informs on data collection and processing. However, based on the Data Protection Act, players have a wide range of rights (including a right to opt for the deletion of any data). Here are some of them:

  1. Access right

Any time when staying at a casino, players have a right to request a report on data that was collected by the operator. This option may be available either from the personal account or by a request to managers.

  1. Rectification right

In case the player’s personal details have changed, the casino must change or delete the existing ones. Keep in mind that some operators require verification before updating the details.

  1. Right to erasure

All users have a right to ask the gambling site to delete all information that they have collected. However, the casino may agree to do so only if the data is not necessary or if a player doesn’t consent to the policy.

  1. Data restriction right

Another important right to be familiar with is the right to restrict personal data. It means that the casino can collect your personal data without processing it.

  1. Data portability right

All players must be able to receive information in a readable format. It should go as a separate ‘download my data’ button in a personal account or settings.

When Gambling Take Data Protection Seriously

Most gamblers don’t pay much attention to data protection and rarely read the privacy policy when joining an online casino. They are more interested in a welcome package or new games than in understanding the rights granted by the Data Protection Act and GDPR. But remember that the Internet remains quite an unstable place and even the most secure systems and platforms may be hacked or unintentionally disclose data.

So the first and the most important thing you should do is to get familiar with the privacy policy of a chosen operator and to learn your rights before entrusting anyone with sensitive data.