Privacy Policy — How hgzy bdt Collects, Uses & Protects Your Data
At hgzy bdt, your privacy is taken seriously. This Privacy Policy explains exactly what personal information we collect from Bangladeshi players, why we collect it, how it is used and stored, and what rights you hold over your own data. We are committed to transparency and to handling your information with the highest standards of security.
Your Privacy at a Glance
The following cards summarise the most important aspects of how hgzy bdt handles your personal data. They do not replace the full Privacy Policy — please read all sections below for the complete picture.
hgzy bdt collects only the personal data that is strictly necessary to operate your account, process payments in BDT, and comply with anti-money laundering obligations. We do not collect surplus data, and we do not sell your personal information to any third party for marketing purposes.
All data transmitted between your device and hgzy bdt is protected by SSL/TLS encryption. Account passwords are stored using one-way cryptographic hashing — they are never stored in plain text, and hgzy bdt staff cannot read your password under any circumstances.
hgzy bdt processes payments via bKash, Nagad, Rocket, Upay, Visa, and Mastercard. Your full card or wallet credentials are never stored directly on hgzy bdt servers. Payment processing is handled through secure payment gateway partners subject to their own data protection standards.
Identity documents submitted for KYC verification (National ID, passport, driving licence) are stored in an access-controlled document repository. They are accessible only to authorised compliance staff and are used exclusively for identity verification and regulatory compliance — never for any commercial purpose.
You have the right to request a copy of all personal data hgzy bdt holds about you, to correct inaccuracies, and to request deletion of your data where no overriding legal obligation requires us to retain it. Submit data requests to [email protected]. We respond within 30 days.
hgzy bdt uses essential session cookies to keep you logged in, preference cookies to remember your settings, and analytics cookies to understand how the platform is used. We do not use cross-site tracking cookies or third-party advertising cookies. See Section 4 of this policy for the full cookie list and opt-out options.
1. Information We Collect
hgzy bdt collects personal data through several channels: at the point of registration, during the KYC verification process, when you make deposits or withdrawals, and through your ongoing use of the platform. The following explains exactly what we collect and why.
Registration Data: When you create an hgzy bdt account, we collect your chosen username, email address, date of birth, and the mobile wallet number or bank card details you register as your primary payment method. This information is required to open and operate your account. Without it, we cannot provide the hgzy bdt service.
Identity Verification (KYC) Data: To comply with anti-money laundering obligations and to verify that all members are aged 18 or above, hgzy bdt collects government-issued identity documents at the point of your first withdrawal request. Accepted documents include the Bangladesh National ID card (NID), a valid passport, or a driving licence. We also collect a photo of you holding the document (a liveness check) where enhanced verification is required.
Financial Transaction Data: We maintain records of all deposits and withdrawals made through your hgzy bdt account, including the transaction amount in BDT, the payment method used, the date and time of the transaction, and the transaction reference number. These records are required for payment processing, dispute resolution, and financial compliance purposes.
Gameplay and Betting Data: hgzy bdt records all betting and gaming activity associated with your account, including game sessions, bet amounts, outcomes, bonus usage, and the time and duration of play. This data is used to administer your account, to settle bets correctly, to detect fraud and bonus abuse, and to power responsible gaming tools such as deposit limits and self-exclusion monitoring.
Device and Technical Data: When you access hgzy bdt from a browser or mobile device, we automatically collect certain technical information including your IP address, browser type and version, operating system, device type, screen resolution, and referring URL. This information is used to detect unauthorised account access, to prevent multi-accounting, and to optimise the platform experience across devices commonly used in Bangladesh (Android smartphones, desktop browsers).
Communications Data: If you contact hgzy bdt's support team via email at [email protected], we retain a record of the correspondence, including your name, contact details, the subject matter, and the content of the exchange. This is used to resolve your query and to maintain a support history for your account.
hgzy bdt does not intentionally collect sensitive personal data such as racial or ethnic origin, religious beliefs, political opinions, health records, or biometric data (beyond the liveness check required for enhanced KYC, which is processed solely for identity verification). If any such information is incidentally included in a document you submit, it is not separately recorded or processed.
| Data Category | Examples | Legal Basis for Collection |
|---|---|---|
| Account Data | Username, email, date of birth, password hash | Contract performance (account provision) |
| KYC / Identity Data | NID, passport, liveness photo | Legal obligation (AML / age verification) |
| Payment Data | bKash/Nagad number, transaction records, amounts in BDT | Contract performance (payment processing) |
| Gameplay Data | Bet history, game sessions, bonus usage, win/loss records | Contract performance; legitimate interest (fraud prevention) |
| Technical Data | IP address, device type, browser, session timestamps | Legitimate interest (security, fraud prevention) |
| Communications Data | Support emails, dispute correspondence | Legitimate interest (dispute resolution, service improvement) |
2. How We Use Your Data
hgzy bdt uses your personal data only for the purposes described in this policy. We do not use your data for any purpose that is incompatible with the reason it was originally collected.
Account Administration: Your registration data is used to create, maintain, and manage your hgzy bdt account. This includes authenticating your identity when you log in, applying deposit and withdrawal limits you have set, and recording your account preferences.
Payment Processing: Financial transaction data and your registered payment method details are used solely to process deposits to and withdrawals from your hgzy bdt account in BDT. Payments are processed via bKash, Nagad, Rocket, Upay, Visa, and Mastercard, each subject to their own privacy practices for the payment leg of the transaction.
Identity and Age Verification: KYC documents are used to confirm that you are who you say you are, that you are aged 18 or above, and that your registered payment method belongs to you. This verification process is required before any withdrawal is processed. KYC data is not used for any marketing or commercial profiling purpose.
Responsible Gaming Monitoring: hgzy bdt uses gameplay data to power responsible gaming tools, including deposit limit enforcement, loss limit tracking, session time monitoring, and self-exclusion compliance. If you have set a responsible gaming limit, we use your transaction and gameplay records to enforce it automatically. We may also contact you if our systems detect patterns that suggest problematic gambling behaviour.
Fraud Prevention and Security: Technical data such as IP addresses, device fingerprints, and login timestamps are used to detect and prevent unauthorised account access, multi-accounting, bonus abuse, money laundering, and other forms of fraud or prohibited conduct as defined in our Terms & Conditions.
Legal and Regulatory Compliance: hgzy bdt retains certain data categories — particularly financial transaction records and KYC documents — for defined retention periods as required to meet applicable anti-money laundering, financial record-keeping, and dispute resolution obligations.
Service Communications: We may use your registered email address to send you transactional communications related to your account, including deposit confirmations, withdrawal status updates, KYC verification results, password reset instructions, and important policy or service updates. These communications are not optional — they are a necessary part of operating your account. Marketing communications (where offered) are subject to a separate opt-in and can be unsubscribed from at any time.
3. Data Sharing & Third Parties
hgzy bdt does not sell your personal data. We share data with third parties only where it is strictly necessary to deliver the platform's services or to comply with legal obligations.
Payment Processors: To process deposits and withdrawals in BDT, hgzy bdt shares the minimum necessary payment information with our payment gateway partners. This includes transaction amounts, your registered wallet number or card details (tokenised, not in plain text), and the transaction reference. Payment partners include operators of the bKash, Nagad, Rocket, and Upay mobile money networks, as well as Visa/Mastercard gateway processors. Each payment partner is subject to their own data protection standards and is independently responsible for the security of data on their side of the transaction.
Game Studio Providers: When you play games powered by third-party studios — including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi — a game session identifier and your in-game wager data is shared with the relevant studio to deliver the game and settle the result. Game providers do not receive your full personal profile; they receive only session-level data necessary for game operation.
KYC and Identity Verification Partners: Where hgzy bdt uses a third-party identity verification service to process KYC documents, your submitted identity document and liveness image are shared with that service solely for the purpose of verification. Identity verification partners are contractually bound to process your data only for verification purposes and to delete it within defined periods.
Legal and Regulatory Disclosure: hgzy bdt may disclose your personal data to relevant authorities where required by applicable law, a court order, or a regulatory instruction. This includes disclosure for anti-money laundering investigations, fraud investigations, or where we are required to report suspicious financial activity. We will not disclose more information than is required by the specific legal obligation.
No Sale of Personal Data: hgzy bdt does not sell, rent, licence, or otherwise commercially transfer your personal data to any third party for marketing, advertising, or data brokerage purposes. We do not share your data with social media platforms for ad targeting. We do not participate in data exchange programmes with other gambling operators.
Your personal information — including your name, mobile wallet number, email address, and gameplay history — will never be passed to advertisers, third-party marketing companies, or data brokers. hgzy bdt's data sharing is limited strictly to service-delivery partners and legally required disclosures.
5. Data Security
hgzy bdt employs technical and organisational security measures designed to protect your personal data against unauthorised access, accidental loss, disclosure, or destruction.
Encryption in Transit: All communication between your browser or mobile device and the hgzy bdt platform is encrypted using TLS (Transport Layer Security). This means that your login credentials, payment details, and personal information cannot be intercepted in transit by a third party. The presence of HTTPS in the hgzy-bdt.club URL confirms that the connection is encrypted.
Password Storage: Account passwords are never stored in plain text on hgzy bdt servers. Passwords are processed through a one-way cryptographic hashing algorithm before storage. This means that even in the unlikely event of a data breach affecting the password database, your actual password cannot be recovered from the stored hash. hgzy bdt staff cannot view your password — if you lose access, a password reset link sent to your registered email is the only recovery method.
Access Controls: Access to personal data on hgzy bdt's internal systems is restricted on a need-to-know basis. Only staff with a legitimate operational reason — such as compliance officers handling KYC verification, or support agents resolving account disputes — can access member personal data. All internal data access is logged and periodically audited.
Payment Security: hgzy bdt does not store full payment card numbers or mobile wallet PINs on its own servers. Payment credentials are tokenised by our payment processing partners. Transaction records stored by hgzy bdt contain only masked references sufficient to identify the payment method (for example, the last four digits of a card number), not the full credential.
Security Incident Response: In the event of a data security incident that poses a material risk to your personal data, hgzy bdt will notify affected members by email within a reasonable timeframe. The notification will describe the nature of the incident, the data categories potentially affected, the steps hgzy bdt is taking in response, and any actions you should take to protect yourself (such as changing your password).
Your Role in Security: hgzy bdt's security measures are most effective when members also take reasonable steps to protect their own accounts. This includes using a strong, unique password for hgzy bdt that you do not use on any other platform, not sharing your login details with anyone, and contacting support immediately at [email protected] if you suspect your account has been accessed without your permission.
6. Data Retention
hgzy bdt retains personal data for as long as necessary to fulfil the purpose for which it was collected, or for as long as required by applicable legal or regulatory obligations — whichever is longer.
Active Account Data: While your hgzy bdt account is active, we retain all account data, transaction history, gameplay records, and KYC documents associated with it. This data is necessary to administer your account, enforce responsible gaming limits, and respond to any dispute you raise.
Post-Closure Retention: When your account is closed — whether voluntarily by you or by hgzy bdt — we retain certain data categories for defined periods after closure:
- Financial transaction records (deposit and withdrawal history, amounts in BDT, payment method references): retained for a minimum of 5 years after account closure, in line with standard financial record-keeping practice.
- KYC identity documents (NID, passport, driving licence, liveness images): retained for a minimum of 5 years after account closure.
- Account registration data (username, email, date of birth): retained for a minimum of 2 years after account closure for dispute resolution and fraud investigation purposes.
- Gameplay and betting records: retained for a minimum of 2 years after account closure.
- Support communications: retained for 2 years after the last communication in the relevant thread.
Data that is no longer required and for which no retention obligation exists is deleted or anonymised in accordance with our internal data lifecycle management procedures. Anonymised or aggregated data (from which you cannot be individually identified) may be retained beyond these periods for platform analytics and improvement purposes.
If you have self-excluded from hgzy bdt, your account data is retained for the duration of the exclusion period and for the applicable post-closure retention periods described above. This retention is necessary to enforce your self-exclusion — specifically, to prevent you from opening a new account during the exclusion window. Retention for this purpose is in your interest as a responsible gaming measure.
7. Your Privacy Rights
As an hgzy bdt member, you hold a number of rights in relation to your personal data. hgzy bdt is committed to honouring these rights in a timely and transparent manner.
Right of Access: You have the right to request a copy of the personal data that hgzy bdt holds about you. We will provide this in a clear, readable format. Submit your access request to [email protected] with the subject line "Data Access Request" and your registered account username. We will respond within 30 calendar days.
Right to Rectification: If any personal data hgzy bdt holds about you is inaccurate or incomplete, you have the right to request that it be corrected. For standard account information (email address, contact number), you can update this directly in your account settings. For KYC-verified data (name, date of birth as on identity documents), corrections must be submitted with supporting documentation via [email protected].
Right to Erasure: You have the right to request deletion of your personal data where: the data is no longer necessary for the purpose it was collected; you withdraw consent (where consent was the legal basis); or the data was unlawfully processed. This right is not absolute — hgzy bdt may retain data where a legal obligation requires it (for example, financial transaction records required by anti-money laundering rules). Where we cannot delete data due to a legal obligation, we will explain the reason in our response to your erasure request.
Right to Restrict Processing: In certain circumstances — for example, while a dispute about the accuracy of your data is being investigated — you have the right to request that hgzy bdt restricts the processing of your data to storage only, without using it for other purposes.
Right to Object: Where hgzy bdt processes your data on the basis of legitimate interest (for example, for fraud prevention or analytics purposes), you have the right to object to that processing. We will review your objection and cease the processing unless we have compelling legitimate grounds that override your interests.
Right to Data Portability: Where data was provided by you and is processed on the basis of your consent or a contract, you have the right to receive that data in a structured, machine-readable format (such as CSV or JSON) so that you can transfer it to another service provider. Submit portability requests to [email protected].
All privacy rights requests should be submitted in writing to [email protected]. Please include your registered account username and a clear description of your request. hgzy bdt aims to acknowledge all requests within 5 working days (Bangladesh Standard Time, UTC+6) and to respond fully within 30 calendar days. If your request is complex or if you have submitted multiple requests, we may extend this period by a further 30 days, and we will notify you of the extension and the reason.
8. Contact & Policy Updates
If you have questions about this Privacy Policy or about how hgzy bdt handles your personal data, please contact us. We are also committed to keeping this policy current as the platform and applicable standards evolve.
Contact for Privacy Matters: All privacy-related enquiries, data subject rights requests, and complaints should be addressed to hgzy bdt's support team at [email protected]. Please use the subject line "Privacy Enquiry" and include your registered account username so we can locate your account records efficiently. Our support team is available 24/7 in English and operates on Bangladesh Standard Time (BST, UTC+6).
Policy Updates: hgzy bdt reviews this Privacy Policy periodically and may update it to reflect changes in how we operate, changes in our service offering (for example, new payment methods or game providers), or changes in applicable legal requirements. When material updates are made, the effective date at the top of this page will be revised, and where the changes are significant, we will notify you via your registered email address.
Continued Use as Acceptance: Continued use of the hgzy bdt platform following an update to this Privacy Policy constitutes your acceptance of the revised policy. If you do not agree with any changes made to this policy, you should stop using hgzy bdt and submit an account closure request to [email protected].
Relationship to Other Policies: This Privacy Policy should be read alongside the hgzy bdt Terms & Conditions and the Responsible Gaming Policy. Together, these three documents form the complete framework governing your use of the hgzy bdt platform and our obligations to you as a member. Where this Privacy Policy refers to actions available to you (such as account closure or self-exclusion), the detailed procedure for those actions is set out in the relevant linked document.
hgzy bdt's support team handles all privacy enquiries with the same priority as account and payment issues. Write to [email protected] with your question and your account username. We will respond in plain English within 5 working days and will escalate complex data requests to our compliance team where required.
Have More Questions About Privacy?
Our support team is available 24/7 in English. You can also read our Terms & Conditions for the full platform rules, visit our Responsible Gaming page, or explore hgzy bdt's games and features.