Data Protection

Your Privacy Matters at 950k

This Privacy Policy explains exactly what personal data 950k collects from registered players in Bangladesh, how that data is used, who it may be shared with, and what rights you hold over your own information. We are committed to full transparency in every aspect of data handling.

Effective Date: 1 January 2026
256-bit SSL Secured
Bangladesh (BDT)
Language: English
Notice to Bangladesh Players: By registering an account or using any part of the 950k platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein. If you do not agree with any provision of this policy, please discontinue use of the platform. For questions, contact our Data Protection team at .

Privacy at a Glance

Six core principles guide how 950k handles your personal data across every aspect of our Bangladesh-facing platform.

๐Ÿ”’

Minimal Data Collection

950k collects only the personal data that is strictly necessary to operate your account, process BDT transactions, satisfy KYC obligations, and deliver a safe gaming experience. We do not harvest data beyond what our legitimate operational purposes require.

Data Minimisation
๐Ÿ›ก๏ธ

SSL Encryption on All Data

Every piece of data transmitted between your device and 950k's servers is protected by 256-bit SSL/TLS encryption. Data at rest is stored in AES-256 encrypted databases hosted on infrastructure with strict physical and logical access controls.

Security
๐Ÿšซ

No Data Selling

950k does not sell, rent, or trade your personal data to any third party for marketing or commercial purposes. Your information is used exclusively to operate and improve our platform and to fulfil legal and regulatory obligations.

No Sale of Data
โœ…

Consent-Based Processing

Where processing of your data is based on consent โ€” such as for personalised promotional communications โ€” you retain the right to withdraw that consent at any time without affecting the lawfulness of prior processing. Withdrawal of consent will not impair your ability to use the platform.

Consent
๐Ÿงพ

Transparent Record Keeping

950k maintains detailed records of all data processing activities, third-party data sharing agreements, and the legal basis for each category of data use. These records are reviewed quarterly and updated whenever processing activities change materially.

Accountability
๐Ÿ‘ค

Your Rights, Always Accessible

As a 950k player, you have the right to access, correct, delete, and port your personal data at any time. You also have the right to object to certain processing and to request restriction of processing while a dispute is pending. These rights are exercised free of charge.

Your Rights

1. Data We Collect

950k collects personal data across several categories. The table below summarises each category, the specific data items collected, and the purpose for which that data is gathered.

Category Data Items Purpose
Identity Data Full legal name, date of birth, gender, National ID (NID) number, passport number, photograph (from KYC documents) Account registration, age verification (18+), KYC compliance, fraud prevention
Contact Data Email address, Bangladesh mobile number, residential address (district, division, postal code) Account communications, support, transaction notifications, responsible gaming alerts
Financial Data bKash / Nagad / Rocket account numbers, bank account details, deposit and withdrawal history, BDT balance records, transaction timestamps Payment processing, anti-money laundering (AML) compliance, fraud detection, withdrawal verification
Technical Data IP address, device fingerprint, browser type and version, operating system, screen resolution, session tokens, login timestamps Platform security, fraud detection, multi-account prevention, geo-compliance
Usage Data Games played, bet amounts and outcomes, sports markets wagered, session duration, feature interactions, bonus activity, self-exclusion events Platform personalisation, responsible gaming monitoring, bonus management, product improvement
Communications Data Support chat transcripts, email correspondence, WhatsApp message records (where applicable), complaint records Dispute resolution, quality assurance, regulatory record-keeping
Marketing Preferences Opt-in/opt-out status for promotional emails, SMS, and in-platform notifications; preferred game categories; bonus interest signals Targeted promotions (with consent), personalised offer delivery, campaign performance measurement
Sensitive Data Note: 950k does not intentionally collect sensitive personal data such as racial or ethnic origin, religious beliefs, health data, or political opinions. If any such data is inadvertently included in documents submitted for KYC (e.g., visible religion field on an NID), it is not processed or stored beyond what is required to confirm identity and is redacted from our records where technically feasible.

2. How We Use Your Data

950k processes your personal data only where a clear legal basis exists. The following outlines our primary processing activities, the legal basis relied upon, and how each serves legitimate platform operations.

Legal Bases for Processing

  • Contract: Service delivery, account management, payments
  • Legal obligation: KYC, AML, age verification, responsible gaming
  • Legitimate interest: Security, fraud prevention, analytics, platform improvement
  • Consent: Marketing communications, personalised promotions

Marketing Communications

  • Only sent with your prior consent
  • May include BPL, IPL, and Eid season promotions
  • Delivered via email, SMS, or in-platform notification
  • Opt out at any time in account settings
  • Withdrawal of consent does not affect account access

Responsible Gaming Monitoring

  • Usage patterns reviewed for problem gambling indicators
  • Proactive contact if risk signals are detected
  • Deposit, loss, and session limits enforced automatically
  • Self-exclusion events permanently recorded
  • Data used exclusively for player welfare โ€” never for targeting

3. Data Sharing & Disclosure

950k does not sell your personal data. However, to operate a secure and compliant platform for Bangladesh players, we share certain data with a limited set of trusted third parties under strict contractual and legal safeguards.

We Will NEVER Share Your Data With

  • Data brokers or marketing aggregators
  • Advertising networks for behavioural profiling
  • Other gambling operators for cross-marketing
  • Social media platforms for ad targeting
  • Any party without a valid contractual or legal basis

Authorised Third-Party Categories

  • BDT payment processors (bKash, Nagad, Rocket, banks)
  • KYC and identity verification providers
  • Game studios and platform technology suppliers
  • Legal and regulatory authorities (where required)
  • Fraud prevention and AML compliance networks
  • Hosting and cloud infrastructure providers

Contractual Safeguards

  • All third parties operate under signed data processing agreements
  • Data access is restricted to minimum necessary scope
  • Sub-processors must meet equivalent security standards
  • Agreements reviewed annually and upon any material change

4. Cookies & Tracking Technologies

950k uses cookies and similar tracking technologies to keep your session active, remember your preferences, and gather aggregate analytics about how Bangladesh players use the platform.

Cookie Type Purpose Expiry
Session Token Maintains your authenticated login session Session end
CSRF Token Prevents cross-site request forgery attacks Session end
Device Fingerprint Fraud detection and multi-account prevention 90 days
Language Preference Remembers English language setting 12 months
Analytics (aggregated) Anonymous platform usage insights 6 months
Notification Prefs Stores marketing opt-in/opt-out status 12 months

5. Data Retention

950k retains personal data only for as long as necessary to fulfil the purpose for which it was collected, to comply with our legal obligations, or to resolve disputes and enforce our agreements.

Retention Summary

  • Active account: Full retention while account is open
  • Post-closure (identity & financial): Minimum 5 years
  • KYC documents: 5 years from last transaction
  • Marketing preferences: Until consent withdrawn + 30 days to purge
  • Support records: 3 years (disputes: 5 years)
  • Anonymised analytics: Indefinite (not personally identifiable)

Secure Data Deletion

When a retention period expires, 950k permanently deletes data using industry-standard secure deletion methods. Electronic records are overwritten to prevent recovery. Physical document copies (if any) are destroyed using certified shredding. Players may request confirmation that their data has been deleted by contacting .

6. Your Data Rights

As a registered 950k player in Bangladesh, you hold meaningful rights over your personal data. All rights below are exercised free of charge. 950k will respond to any data rights request within 30 calendar days of receipt.

Right of Access

Request a complete copy of all personal data 950k holds about you, including the purposes for which it is processed and who it has been shared with.

Right of Rectification

Request correction of any inaccurate or incomplete personal data held in your account. Corrections to KYC data may require re-submission of verification documents.

Right of Erasure

Request deletion of your personal data where it is no longer necessary for the purpose it was collected, subject to our legal retention obligations outlined in Section 5.

Right to Restrict Processing

Request that 950k limits its processing of your data while a dispute about accuracy or lawfulness is under review. Data under restriction is stored but not otherwise processed.

Right to Data Portability

Request a machine-readable copy of personal data you have provided to 950k, in CSV or JSON format, which you may transfer to another service provider of your choice.

Right to Object

Object to processing based on legitimate interest โ€” including direct marketing, profiling, and analytics โ€” at any time. Objections to marketing take effect immediately upon receipt.

Right to Withdraw Consent

Where processing is based on your consent (e.g., marketing communications), you may withdraw that consent at any time without penalty, via account settings or by emailing support.

Right Against Automated Decisions

Request human review of any significant decision made about your account solely through automated processing โ€” such as an automated account suspension or fraud flag โ€” without human involvement.

Exercising Your Rights: To submit any data rights request, contact the 950k Data Protection team at with your full name, registered email address, and a clear description of the right you wish to exercise. We will acknowledge your request within 72 hours and provide a full response within 30 calendar days. Complex requests may require up to 90 days; you will be notified if an extension applies. Identity verification may be required before processing sensitive data requests.

7. Data Security

950k applies layered technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure.

๐Ÿ”

256-bit SSL/TLS Encryption

All data in transit between your device and 950k's servers is encrypted using TLS 1.3 with 256-bit AES cipher suites. HTTPS is enforced across every page and API endpoint. HTTP Strict Transport Security (HSTS) headers prevent downgrade attacks.

Encryption
๐Ÿ—๏ธ

Encrypted Data at Rest

All personal data stored in 950k's databases is encrypted at rest using AES-256 encryption. Database servers are hosted on private, isolated infrastructure with no direct public internet exposure. Access is restricted to authorised personnel only via multi-factor authentication.

Storage Security
๐Ÿงฑ

Firewall and Intrusion Detection

950k's infrastructure is protected by enterprise-grade web application firewalls (WAF), DDoS mitigation systems, and real-time intrusion detection and prevention systems (IDS/IPS). All network traffic is continuously monitored for anomalous patterns.

Network Security
๐Ÿ‘๏ธ

Access Controls and Audit Logs

Access to personal data is restricted on a strict need-to-know basis. All staff access to player records is logged with timestamps and reviewed regularly. Privileged access requires multi-factor authentication and is subject to quarterly access reviews and immediate revocation upon role changes.

Access Control
๐Ÿ”„

Regular Security Audits

950k conducts regular internal security reviews and periodic third-party penetration tests to identify and remediate vulnerabilities before they can be exploited. Critical findings are addressed within 48 hours of discovery. Security patches are applied to all systems on a rolling basis.

Auditing
๐Ÿšจ

Data Breach Response

In the unlikely event of a personal data breach, 950k's incident response team activates within 1 hour of detection. Affected players are notified by email within 72 hours of the breach being confirmed, detailing the nature of data affected, steps taken to contain the incident, and recommended protective actions for the player.

Incident Response
Your Role in Account Security: While 950k maintains robust platform-side security, players also play an important part. Use a strong, unique password for your 950k account. Never share your login credentials with anyone. Always log out of your session on shared devices. If you suspect unauthorised access to your account, contact our support team at immediately โ€” we can freeze your account and initiate a security review within minutes.

8. Policy Updates & Contact

950k reviews this Privacy Policy regularly and updates it whenever our data practices change materially or when required by law. We are always available to answer your privacy-related questions.

Data Protection Contact

  • Email:
  • Live Chat: Available 24/7 within your account
  • WhatsApp: +880 1700 000 950
  • Response Time: Acknowledgement within 72 hours
  • Full Resolution: Within 30 calendar days
  • Hours: 24/7 (BST, UTC+6)

Policy Version History

  • Current Version: 1 January 2026
  • Previous Version: Available on request
  • Review Frequency: At minimum once per calendar year
  • Material change notice: 7 days advance email to all registered players

Our Privacy Commitments

  • No sale of personal data โ€” ever
  • All marketing requires explicit opt-in consent
  • Data breach notifications within 72 hours
  • Data rights requests answered within 30 days
  • SSL encryption on all data in transit
  • AES-256 encryption on all data at rest
Entire Agreement. This Privacy Policy, together with the 950k Terms & Conditions and the specific terms of any active bonus or promotion, constitutes the complete agreement between you and 950k with respect to the collection, use, and protection of your personal data. This policy was last updated on 1 January 2026 and is effective from that date. For all privacy enquiries, contact .

Have Questions About Your Privacy?

Our support team is available 24/7 to help Bangladesh players understand their data rights. You can also explore our FAQ for common questions, review our Terms & Conditions, or head to the 950k Casino to start playing with full confidence.