Privacy Policy

1. INTRODUCTION

Welcome to CasinoAlpha’s Privacy Policy. This notice explains, in clear terms, how CasinoAlpha (“we,” “us,” or “our”) collects, uses, discloses, and safeguards your personal information when you access or use casinoalpha.com (the “Website”). CasinoAlpha operates as an independent casino review and information platform.

For visitors in New Zealand, we handle personal data in line with the Privacy Act 2020 and the Information Privacy Principles (IPPs). Where the EU GDPR applies to you (e.g., if you’re located in the EEA), we also follow the GDPR framework set out below.

Data Controller:
Extremoo Marketing SRL
Romania, Dobroesti, Ilfov, Mesteacanului 4
Email: legal@casinoalpha.com

If you have questions about this Policy or about how we process your data, please get in touch via the form available on our contact page.

2. INFORMATION WE COLLECT

2.1. Information You Provide Directly

There are a few ways you may choose to share personal information with us. When subscribing to the newsletter, the only mandatory field is your email address; you may also provide your name, country or region, and language preferences if you wish.

If you reach us via a Website contact form, we process the name and email address you submit, the subject of your message, the content of your inquiry, and any other details you add voluntarily. Where comments or reviews are enabled, we process your name or username, email address, the comment or review content, and any rating scores you decide to post.

2.2. Information Collected Automatically

When you use the Website, certain information is collected automatically through cookies or similar technologies. This includes technical data such as your IP address, browser type and version, device type (desktop, mobile, or tablet), operating system, screen resolution, referring and exit pages, together with the date and time of your visits.

We also collect usage data, for example, the pages you view, how long you stay, click patterns and navigation paths, on-site search queries, links you click (including affiliate links), scroll depth, and other interactions with our content. In addition, we infer general location at country or city level from your IP address; we do not collect precise geolocation. Information stored via cookies and similar tools is treated as cookie data and is explained further in Section 5.

2.3. Information From Third Parties

To operate responsibly, we occasionally receive limited information from other sources. Casino operators we review may provide verification details, such as confirmation of licence validity or game providers, used solely for accuracy checks.

Analytics providers may supply aggregated, anonymised performance metrics, and advertising partners may share ad performance information that does not identify you (non-PII). We do not purchase or obtain personal data from data brokers.

3. HOW WE USE YOUR INFORMATION

We process personal data for the purposes below.

3.1. Purpose Table

NZ note: For New Zealand visitors, we act in line with the Privacy Act 2020 and the IPPs (e.g., IPP1 purpose limitation, IPP3 notification, IPP5 security), alongside the practices described in this Policy.

3.2. Detailed Purposes

Newsletter & Communications. We use your details to send casino reviews, bonus offers, and industry news. We also share updates about the Website and our services. When you contact us, the information you provide is used to respond to your questions and support requests.

Website Operations. Data is processed to run the Website reliably: delivering core functionality, reflecting your preferences where applicable, remembering settings so you do not need to re-enter them, and protecting the service against abuse while maintaining security.

Analytics & Improvement. We study how visitors use the Website to understand behaviour and traffic patterns, identify popular content and features, test new functionality, optimise the user experience, and diagnose technical problems when they occur.

Security & Fraud Prevention. To keep the service safe, we detect and prevent fraudulent activity, monitor for threats and vulnerabilities, block spam and abusive behaviour, and enforce our Terms and Conditions when necessary.

Legal Compliance. Certain processing is carried out to meet legal and regulatory requirements, respond to lawful requests or court orders, protect our legal rights and interests, and comply with tax and financial reporting obligations.

Affiliate Marketing. We track referrals to casino operators so commissions are attributed correctly and the effectiveness of our recommendations can be measured. For transparency, see Section 12 for the full disclosure.

3.3. Legitimate Interests

When we rely on legitimate interests, these include operating and improving our services, providing free high-quality content, securing the Website and preventing fraud, understanding user preferences to deliver relevant content, sustaining our business model through affiliate marketing, and analysing performance to improve the user experience. We have completed a Legitimate Interest Assessment (LIA) and concluded that these interests are not overridden by your rights and freedoms.

4. LEGAL BASIS FOR PROCESSING UNDER GDPR

For New Zealand residents, we primarily rely on the Privacy Act 2020 and the IPPs for the collection, use, and disclosure of personal information. Where the GDPR applies to you (for example, if you are in the EEA), the legal bases below apply in addition.

4.1. Consent (Art. 6(1)(a))

We rely on consent where you actively agree to specific processing. This covers newsletter subscriptions, the use of marketing cookies (for example, Google Analytics for EEA users), advertising and marketing communications, and optional data collection such as surveys or preference fields.

You may withdraw consent at any time; withdrawal does not affect the lawfulness of processing carried out before withdrawal. To withdraw, use the Unsubscribe link in any newsletter or adjust your choices in Cookie Settings for cookies.

NZ note: We also comply with New Zealand’s Unsolicited Electronic Messages Act 2007 for commercial electronic messages (e.g., requiring a working unsubscribe and sender identification).

4.2. Legitimate Interests (Art. 6(1)(f))

We process data on the basis of legitimate interests for website analytics (Matomo), fraud prevention and security, site functionality and improvements, affiliate tracking, responding to enquiries, and general business operations. We have assessed these interests and concluded that they do not override your fundamental rights and freedoms. You may object at any time, see Section 9.6.

4.3. Legal Obligation (Art. 6(1)(c))

Some processing is necessary to comply with legal requirements. This includes complying with court orders or legal processes, tax and financial record-keeping, regulatory compliance, and responding to lawful government requests.

4.4. Contract (Art. 6(1)(b))

We also process data where it is necessary to perform a contract or to take steps at your request before entering into one. This covers providing services you request, processing enquiries and support requests, and fulfilling our obligations under the Terms and Conditions.

5. COOKIES AND TRACKING TECHNOLOGIES

5.1. What Are Cookies?

Cookies are small text files stored on your device. They help us remember preferences and understand how you use the Website.

5.2. Types of Cookies We Use

A. Strictly Necessary Cookies

These are essential for the Website to function and cannot be disabled.

Legal Basis: Necessary for site operation / Legitimate interests (GDPR Art. 6(1)(f)); no consent required for strictly necessary cookies.

NZ note: Under the Privacy Act 2020, there is no separate “cookie law”; we follow IPP3 (notification) and provide clear choices and controls.

B. Analytics and Performance Cookies

Help us understand how visitors interact with the Website.

1. Matomo Analytics (Self-Hosted, Privacy-Focused)

What is Matomo?
Matomo (formerly Piwik) is an open-source, privacy-focused analytics platform hosted on our EU servers.

Privacy features:

• EU hosting (data does not leave the EU/EEA)

• No data sharing with third parties

• Automated data deletion after 24 months

• Respects “Do Not Track” (DNT) signals

• GDPR-compliant by design

Data not collected:

• Personally identifiable information (PII)

• Cross-site tracking data

• Advertising profiles

Purpose:
Understand visitor behaviour and preferences; improve content and navigation; identify technical issues; measure performance.

Legal Basis: Legitimate interests (Art. 6(1)(f))—supported by an LIA.
Opt-out: Update Cookie Settings; enable DNT in your browser (Matomo respects DNT).
More info: https://matomo.org/privacy/

2. Google Analytics 4 (GA4)

Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

Configuration:

• IP anonymisation enabled

• Data sharing with Google disabled (no advertising features)

• User-ID tracking disabled

• Advertising features disabled (no remarketing)

• Google Signals disabled (no cross-device tracking)

• Data retention: 14 months (auto-deletion)

• Cookie timeout: up to 24 months

Purpose:
Comprehensive analytics; behaviour and content analysis; traffic sources; conversion tracking (e.g., newsletter signups, affiliate clicks); benchmarking and performance monitoring.

Legal Basis:

• EEA/UK users: Consent (Art. 6(1)(a))—explicit opt-in before activation

• NZ users: We seek consent for analytics as a matter of best practice under the Privacy Act 2020 transparency principles.

• Non-EEA users: Legitimate interests (Art. 6(1)(f))

International data transfer: Data may be processed in the USA.
Transfer safeguards: EU–US Data Privacy Framework (Google certified); SCCs; encryption and access controls; DPA in place with Google (GDPR Art. 28).
Policies and opt-out:
Privacy: https://policies.google.com/privacy
Terms: https://marketingplatform.google.com/about/analytics/terms/
How Google uses data: https://policies.google.com/technologies/partner-sites
Opt-out add-on: https://tools.google.com/dlpage/gaoptout
Or use our Cookie Settings to refuse analytics cookies.

C. Marketing and Advertising Cookies

Track activity for campaign measurement and relevant advertising.

Legal Basis: Consent (GDPR Art. 6(1)(a)).

D. Notification Cookies

Purpose: Enable optional web push notifications for promotions and updates.
Legal Basis: Consent (Art. 6(1)(a)).

5.3. Cookie Consent Management

When you first visit, a cookie banner (CookieCarousel) appears with options to:

• Accept All Cookies (all categories), or

• Reject All non-essential cookies.

Consent must be freely given and is revocable at any time. Your choices are stored in CookieConsent for 12 months, after which we will ask again.

5.4. Managing and Controlling Cookies

You have several options:

Browser settings
Chrome: https://support.google.com/chrome/answer/95647
Firefox: https://support.mozilla.org/kb/enhanced-tracking-protection-firefox-desktop
Safari: https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
Edge: https://support.microsoft.com/microsoft-edge/delete-cookies-in-microsoft-edge-63947406
Blocking all cookies may affect site functionality.

Analytics-specific opt-out
Google Analytics: install the opt-out add-on (link above)
Matomo: use Cookie Settings to reject analytics; enable DNT (honoured by Matomo)

Do Not Track (DNT) signals
Matomo respects DNT; Google Analytics does not by default (use the add-on).
Marketing cookies follow your consent choices regardless of DNT.

Industry opt-out tools
EDAA (EU): https://www.youronlinechoices.com/
NAI (US): https://optout.networkadvertising.org/
DAA (US): https://optout.aboutads.info/

5.5. Withdrawing Consent

Click Cookie Settings (footer) to switch to “Necessary Only” or customise; then Save Preferences. Effects are immediate and do not affect earlier lawful processing. Some features may be limited.

5.6. Consequences of Disabling Cookies

5.7. Third-Party Cookies

Some services place cookies:

Embedded Content

• YouTube videos: Google cookies

• Social share buttons: Facebook, Twitter/X, LinkedIn cookies

• Affiliate tracking: casino operator cookies when you click links

Policies
YouTube: https://policies.google.com/privacy
Facebook: https://www.facebook.com/privacy/
Twitter/X: https://twitter.com/privacy

5.8. Cookie Lifespan and Deletion

• Session cookies: deleted when you close your browser

• Persistent cookies: expire as specified (maximum 24 months)

• You can manually delete cookies via browser settings at any time

5.9. Technical Cookie Implementation

WordPress Integration
Security cookies (e.g., Secure-wp-show-)
Application state via g_state

Cookie Security
Secure flag where HTTPS is available
SameSite attributes for CSRF protection
HttpOnly for security-sensitive cookies

5.10. Cookie Audit and Monitoring

We audit cookies regularly to keep this policy accurate.
Last audit: 14.10.2025
Next scheduled audit: 11.2026

6. THIRD-PARTY SERVICES AND DATA SHARING

We share data with trusted third parties only where necessary.

6.1. Analytics Services

A. Matomo Analytics (Self-Hosted)

Provider: Self-hosted on our EU servers (no external processor)
Location: Germany
Relationship: We act as Data Controller; Matomo is our tool (not a separate processor)

Data Collected: IP addresses; pages visited/time spent; referral source; device type, browser (anonymised); geographic location (country/city from IP); click events and interactions.
Data Not Collected: PII; cross-site tracking; data shared with advertisers.
Privacy Features: EU-hosted; no third-party sharing; respects DNT; GDPR-compliant by design.

Purpose: Behaviour insights, UX improvements, performance monitoring
Legal Basis: Legitimate interests (Art. 6(1)(f)) — LIA conducted
Retention: 24 months
Opt-Out: Cookie Settings or enable DNT
More Info: https://matomo.org/privacy/

B. Google Analytics 4 (GA4)

Provider: Google LLC
Address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Relationship: Processor under GDPR Art. 28 (DPA in place)

Data Collected: IP addresses; pages viewed, user journeys; session duration, bounce rate; traffic sources/referrals; device info (type, OS, browser); approximate location (city level); custom events/interactions; conversion tracking.
Data Not Collected (disabled): Advertising features; Google Signals (cross-device); enhanced advertising measurement.

Privacy Configuration: Data sharing with Google disabled; advertising features disabled; Google Signals disabled; data retention 14 months; cookie timeout up to 24 months.

Purpose: Analytics, behaviour insights, traffic sources, conversions, benchmarking, performance monitoring.

Legal Basis:

• EEA/UK: Consent (Art. 6(1)(a)) — explicit opt-in

• NZ: Consent (best practice under Privacy Act transparency)

• Non-EEA: Legitimate interests (Art. 6(1)(f))

International Data Transfer: USA
Transfer Safeguards: EU–US DPF; SCCs; encryption, access controls, audits.
Google Policies:
Privacy: https://policies.google.com/privacy
Terms: https://marketingplatform.google.com/about/analytics/terms/
DPA: https://privacy.google.com/businesses/processorterms/
Partner sites: https://policies.google.com/technologies/partner-sites

Opt-Out:
Add-on: https://tools.google.com/dlpage/gaoptout
Cookie Settings: reject analytics cookies
Browser: block cookies manually

Your Rights: Access, opt-out, withdraw consent, request deletion.

6.2. Comparison: Matomo vs. Google Analytics

Why both: Matomo for privacy-first analytics; Google for benchmarking/advanced features.
Your choice: Consent to both, Matomo only, or neither via Cookie Settings.

6.3. Casino Operators (Affiliate Relationships)

Important affiliate disclosure: CasinoAlpha earns commissions when you register/play at casinos through our links.

How affiliate tracking works:
You click an affiliate link on our site → the casino places a tracking cookie (typically 30–90 days) → you register and/or deposit → the casino attributes the referral to CasinoAlpha → we receive commission (e.g., €20–€150 CPA or 20%–40% revenue share).

Data shared with the casino: referral source (casinoalpha.com), click timestamp, our affiliate ID, click ID (session).
Data shared back to us: aggregate conversion info and commission due.
We do not receive: your name, email, address, deposit amounts, balances, payment details, or gameplay data.

Once you visit a casino, you are subject to their Terms and Privacy Policy. Review those before registering.
Editorial independence: See our Editorial Policy
Legal Basis: Legitimate interests for affiliate tracking (Art. 6(1)(f)); consent (Art. 6(1)(a)) if required by the operator.
Opt-Out: Reject Marketing Cookies in Cookie Settings (may affect referral attribution).

6.4. Email Service Provider

Provider: Aweber
Purpose: Newsletter delivery and email marketing
Data shared: email address, name (if provided), subscription preferences, engagement (opens/clicks)
Legal Basis: Consent (Art. 6(1)(a))
Privacy Policy: https://www.aweber.com/privacy.htm

6.5. Hosting and Infrastructure

Provider: Google Cloud
Location: EU/EEA
Services: Website hosting, CDN, DDoS protection, SSL/TLS, database management, backups
DPA: GDPR-compliant DPA in place
Data transferred: Operational website data as necessary
Legal Basis: Legitimate interests (Art. 6(1)(f))

6.6. When We Must Disclose Data

We may disclose personal data when legally required:

Legal obligations: court orders, subpoenas, legal processes; compliance with laws/regulations; lawful requests from authorities; tax/financial reporting.
Protection of rights: enforce Terms and Conditions; detect/prevent fraud and security issues; protect our rights, property, safety; protect users and the public.
Business transfers: merger, acquisition, bankruptcy, or sale of assets. We will notify via email and Website notice. Any acquirer must honour this Privacy Policy or seek fresh consent.
With your consent: any other disclosure with explicit consent.
Data minimisation: we disclose only the minimum necessary.

6.7. We Do Not Sell Your Personal Data

CasinoAlpha does not sell, rent, or trade personal data.
Affiliate commissions are not a “sale” under GDPR/CCPA/CPRA because we do not transfer PII to operators.

6.8. Third-Party Links

The Website contains links to casino/third-party sites.
Once you click, their terms and privacy policies apply. We do not control their practices and are not responsible for their content, security, or data handling.
Your responsibility: review third-party privacy policies and use caution when sharing personal information.

6.9. List of Third-Party Data Recipients

Full details: see subsections above.

7. INTERNATIONAL DATA TRANSFERS

7.1. Where Your Data Is Processed

Primary location: EU/EEA
Website servers: Germany, United Kingdom
Matomo analytics: EU (self-hosted)
Hosting provider: EU data centres
Most data remains within the EU/EEA.

7.2. Transfers Outside EU/EEA

United States (USA) — Google Analytics
Recipient: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
Why transfer occurs: Google processes data on US servers to provide analytics.

Legal basis for transfer (where GDPR applies): EU–US Data Privacy Framework; SCCs; supplementary measures (encryption, access controls, audits). You can withdraw consent at any time via Cookie Settings.

NZ cross-border disclosure: For New Zealand users, when personal information is disclosed to an overseas recipient, we take reasonable steps to ensure the recipient is subject to comparable safeguards under IPP12 of the Privacy Act 2020 (e.g., contractual protections and technical measures), unless a permitted exception applies.

Your rights:
Opt-out add-on: https://tools.google.com/dlpage/gaoptout
Withdraw consent via Cookie Settings to stop transfer
Alternative: choose Matomo-only (EU-hosted) to avoid international transfers.

Other potential transfers
Casino operators: various jurisdictions (e.g., Malta, Gibraltar, UK, etc.). You enter a direct relationship with the operator; their policies apply.
Social media platforms: Facebook, Twitter/X, LinkedIn (EU/USA as applicable) under their own transfer safeguards.

7.3. Adequacy Decisions

The EU Commission recognises certain countries as providing “adequate” protection (for EU transfers). See the European Commission website for the current list.

7.4. Your Rights Regarding International Transfers

You may: be informed (as set out here); object by withdrawing consent; request details about safeguards; opt out via Cookie Settings (e.g., reject GA).
Exercise rights: email privacy@casinoalpha.com with subject “International Transfer Rights”.

7.5. No Transfer to High-Risk Jurisdictions

We do not transfer data to countries/organisations subject to EU sanctions, known for mass surveillance without safeguards, or lacking adequate protection.

7.6. Monitoring Legal Changes

We monitor developments (e.g., GDPR transfer rules; NZ OPC guidance on cross-border disclosures) and adjust our approach. Material changes will be reflected in this Privacy Policy.

8. DATA RETENTION

We retain personal data only as long as necessary.

8.1. Retention Periods

8.2. Retention Criteria

We set retention based on: purpose fulfilment; legal obligations; legitimate business needs (e.g., defending legal claims); consent period.

8.3. Secure Deletion

After expiry: personal data is securely deleted or anonymised; backups are removed per retention schedule (max 90 days); third parties are instructed to delete data. Deletion methods include secure overwrite and anonymisation.

8.4. Exceptions

We may retain data longer where required by law; needed for legal claims; you request retention; or data is fully anonymised.

9. YOUR RIGHTS UNDER GDPR

For EU/EEA residents, the following rights apply. (NZ residents should see the Privacy Act 2020 rights and complaint routes noted below.)

9.1. Right to Access (Art. 15)

Request a copy of your personal data and related information.
How: Complete the form from our Contact page with your full name, email, and scope.
Response: within 30 days (may extend to 60 days for complex requests).
Fee: free unless requests are excessive/unfounded.

9.2. Right to Rectification (Art. 16)

Ask us to correct inaccurate or incomplete personal data.
Response: within 30 days.

9.3. Right to Erasure / “Right to be Forgotten” (Art. 17)

Request deletion when applicable (e.g., data no longer needed, consent withdrawn, unlawful processing, or legal obligation to erase).
Exceptions: where retention is legally required or needed for legal claims/public interest.
How: Complete the form from our Contact page.
Response: within 30 days.

9.4. Right to Restrict Processing (Art. 18)

Request that we limit processing where appropriate (e.g., accuracy disputed, legal claims).
Effect: we store data but limit processing.
Response: within 30 days.

9.5. Right to Data Portability (Art. 20)

Receive your data in a structured, machine-readable format (CSV/JSON/XML) where processing is based on consent or contract and carried out by automated means.
How: Complete the form from our Contact page.
Response: within 30 days.

9.6. Right to Object (Art. 21)

Object to processing based on legitimate interests or to direct marketing.
Legitimate interests: we stop unless we demonstrate compelling grounds.
Direct marketing: we stop immediately.

9.7. Rights Related to Automated Decision-Making (Art. 22)

You have the right not to be subject to solely automated decisions with legal or similarly significant effects.
Our practice: we do not use such profiling. If this changes, we will notify you and explain safeguards (human intervention, ability to contest, etc.).

9.8. Right to Withdraw Consent

Withdraw consent at any time:
Newsletter: click Unsubscribe
Cookies: update Cookie Settings
Withdrawal is immediate and does not affect prior lawful processing.

9.9. How to Exercise Your Rights

Contact:
Email: legal@casinoalpha.com
Mail: [Company Name], [Full Address]
Subject line: specify the right (e.g., “GDPR Access Request”)
Include: full name, email, specific request, and proof of identity if needed.
Response time: 30 days (extendable to 60 days; we’ll inform you).
Fee: none unless requests are manifestly unfounded or excessive.
If we refuse, we’ll explain why and inform you of your right to complain to a supervisory authority.

9.10. Right to Lodge a Complaint

If you believe your privacy rights have been violated, you can complain to the Office of the Privacy Commissioner (New Zealand):

• Website: https://www.privacy.org.nz/

• Freephone (NZ): 0800 803 909.

You may also contact your local EU Data Protection Authority if GDPR applies to you (see the EDPB website for a list). We encourage you to contact us first at legal@casinoalpha.com so we can address your concerns.

10. DATA SECURITY

We implement appropriate technical and organisational measures to protect personal data.

10.1. Technical Measures

Here are the technical measures we have set in place:

• SSL/TLS encryption: TLS 1.3 in transit
• Secure hosting: reputable provider with ISO 27001 (where applicable)
• Firewalls: WAF and network firewalls
• Intrusion detection: real-time monitoring and alerts
• Regular updates: timely security patches
• Secure passwords: bcrypt hashing for any stored passwords
• Access controls: role-based access control (RBAC)
• Two-factor authentication: for admin access
• Backup encryption: encrypted backups stored securely

10.2. Organisational Measures

Here are the organisational measures we have set in place:

• Internal data protection policies
• Regular employee training
• Limited, need-to-know access
• Confidentiality/NDAs
• Vendor due diligence
• Documented incident response plan
• Periodic security audits
• Data Protection Officer (if applicable)

10.3. No Absolute Security

No internet transmission or storage system is 100% secure.
Your responsibility: use strong, unique passwords; keep devices secure; log out on shared devices; report suspicious activity promptly.

10.4. Data Breach Notification

If a personal data breach occurs:
Our obligations:

• Notify the relevant authority without undue delay where required (including Notifiable Privacy Breaches under NZ law if there is a likelihood of serious harm).

• Notify affected individuals without undue delay where risk is high.

We will share: the nature of the breach, likely consequences, measures taken/proposed, contact point for more info, and advice on protective steps.

10.5. Phishing and Security Warnings

We will never request passwords or payment details by email, nor send urgent “account problem” links. Legitimate messages come from @casinoalpha.com (e.g., newsletter@, support@, privacy@).
If you receive a suspicious message: do not click links or download files; verify by typing casinoalpha.com directly; Common scams include fake bonus emails, “update payment details urgently,” and spoofed casino messages. Always verify via official channels.

11. CHILDREN’S PRIVACY

11.1. Age Restriction: 18+ Only

The Website is intended for adults (18+). For New Zealand users, we align with the Gambling Act 2003 and current Department of Internal Affairs guidance relevant to gambling content and protection of minors online. By using the Website, you confirm you are 18+ (or the legal gambling age in your jurisdiction, whichever is higher).

11.2. No Knowing Collection from Children

We do not knowingly collect data from individuals under 18, target minors with marketing, or allow minors to subscribe. If we learn we have collected such data, we will delete it and, where possible, notify parents/guardians. We are not liable for unauthorised use of the Website by minors.

11.3. Parental Controls & NZ Support

We recommend using parental control tools available on major platforms (Windows Family Safety, macOS/iOS Screen Time, Android Family Link), enabling Safe Search, and considering site-blocking extensions as needed.

New Zealand support resources:

• Gambling Helpline Aotearoa: 0800 654 655 or text 8006 (24/7, free, confidential), https://gamblinghelpline.co.nz

• PGF Services (Problem Gambling Foundation): 0800 664 262, help@pgf.nz, https://www.pgf.nz PGF Services
  
• Safer Gambling Aotearoa: https://www.safergambling.org.nz/ safergambling.org.nz

12. AFFILIATE MARKETING DISCLOSURE

12.1. Transparency Notice

CasinoAlpha is an affiliate marketing website. We may earn commissions when you register or play at casinos via our links. This does not change your costs or bonus terms. Our reviews remain objective and based on rigorous testing.

12.2. How Affiliate Marketing Works

Steps:

1. You visit CasinoAlpha and click a tracked link
2. The operator sets a cookie (usually 30–90 days)
3. You register and/or deposit
4. The operator attributes the referral to CasinoAlpha
5. We earn commission.

What we receive: registration/deposit confirmation (yes/no), commission owed, aggregated data such as “a player from CasinoAlpha deposited.”
What we don’t receive: your name, email, address, deposit amounts, wins/losses/balances, payment details, or gameplay data.

12.3. Impact on Your Experience

Affiliate tracking does not affect signup, bonuses, wagering requirements, odds, withdrawals, customer support, or your legal rights.

12.4. Editorial Independence

Commissions do not influence ratings. We apply a documented methodology, list only licensed casinos, and adjust ratings based on player feedback and testing. No pay-for-play.
Example: If Casino B offers better security/games/UX than Casino A, Casino B rates higher, even if Casino A pays a higher commission.

For our complete methodology, see our Editorial Policy.

12.5. Sponsored and Featured Content

We label placements clearly: Featured Partner, Exclusive Offer, Sponsored, Ad/Advertisement.
Non-labelled content follows standard editorial processes (it may still contain affiliate links).

12.6. Your Privacy in Affiliate Tracking

Operators may place tracking cookies. You can reject Marketing Cookies via Cookie Settings (note this may impact our attribution). We do not receive your PII from operators.

12.7. Regulatory Compliance

We follow:

• ASA (New Zealand) Advertising Standards Code (clear identification of advertising and affiliate arrangements)

• Privacy Act 2020 transparency and disclosure principles (NZ

• Unsolicited Electronic Messages Act 2007 (NZ anti-spam requirements, including unsubscribe)

• GDPR transparency (where GDPR applies)

12.8. Why Affiliate Marketing

It allows us to offer free, comprehensive reviews, remain independent of operators, and invest in testing and research, without charging subscription fees.

12.9. Your Choice

To avoid affiliate links:

1. Type the casino URL directly;
2. Search for the casino independently; or reject Marketing Cookies in Cookie Settings.

We respect your decision.

12.10. Questions About Affiliate Relationships

Contact us through the form on this page and expect our response within 5 business days.

12.11. Summary Checklist

• We earn commissions from referrals

• Your costs don’t increase

• We don’t receive your personal information from casinos

• Editorial independence maintained

• Ratings are methodology-based

• Sponsored content is clearly labelled

• You control tracking via Cookie Settings

• We comply with NZ ASA, Privacy Act, and (where applicable) GDPR

Your trust is our priority

13. CONTACT INFORMATION & DATA PROTECTION OFFICER

13.1. General Contact

For privacy-related questions, requests, or complaints:
Form: write to us via the form on the Contact page
Contents: [Company Name], [Full Address]
Response time: within 30 days

13.2. Company Information

Legal Name: Through the form for our Contact page
Registration Number: J23/6289/2017
Registered Address: Romania, Dobroesti, Ilfov, Mesteacanului 4
VAT Number (if applicable): RO38630895
Website: https://casinoalpha.com

14. CHANGES TO THIS PRIVACY POLICY

14.1. Right to Modify

We may update this Privacy Policy periodically to reflect: changes in our practices; legal or regulatory updates; new features or services; user feedback.

14.2. How We Notify You

Material changes: email to subscribers, prominent Website notice/banner, and, where feasible, a 30-day notice period before the effective date.
Minor changes: update the Last Updated date; effective upon posting.

14.3. Your Options

If you disagree with changes, stop using the Website, delete any accounts, and request deletion of personal data (subject to legal retention).
Continued use after changes means you accept the updated Policy.

14.4. Review Regularly

Please review this Privacy Policy periodically and note the Last Updated date.

15. YOUR PRIVACY RIGHTS SUMMARY

Response time: 30 days (extendable to 60 days for complex cases).

ACKNOWLEDGMENT

By using this website, you acknowledge that:

• You have read and understood this Privacy Policy

• You agree to the collection, use, and disclosure of your personal information as described

• You consent to cookies according to your Cookie Settings

If you do not agree, please do not use the Website.