Privacy Policy — bad bdt Data Protection
At bad bdt, the privacy and security of your personal data is a core operational commitment, not an afterthought. This Privacy Policy explains precisely what data we collect, why we collect it, how it is stored and protected, and what rights you hold as a player on our Bangladesh platform.
SSL-Encrypted Storage
All personal data held by bad bdt is stored on servers protected by industry-standard SSL encryption. Sensitive fields such as passwords and payment details are stored in hashed or tokenised form only.
No Data Selling
bad bdt does not sell, rent, or trade your personal information to third-party marketing companies. Your data is used solely for the purposes described in this Privacy Policy.
Player Data Rights
You have the right to access, correct, and request deletion of your personal data held by bad bdt at any time by contacting our support team directly.
Cookie Transparency
bad bdt uses cookies only for functional, analytical, and session-management purposes. We do not deploy third-party advertising cookies or cross-site tracking scripts.
Minimal Third-Party Sharing
Personal data is shared with third parties only when necessary for payment processing (bKash, Nagad, Rocket) and identity verification. All third-party processors are bound by strict data agreements.
Right to Erasure
Closed bad bdt accounts have their personal data deleted or fully anonymised within 90 days, subject to retention obligations required by financial compliance and anti-fraud regulations.
1. Information We Collect
When you interact with the bad bdt platform — whether by registering an account, making a deposit, placing a wager, contacting support, or simply visiting the website — we may collect and process certain categories of personal data. This section sets out each category, the specific data points involved, and the circumstances under which they are collected.
1.1 Registration Data
When you create a bad bdt account, we collect the following information that you provide directly:
- Full legal name as it appears on your official identity document;
- Date of birth (used for mandatory age verification — players must be 18 or older);
- Residential address, including city, district, and postcode;
- Email address (used for account communications and security alerts);
- Mobile telephone number (used for two-factor authentication and account recovery);
- Chosen username and an encrypted record of your account password.
1.2 Identity Verification (KYC) Data
As part of our Know Your Customer process — required for withdrawal processing and fraud prevention — we may collect:
- Scanned copies or photographs of government-issued identity documents (National ID card, passport, driver's licence);
- Proof of address documents (utility bills, bank statements issued within 90 days);
- Source of funds declarations for high-volume accounts.
1.3 Financial Transaction Data
Each deposit and withdrawal transaction processed through bad bdt generates a record that includes the payment method used (bKash, Nagad, Rocket, Upay, Visa, Mastercard, or bank transfer), the transaction amount in Bangladeshi Taka (৳), the date and time of the transaction (Bangladesh Standard Time, UTC+6), and a transaction reference number. We do not store full card numbers or full mobile wallet PINs — payment tokenisation is handled by the relevant payment processor.
1.4 Gameplay and Betting Data
bad bdt records your wagering and gaming activity on the Platform, including the games played, wagers placed, outcomes , timestamps, session duration, and bet amounts. This data is used for account management, responsible gaming monitoring, bonus compliance, and dispute resolution.
1.5 Technical and Device Data
When you access the bad bdt website, our servers automatically collect certain technical data including your IP address, browser type and version, operating system, device type (desktop, mobile, tablet), referring URL, pages visited, and session duration. This data is collected via server logs and analytics tools and is used for security monitoring, fraud detection, and platform performance optimisation.
1.6 Communications Data
If you contact the bad bdt support team via Live Chat, email, or WhatsApp, we retain a record of that correspondence — including the content of your messages, the date and time of contact, and the outcome of any support interaction. This data is used to maintain service quality and to resolve any disputes that may arise.
Voluntary Disclosure
You are not legally required to provide any personal data to bad bdt. However, failure to provide mandatory registration and KYC data will prevent us from opening or maintaining your account, processing withdrawals, or providing certain support services.
2. How We Use Your Data
bad bdt processes personal data only for specific, legitimate purposes. The table below summarises the primary purposes for which we use your data, together with the legal basis for each processing activity.
| Processing Purpose | Data Categories Used | Legal Basis |
|---|---|---|
| Account creation and management | Registration data, KYC data | Contractual necessity |
| Payment processing and withdrawal | Financial transaction data, KYC data | Contractual necessity |
| Age verification and responsible gaming | Date of birth, gameplay data | Legal obligation |
| Fraud prevention and security | Technical data, transaction data, KYC data | Legitimate interest |
| Customer support and dispute resolution | Communications data, account data | Contractual necessity |
| Bonus and promotion management | Gameplay data, registration data | Contractual necessity |
| Platform analytics and performance | Technical data, session data | Legitimate interest |
| Service communications (account alerts) | Email address, mobile number | Contractual necessity |
bad bdt does not use your personal data for automated decision-making that produces significant legal effects without human review. Where automated risk-scoring tools are used for fraud detection, a human compliance officer reviews any consequential decisions before action is taken on your account.
Marketing Communications bad bdt may send you promotional emails or SMS messages about bonuses, seasonal offers (such as BPL cricket season promotions or Eid special events), and new game launches. You may opt out of marketing communications at any time by using the unsubscribe link in any email or by contacting support. Opting out of marketing does not affect transactional account communications.
3. Cookies & Tracking Technologies
The bad bdt website uses cookies — small text files stored on your device — and similar tracking technologies to ensure the Platform operates correctly, to maintain your session when you are logged in, and to collect anonymised analytics data about how players use the site.
3.1 Types of Cookies Used
- Strictly Necessary Cookies: Required for the Platform to function. These include session authentication tokens, security cookies, and load-balancing identifiers. These cannot be disabled without breaking core site functionality.
- Functional Cookies: Remember your preferences such as language settings, display preferences, and previously entered data to improve your experience on subsequent visits.
- Analytical Cookies: Collect anonymised data about page visits, session duration, and user flow. This data helps bad bdt identify performance issues and improve the platform. No personally identifiable information is included in analytical cookie data.
3.2 What We Do Not Use
bad bdt does not deploy third-party advertising cookies, cross-site tracking pixels, social media tracking scripts, or any cookies that build profiles of your browsing activity outside of the bad bdt website for commercial targeting purposes.
3.3 Managing Cookies
You can control cookie settings through your browser preferences. Most modern browsers allow you to block, delete, or receive alerts about cookies. Please note that disabling strictly necessary cookies will prevent you from logging in and using core Platform features. Analytical cookies can be disabled without affecting account access.
4. Data Sharing & Third Parties
bad bdt does not sell, rent, lease, or otherwise transfer your personal data to third parties for their own commercial purposes. We share personal data only in the limited circumstances described below, and only to the minimum extent necessary for each purpose.
4.1 Payment Processing Partners
To process deposits and withdrawals in Bangladeshi Taka (৳), bad bdt shares necessary transaction data with our payment processing partners including bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, BRAC Bank, Islami Bank, Sonali Bank, Visa, and Mastercard. These partners receive only the data required to complete the transaction and are contractually prohibited from using that data for any other purpose.
4.2 Identity Verification Services
KYC document verification may be carried out with the assistance of specialist identity verification service providers. These providers process KYC data on bad bdt's behalf under strict data processing agreements and are not permitted to retain or use your identity documents for any purpose beyond the specific verification task.
4.3 Game Technology Providers
Games available on the bad bdt Platform are supplied by third-party game studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. When you play a game provided by one of these studios, limited session data (such as a player session token) may be transmitted to the game provider's servers to facilitate gameplay. These providers do not receive your full personal profile, financial data, or identity documents.
4.4 Legal and Regulatory Disclosure
bad bdt may disclose personal data to law enforcement agencies, financial intelligence units, or other regulatory authorities where required to do so by applicable law, or where we have a good-faith belief that disclosure is necessary to prevent fraud, money laundering, or other criminal activity. Such disclosures are made only to the extent required and are documented internally.
Our Commitment
Every third party that processes personal data on bad bdt's behalf is bound by a written data processing agreement that prohibits unauthorised use, requires appropriate security measures, and obligates the processor to assist with any data subject rights requests.
5. Data Retention & Deletion
bad bdt retains personal data for as long as your account remains active and for a defined period thereafter, in accordance with our legal and regulatory obligations. The retention periods set out below reflect the minimum periods required by financial compliance standards applicable to online gaming platforms.
5.1 Active Accounts
While your bad bdt account is active, we retain all registration data, transaction history, gameplay records, KYC documents, and support communications associated with your account. This data is necessary to provide the services you have contracted us to deliver and to comply with our ongoing legal obligations.
5.2 Closed Accounts
Following the closure of a bad bdt account — whether at your request or due to account termination — personal data is retained for a period of five (5) years from the date of closure. This retention period is required for anti-money laundering compliance, financial audit purposes, and the resolution of any post-closure disputes. After the five-year retention period has elapsed, your data is permanently deleted or fully anonymised so that it can no longer be linked to you as an individual.
5.3 Specific Retention Periods
- KYC documents: 5 years from account closure;
- Financial transaction records: 5 years from the date of each transaction;
- Support correspondence: 3 years from the date of the interaction;
- Server and access logs: 12 months from the date of generation;
- Gameplay and betting records: 5 years from account closure;
- Marketing consent records: Until withdrawn plus 3 years.
These retention periods may be extended where data is relevant to ongoing legal proceedings, investigations, or regulatory inquiries involving bad bdt. In such circumstances, the relevant data will be preserved until the matter is fully resolved.
6. Your Privacy Rights
As a player on the bad bdt Platform, you have specific rights regarding the personal data we hold about you. bad bdt is committed to facilitating the exercise of these rights in a timely and transparent manner. All data rights requests should be submitted to [email protected], and we will respond within 30 days of receiving your request.
6.1 Right of Access
You have the right to request a copy of all personal data that bad bdt holds about you. Upon receipt of a verified access request, we will provide a structured summary of your data in a readable format at no charge.
6.2 Right to Rectification
If any personal data held by bad bdt is inaccurate or incomplete, you have the right to request that it be corrected. Minor corrections to contact details (email address, phone number, residential address) can be made directly through your account settings. Corrections to identity data require re-submission of KYC documentation.
6.3 Right to Erasure
You may request that bad bdt delete your personal data. We will action erasure requests promptly in cases where the data is no longer required for the purpose for which it was collected. Please note that erasure requests cannot be fully actioned where data must be retained to comply with legal obligations (see Section 5 above). In such cases, we will delete all data that can be deleted and explain clearly what is being retained and why.
6.4 Right to Restrict Processing
In certain circumstances — for example, where you dispute the accuracy of data we hold, or where you have objected to processing — you may request that bad bdt restrict the processing of your personal data to storage only while the dispute or objection is assessed.
6.5 Right to Data Portability
You have the right to receive a copy of the personal data you provided to bad bdt in a structured, commonly used, machine-readable format (such as JSON or CSV), so that you can transfer it to another service provider if you choose.
6.6 Right to Object to Marketing
You may withdraw your consent to receive marketing communications from bad bdt at any time. To do so, use the unsubscribe mechanism in any marketing email, adjust your notification preferences in your account settings, or contact the support team. Withdrawal of marketing consent does not affect your ability to use the Platform or receive transactional account communications.
Submitting a Data Rights Request
Send all data rights requests to [email protected] with the subject line "Data Rights Request" and include your registered account username and the email address associated with your account. We will verify your identity before processing any request.
7. Data Security Measures
bad bdt applies a layered set of technical and organisational security measures designed to protect your personal data against unauthorised access, accidental loss, destruction, and misuse. No online platform can guarantee absolute security, but we maintain the following controls as standard practice.
7.1 Technical Controls
- TLS/SSL Encryption: All data transmitted between your device and the bad bdt server is encrypted using Transport Layer Security (TLS 1.2 or higher). The padlock icon visible in your browser when accessing the Platform confirms that this encryption is active.
- Password Hashing: Account passwords are never stored in plain text. They are processed through a one-way cryptographic hashing algorithm before storage, meaning that even internal personnel cannot read your password.
- Payment Tokenisation: Payment details processed through bKash, Nagad, and card networks are tokenised by the respective payment processor. bad bdt does not store raw card numbers or mobile wallet credentials on its own servers.
- Access Controls: Internal access to player personal data is restricted to personnel who require it for their specific job function. All such access is logged and subject to regular audit review.
- Intrusion Detection: bad bdt operates continuous server monitoring and intrusion detection systems. Suspicious activity patterns trigger automated alerts and human review.
7.2 Organisational Controls
All bad bdt personnel with access to personal data are bound by confidentiality obligations. Staff who handle sensitive data undergo regular data protection training. Data processing activities are subject to periodic internal review to identify and address emerging risks.
7.3 Data Breach Procedures
In the event of a confirmed personal data breach that is likely to result in a risk to the rights and freedoms of affected players, bad bdt will notify impacted players without undue delay — and in any case within 72 hours of becoming aware of the breach — providing details of what data was affected, what steps have been taken to contain the breach, and what actions players should consider taking to protect themselves.
8. Policy Updates & Contact
8.1 Changes to This Policy
bad bdt reviews this Privacy Policy periodically and updates it as needed to reflect changes in our data processing activities, changes in applicable law, or improvements to our privacy practices. The effective date shown at the top of this document indicates when the current version came into force. When material changes are made to this Policy, registered players will be notified by email to the address on file at least 14 days before the changes take effect. Your continued use of the bad bdt Platform after the effective date of any revision constitutes your acknowledgement of the updated Policy.
8.2 Children's Privacy
The bad bdt Platform is strictly an adult service. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that a person under 18 has registered an account, we will immediately suspend that account, delete all associated personal data, and return any deposited funds following identity verification. If you believe a minor has accessed the Platform, please contact [email protected] immediately.
8.3 Contact and Complaints
If you have any questions, concerns, or complaints regarding this Privacy Policy or the way bad bdt handles your personal data, please contact our Data Support team in the first instance:
- Email: [email protected] (subject line: "Privacy Enquiry")
- Live Chat: Available 24/7 via the bad bdt Platform
- Response time: Within 2–6 hours during normal operations
We take all privacy concerns seriously and aim to resolve them promptly and transparently. For guidance on your rights as a player on the Platform more broadly, you may also review our Terms & Conditions and Responsible Gaming pages.
Our Privacy Commitment bad bdt treats privacy as a fundamental player right. We collect only the data necessary to operate a safe, fair, and legally compliant gaming platform. We store it securely, share it minimally, and delete it when it is no longer needed. We welcome your questions at any time.
Understand Your Rights. Play With Confidence.
Your data is protected at bad bdt. Explore our games and platform features knowing your privacy is a core priority — not a checkbox. Have questions? Our support team is available 24/7.
18+ only. Gambling involves risk. Please play responsibly.