Retro tapes logo

Privacy Policy

Claim 50 free spins bonus
Play Retro Tapes

Introduction

Effective date: March 30, 2026. This privacy policy covers data practices on retrotapes.nz. I run the site solo. Name is Hamish. Former database admin. I analyze high-volatility slot mechanics. Manual data entry and basic scripts handle logging. Email for questions: [email protected]. Site provides info only. No gambling services. Focus stays on breakdowns like paytables and volatility indexes. Take Retro tapes as one example where I track spins manually to spot patterns. Policy applies to all visitors. Also covers any forms or interactions. Review applies globally. NZ laws guide main practices. Updates happen with notice where required. Last full review occurred before this date. Questions go direct to email. No phone or address listed. Operations base in New Zealand. Simple setup means minimal data touchpoints. Policy details follow in sections below.

Scope includes main domain and subpages. Third-party links fall outside. Their policies control those. Site uses standard web tech. Readers expect clear data rules. I keep records straightforward. No complex tracking suites. Personal input shapes content. Logs help debug scripts. Analytics track broad trends. Consent implied by use unless opted out. Details expand next.

Information We Collect

Site gathers limited data types. Categories split into personal and non-personal. Personal identifiers include email if submitted via contact form. IP addresses log automatically on visits. Browser user-agent strings record too. Device info like screen size comes from logs. Submit name optionally in comments if enabled. No payment data ever collected. No gambling means no financial details.

Non-personal data covers page views and referrers. Timestamps mark visits. Aggregated stats build over time. Cookies store session prefs. Google Analytics runs if enabled. That pulls location from IP roughly. Search terms sometimes appear in logs. Manual entries note slot tests. Like spin counts on Retro tapes simulations. No video or audio capture. Forms require minimal fields. Honeypot fields block bots without user notice. Data stays tied to sessions mostly. Long-term storage limited to emails and analytics summaries.

Visitors from EU get extra notes later. NZ residents covered similarly. Collection stays passive where possible. Active only on forms. No social logins implemented. No account system. One-off interactions rule. Totals remain low volume. Solo operation limits scale. Scripts parse logs for patterns. Human review spots issues. Balance keeps info useful without excess.

How We Collect Information

Collection happens two ways. Automatic via server logs. Manual through forms. Server logs standard Apache or Nginx format. Each request logs IP, timestamp, URL, user-agent. Referrer headers included if present. SSL handshakes log minimally. No full request bodies stored. Logs rotate weekly. Old ones delete after 30 days unless needed.

Forms use basic HTML POST. Email sends direct via SMTP. No database for submissions yet. Scripts parse incoming for spam. Contact form asks name, email, message. Validation checks format. Success pages confirm without details. Analytics via Google tag. That pings their servers on load. Consent banner appears for EU. Opt-out cookie sets then. Cookies drop on browse. Session ones expire quick. Persistent for prefs.

Third-party embeds minimal. No ads run. Images host local. Fonts from Google sometimes. Those follow their rules. Manual logging in spreadsheets for slot data. No user data there. Public sources feed analysis. Site search if added uses server-side. No client JS heavy tracking. Simple setup cuts collection points. Readers interact lightly.

How We Use Your Information

Data supports site operation first. Logs debug errors. Analytics show popular pages. Helps prioritize content like more on high-vol slots. Emails reply to queries. Contact form data used once. Then archive or delete. IP blocks bad actors. Stats inform script tweaks.

Improvements come from trends. High bounce pages get fixes. Slot pages with traffic expand. No marketing emails sent. No newsletters yet. Future possible with opt-in. Personalization absent. All content static-ish. Logs check for abuse. Unusual patterns flag review. Legal compliance uses data if subpoenaed. Rare event.

Research uses aggregates. Spin log patterns generalize. No individual tracing. Site security scans logs. Failed logins none since no logins. Bandwidth management too. Costs stay low. User feedback shapes policy. Direct emails noted for changes. Overall use stays practical. Solo limits fancy uses. Focus remains info delivery.

CTA Placement Note

This marks middle point for CTA integration in page render.

Sharing Your Information

No data sells or rents. Service providers get minimal access. Hosting logs stay server-side. Email provider sees contact sends. Google Analytics shares anon stats. No raw IPs to them if configured right. No ad networks. No affiliates tracking users.

Legal needs force shares. Court orders complied. Law enforcement same. Emergencies too. Business transfers unlikely solo. But buyer would get notice. Aggregates shared in posts sometimes. Like '1000 visits to volatility page'. No names attached. Third-party links click-through no tracking. Cookies not synced.

Processors bound by contracts. Data stays NZ or compliant regions. No China or risky spots. Readers safe from chains. Transparency rules all. Questions on shares go to email. Lists stay short. Trust builds on facts. Solo means direct control. No corp layers.

Cookies and Similar Technologies

Cookies enable basics. Session ID keeps page state. Prefs store dark mode if added. Analytics cookie from Google. _ga and _gid track unique visits. Duration 2 years max. Opt-out via banner or tools. Local storage for JS state rare.

Essential ones: session, security. Functional: prefs. Analytics: performance. No marketing. List current:

  • session_id: expires end session
  • pref_theme: 1 year
  • _ga: 2 years, Google
  • _gid: 24 hours, Google

Manage via browser settings. Delete clears all. Banner for consent. EU law drives that. NZ similar soon. Pixels absent. No beacons. Scripts load async. Third-party cookies blocked where possible. Site works sans them. Info on each in dev tools.

Changes noted here. Future adds get updates. Control stays with user. No forced accepts. Decline analytics fully functional site.

Data Retention and Deletion

Logs keep 30 days. Emails archive 1 year or delete after reply. Analytics summaries indefinite anon. Contact data delete post-resolution unless legal hold. Cookies delete on expiry or manual.

Requests for deletion honored where possible. Email subject 'delete my data'. Logs harder if anon. Aggregates stay. Backups rotate monthly. Purge old. No infinite storage. Solo disk limits. Compliance with retention laws. Tax records if any minimal.

Auto scripts clean old entries. Manual review quarterly. Balance access needs with privacy. Readers request anytime. Response in 30 days max.

Security Measures

Site runs HTTPS always. SSL cert auto renew. Server firewalled. Fail2ban blocks brute force. No user auth weak. Passwords hashed if added later. Backups encrypted offsite. Access logs monitored.

Scripts vetted. No eval. Inputs sanitized. CSP headers block XSS. Updates regular. Plugins few. Solo eyes spot issues. No pen tests yet budget low. Plans for basics. Data min needed. Encryption at rest for emails.

Incidents reported if breach. Email notice to affected. NZ privacy office too. Low risk profile helps. Readers data light touch.

Your Privacy Rights

Access data on request. Email details. Copy sent. Correction if wrong. Deletion where law allows. Objection to processing. Withdraw consent for cookies. Portability for personal data.

NZ Privacy Act covers. EU GDPR extras for visitors. Process requests free. ID verify light. Response 1 month. Appeals to ombudsman. No automated decisions. Profiling absent. Rights exercise via email. Logs of requests kept anon.

Complaints direct first. Then authorities. Rights evolve with law. Updates reflect. Users control main.

Children's Privacy

Site not for under 18. No kid content. Slots adult topic. No collection aimed at minors. Parents contact to remove if found. COPPA notes no US kids targeted. Verify age if doubt.

Simple block. No games. Info only. Safe for accidental view but not aimed.

International Data Transfers

Data stays NZ servers mostly. Google US but standard clauses. Adequacy for some. Risks assessed low. Transfers minimal. Readers informed.

Future hosts checked. Compliance first. No shady spots.

Changes to This Policy

Updates post here. Notice via site banner if big. Email subs if added. Check date top. Continued use accepts. Archive olds on request.

Review annual. Law changes force sooner.

Contact Information

Email [email protected]. No other channels. Responses weekdays. Details queries welcome. Feedback improves. NZ based.