Data Protection & Privacy
c33bd Privacy Policy
At c33bd, protecting the personal data of every player in Bangladesh is a fundamental responsibility. This Privacy Policy explains in plain English exactly what data we collect, why we collect it, how we use it, who we share it with, and what rights you have over your information.
Section 1
Information We Collect
c33bd collects personal data through several channels: directly from you when you register and use the Platform, automatically through technical systems as you interact with our website and apps, and in limited cases from third-party sources such as payment processors and identity verification providers. We collect only what is necessary for the legitimate purposes described in this Policy.
1.1 Registration and Account Data
When you create a c33bd account, we collect the following information:
- Full legal name as it appears on your government-issued identification
- Date of birth (used to verify that you are 18 years of age or older)
- Residential address, including city and postal code within Bangladesh
- Email address (used for account communications and security alerts)
- Mobile phone number (used for SMS verification and two-factor authentication)
- Username and encrypted password
- Preferred language and currency settings
1.2 Identity Verification (KYC) Data
As part of our Know Your Customer (KYC) obligations, we may collect copies of:
- National Identity Card (NID), passport, or driving licence
- Proof of address documents such as a recent utility bill or bank statement
- Selfie or live photo for biometric verification where applicable
- Payment instrument documentation (e.g., screenshot of bKash or Nagad account)
KYC documents are retained in encrypted storage and are accessible only to authorised c33bd personnel and our approved identity verification service providers.
1.3 Financial Transaction Data
For every deposit, withdrawal, and bonus transaction processed through your c33bd account, we retain a record of the transaction amount in BDT (৳), transaction timestamp, payment method used (bKash, Nagad, Rocket, Upay, Visa, Mastercard), and transaction reference numbers. We do not store full card numbers or mobile banking PINs — these are handled exclusively by your payment provider.
1.4 Gameplay and Betting Data
c33bd records detailed activity logs for every game session and wager placed on the Platform, including game type, stake amounts, bet outcomes, session duration, and timestamps. This data is used for account management, dispute resolution, responsible gaming monitoring, and regulatory compliance purposes.
1.5 Technical and Device Data
Our systems automatically collect certain technical data when you access the c33bd Platform, including your IP address, browser type and version, operating system, device type (desktop, mobile, tablet), referring URL, pages visited, and session duration. This data helps us maintain Platform security, diagnose technical issues, and understand how users across Bangladesh interact with c33bd.
Registration Data
Name, date of birth, address, email, and mobile number collected at account creation. Used for identity, security, and communication purposes.
Payment Data
Transaction records in BDT for every deposit and withdrawal. Full card numbers and mobile PINs are never stored by c33bd.
Device & Technical Data
IP address, browser type, and session data collected automatically. Used for security monitoring and improving Platform performance.
Section 2
How We Use Your Data
c33bd processes your personal data only where we have a lawful basis for doing so. The primary lawful bases we rely on are: (a) performance of a contract — processing necessary to provide you with c33bd services under our Terms and Conditions; (b) legal obligation — processing required to comply with applicable laws including anti-money laundering, KYC, and responsible gaming regulations; (c) legitimate interests — processing that serves c33bd's genuine operational needs without overriding your rights; and (d) consent — where you have given us specific, informed, and freely given permission to process data for a particular purpose.
2.1 Service Delivery
We use your data to create and manage your c33bd account, process deposits and withdrawals via bKash, Nagad, Rocket, Upay, Visa, and Mastercard, settle bets and game outcomes, apply bonuses and promotions to your account, and deliver the full range of casino and sports betting services available on the Platform. Without this processing, we cannot provide you with c33bd services.
2.2 Identity Verification and Compliance
c33bd is obligated to verify the identity and age of all registered players. We use your KYC data to confirm that you are at least 18 years of age, to comply with anti-money laundering (AML) obligations, to detect and prevent fraud, and to report suspicious activity to the relevant authorities where required by law. This processing is a legal requirement and cannot be opted out of.
2.3 Responsible Gaming Monitoring
We use your gameplay and account activity data to monitor for signs of problematic gambling behaviour, to enforce any deposit limits, loss limits, or self-exclusion requests you have applied to your account, and to proactively reach out where our responsible gaming systems flag potential concern. Responsible gaming monitoring is carried out in your interest and in compliance with our platform obligations.
2.4 Security and Fraud Prevention
Your technical and device data, transaction history, and account activity are analysed to detect and prevent unauthorised access, fraudulent transactions, multi-accounting, bonus abuse, and other prohibited conduct as defined in our Terms and Conditions. Security processing is a legitimate interest of c33bd and is fundamental to keeping all players on the Platform safe.
2.5 Communications
We use your email address and mobile number to send you transactional communications such as account confirmation, deposit and withdrawal notifications, security alerts, password reset instructions, and KYC requests. Where you have given your consent, we may also send you promotional communications about c33bd offers, new games, or seasonal promotions relevant to the Bangladesh market. You may withdraw consent to marketing communications at any time by contacting [email protected].
2.6 Platform Improvement and Analytics
Aggregated and anonymised data from gameplay, navigation patterns, and device usage is used to improve the c33bd Platform — including identifying performance bottlenecks, improving game load times, and informing product development decisions. This analytics processing does not identify you personally and is used solely to make c33bd a better experience for all players.
Lawful Basis Always Required
c33bd processes your data only where a clear lawful basis exists — contract performance, legal obligation, legitimate interest, or your explicit consent.
Marketing Is Opt-In
Promotional emails and SMS are only sent with your consent. You can withdraw marketing consent at any time by emailing [email protected].
Analytics Are Anonymised
Platform improvement analytics use aggregated, anonymised data only. Individual player identities are never used in analytics processing.
Section 3
Data Sharing and Disclosure
c33bd does not sell, rent, or trade your personal data to any third party for their own marketing or commercial purposes. We share your data only in the limited circumstances described below, and only to the extent necessary for the specified purpose.
3.1 Payment Processors
To process your deposits and withdrawals, we share the minimum necessary transaction data with our payment partners — bKash, Nagad, Rocket, Upay, Visa, and Mastercard. These providers operate under their own privacy policies and data protection obligations. c33bd does not have visibility into or control over payment processor data practices beyond the transaction data we transmit for settlement purposes.
3.2 Identity Verification Providers
c33bd uses approved third-party KYC and identity verification service providers to validate the identity documents submitted by players. These providers receive copies of the documents you submit during KYC and return a verification result to c33bd. All KYC providers used by c33bd are required to maintain data security standards consistent with our own and to use your data solely for the purpose of identity verification.
3.3 Legal and Regulatory Disclosure
c33bd will disclose personal data to law enforcement agencies, regulatory authorities, or courts where required to do so by applicable law, by a valid legal order, or where we determine in good faith that disclosure is necessary to prevent or report suspected criminal activity including fraud, money laundering, or match fixing. c33bd will notify you of any such disclosure where legally permitted to do so.
3.4 Business Transfers
In the event that c33bd undergoes a business restructuring, merger, acquisition, or asset sale, your personal data may be transferred to the acquiring entity as part of that transaction. You will be notified in advance of any such transfer via your registered email address, and the acquiring entity will be required to honour the commitments made in this Privacy Policy.
3.5 Service Providers
c33bd engages a limited number of trusted third-party service providers — such as cloud hosting providers, customer support platform vendors, and email delivery services — who process data on our behalf under binding data processing agreements. These providers are prohibited from using your data for any purpose other than providing their contracted service to c33bd.
Payment Partners Only
Transaction data is shared with bKash, Nagad, Rocket, Upay, Visa, and Mastercard strictly for payment processing. Nothing beyond what settlement requires.
Legal Orders Honoured
c33bd will comply with valid legal orders requiring data disclosure to law enforcement or regulatory authorities, and will notify you where permitted.
Processors Under Contract
All third-party service providers who handle your data do so under binding data processing agreements that restrict use to contracted services only.
Section 4
Cookies and Tracking Technologies
c33bd uses cookies and similar tracking technologies to operate the Platform, maintain your session, remember your preferences, and analyse how players use the site. A cookie is a small text file placed on your device by a website you visit. Cookies are widely used across the internet and are essential to the operation of most modern web platforms.
| Cookie Category | Purpose | Examples | Can Be Disabled? |
|---|---|---|---|
| Strictly Necessary | Essential to Platform operation — session management, login authentication, security tokens, fraud detection | Session ID, CSRF token, auth token | No — disabling breaks core functionality |
| Functional | Remembers your preferences such as language, display settings, and last visited game category | lang_pref, display_mode, last_game | Yes — via browser settings |
| Analytics | Collects anonymised data on page visits, navigation paths, and session duration to help improve the Platform | _ga, _gid, session_start | Yes — via browser settings |
| Responsible Gaming | Maintains session-time tracking so that time-out reminders and session limit features function correctly | rg_session_start, rg_timer | No — required for player protection |
4.1 Managing Cookies
You can control and delete cookies through your browser settings. Most modern browsers allow you to block third-party cookies, clear existing cookies, and receive a notification before a new cookie is placed. Please note that disabling strictly necessary cookies will impair or prevent your ability to log in and use the c33bd Platform. Instructions for managing cookies in common browsers are available through each browser's help documentation.
4.2 Do Not Track
Some browsers transmit a "Do Not Track" (DNT) signal to websites. c33bd currently does not alter its data collection practices in response to DNT signals, as there is no universally accepted standard for interpreting these signals. We will review this position as industry standards evolve.
Section 5
Data Retention
c33bd retains your personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable law. The following retention periods apply to the main categories of personal data we hold:
- Account and registration data: Retained for the lifetime of your active account, plus a minimum of 5 years following account closure to comply with anti-money laundering record-keeping obligations.
- KYC and identity documents: Retained for a minimum of 5 years from the date of submission or from the date of account closure, whichever is later, in accordance with applicable legal requirements.
- Transaction and financial records: Retained for a minimum of 5 years from the date of the transaction, consistent with financial record-keeping obligations.
- Gameplay and betting logs: Retained for a minimum of 3 years from the date of the relevant session or bet, used for dispute resolution and responsible gaming monitoring.
- Technical and device logs: Retained for up to 12 months from the date of collection, unless extended retention is required for a specific security investigation.
- Marketing consent records: Retained for as long as your consent remains active, plus 2 years following withdrawal of consent as evidence of the consent lifecycle.
When personal data is no longer required for any of the above purposes and no legal obligation requires its continued retention, c33bd will securely delete or anonymise that data in a manner that prevents reconstruction of the original information.
5.1 Account Closure and Data
Closing your c33bd account does not result in the immediate deletion of all your personal data. Due to AML, KYC, and financial record-keeping obligations, c33bd is required to retain certain data for the periods specified above even after account closure. Upon expiry of the applicable retention period, your data will be securely deleted or irreversibly anonymised.
Minimum 5-Year Retention
KYC documents and financial transaction records are retained for at least 5 years after account closure due to AML legal obligations.
Secure Deletion
When retention periods expire, c33bd securely deletes or irreversibly anonymises your data. Reconstruction of deleted data is not possible.
Closing Account ≠ Instant Deletion
Legal obligations require certain data to be kept even after account closure. We will notify you of what data is retained and for how long upon closure.
Section 6
Your Privacy Rights
c33bd respects your rights over your personal data. Subject to applicable law and to certain limitations where legal obligations require continued processing, you have the following rights in relation to the personal data c33bd holds about you:
6.1 Right of Access
You have the right to request a copy of the personal data c33bd holds about you. We will provide this in a structured, commonly used, and machine-readable format where technically feasible. Requests for access should be submitted to [email protected] with the subject line "Data Access Request". c33bd aims to respond to access requests within 30 days of receipt.
6.2 Right to Rectification
If any personal data c33bd holds about you is inaccurate or incomplete, you have the right to request that we correct or complete it. For account details such as email address, mobile number, and residential address, you may update these directly within your c33bd account dashboard. For KYC documents, corrections must be submitted via [email protected] along with updated supporting documentation.
6.3 Right to Erasure
You may request that c33bd delete your personal data in certain circumstances — for example, where the data is no longer needed for the purpose for which it was collected, or where you withdraw consent and there is no other lawful basis for processing. This right is subject to legal retention obligations: c33bd cannot erase data that we are legally required to retain under AML, KYC, or financial record-keeping laws, even if you request erasure.
6.4 Right to Restriction of Processing
You may request that c33bd restrict the processing of your personal data in certain circumstances, for example while the accuracy of data is being contested, or while an objection to processing is being assessed. During a restriction period, c33bd will continue to store your data but will not actively use it for the purposes subject to the restriction.
6.5 Right to Object
Where c33bd processes your data on the basis of legitimate interests, you have the right to object to that processing. We will assess your objection and cease processing unless we can demonstrate compelling legitimate grounds that override your rights, or unless the processing is necessary for the establishment, exercise, or defence of legal claims.
6.6 Right to Withdraw Consent
Where c33bd processes your data on the basis of your consent — for example, for marketing communications — you may withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal. To withdraw marketing consent, email [email protected] with the subject line "Withdraw Marketing Consent".
6.7 Exercising Your Rights
To exercise any of the rights described above, contact c33bd's support team at [email protected]. We may need to verify your identity before processing a rights request. c33bd does not charge a fee for exercising your privacy rights except in cases of manifestly unfounded or excessive requests, in which case a reasonable administrative fee may be applied.
Access Your Data
Request a copy of everything c33bd holds about you. Email [email protected] with "Data Access Request" as the subject line.
Correct Inaccuracies
Update your account details in your dashboard, or contact support to correct KYC documents and other records we hold about you.
Request Erasure
Ask us to delete your data where it is no longer needed. Legal retention obligations may limit erasure of KYC and financial records.
Withdraw Consent
Opt out of marketing communications at any time. Email [email protected] with "Withdraw Marketing Consent" and we will action it promptly.
Section 7
Data Security
c33bd takes the security of your personal data seriously and implements appropriate technical and organisational measures to protect it against unauthorised access, loss, alteration, disclosure, or destruction. Our security programme is reviewed and updated on a continuous basis to address evolving threats.
7.1 Technical Measures
All data transmitted between your device and the c33bd Platform is protected using industry-standard Transport Layer Security (TLS/SSL) encryption. Data stored on our servers is encrypted at rest. Access to personal data within c33bd's internal systems is restricted on a strict need-to-know basis using role-based access controls. All access to sensitive data is logged and audited.
7.2 Organisational Measures
All c33bd personnel with access to personal data receive data protection training and are bound by confidentiality obligations. Our third-party service providers are subject to data processing agreements that require them to implement security standards consistent with our own. We conduct periodic reviews of our data protection practices to identify and address potential vulnerabilities.
7.3 Data Breach Response
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, c33bd will notify affected individuals without undue delay and in accordance with applicable law. Notification will be sent to the registered email address on your account and will include the nature of the breach, the categories of data affected, and the steps c33bd has taken or proposes to take to address the breach.
7.4 Your Responsibility
While c33bd takes all reasonable steps to protect your data, you also play an important role in keeping your account secure. You are responsible for maintaining the confidentiality of your c33bd login credentials, enabling two-factor authentication where available, using a strong and unique password, and logging out of your account after each session — particularly when using a shared or public device. Report any suspected unauthorised access to your account immediately via [email protected].
SSL Encryption
All data in transit is protected by TLS/SSL encryption. Data at rest on c33bd servers is also encrypted to prevent unauthorised access.
Need-to-Know Access
Internal access to personal data is restricted by role-based controls. All access is logged and audited. Staff are trained in data protection obligations.
Breach Notification
If a data breach affects your rights, c33bd will notify you promptly at your registered email address with details of the incident and remedial steps taken.
Section 8
Changes to This Policy
c33bd reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data practices, changes in applicable law, or improvements in our Platform. When we make material changes to this Policy, we will notify you by email to your registered address and by posting a prominent notice on the c33bd Platform at least 14 days before the changes take effect.
The "Last Updated" date at the top of this page will always reflect the date of the most recent revision. We encourage you to review this Privacy Policy periodically to stay informed about how c33bd protects your data. Your continued use of the c33bd Platform following the effective date of any update constitutes your acknowledgment of the revised Policy.
If you have any questions, concerns, or complaints about this Privacy Policy or about the way c33bd handles your personal data, please contact us at:
- Email: [email protected]
- Subject line: Privacy Policy Enquiry
- Response time: Within 1 business day during peak hours (BST, UTC+6)
c33bd treats all privacy enquiries with the utmost seriousness and will provide a substantive written response to every complaint received.
14-Day Advance Notice
Material changes to this Privacy Policy are communicated by email at least 14 days before they take effect so you have time to review and act.
Questions Welcome
Send any privacy question or complaint to [email protected] with "Privacy Policy Enquiry" as the subject. Response within 1 business day (BST UTC+6).
Our Commitment
How c33bd Protects You
Your privacy is not a legal checkbox — it is a genuine commitment that runs through every part of how c33bd operates for players across Bangladesh.
No Data Selling — Ever
c33bd has never sold player data and never will. Your personal information is used exclusively to operate the Platform and meet our legal obligations.
End-to-End Encryption
All data in transit is TLS/SSL encrypted. Stored data is encrypted at rest. Your payment credentials are never visible to c33bd systems.
Your Rights Are Real
Access, correct, restrict, or request deletion of your data at any time. c33bd responds to all privacy rights requests within 30 days.
Clear Retention Rules
We keep data only as long as legally required or operationally necessary . After retention periods expire, data is securely deleted or irreversibly anonymised.
Transparent Cookie Use
We explain every cookie category we use and give you control over non-essential cookies through your browser settings.
Dedicated Privacy Support
Our 24/7 English support team handles all privacy enquiries and rights requests with a target response time of 1 business day (BST UTC+6).
18+ This platform is intended for adults aged 18 and above only. Gambling involves financial risk. c33bd operates as a safe and reliable platform with SSL encryption and fair play certification. If you have questions about how your data is handled, contact [email protected].
Explore c33bd
Explore Everything c33bd Has to Offer
Now that you understand how c33bd protects your data, dive into the full range of casino and sports betting experiences available to players across Bangladesh.