burger icon
SkyCity Casino
Log In

Privacy Policy

This Privacy Policy explains how sky-city-casino, operating exclusively via sky-city-nz.com, collects, uses, and protects your personal information. It applies to all players and visitors of our website and services. Effective date: 6 November 2025.

Who We Are

sky-city-casino is operated by Silvereye Entertainment Limited (Registration Number: C97463), a company registered in Malta and acting under the authority of the Malta Gaming Authority (MGA/B2C/880/2021, valid through 2025). The brand is part of the SkyCity Entertainment Group, Auckland, New Zealand. Our principal business operations are managed from Malta and New Zealand.

  • Legal Address: Not specified (Silvereye Entertainment Limited, Malta); New Zealand presence via SkyCity Entertainment Group, Auckland.
  • Contact for Data Protection: Please direct privacy-related inquiries to our Data Protection Officer (DPO) at support@sky-city-nz.com or info@sky-city-nz.com.
  • Website: sky-city-nz.com

Note: For regulatory purposes, correspondence should be addressed to Silvereye Entertainment Limited, Malta, with local representation through SkyCity Entertainment Group, Auckland.

What Personal Data We Collect

  • Personal Identification Data: Full name, date of birth, contact details (email, phone), physical address (where provided), and government-issued identification for verification purposes.
  • Technical Data: IP address, device information, browser type, log files, operating system, geolocation data (where permitted), and session activity logs.
  • Payment Data: Bank account information, credit/debit card details, e-wallet information, transaction history, and payment verification records.
  • Behavioral Data: Betting history, game preferences, clickstream data, account activity (logins, interactions), and user feedback.
  • Cookies and Similar Technologies: Session cookies, persistent cookies, third-party cookies, and tracking pixels used for functionality, analytics, or advertising purposes.

All data is collected in accordance with applicable New Zealand privacy laws and international best practices.

Legal Basis for Processing

  1. User Consent: We process personal data based on your explicit consent, such as when you register an account, opt in to marketing communications, or agree to our use of cookies.
  2. Contractual Necessity: Data processing is required to fulfill our contractual obligations, including account creation and management, service delivery, payment processing, and customer support.
  3. Legitimate Interests: Processing is necessary for our legitimate business interests, such as fraud prevention, security monitoring, service improvement, and internal analytics, provided such interests are not overridden by your data protection rights.
  4. Legal Obligations: We are required by law (including KYC/AML, anti-fraud, and regulatory reporting mandates) to collect, verify, and retain certain personal data. This includes compliance with Malta and New Zealand gambling authorities.

Regional Compliance Note: All processing is conducted in accordance with the New Zealand Privacy Act 2020, the Malta Gaming Authority's requirements, and relevant EU standards where applicable.

Purpose of Processing

  • Provision of Casino Services: To enable gameplay, manage user accounts, process deposits and withdrawals, and deliver customer support.
  • Service Improvement and Analytics: To monitor, analyze, and enhance our website, games, and overall user experience, including troubleshooting and quality assurance.
  • Marketing Communications: To send promotional offers, newsletters, and updates, strictly in compliance with your preferences and opt-in status.
  • Fraud Prevention and Security: To detect, investigate, and prevent fraudulent activity, money laundering, or other prohibited conduct.
  • Legal and Regulatory Compliance: To fulfill obligations under gambling and financial regulatory frameworks, including KYC, AML, and responsible gambling requirements.

Data is processed solely for the purposes outlined above and is not used in a manner incompatible with these objectives.

Disclosure & Sharing

  • Payment Processing Partners: Personal and payment data may be shared with licensed payment service providers for transaction authorization and settlement.
  • Service Providers: Third-party vendors (IT, security, analytics, marketing) may process data on our behalf under strict confidentiality and data protection agreements.
  • Regulatory Authorities: Data may be disclosed to regulators such as the Malta Gaming Authority, New Zealand Gambling Commission, or other competent bodies in compliance with legal obligations.
  • Affiliates and Advertising Networks: With your consent, certain data may be shared with affiliate partners or advertising networks for promotional purposes.
  • Corporate Transactions: In case of mergers, acquisitions, or restructuring, data may be transferred to successor entities with continued protection assurances.

We require all third parties to implement adequate data protection measures and prohibit use of personal data for purposes other than those specified by sky-city-casino on sky-city-nz.com.

International Transfers

  1. Countries/Regions: Personal data may be transferred to Malta (primary operations), New Zealand (local representation), and other jurisdictions where our service providers operate.
  2. Protection Guarantees:
    • Transfers are governed by standard contractual clauses (SCCs) and data processing agreements ensuring data protection equivalent to NZ law.
    • Where applicable, we rely on adequacy decisions and certifications such as ISO 27001.
    • All international transfers are subject to ongoing risk assessments and regular compliance reviews.

Regional Compliance Note: All transfers comply with the New Zealand Privacy Act 2020 and relevant EU and Maltese data transfer regulations.

Data Retention

  • Personal Data: Retained for the duration of your account activity and for a maximum of 5 years after account closure, or as required by law (e.g., for AML/KYC compliance).
  • Technical and Behavioral Data: Retained as long as necessary for security, analytics, and service improvement purposes, typically not exceeding 3 years from collection.
  • Cookies and Tracking Data: Stored according to cookie type-session cookies expire when you close your browser; persistent cookies last up to 2 years unless deleted by the user.
  • Deletion Criteria: Data is deleted or anonymized upon user request, expiration of retention periods, or when processing purposes are fulfilled, unless further retention is legally required.

All data retention practices comply with the New Zealand Privacy Act 2020 and MGA regulations.

Your Rights

  1. Access: You may request a copy of the personal data held about you by contacting our DPO at support@sky-city-nz.com. Response time is within 30 days, free of charge.
  2. Correction: You have the right to request correction of inaccurate or incomplete personal data.
  3. Deletion (Erasure): You may request deletion of your data where no longer necessary for processing purposes, subject to legal retention obligations.
  4. Restriction: You can request restriction of processing under certain conditions (e.g., contesting data accuracy, unlawful processing).
  5. Objection: You may object to processing based on our legitimate interests or for direct marketing purposes at any time.
  6. Data Portability: You may request your data in a structured, machine-readable format and transfer it to another provider where technically feasible.
  7. Withdrawal of Consent: You can withdraw your consent for marketing communications at any time through your account settings or by contacting us.
  8. Procedures:
    • Submit your request via email to support@sky-city-nz.com or info@sky-city-nz.com.
    • We verify your identity before processing your request.
    • All requests are addressed within 30 days, with possible extension where permitted by law (notification provided).
    • No fees are charged for exercising your rights unless requests are manifestly unfounded or excessive.

Regional Compliance Note: All rights are provided in accordance with the New Zealand Privacy Act 2020 and, where applicable, GDPR. Mexican data protection regulations are referenced where relevant, but the primary jurisdiction is NZ.

Cookies & Tracking Technologies

  • Session Cookies: Essential for website operation, ensuring secure login and user authentication; expire when the browser is closed.
  • Persistent Cookies: Store preferences, remember login details, and enhance user experience; remain on your device for up to 2 years unless deleted.
  • Third-Party Cookies: Used for analytics (e.g., Google Analytics), advertising, and affiliate tracking; subject to third-party privacy policies.

Managing Cookies

  • Browser Settings: You can manage or disable cookies via your browser settings at any time.
  • Internal Panel: Cookie preferences can also be managed through the cookie consent panel on sky-city-nz.com.
  • Impact: Disabling certain cookies may affect site functionality or limit access to some features.

For more information, refer to our Cookie Policy or contact support.

Data Security

  1. Encryption: All data transmitted between your device and sky-city-nz.com is protected by TLS 1.2+ encryption. Sensitive data is encrypted at rest and in transit.
  2. Access Controls: Strict access controls and multi-factor authentication are enforced for all staff handling personal data.
  3. Security Audits: Regular independent security audits and vulnerability assessments are conducted to identify and mitigate risks.
  4. Staff Training: All employees receive recurring training in data protection, privacy, and cybersecurity best practices.
  5. Incident Response: Comprehensive incident response procedures are in place for potential data breaches, including prompt user notification and regulatory reporting.
  6. International Standards: Data security measures are aligned with ISO 27001 and SOC 2 standards where applicable.

Regional Compliance Note: Security measures are designed to meet or exceed NZ, MGA, and international regulatory requirements.

Complaints & Contacts

  • Contact Channels:
    • Email: support@sky-city-nz.com (primary DPO contact)
    • Email: info@sky-city-nz.com (general inquiries)
    • Online feedback (via website where available)
    • Postal address: Not specified (Silvereye Entertainment Limited, Malta) / SkyCity Entertainment Group, Auckland, New Zealand
  • Complaint Procedure:
    1. Submit your complaint via email or online feedback form, detailing your concern.
    2. Our DPO will acknowledge receipt within 5 business days and provide an initial response.
    3. We aim to resolve all complaints within 30 days. Complex cases may require additional time, with progress updates provided.
  • Escalation:
    • If your complaint is not resolved to your satisfaction, you may escalate it to the New Zealand Privacy Commissioner (privacy.org.nz), or, where applicable, to the Malta Data Protection Authority (idpc.org.mt).

All complaints are handled confidentially and impartially, in accordance with applicable laws.

Updates

  • Notification Methods: We notify users of material changes to this Privacy Policy via email, website banners, and account dashboard alerts.
  • Version Control: The current version is effective from 6 November 2025. Significant changes are summarized in a changelog section below.
  • Advance Notice: Users receive at least 30 days' advance notice for material changes, during which they may object or close their account without penalty.
  • Changelog:
    • 2025-11-06: Full policy update for NZ Privacy Act 2020 and MGA compliance. Expanded user rights, clarified international transfers, updated contact information.

It is your responsibility to review updates to this Privacy Policy regularly. Continued use of sky-city-nz.com constitutes acceptance of the current policy terms.