Privacy Policy
at 35bdd
Your privacy matters to us. This Privacy Policy explains exactly what personal data 35bdd collects from players in Bangladesh, how that data is used, how long it is retained, and what rights you hold over your own information. We are committed to handling your data with transparency and care.
Six Commitments We Make to Every 35bdd Player
Before reading the full policy text, here is a plain-language summary of the core privacy principles that 35bdd applies to every player account on the platform.
SSL Encryption on Every Request
All data transmitted between your device and 35bdd is encrypted using industry-standard SSL/TLS technology. Your login credentials, payment details, and personal information are never sent in plain text.
We Do Not Sell Your Data
35bdd does not sell, rent, or trade your personal data to any third party for marketing purposes. Data shared with partners is strictly limited to what is required to operate payment processing and fraud prevention services.
Data Collected Only for Defined Purposes
35bdd collects only the data that is strictly necessary to operate the platform, verify player identity, process payments, and comply with anti-money laundering obligations. We do not collect data speculatively or for undefined future use.
Defined Retention Periods
Your data is not kept indefinitely. 35bdd applies specific retention periods to each category of personal data, after which records are securely deleted or anonymised. Retention periods are detailed in the Data Retention section below.
You Control Your Data
You may request access to, correction of, or deletion of your personal data at any time by contacting 35bdd support. Requests are handled within 30 days of receipt and at no cost to you.
Bangladesh-Focused Data Practices
35bdd's data handling practices are designed with Bangladeshi players in mind, including support for local payment methods like bKash, Nagad, and Rocket, and communications delivered exclusively in English for clarity.
Data We Collect
When you interact with the 35bdd platform — whether by registering an account, making a deposit, placing a bet, or contacting support — we collect certain categories of personal data. The categories and specific data points we collect are described below. We collect only what is genuinely necessary for the purposes identified in this policy.
| Category | Data Points Collected | When Collected |
|---|---|---|
| Identity Data | Full legal name, date of birth, national ID or passport number | Registration and identity verification |
| Contact Data | Email address, mobile phone number | Registration and account management |
| Financial Data | bKash/Nagad/Rocket mobile wallet number, bank account details (where applicable), transaction history | Deposits and withdrawals |
| Technical Data | IP address, device type, browser type and version, operating system, session timestamps | Automatically on each platform visit |
| Usage Data | Pages visited, games played, bets placed, bet amounts, win/loss records, session duration | Automatically during active sessions |
| Communication Data | Content of emails and live chat messages sent to support | When you contact 35bdd support |
| Verification Documents | Copies of national ID card, passport, utility bills, or bank statements submitted for KYC | Identity verification and withdrawal processing |
35bdd does not collect sensitive personal data such as racial or ethnic origin, religious beliefs, political opinions, or health data, except where health-related information is voluntarily provided in the context of a responsible gaming self-exclusion request, in which case it is used solely for that purpose.
How We Use Your Data
35bdd processes your personal data only for specific, lawful purposes. We do not use your data in ways that are incompatible with the purposes for which it was originally collected. The table below sets out each processing purpose and the legal basis on which 35bdd relies.
- Account creation and management: We use your identity and contact data to create and maintain your player account, verify your eligibility to play, and communicate important account information to you.
- Payment processing: We use your financial data to process deposits and withdrawals through bKash, Nagad, Rocket, Upay, and connected banking partners. Financial data is shared with payment processors strictly for transaction execution purposes.
- Identity verification (KYC): We are required to verify the identity of players, particularly prior to processing withdrawals above certain thresholds. This process uses the identity and verification document data you provide.
- Fraud prevention and anti-money laundering: We analyse technical data, usage data, and financial data to detect and prevent fraudulent activity, multi-accounting, collusion, and money laundering. This processing is a legal obligation.
- Responsible gaming monitoring: 35bdd uses your usage data — including session duration, bet frequency, and deposit patterns — to identify potential signs of problem gambling. Where patterns of concern are detected, our responsible gaming team may make contact to offer support resources.
- Platform improvement: Aggregated and anonymised usage data is used to improve the 35bdd platform, fix technical issues, and develop new features. This processing does not involve identifiable personal data.
- Legal compliance: We may process and retain your data to comply with applicable laws, respond to lawful requests from authorities, and defend or pursue legal claims.
- Customer support: Communication data from your interactions with the 35bdd support team is used to resolve your enquiry and to improve the quality of our support service.
Data Sharing & Third Parties
35bdd does not sell your personal data to third parties. We share data only in the limited circumstances described below, and only with parties who are contractually bound to handle it in accordance with applicable data protection standards.
- Payment processors: When you make a deposit or request a withdrawal, your financial data is shared with the relevant payment processor — for example, bKash, Nagad, Rocket, or Upay — to execute the transaction. These processors operate under their own privacy policies and data protection obligations.
- Identity verification providers: To fulfil our KYC obligations, 35bdd may share identity documents and personal data with third-party identity verification service providers. These providers process data on our behalf and under our instructions.
- Game software providers: Third-party game studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi may receive limited technical data (such as a session token or player ID) in order to deliver their games within the 35bdd platform. They do not receive your full personal profile.
- Fraud prevention and security services: We may share technical and usage data with specialist fraud prevention and cybersecurity firms to help protect the platform and its players from malicious activity.
- Legal and regulatory authorities: 35bdd may disclose personal data to law enforcement agencies, courts, or regulatory bodies when required to do so by law, court order, or where we have a good-faith belief that disclosure is necessary to prevent harm or illegal activity.
- Business transfers: In the event of a merger, acquisition, or sale of all or part of 35bdd's business assets, your personal data may be transferred to the acquiring entity. You will be notified of any such transfer and your rights in relation to it.
Cookies & Tracking Technologies
35bdd uses cookies and similar tracking technologies on its platform. A cookie is a small text file placed on your device by a website to store information about your interaction with that site. Cookies help 35bdd keep you logged in, remember your preferences, and understand how players use the platform so that we can continue improving the experience.
The following categories of cookies are used on the 35bdd platform:
- Essential cookies: These cookies are necessary for the platform to function. They manage your login session, maintain your account security, and allow core features such as deposits and game loading to work correctly. These cookies cannot be disabled without breaking the platform.
- Analytics cookies: These cookies collect anonymised data about how players navigate the 35bdd platform, which pages are visited most, and where players encounter issues. This data is used exclusively for internal platform improvement. 35bdd uses its own analytics infrastructure and does not rely on third-party analytics platforms that share data externally.
- Preference cookies: These cookies remember settings you have selected, such as your preferred language, display preferences, or recently played games, so that you do not need to reconfigure them on each visit.
- Security cookies: These cookies support fraud detection and security monitoring by helping 35bdd identify unusual patterns of platform access that may indicate account compromise or automated bot activity.
You can manage or delete cookies through your browser settings at any time. Please note that disabling essential cookies will impair your ability to use the 35bdd platform, as features such as staying logged in and making deposits depend on session cookies functioning correctly. Disabling analytics or preference cookies will not affect your ability to use the platform but may result in a less personalised experience.
Data Retention
35bdd retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or to comply with legal retention obligations. The following retention periods apply to different categories of data held by 35bdd:
| Data Category | Retention Period | Reason for Retention |
|---|---|---|
| Account and identity data | Duration of active account + 5 years after closure | Legal and regulatory compliance, AML obligations |
| Financial transaction records | 7 years from transaction date | Financial record-keeping and AML requirements |
| KYC verification documents | 5 years from the date of verification | Regulatory compliance and dispute resolution |
| Technical and usage data (logs) | 12 months from collection | Security monitoring and platform improvement |
| Support communications | 3 years from the date of the interaction | Quality assurance and dispute history |
| Self-exclusion records | Indefinitely (while exclusion is active + 5 years) | Responsible gaming obligations and player protection |
Upon expiry of the applicable retention period, personal data is securely and permanently deleted from 35bdd's systems, or anonymised such that it can no longer be associated with an identifiable individual. Anonymised data may be retained beyond these periods for aggregated statistical analysis.
Where you request the deletion of your account, 35bdd will deactivate your account immediately and initiate the deletion of your personal data, subject to any mandatory legal retention obligations that require us to retain certain records for the periods specified above. You will be informed of any data that must be retained and the reason for its retention at the time of your deletion request.
Your Data Rights
As a player on the 35bdd platform, you hold a number of rights in relation to the personal data we hold about you. These rights can be exercised at any time by submitting a request to the 35bdd support team at [email protected]. We will acknowledge your request within 5 business days and aim to fulfil it within 30 days.
- Right of access: You have the right to request a copy of the personal data that 35bdd holds about you. This is sometimes called a Subject Access Request. 35bdd will provide this information in a clear, readable format at no charge.
- Right to rectification: If any personal data held about you is inaccurate or incomplete, you have the right to request that it be corrected. For account-level data such as your name or contact details, you may also update information directly through your account settings.
- Right to erasure: You have the right to request the deletion of your personal data where it is no longer necessary for the purpose for which it was collected, where you withdraw consent, or where you object to processing. This right is subject to legal retention obligations as described in the Data Retention section above.
- Right to restriction of processing: In certain circumstances — for example, where you contest the accuracy of your data or where processing is unlawful — you may request that 35bdd restricts its processing of your data while the matter is resolved.
- Right to data portability: Where processing is based on your consent or on a contract, and where processing is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.
- Right to object: You have the right to object to the processing of your personal data for direct marketing purposes at any time. Where processing is based on legitimate interests, you may also object, and 35bdd will cease processing unless it can demonstrate compelling legitimate grounds that override your interests.
- Right to withdraw consent: Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.
Data Security
35bdd takes the security of your personal data seriously and has implemented a range of technical and organisational measures designed to protect your data against unauthorised access, accidental loss, destruction, or disclosure.
- Encryption in transit: All data transmitted between your device and the 35bdd platform is encrypted using SSL/TLS with a minimum of 256-bit encryption strength. This prevents interception of data during transmission.
- Encryption at rest: Sensitive data stored on 35bdd's servers — including identity documents and financial records — is encrypted at rest to ensure that it cannot be read even in the event of unauthorised physical or logical access to storage systems.
- Access controls: Access to personal data within 35bdd's internal systems is restricted on a strict need-to-know basis. Staff members can access only the data required to perform their specific job function, and all internal data access is logged and auditable.
- Password hashing: Player account passwords are never stored in plain text. 35bdd uses strong, industry-standard cryptographic hashing algorithms to store password credentials, meaning that even 35bdd staff cannot read your password.
- Intrusion detection and monitoring: 35bdd maintains continuous security monitoring across its platform infrastructure. Anomalous access patterns trigger automated alerts that are reviewed by our security team around the clock.
- Incident response: In the event of a data breach that poses a risk to your rights and freedoms, 35bdd will notify affected players without undue delay and will take immediate steps to contain and remediate the incident.
While 35bdd takes all reasonable steps to protect your data, no internet-based platform can guarantee absolute security. You also have a role to play in keeping your account secure — use a strong, unique password, never share your login credentials, and contact support immediately if you suspect unauthorised activity on your account.
Policy Updates & Contact
35bdd reserves the right to update this Privacy Policy at any time. When changes are made, the revised policy will be published at https://35bdd.app/privacy-policy with an updated effective date at the top of the document. Where changes are material — meaning they significantly affect how your data is collected, used, or shared — 35bdd will notify active players via email to the address registered on their account, at least 7 days before the changes take effect.
Your continued use of the 35bdd platform after the effective date of a revised Privacy Policy constitutes your acceptance of that revised policy. If you do not agree to the revised policy, you should close your account and cease using the platform prior to the effective date.
If you have any questions, concerns, or requests relating to this Privacy Policy or to the way 35bdd processes your personal data, please contact the 35bdd privacy team using the details below. All privacy-related enquiries will be handled with priority and in strict confidence.
- Email: [email protected] (please include "Privacy Enquiry" in the subject line)
- Response time: Privacy enquiries are acknowledged within 24 hours and resolved within 30 days
- Support availability: 24 hours a day, 7 days a week, including Bangladesh public holidays (BST, UTC+6)
- Language: All privacy communications are handled in English
Your Data Is Safe — Now Let's Play
With your privacy protected and your data secure, explore everything 35bdd has to offer — from live cricket betting to slots and the full casino experience.
18+ For adults aged 18 and above only. Please gamble responsibly.