Privacy Policy — How 9000bdt Handles Your Data
At 9000bdt, protecting the personal information of every player in Bangladesh is a core commitment, not an afterthought. This Privacy Policy explains in plain terms exactly what data we collect, why we collect it, how it is stored, who it is shared with, and what rights you hold over your information at all times.
Minimal Data Collection
9000bdt collects only the personal information strictly necessary to operate your Account, process payments in BDT, and keep your gaming experience secure. We never collect data we do not need.
SSL Encryption
All data transmitted between your device and the 9000bdt platform is protected by industry-standard SSL/TLS encryption. Your financial details and personal records are never sent in plain text.
No Third-Party Selling
9000bdt does not sell, rent, or trade your personal data to any third-party marketers or advertising networks. Your information is used solely to deliver and improve our services to you.
Secure Payment Data
Payment details processed through bKash, Nagad, Rocket, and Bangladeshi bank transfers are handled by the respective payment providers under their own strict security protocols. 9000bdt does not store raw payment credentials.
You Stay in Control
You retain the right to access, correct, or request deletion of your personal data at any time. Manage your communication preferences and cookie settings directly from your Account dashboard.
KYC Data Protection
Identity documents submitted for KYC verification are stored in encrypted form and accessed only by authorised compliance staff. They are never shared with game providers or marketing partners.
Information We Collect
9000bdt collects personal information through several channels: directly from you when you register an Account or contact our support team; automatically when you browse or interact with the Platform; and from third-party payment providers when you make a deposit or withdrawal. The categories of information we collect are described below.
1.1 Registration & Identity Data
When you create an Account on 9000bdt, we collect your full legal name, date of birth, email address, mobile phone number (Bangladesh-registered), and your preferred currency (BDT). This information is required to create and maintain your Account, verify your identity, and comply with applicable anti-money laundering (AML) obligations.
1.2 Identity Verification (KYC) Data
As part of our Know Your Customer process, we may request copies of government-issued identity documents such as your National Identity Card (NID), passport, or driving licence, as well as proof of address (a recent utility bill or bank statement) and proof of payment method ownership. These documents are collected to satisfy our legal obligations and to protect all players on the Platform from fraud and identity theft.
1.3 Financial & Transaction Data
We retain records of all deposits, withdrawals, bonus credits, wagers, and game outcomes associated with your Account. This includes the amounts involved, the payment method used (e.g., bKash, Nagad, Rocket, Dutch-Bangla Bank), transaction timestamps, and reference numbers. We do not store your full bKash PIN, Nagad passcode, or bank login credentials — these are handled exclusively by the respective payment providers.
1.4 Technical & Usage Data
When you access 9000bdt, our servers automatically record certain technical data: your IP address, device type and operating system, browser type and version, referring URL, pages visited, session duration, and clickstream data. This information is used to maintain platform security, diagnose technical issues, and improve the overall user experience.
1.5 Communications Data
If you contact 9000bdt via email, live chat, or any other support channel, we retain a record of that correspondence including the content of your messages, timestamps, and any files or screenshots you attach. These records allow us to resolve disputes, track complaint history, and continuously improve our customer support quality.
1.6 Responsible Gaming Data
Where you make use of responsible gaming tools — such as setting a deposit limit, activating a cooling-off period, or requesting self-exclusion — we record these preferences and apply them to your Account. This data is treated with the highest level of sensitivity and is never used for marketing purposes.
Data We Collect at a Glance
-
Identity DataName, date of birth, email, mobile number collected at registration.
-
KYC DocumentsNID, passport, proof of address — only when verification is required.
-
Transaction RecordsDeposit and withdrawal history, wager logs, bonus activity — all in BDT.
-
Technical DataIP address, device info, browser type, session data — collected automatically.
-
Support CorrespondenceRecords of any communications you send to our support team.
-
Responsible Gaming PreferencesDeposit limits, self-exclusion status — stored with strict access controls.
We do not collect: Racial or ethnic origin, religious beliefs, political opinions, biometric data (beyond document photos for KYC), or any sensitive personal data beyond what is strictly necessary for operating a licensed betting platform.
How We Use Your Data
Step 1
Collect
You provide data at registration, during KYC, and through regular Platform use.
Step 2
Process
We process only what is necessary for the specific purpose stated at collection.
Step 3
Secure
All data is encrypted at rest and in transit using SSL/TLS and AES-256 standards.
Step 4
Retain & Delete
Data is retained only as long as necessary, then securely deleted per our retention schedule.
9000bdt processes your personal data for the following specific purposes. We rely on one or more lawful bases for each processing activity, as described below.
2.1 Account Management & Service Delivery
We use your registration data to create and maintain your Account, authenticate your identity at login, process your deposits and withdrawals via bKash, Nagad, Rocket, and Bangladeshi bank transfers, credit bonus funds to your Account, and provide access to our full range of games including cricket betting, live casino tables, slots, and crash games. This processing is necessary for the performance of our contract with you.
2.2 Legal & Regulatory Compliance
9000bdt is required to verify the identity and age of all players, maintain transaction records, and monitor accounts for signs of money laundering, fraud, or problem gambling. We process your KYC documents, transaction history, and Account activity to fulfil these legal obligations. This processing is not optional — it is a legal requirement that we must satisfy regardless of your consent.
2.3 Platform Security & Fraud Prevention
We use technical and usage data — including IP addresses, device fingerprints, login timestamps, and betting patterns — to detect and prevent unauthorised access, account takeover, collusion, match-fixing, and other fraudulent activities. This processing is in our legitimate interest and in the interest of all genuine players on the Platform.
2.4 Customer Support
We process your communications data to respond to your queries, resolve disputes, investigate complaints, and improve the quality of our support services. Records of support interactions are retained to provide continuity of service and to protect both you and 9000bdt in the event of a future dispute.
2.5 Responsible Gaming
We process responsible gaming preferences and Account activity data to enforce deposit limits, cooling-off periods, and self-exclusion requests that you have set. We also use automated analysis of betting patterns to identify players who may be exhibiting signs of problem gambling and to offer appropriate support resources. This processing is in your vital interest and forms part of our duty of care as a platform.
2.6 Marketing Communications
With your explicit consent, we may send you promotional emails, SMS notifications, or in-platform messages about bonuses, new game launches, seasonal promotions (such as BPL or IPL cricket season offers), and other Platform news. You may withdraw your consent to marketing communications at any time by updating your Account notification settings or by contacting support at [email protected]. Withdrawal of marketing consent does not affect any other processing activity.
2.7 Platform Improvement & Analytics
Aggregated and anonymised usage data is used to analyse game performance, identify technical issues, improve platform navigation, and make informed decisions about new features. Where data is genuinely anonymised — meaning no individual can be identified from it — it falls outside the scope of this Privacy Policy.
Data Sharing & Disclosure
9000bdt does not sell, rent, or trade your personal data. We share your information only in the limited circumstances described in this section, and only to the minimum extent necessary for the purpose stated.
3.1 Payment Service Providers
To process your deposits and withdrawals, we share the necessary transaction details with your chosen payment provider — such as bKash, Nagad, Rocket, Upay, or your Bangladeshi bank. Each provider operates under its own privacy policy and security framework. We recommend that you review the privacy policy of your payment provider, as 9000bdt is not responsible for the data handling practices of third-party payment processors once data has been passed to them for transaction processing.
3.2 Game Technology Providers
The games available on 9000bdt are supplied by third-party game studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. These providers may receive limited technical data (such as a pseudonymous player session token and game outcome data) to ensure the correct functioning of their games and to maintain the integrity of their random number generation audits. Game providers do not receive your full name, payment details, or contact information.
3.3 Legal & Regulatory Disclosure
We may disclose your personal data to law enforcement agencies, financial intelligence units, or other regulatory authorities where we are legally obliged to do so — for example, in response to a court order, a lawful request from a government authority, or as part of an anti-money laundering investigation. In such cases, 9000bdt will disclose only the minimum information required to satisfy the legal obligation.
3.4 Fraud Prevention Agencies
Where we have a legitimate basis to suspect fraud, identity theft, or other illegal activity, we may share relevant information with industry fraud prevention bodies or law enforcement to prevent financial crime and protect the integrity of the Platform.
3.5 Corporate Transactions
In the event that 9000bdt undergoes a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred to the acquiring entity as part of that transaction. In such circumstances, 9000bdt will take reasonable steps to ensure that your data continues to be processed in accordance with the terms of this Privacy Policy, and will notify affected Users via email prior to any such transfer taking effect.
Who We May Share Data With
-
Payment ProvidersbKash, Nagad, Rocket, Upay, and Bangladeshi banks — for transaction processing only.
-
Game StudiosPseudonymous session data only — no names or payment details shared.
-
Regulatory AuthoritiesDisclosed only when legally required — minimum data, lawful basis required.
-
Fraud Prevention BodiesOnly where a legitimate fraud or crime investigation is in progress.
-
Marketing CompaniesNever. Your data is not sold or shared with advertisers under any circumstances.
-
Social Media PlatformsNever. 9000bdt does not share your data with social networks or data brokers.
Data Retention
9000bdt retains your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or for as long as we are required to retain it under applicable law. The following retention periods apply to the main categories of data we hold.
5.1 Active Account Data
While your Account remains open and active, we retain all registration data, KYC documents, transaction history, and Account activity records. This data is necessary for the ongoing operation of your Account and for our compliance with financial crime prevention obligations.
5.2 Post-Closure Retention
Following the closure of your Account — whether initiated by you or by 9000bdt — we are required to retain certain categories of data for a minimum of five years. This retention period is driven by AML and financial record-keeping requirements. Specifically, transaction records, KYC documents, and Account activity logs are retained for five years from the date of Account closure or from the date of the last transaction, whichever is later.
5.3 Support & Complaints Records
Records of customer support interactions and formal complaints are retained for three years from the date of the most recent interaction, to allow us to reference case history in the event of a related future complaint or legal dispute.
5.4 Marketing Data
If you have consented to receiving marketing communications, your marketing preferences and associated contact details are retained until you withdraw your consent. Upon withdrawal of consent, your data is removed from our active marketing lists within 10 business days. Suppression records (i.e., a record that you have opted out) are retained indefinitely to ensure we do not inadvertently contact you again.
5.5 Secure Deletion
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised using industry-standard data destruction methods. Where data is anonymised rather than deleted, it may be retained indefinitely for aggregate statistical analysis, as it can no longer be linked to any identifiable individual.
Your Privacy Rights
As a user of 9000bdt, you hold a number of rights over the personal data we hold about you. These rights are described below. To exercise any of these rights, contact our support team at [email protected] with the subject line "Privacy Rights Request". We will acknowledge your request within 72 hours and aim to resolve it within 30 calendar days.
Right of Access
You may request a copy of all personal data 9000bdt holds about you, along with information about how it is being used. This is sometimes called a Subject Access Request (SAR).
Right to Rectification
If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated without undue delay.
Right to Erasure
You may request deletion of your personal data where it is no longer necessary for the purpose for which it was collected, subject to our legal retention obligations described in Section 5.
Right to Restrict Processing
You may request that we restrict the processing of your data in certain circumstances — for example, where you contest the accuracy of the data while we verify it.
Right to Data Portability
Where processing is based on your consent or on a contract, you may request a machine-readable copy of the personal data you have provided to 9000bdt.
Right to Object
You may object to the processing of your data for direct marketing purposes at any time. You may also object to processing based on legitimate interests where you feel your individual circumstances override those interests.
Right to Withdraw Consent
Where processing is based on your consent (e.g., marketing communications), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing that occurred before withdrawal.
Right to Lodge a Complaint
If you believe 9000bdt has not handled your personal data in accordance with this Privacy Policy, you have the right to raise a formal complaint directly with our support team for internal review.
Verification Required: To protect your privacy, we are required to verify your identity before processing any rights request. You will be asked to confirm the email address and mobile number associated with your Account. Requests from unverified sources cannot be actioned.
Security Measures
9000bdt employs a multi-layered approach to data security, combining technical, organisational, and procedural controls to protect your personal information against unauthorised access, accidental loss, destruction, or disclosure.
7.1 Technical Controls
All communications between your device and the 9000bdt platform are protected by TLS 1.2 or higher encryption. Data stored on our servers is encrypted at rest using AES-256. Access to production databases and KYC document repositories is restricted to authorised personnel only and is protected by multi-factor authentication (MFA). Network access is controlled via firewalls and intrusion detection systems that monitor for anomalous activity around the clock.
7.2 Organisational Controls
Access to personal data within 9000bdt is governed by a strict need-to-know principle. Only staff members whose role requires access to specific categories of data are granted that access. All personnel who handle personal data are required to undergo data protection training and are bound by confidentiality obligations. Access rights are reviewed regularly and revoked immediately upon a change of role or departure from the organisation.
7.3 Account Security — Your Responsibilities
While 9000bdt takes every reasonable technical step to protect your data, the security of your Account also depends on the strength and confidentiality of your login credentials. You are responsible for:
- Choosing a strong, unique password that is not used on any other website or service.
- Never sharing your password, OTP, or Account PIN with any other person, including 9000bdt support staff (who will never ask for your password).
- Logging out of your Account when using a shared or public device.
- Notifying 9000bdt immediately at [email protected] if you suspect that your Account has been accessed without your authorisation.
- Keeping the email address and mobile number associated with your Account current and secure.
7.4 Data Breach Response
In the event of a data breach that is likely to result in a risk to your rights and freedoms, 9000bdt will notify affected users without undue delay and, where feasible, within 72 hours of becoming aware of the breach. The notification will describe the nature of the breach, the categories of data affected, the likely consequences, and the steps 9000bdt is taking to address the incident and mitigate its effects.
Our Security Stack
-
TLS 1.2+ EncryptionAll data in transit is encrypted end-to-end between your device and our servers.
-
AES-256 At-Rest EncryptionStored data — including KYC documents — is encrypted using AES-256 standard.
-
Multi-Factor AuthenticationAll internal staff access to production systems requires MFA verification.
-
Firewall & IDSContinuous network monitoring with intrusion detection systems active 24/7.
-
Regular AuditsInternal and third-party security audits are conducted on a scheduled basis.
-
Staff TrainingAll data-handling personnel complete mandatory data protection and security training.
Policy Updates & Contact
8.1 Amendments to This Policy
9000bdt reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, changes in applicable law, or improvements to the Platform. When material changes are made, we will notify registered users via the email address associated with their Account and will update the "Last Updated" date displayed in the hero section of this page. Your continued use of the Platform after the effective date of any amendment constitutes your acceptance of the updated Privacy Policy.
We encourage you to review this Privacy Policy periodically so that you remain informed about how 9000bdt is protecting your data. If you disagree with any change to this Policy, you have the right to close your Account and request deletion of your personal data (subject to our legal retention obligations) by contacting our support team.
8.2 Children's Privacy
The 9000bdt Platform is strictly intended for adults aged 18 and above. We do not knowingly collect or process personal data belonging to any person under the age of 18. If we become aware that a user is under 18, their Account will be suspended immediately and any funds held will be returned to the original payment source following verification. If you believe a minor has registered an Account on 9000bdt, please contact us immediately at [email protected].
8.3 International Data Transfers
9000bdt's primary servers and operations are oriented towards the Bangladesh market. In certain circumstances, data may be processed by game technology providers or other service partners whose infrastructure is located in other countries. Where such transfers occur, 9000bdt takes reasonable steps to ensure that appropriate contractual safeguards are in place to protect the integrity and security of your personal data in accordance with the standards set out in this Privacy Policy.
8.4 Links to Third-Party Sites
This Privacy Policy applies solely to the 9000bdt Platform. The Platform may contain links to third-party payment providers or game studio landing pages. 9000bdt is not responsible for the privacy practices of any third-party website. We recommend that you review the privacy policy of any third-party site you visit before submitting personal information to it.
8.5 How to Contact Us
For all privacy-related enquiries, Subject Access Requests, rights requests, data breach reports, or general questions about this Privacy Policy, please contact the 9000bdt Data Protection team using the details below. We will acknowledge your message within 72 hours of receipt.
Data Protection Contact: [email protected] — please use the subject line "Privacy Rights Request" or "Data Protection Enquiry" to ensure your message is routed to the correct team.
9000bdt is committed to resolving all privacy-related concerns fairly, transparently, and within the timeframes stated in this Policy. We treat every request with strict confidentiality and will never use a privacy enquiry as a reason to restrict your access to the Platform, provided your Account is otherwise in good standing.
Your Privacy Is Safe at 9000bdt
Now that you know exactly how your data is protected, feel free to explore everything 9000bdt has to offer — cricket betting, live casino games, slots, and more. All transactions are in BDT via bKash, Nagad, and Rocket.
18+ Play responsibly. Gambling involves risk. For players in Bangladesh aged 18 and above only.