Last updated: 7 May 2026
NZ Pokies Guide ("we", "our", "us") is committed to protecting the privacy of every visitor to our website. This Privacy Policy explains what information we collect, how we use it, how we store it, and what rights you have under the New Zealand Privacy Act 2020. By using thewildeflorist.co.nz ("the Site"), you agree to the practices described in this policy.
1. Information We Collect
We collect the following types of information when you visit and interact with our Site:
Usage Data (Collected Automatically)
- Pages visited, time spent on each page, and navigation paths
- Referring URL (the website that directed you to us)
- Browser type and version, operating system, and device type
- IP address (anonymised where possible)
- Approximate geographic location (country/region level only)
Contact Information (Provided Voluntarily)
- Name, email address, and message content submitted through our contact form
Cookies and Tracking Technologies
We use cookies and similar technologies to improve site functionality and understand how visitors use our Site. For full details on the cookies we use, their purposes, and how to manage them, please see our Cookie Policy.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Site operation and improvement: To maintain, operate, and improve the functionality and content of our website
- Communication: To respond to enquiries submitted through our contact form
- Analytics: To analyse aggregated, anonymised site traffic and user behaviour patterns, helping us understand which content is most useful to our readers
- Legal compliance: To comply with applicable laws, regulations, and legal processes
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
3. Legal Basis for Processing
Under the New Zealand Privacy Act 2020, we process personal information based on the following principles:
- Lawful purpose: We only collect information for lawful purposes connected with our function as an informational review website
- Necessity: We only collect information that is reasonably necessary for the purposes described above
- Directly from you: Where practicable, we collect personal information directly from you (e.g., through the contact form)
4. Third-Party Services & Subprocessor List
We use the following named third-party services that process data on our behalf. This list is updated whenever a subprocessor changes:
| Subprocessor | Purpose | Data processed | Jurisdiction |
|---|---|---|---|
| Google LLC (Google Analytics 4) | Anonymised site analytics | Pseudonymous client ID, page views, referrer, device type, anonymised IP | United States |
| Cloudflare, Inc. | CDN, DDoS protection, edge security | IP address, request logs (24h retention) | United States (NZ edge nodes) |
| Netlify, Inc. (hosting) | Static-site hosting and form processing | Build artefacts; contact-form submissions transit through Netlify before reaching us | United States |
| Cookiebot (consent management) | Cookie consent storage and audit log | Consent decisions, browser fingerprint, IP | European Union (Denmark) |
| Mailgun (email delivery) | Outbound transactional email | Email address, message body, delivery logs | United States / European Union |
| {Affiliate networks}: Income Access, Media Click, AffMy, Better Collective Affiliates | Affiliate referral tracking and commission attribution only — does not collect identifiable personal data from your browsing on our Site beyond a click-through identifier | Click-through ID, timestamp, referring URL | Various (UK / EU / US) |
When you click an affiliate link on our Site and visit a third-party online casino, that casino's own privacy policy governs the data they collect at their site. We do not share your personal information with affiliate partners — only the click-through ID needed to attribute referrals.
5. Data Retention
- Contact form submissions: Retained for up to 12 months to allow for follow-up communication, then securely deleted
- Analytics data: Retained in anonymised, aggregated form for up to 26 months
- Server logs: Retained for up to 90 days for security and diagnostic purposes
6. Your Rights Under the NZ Privacy Act 2020
Under the New Zealand Privacy Act 2020, you have the following rights regarding your personal information:
- Right of access (Information Privacy Principle 6): You can request access to any personal information we hold about you
- Right of correction (Information Privacy Principle 7): You can request that we correct any inaccurate or incomplete personal information
- Right to request deletion: You can ask us to delete your personal information, and we will do so unless we have a lawful reason to retain it
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 20 working days, as required by the Privacy Act 2020.
If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Privacy Commissioner (privacy.org.nz).
7. Data Security & Breach Notification
We implement reasonable technical and organisational measures to protect the personal information we hold. These measures include SSL/TLS encryption for data in transit, secure hosting infrastructure, and restricted access to personal data. However, no method of internet transmission or electronic storage is 100% secure.
Notifiable breach SLA. If we experience a privacy breach that is reasonably likely to cause serious harm under sections 114 and 115 of the Privacy Act 2020:
- We will notify the Office of the Privacy Commissioner as soon as practicable and no later than 72 hours after becoming aware of the breach.
- We will notify affected individuals directly as soon as practicable, by email and (where contact email is unavailable) by a public notice on this site.
- The notification will describe the nature of the breach, what data was affected, the steps we've taken to contain it, and what affected individuals can do to protect themselves.
8. International Data Transfers
Some of our subprocessors (in §4 above) process data outside of New Zealand. Where this occurs:
- For transfers to the United States (Google Analytics, Cloudflare, Netlify, Mailgun): we rely on the EU–US Data Privacy Framework where applicable, supplemented by the European Commission's Standard Contractual Clauses (SCCs) module 2 (controller-to-processor) executed with each subprocessor.
- For transfers to the European Union (Cookiebot): processing is governed by GDPR; data does not leave the EEA.
- All transfers comply with Information Privacy Principle 12 of the NZ Privacy Act 2020 (transfer of personal information outside New Zealand requires equivalent protection or your authorisation).
8a. GDPR Notice (for visitors from the European Economic Area)
If you are visiting from the EEA, the EU General Data Protection Regulation (GDPR) provides the following lawful bases for our processing (Article 6):
- Article 6(1)(a) — Consent: for analytics cookies, marketing cookies, and contact-form submission. You can withdraw consent at any time via the cookie banner or by emailing [email protected].
- Article 6(1)(f) — Legitimate interests: for site operation, edge security (Cloudflare), and fraud prevention.
EEA visitors have the rights described in GDPR Articles 15–22 in addition to those listed under the NZ Privacy Act 2020 above:
- Article 13 — Information to be provided when personal data is collected (this notice)
- Article 15 — Right of access
- Article 16 — Right to rectification
- Article 17 — Right to erasure ("right to be forgotten")
- Article 18 — Right to restriction of processing
- Article 20 — Right to data portability
- Article 21 — Right to object to processing
- Article 22 — Right not to be subject to automated decision-making (we do not perform any such decision-making)
To exercise any of these rights, email [email protected]. You also have the right to lodge a complaint with your local supervisory authority.
9. Children's Privacy
Our Site is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a person under 18, we will take steps to delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically.
11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Email: [email protected]
- Contact form: thewildeflorist.co.nz/contact