bdee Privacy Policy
Your privacy matters to bdee. This Privacy Policy explains what personal data we collect, why we collect it, how it is stored and processed, and the rights you have over your own information when using our platform in Bangladesh.
Privacy at a Glance
The cards below summarise bdee's core privacy commitments. For the complete legal text governing how we handle your personal data, please read the full sections that follow.
Minimal Data Collection
bdee collects only the personal data necessary to provide our services, verify your identity, process transactions, and comply with applicable anti-money-laundering obligations. We do not collect data speculatively or beyond what is strictly required.
Secure Storage
All personal data stored by bdee is protected by AES-256 encryption at rest and TLS 1.3 encryption in transit. Access to personal data is restricted to authorised personnel only, with all access events logged and audited.
Your Data, Your Rights
You have the right to access, correct, export, and request deletion of your personal data at any time. Submit a data request to our support team and we will respond within 30 days in accordance with applicable data protection standards.
No Data Sales
bdee does not sell, rent, or trade your personal information to third-party marketers or advertisers. Data shared with partners is limited strictly to what is needed to deliver our services — such as payment processing and fraud prevention.
Transparent Cookie Use
We use cookies and similar technologies solely for session management, platform performance measurement, and security purposes. Detailed cookie categories and their purposes are described in the Cookies section of this policy.
Defined Retention Periods
bdee retains personal data only for as long as it is needed for the purposes stated in this policy, or as required by law. Once the retention period expires, data is securely deleted or anonymised in line with our internal data lifecycle procedures.
Complete Privacy Policy
1. Information We Collect
1.1 Information You Provide Directly
When you register an account or interact with bdee services, you actively provide us with certain personal data. This includes:
- Identity data: Full legal name, date of birth, gender, and nationality as entered during account registration or KYC verification.
- Contact data: Email address, mobile phone number, and residential address (including city, district, and postcode).
- Account credentials: Your chosen username and an encrypted hash of your password. We never store passwords in plain text.
- Identity documents: Scanned copies or photographs of government-issued identification (National ID, passport, or driving licence) and proof of address submitted during KYC verification.
- Payment data: Mobile banking account details for bKash, Nagad, Rocket, or Upay; card numbers (last four digits only, stored by our payment processor) for Visa and Mastercard transactions; and bank account references for Dutch-Bangla Bank or BRAC Bank transfers. Full card numbers are never stored on bdee servers.
- Communications: Records of any messages, emails, or live chat conversations you have with our support team, including attachments you voluntarily submit.
1.2 Information Collected Automatically
When you access and navigate bdee.app, our systems automatically collect certain technical and behavioural data to ensure platform stability, security, and a personalised experience:
- Device and browser data: IP address, device type, operating system version, browser type and version, screen resolution, and language settings.
- Usage data: Pages visited, time spent on each page, games played, bets placed, search queries entered within the platform, and navigation paths through the site.
- Session data: Login timestamps, session duration, logout events, and any concurrent session detection flags raised by our security system.
- Transaction logs: Complete records of all deposits, withdrawals, bonus activations, wagering activity, and game round results associated with your account.
- Geolocation data: Approximate location derived from IP address, used for fraud detection and jurisdictional access control. We do not collect GPS-level location data from your device.
1.3 Information from Third Parties
In certain circumstances, bdee receives personal data about you from trusted third parties. This includes identity verification results from our KYC service providers, fraud risk scores from payment processors, and — where you have chosen to use a social login option — basic profile data from the relevant authentication provider. In all cases, third-party data transfers are governed by data-sharing agreements that require the third party to handle your data in compliance with applicable privacy standards.
2. How We Use Your Data
bdee processes your personal data for the following lawful purposes. Where a specific legal basis applies, it is noted alongside each purpose.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account creation and management | Identity data, contact data, credentials | Contract performance |
| Identity and age verification (KYC) | Identity data, identity documents | Legal obligation |
| Processing deposits and withdrawals | Payment data, transaction logs | Contract performance |
| Fraud detection and prevention | Device data, usage data, geolocation, transaction logs | Legitimate interest |
| Customer support communications | Contact data, communications | Contract performance |
| Responsible gaming monitoring | Usage data, session data, transaction logs | Legal obligation / legitimate interest |
| Platform analytics and improvement | Usage data, device data (anonymised) | Legitimate interest |
| Promotional communications (opt-in) | Contact data, usage data | Consent |
bdee does not use automated decision-making or profiling in a way that produces legal or similarly significant effects on users, except where required to detect fraud or enforce responsible gaming limits — in which case you have the right to request human review of any automated decision.
3. Data Sharing & Third Parties
3.1 Service Providers
bdee engages carefully vetted third-party service providers who process data on our behalf under binding data processing agreements. These providers are permitted to use your data only for the specific purpose for which they are engaged. Service provider categories include:
- Payment processors: bKash, Nagad, Rocket, Upay, Visa/Mastercard network processors, Dutch-Bangla Bank, and BRAC Bank — to facilitate deposit and withdrawal transactions.
- KYC and identity verification providers: Third-party services that verify government-issued documents and cross-reference identity data against watchlists as required for AML compliance.
- Game software providers: Companies such as Pragmatic Play, Evolution Gaming, Microgaming, NetEnt, Ezugi, and Spribe, whose game platforms process game-round data to produce and record results.
- Cloud infrastructure providers: Hosting and database services that store encrypted platform data in secure data centres.
- Customer support platforms: Live chat and helpdesk software providers used to manage support interactions.
3.2 Legal Disclosures
bdee may disclose your personal data to law enforcement agencies, regulatory bodies, or courts when required to do so by law, court order, or formal regulatory request. We will notify you of any such disclosure where we are legally permitted to do so. Where disclosure is required urgently to prevent or investigate a serious crime (including fraud or money laundering), notification may be delayed or withheld in accordance with applicable law.
3.3 No Sale of Personal Data
bdee does not sell, rent, lease, or otherwise transfer your personal data to any third party for marketing or commercial purposes. If this policy changes in the future in any material way, we will notify you by email and publish a revised policy with a new effective date. Your continued use of bdee following such notice constitutes acceptance of the revised terms.
4. Cookies & Tracking Technologies
bdee uses cookies and similar browser-based technologies (including local storage and session storage) to operate and improve the platform. A cookie is a small text file placed on your device when you visit a website. The following categories of cookies are used on bdee.app:
| Cookie Category | Purpose | Can Be Disabled? |
|---|---|---|
| Strictly Necessary | Session management, authentication, security tokens, fraud prevention flags | No — required for core platform function |
| Functional | Remembering language preferences, preferred deposit method, display settings | Yes — disabling affects personalisation |
| Analytics | Aggregated, anonymised page-view and feature-usage data to improve the platform | Yes — opt out via account settings |
| Security | Device fingerprinting for concurrent session detection and account takeover prevention | No — required for account security |
bdee does not use third-party advertising cookies or retargeting pixels. You can manage cookie preferences through your browser settings, though disabling strictly necessary or security cookies may prevent some platform features from functioning correctly. Most modern browsers allow you to view, delete, and block cookies via the browser settings menu.
5. Data Retention
bdee retains personal data for the minimum period necessary to fulfil the purposes described in this policy, subject to any longer retention periods required by applicable law. The general retention framework is as follows:
- Account data and KYC documents: Retained for the duration of your active account plus 5 years following account closure, in compliance with anti-money-laundering record-keeping obligations.
- Transaction records: Retained for 7 years from the date of each transaction, as required for financial audit and regulatory purposes.
- Support communications: Retained for 3 years from the date of the last interaction, to allow us to investigate historical disputes or regulatory queries.
- Marketing consent records: Retained until you withdraw consent, plus a further 1 year as evidence of the consent event.
- Anonymised analytics data: May be retained indefinitely, as it no longer constitutes personal data once appropriately anonymised and cannot be used to re-identify any individual.
- Responsible gaming records (self-exclusion, limit settings): Retained for the duration of any active restriction plus 5 years, to prevent circumvention of exclusion periods.
When the applicable retention period expires, personal data is either securely deleted from all active and backup systems, or irreversibly anonymised so that it can no longer be associated with any identifiable individual. Deletion requests submitted by users before the expiry of a mandatory retention period will be queued and processed at the earliest point permitted by law.
6. Your Privacy Rights
As a bdee user, you hold the following rights over your personal data. To exercise any of these rights, contact our privacy team at [email protected] with the subject line "Privacy Request". We will verify your identity before processing any data request and will respond within 30 calendar days.
- Right of access: Request a copy of all personal data bdee holds about you, including its source, the purposes for which it is processed, and any third parties with whom it has been shared.
- Right to rectification: Request that inaccurate or incomplete personal data be corrected. You may also update most account details directly via your bdee account settings page.
- Right to erasure: Request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you withdraw consent (and no other legal basis applies), or where the data has been unlawfully processed. Note that erasure requests cannot override mandatory legal retention obligations.
- Right to restriction of processing: Request that we suspend processing of your personal data in certain circumstances — for example, while an accuracy dispute is under review.
- Right to data portability: Request a machine-readable export of the personal data you have provided to bdee, in a commonly used format such as JSON or CSV.
- Right to object: Object to processing carried out on the basis of legitimate interests, including profiling for fraud prevention purposes. We will cease that processing unless we can demonstrate compelling legitimate grounds that override your interests.
- Right to withdraw consent: Where processing is based on your consent (e.g., marketing communications), you may withdraw that consent at any time via account settings or by contacting support. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal date.
7. Data Security
bdee implements a layered technical and organisational security framework designed to protect your personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. Key measures in place include:
- Encryption: All data transmitted between your browser and bdee.app is encrypted using TLS 1.3. Sensitive data stored in our databases is encrypted at rest using AES-256.
- Access controls: Access to systems containing personal data is restricted to authorised personnel on a strict need-to-know basis, enforced through role-based access control and multi-factor authentication for all internal accounts.
- Intrusion detection: Our infrastructure is monitored 24/7 by automated intrusion detection systems. Anomalous access patterns trigger immediate alerts and investigation.
- Password handling: Passwords are never stored in plain text. bdee uses a cryptographic hashing algorithm with per-user salts. In the event of a data breach, your plaintext password cannot be recovered from our stored hash.
- Regular security audits: bdee conducts periodic internal and third-party security assessments, including penetration testing and vulnerability scanning, to identify and remediate potential weaknesses before they can be exploited.
- Staff training: All bdee personnel with access to personal data receive mandatory data protection training at onboarding and on a recurring annual basis.
While bdee takes all reasonable measures to protect your personal data, no transmission over the internet or electronic storage system is entirely free from risk. In the event of a security incident that affects your personal data and poses a high risk to your rights and freedoms, bdee will notify you without undue delay and provide guidance on protective steps you can take.
8. Contact & Policy Updates
8.1 How to Contact Us
For all privacy-related enquiries, data subject requests, or concerns about how bdee handles your personal data, please contact our support team:
- Email: [email protected] — use the subject line "Privacy Request" for data-related matters.
- Live Chat: Available 24/7 through your bdee account dashboard. Response time is typically 2–5 minutes.
All privacy enquiries are handled by Bangladesh Standard Time (BST, UTC+6). Written requests submitted by email are typically acknowledged within one business day and fully resolved within 30 calendar days, or sooner where the request is straightforward.
8.2 Updates to This Policy
bdee reviews this Privacy Policy periodically and may update it to reflect changes in our data practices, new services, or evolving legal and regulatory requirements. When material changes are made, we will notify all registered users by email at least 14 days before the changes take effect, and publish the updated policy on this page with a revised "Last Updated" date. For minor clarifications or non-material changes, the policy may be updated without direct notification — we therefore encourage you to check this page periodically.
Your continued use of bdee services after a policy update takes effect constitutes your acknowledgement of the revised Privacy Policy. If you do not agree with any changes, you may request account closure by contacting support before the effective date.
Explore bdee With Confidence
Your data is protected. Your privacy is respected. Now discover the full range of casino games and sports betting markets bdee has to offer — safely and securely.