Privacy Policy — How 999bdt Handles Your Personal Data
At 999bdt, we treat your personal data with the same care we bring to every aspect of our platform. This Privacy Policy explains in plain terms exactly what information we collect, why we collect it, how we use and protect it, and what rights you hold over your own data. We are committed to transparency, security, and full respect for your privacy as a member of the 999bdt community in Bangladesh.
This Privacy Policy applies to all personal data processed by 999bdt in connection with the platform available at 999bdt.bio, including the sports betting service, live casino, slot games, card games, and the Finance / Wallet system. By registering an account with 999bdt, you acknowledge that you have read and understood this Privacy Policy in full. If you do not agree with any part of this policy, you should not register an account or submit personal data to 999bdt.
Information We Collect
999bdt collects personal data through several channels: information you provide directly during account registration and KYC verification; information generated automatically as you use the platform; and information received from payment processors and identity verification partners in the normal course of account management.
The categories of personal data we collect include, but are not limited to, the following:
| Category | Examples | Collection Method |
|---|---|---|
| Identity Data | Full legal name, date of birth, Bangladesh NID number, photograph | Provided by you during KYC verification |
| Contact Data | Email address, Bangladeshi mobile number | Provided by you at registration |
| Financial Data | bKash number, Nagad number, Rocket number, bank account details | Provided by you when making deposits or withdrawal requests |
| Transaction Data | Deposit amounts, withdrawal requests, bet history, game history, bonus claims | Automatically recorded by the platform |
| Technical Data | IP address, device type, browser type and version, operating system, session timestamps | Automatically collected via server logs and cookies |
| Behavioural Data | Pages visited, games played, betting patterns, time spent on platform | Automatically collected via analytics and session tracking |
| Communications Data | Live chat transcripts, support email content, dispute records | Recorded when you contact the 999bdt support team |
999bdt does not collect sensitive personal data beyond what is strictly necessary for identity verification (KYC) and responsible gaming compliance. We do not collect biometric data, health data, or political/religious affiliation data. We do not knowingly collect personal data from individuals under 18 years of age. If we discover that an account has been created by a person under 18, we will immediately suspend the account and delete or anonymise the associated data.
How We Use Your Information
999bdt processes your personal data only for legitimate, specific, and clearly defined purposes. We do not use your data for purposes incompatible with those for which it was originally collected. The primary purposes for which we process personal data are:
- Account Management: Creating, maintaining, and securing your 999bdt member account, including password recovery, OTP two-factor authentication, and session management.
- Identity Verification (KYC): Confirming your age (18+), legal name, and payment method ownership as required by our responsible gaming obligations and anti-fraud policies.
- Payment Processing: Facilitating deposits and withdrawals via bKash, Nagad, Rocket, Upay, and local bank transfer channels in Bangladeshi Taka (৳ BDT).
- Service Delivery: Making available all platform features including cricket betting, live casino, slots, Teen Patti Joker, and the Finance / Wallet system.
- Responsible Gaming: Monitoring account activity to identify patterns that may indicate problem gambling, applying self-exclusion periods, enforcing deposit limits, and delivering cooling-off periods as requested or required.
- Anti-Fraud and Security: Detecting, investigating, and preventing money laundering, bonus abuse, multi-accounting, unauthorised access, and other fraudulent activity on the platform.
- Customer Support: Responding to your enquiries, processing disputes, and providing assistance via our 24/7 English-language support team.
- Legal Compliance: Meeting our obligations under applicable laws and cooperating with lawful requests from competent regulatory and law enforcement authorities.
- Platform Improvement: Analysing aggregated, anonymised usage data to improve the user experience, optimise platform performance, and develop new features.
- Communications: Sending you transactional emails and SMS messages relating to your account activity (deposits, withdrawals, OTPs, security alerts). Promotional communications are only sent where you have opted in.
SSL Encryption on Every Page
All data transmitted between your device and 999bdt is protected by industry-standard SSL/TLS encryption. This applies to login sessions, deposit flows, withdrawal requests, and every other interaction with the platform — your data never travels unprotected.
We Never Sell Your Data
999bdt does not sell, rent, or trade your personal data to any third-party advertiser, data broker, or marketing company. Your information is used solely to operate your account, process your payments, and keep the platform secure. Full stop.
KYC Handled with Care
Identity documents submitted for KYC verification are stored on encrypted servers with strict access controls. Only authorised compliance staff may access KYC documents, and access is logged and audited. Documents are deleted or anonymised once the retention period expires.
Transparent Cookie Use
999bdt uses only essential session cookies and first-party analytics cookies. We do not deploy third-party advertising cookies or cross-site tracking pixels. You can review and manage your cookie preferences via your browser settings at any time without affecting your ability to use the platform.
Your Right to Erasure
You may request deletion of your personal data at any time. 999bdt will process erasure requests within 30 days, subject to our legal obligation to retain certain records (such as transaction history and KYC documents) for the minimum periods required by applicable law.
bKash & Nagad Data Security
Financial identifiers such as your bKash and Nagad mobile wallet numbers are stored in encrypted form and are used exclusively for processing your deposits and withdrawals. They are never displayed in full in any communication and are never shared with parties outside the payment processing chain.
Data Sharing and Third Parties
999bdt does not sell or commercially share your personal data. However, in order to deliver a fully functional and secure platform, we work with a limited number of trusted third-party service providers who process data on our behalf and under our instructions. These partners are bound by strict contractual data-processing obligations and are not permitted to use your data for their own independent purposes.
The categories of third parties with whom your data may be shared, and the reason for sharing, are as follows:
- Payment Processors: bKash, Nagad, Rocket, Upay, and domestic bank partners receive the payment identifiers and transaction amounts necessary to process your deposits and withdrawals. These providers are subject to Bangladesh Bank regulations and their own published privacy policies.
- Identity Verification Partners: Third-party KYC verification services may receive your identity documents and personal details for the purpose of performing age and identity checks. These partners are contractually obligated to handle KYC data in accordance with applicable data protection standards.
- Game Providers: Live casino and slot game providers such as Pragmatic Play, Evolution Gaming, Ezugi, NetEnt, Microgaming, and Spribe receive a pseudonymous player identifier and bet data necessary to run the game session. These providers do not receive your full name, NID, or payment details.
- Hosting and Infrastructure Providers: The 999bdt platform is hosted on secure, enterprise-grade cloud infrastructure. Our hosting partners have access to server-level data only and are bound by data processing agreements that prohibit independent use of that data.
- Fraud Prevention and Security Services: We use specialist security tools to detect suspicious login activity, multi-accounting, and potential money laundering. These tools may process your IP address, device fingerprint, and behavioural data to generate risk scores used in our internal compliance reviews.
- Legal and Regulatory Authorities: 999bdt will disclose personal data to law enforcement agencies, regulators, or courts when required to do so by a lawfully issued order, warrant, or legal obligation. We will notify affected members of such disclosures where we are legally permitted to do so.
Cookies and Tracking Technologies
999bdt uses cookies and similar technologies (such as local storage and session tokens) to ensure the platform functions correctly, to keep you securely logged in during your session, and to understand how members interact with different areas of the platform so that we can continue to improve the experience.
We use the following categories of cookies on the 999bdt platform:
- Strictly Necessary Cookies: These cookies are essential for the platform to function. They manage your login session, store your language and currency preferences, and maintain the integrity of your betting slip and wallet balance during a session. You cannot opt out of strictly necessary cookies while using the platform.
- Performance and Analytics Cookies: These first-party cookies collect anonymised data about how members navigate the platform — which pages are visited most frequently, where users spend the most time, and which features are used least. This data is used exclusively for internal platform improvement and is never shared with external advertising networks.
- Security Cookies: These cookies support our fraud prevention and account security systems. They help us identify unusual login patterns, detect the use of multiple accounts from the same device, and verify that automated bot activity is not occurring on the platform.
999bdt does not use third-party advertising cookies, retargeting pixels, social media tracking scripts, or any other cross-site tracking technology that would allow external parties to build a profile of your browsing behaviour outside the 999bdt platform.
Data Security and Storage
999bdt takes the security of your personal data seriously and has implemented a range of technical and organisational measures to protect it against unauthorised access, accidental loss, destruction, or disclosure. These measures include:
- SSL/TLS Encryption: All data transmitted between your browser or app and the 999bdt servers is encrypted using current-generation SSL/TLS protocols. This applies to all platform pages, including login, deposit, and withdrawal flows.
- Encrypted Data Storage: Sensitive data fields — including passwords, NID numbers, bKash and Nagad identifiers, and bank account details — are stored in encrypted form in our database. Passwords are hashed using a secure one-way algorithm and cannot be recovered in plain text by any 999bdt employee.
- Access Controls: Access to personal data within 999bdt is restricted on a strict need-to-know basis. Only staff whose role requires access to specific data categories are granted that access. All access is logged and subject to periodic audit.
- Two-Factor Authentication (2FA): All 999bdt member accounts are protected by OTP-based two-factor authentication on new device logins and withdrawal requests. This ensures that even if your password is compromised, your account and funds remain protected.
- Security Monitoring: Our security systems monitor platform activity around the clock for indicators of compromise, brute-force login attempts, and anomalous transaction patterns. Suspicious activity triggers an automatic account review and, where necessary, a temporary account freeze pending investigation.
- Regular Security Reviews: 999bdt conducts periodic internal security reviews of its data processing systems. We also maintain an internal incident response process to ensure that any data breach is identified, contained, and addressed promptly.
Despite the measures described above, no online platform can guarantee absolute security against all possible threats. 999bdt will notify affected members promptly if a data security incident occurs that materially affects the security of their personal data, and will take all reasonable steps to mitigate any harm caused.
Your Data Rights and Choices
As a member of 999bdt, you hold the following rights with respect to your personal data. To exercise any of these rights, please contact our support team at [email protected] with the subject line "Data Rights Request". We will acknowledge your request within 48 hours and provide a substantive response within 30 calendar days.
- Right of Access: You may request a copy of the personal data that 999bdt holds about you. We will provide this in a structured, commonly used, machine-readable format (such as PDF or CSV) where technically feasible.
- Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected. Please note that corrections to KYC identity data will require re-verification with supporting documents.
- Right to Erasure ("Right to Be Forgotten"): You may request that 999bdt delete your personal data. We will honour erasure requests subject to our legal obligations to retain certain data categories (see the Data Retention section below). If your account is active and in good standing, you may request account closure and data erasure simultaneously.
- Right to Restrict Processing: You may request that we restrict the processing of your personal data in certain circumstances — for example, if you contest the accuracy of the data or if you have objected to processing and a review is pending.
- Right to Object to Marketing: You may withdraw consent for marketing communications at any time. This will not affect the delivery of transactional and security messages that are essential to the operation of your account.
- Right to Data Portability: You may request that your transaction history, bet records, and account data be provided to you in a portable, structured format so that you can transfer or store them independently of the 999bdt platform.
Data Retention Policy
999bdt retains your personal data only for as long as it is necessary for the purposes for which it was collected, or for as long as required by applicable law. The following general retention periods apply:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account registration data (name, email, mobile) | Duration of account + 5 years after closure | Legal and compliance obligations |
| KYC documents (NID, photograph) | Duration of account + 5 years after closure | Anti-money laundering legal requirements |
| Transaction records (deposits, withdrawals, bets) | 7 years from date of transaction | Financial record-keeping obligations |
| Support communications | 3 years from last interaction | Dispute resolution and audit trail |
| Technical logs (IP, device, session data) | 12 months from collection | Security monitoring and fraud prevention |
| Marketing consent records | Until consent is withdrawn + 3 years | Evidence of consent for compliance purposes |
| Self-exclusion records | Minimum 7 years | Responsible gaming regulatory obligation |
Once the applicable retention period has elapsed, personal data is either permanently deleted or anonymised so that it can no longer be linked to an identifiable individual. Anonymised data may be retained indefinitely for internal statistical and platform improvement purposes, as it no longer constitutes personal data.
Changes to This Privacy Policy
999bdt reserves the right to update or revise this Privacy Policy at any time to reflect changes in our data processing practices, changes in applicable law, or improvements to the platform. When material changes are made, we will notify active members via the email address registered to their account and will publish a revised version of the policy at 999bdt.bio/privacy-policy with an updated effective date.
We encourage all members to review this Privacy Policy periodically, particularly following any notification of a material update. Continued use of the 999bdt platform after the effective date of a revised Privacy Policy constitutes your acceptance of the updated terms.
If you have any questions, concerns, or requests relating to this Privacy Policy or to the way 999bdt handles your personal data, please do not hesitate to contact our dedicated support team. We are committed to addressing all privacy enquiries promptly and transparently.
This Privacy Policy was last reviewed and updated on 1 January 2026. It supersedes all previous versions of the 999bdt Privacy Policy. The English-language version of this policy is the authoritative version and prevails in the event of any conflict with any translated version.
Your Privacy Is Protected — Now Explore the Platform
Now that you understand how 999bdt safeguards your data, you can enjoy cricket betting, live casino games, and slots with confidence. 18+ only. Play responsibly.