Data Protection

bdta1 Privacy Policy

At bdta1, protecting the personal data of our Bangladeshi players is a fundamental responsibility. This Privacy Policy explains exactly what information we collect, why we collect it, how it is stored and protected, and the rights you hold over your own data when using the bdta1 platform.

Effective Date: 1 January 2026 Last Updated: 1 January 2026 Applies To: Bangladesh Players 256-Bit SSL Protected

Privacy at a Glance

Six core principles that shape how bdta1 handles your personal data every single day.

Data Minimisation

bdta1 collects only the personal information that is strictly necessary to operate your account, process your transactions, and comply with identity verification obligations. We do not gather data we have no lawful purpose for holding.

End-to-End Encryption

All data transmitted between your device and the bdta1 platform is protected by 256-bit SSL/TLS encryption. Stored sensitive data — including payment details and identity documents — is encrypted at rest using industry-standard AES-256 protocols.

Your Data, Your Rights

Registered bdta1 players have the right to access, correct, export, and request deletion of their personal data at any time. All such requests are handled by our dedicated privacy team within 30 days of receipt.

No Unauthorised Sharing

bdta1 does not sell, rent, or trade your personal data to marketing companies or data brokers. Data is only shared with regulated service partners (payment processors, game providers, KYC verification services) under strict contractual data protection obligations.

Transparent Cookie Use

We use cookies and similar technologies solely to keep your session active, remember your preferences, and improve platform performance. We do not deploy third-party advertising trackers or behavioural profiling cookies without your explicit consent.

Defined Retention Periods

Personal data is not held indefinitely. bdta1 maintains clearly defined retention schedules aligned with legal obligations and operational necessity. When data is no longer required, it is securely deleted or anonymised in line with our internal data lifecycle policy.


1. Information We Collect

When you register, deposit, play, or interact with the bdta1 platform, we collect personal data that falls into several distinct categories. Understanding exactly what we hold is the first step toward a transparent relationship between bdta1 and every player.

1.1 Registration Data

When you create a bdta1 account, we collect your full legal name, date of birth, residential address, email address, and a valid Bangladeshi mobile number. This information is required to open your account, verify your identity, and ensure you meet our minimum age requirement of 18 years.

1.2 Identity Verification (KYC) Documents

To comply with our Know Your Customer (KYC) obligations and to process withdrawals, we may request copies of the following documents:

  • National Identity Card (NID) or passport
  • Recent utility bill or bank statement confirming residential address (issued within 90 days)
  • Photograph or selfie for facial liveness verification
  • Screenshot or confirmation of the payment method used for deposits (e.g., bKash account number confirmation)

These documents are processed and stored securely, accessed only by authorised personnel, and are never shared with third parties outside of regulated verification service providers.

1.3 Financial Transaction Data

Each deposit and withdrawal on bdta1 generates a transaction record that includes the amount in BDT, the payment method used (bKash, Nagad, Rocket, Upay, Visa, or Mastercard), the transaction timestamp, and the transaction reference number. Full card numbers and MFS PINs are never stored by bdta1 — payment processing is handled by our PCI-DSS compliant payment partners.

1.4 Gameplay & Betting Data

bdta1 records all game sessions, wager amounts, game outcomes, sports betting selections, and account balance movements. This data serves operational purposes including dispute resolution, fraud detection, responsible gaming monitoring, and game performance analytics. Gameplay data is linked to your account for the duration of your membership.

1.5 Technical & Device Data

When you access bdta1, our servers automatically collect technical data including your IP address, browser type and version, operating system, device type (mobile or desktop), session duration, and pages visited. This data is used for platform security, fraud detection, and aggregate traffic analytics.

1.6 Communications Data

If you contact bdta1 support via live chat, email, or any other channel, we retain the content of those communications, the date and time of contact, and any reference numbers generated. This data is used to resolve queries, improve our support quality, and maintain an audit record of player interactions.

No sensitive special-category data: bdta1 does not knowingly collect or process sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, health information, or biometric data beyond the facial liveness check required for KYC, which is processed by our third-party verification partner and not stored on bdta1 servers.

2. How We Use Your Data

bdta1 processes your personal data only for clearly defined, lawful purposes. The table below summarises the primary uses of your data and the legal basis under which each processing activity is conducted.

Purpose Data Used Legal Basis
Account creation & management Registration data, KYC documents Contractual necessity
Processing deposits & withdrawals Financial transaction data, KYC documents Contractual necessity
Age & identity verification Registration data, KYC documents Legal obligation
Fraud detection & platform security Technical data, transaction data, gameplay data Legitimate interest
Responsible gaming monitoring Gameplay data, session data, deposit history Legal obligation / legitimate interest
Customer support Communications data, account data Contractual necessity
Promotional communications Registration data, gameplay preferences Consent (opt-in)
Platform analytics & improvement Technical data (aggregated, anonymised) Legitimate interest

bdta1 does not use automated decision-making processes that produce legal or similarly significant effects on players without human review. Where automated systems flag an account for risk assessment, the final decision to restrict or close the account is always reviewed by a member of our compliance team.

3. Data Sharing & Third Parties

bdta1 does not sell, rent, or otherwise transfer your personal data to any third party for their own marketing or commercial purposes. Data is shared only in the following specific, controlled circumstances:

3.1 Payment Processing Partners

To facilitate deposits and withdrawals in BDT, bdta1 works with regulated mobile financial service providers including bKash, Nagad, Rocket, and Upay, as well as card processing networks (Visa and Mastercard). These partners receive only the transaction data necessary to execute the specific payment instruction. They are contractually prohibited from using your data for any other purpose.

3.2 KYC & Identity Verification Services

To verify your identity and age, bdta1 uses regulated third-party KYC service providers. Your submitted identity documents are transmitted securely to these services via encrypted API. These providers operate under strict data processing agreements and are prohibited from retaining your documents beyond the verification period.

3.3 Game Software Providers

Casino games hosted on bdta1 are supplied by third-party providers including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. These providers may receive a pseudonymous player identifier and session token to enable gameplay, but they do not receive your full name, address, or payment details.

3.4 Legal & Regulatory Disclosure

In limited circumstances, bdta1 may be required to disclose personal data to law enforcement agencies, financial intelligence units, or other regulatory bodies when compelled by a lawful order or legal obligation. bdta1 will notify affected players of such disclosure wherever legally permissible to do so.

No data sales: bdta1 has never sold and will never sell player personal data to data brokers, advertising networks, or any commercial third party. If you receive unsolicited marketing claiming to be from bdta1 through an unfamiliar channel, please report it to [email protected] immediately.

4. Cookies & Tracking Technologies

The bdta1 platform uses cookies and similar client-side storage technologies to deliver a functional, personalised, and secure experience. The following categories of cookies are in use on bdta1:

  • Strictly Necessary Cookies: These cookies are essential for the platform to function. They maintain your login session, carry your authentication token between pages, and remember your language and currency preferences. These cookies cannot be disabled without breaking core platform functionality.
  • Performance & Analytics Cookies: These cookies collect anonymised, aggregated data about how players navigate the bdta1 platform — which pages are visited most, where users exit, and how long sessions last. This data is used exclusively to improve the platform. No individual player is identified from analytics data.
  • Functional Cookies: These cookies remember optional settings you have configured, such as your preferred table stakes in casino games or your default deposit method. Disabling these cookies will not break core functionality but will reset your preferences on each visit.
  • Security Cookies: Short-lived tokens used to detect and prevent cross-site request forgery (CSRF) attacks, session hijacking, and other common web security threats. These are automatically generated per session and expire immediately when you log out.

You can manage cookie preferences from your device's browser settings. Note that disabling strictly necessary or security cookies will affect your ability to log in and use core platform features. bdta1 does not use third-party advertising or retargeting cookies.

5. Data Retention & Storage

bdta1 retains personal data only for as long as it is needed to fulfil the purpose for which it was collected, or as required by applicable law. The following retention periods apply:

Data Category Retention Period Reason
Account registration data Duration of account + 5 years after closure Legal obligation, dispute resolution
KYC identity documents Duration of account + 5 years after closure Anti-money laundering regulations
Financial transaction records 7 years from transaction date Financial record-keeping requirements
Gameplay & betting history Duration of account + 2 years after closure Responsible gaming monitoring, disputes
Support communications 3 years from last interaction Quality assurance, dispute resolution
Technical / device logs 12 months on a rolling basis Security monitoring, fraud detection
Marketing preferences & consents Until consent is withdrawn + 1 year Consent audit trail

All bdta1 player data is stored on secure servers. Access is restricted to authorised personnel only, and all internal access events are logged for audit purposes. When data reaches the end of its retention period, it is securely deleted using methods that render recovery impossible, or it is irreversibly anonymised and retained solely for aggregate statistical purposes.

Bangladesh Data Storage: bdta1 takes reasonable steps to ensure that personal data relating to Bangladeshi players is processed in a manner consistent with applicable data protection principles. Where data is processed by a third-party service provider located outside Bangladesh, appropriate contractual safeguards are put in place to ensure an equivalent level of protection.

6. Security Measures

Keeping your personal data secure is not merely a legal requirement for bdta1 — it is a core operational value. We implement a layered security architecture that combines technical controls, access management, and regular independent testing.

  • 256-bit SSL/TLS Encryption: All data in transit between your device and bdta1 servers is encrypted using current-generation TLS protocols. Our SSL certificate is validated and renewed automatically.
  • AES-256 Encryption at Rest: Sensitive stored data, including identity documents and financial records, is encrypted at rest using AES-256 block cipher encryption.
  • Multi-Factor Authentication: Player accounts support SMS OTP-based two-factor authentication (2FA). Our internal administrative systems require mandatory 2FA for all staff.
  • Access Controls: Access to player personal data is strictly role-based. Only personnel with a legitimate operational need can access identifiable player records, and all access events are logged in an immutable audit trail.
  • Regular Penetration Testing: bdta1's platform undergoes periodic security penetration testing conducted by independent third-party security firms. Critical vulnerabilities are patched on an emergency basis; non-critical issues are remediated within defined SLA windows.
  • Intrusion Detection: Automated intrusion detection and anomaly monitoring systems run continuously across bdta1's infrastructure, flagging unusual access patterns for immediate review by our security team.

In the event of a personal data breach that poses a risk to player rights, bdta1 will take immediate containment action and notify affected players without undue delay, including details of what data was involved and what steps are being taken to mitigate the impact.

7. Your Privacy Rights

As a bdta1 player, you hold the following rights with respect to your personal data. To exercise any of these rights, contact our privacy team at [email protected] with the subject line "Privacy Request — [Right Name]". All requests are acknowledged within 5 business days and resolved within 30 calendar days.

  • Right of Access: You may request a copy of all personal data bdta1 holds about you, along with details of how it is being processed and for what purpose.
  • Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated without undue delay.
  • Right to Erasure ("Right to be Forgotten"): You may request deletion of your personal data. This right is subject to overriding legal obligations — for example, financial transaction records must be retained for the legally required period regardless of an erasure request.
  • Right to Restriction of Processing: In certain circumstances (e.g., while a dispute is under investigation), you may request that we limit how we process your data rather than deleting it entirely.
  • Right to Data Portability: You may request a machine-readable copy of the personal data you have provided to bdta1 (such as account registration data and transaction history), in a format that allows you to transfer it to another service provider.
  • Right to Object: You may object to the processing of your personal data where we rely on legitimate interest as the legal basis. You may also withdraw consent for marketing communications at any time by updating your preferences in Account Settings or by contacting support.
  • Right Not to be Subject to Automated Decisions: Where bdta1 uses automated processing that produces a significant effect on your account (e.g., fraud risk scoring), you have the right to request human review of that decision.
Withdrawing marketing consent: You can opt out of promotional emails and SMS messages at any time by clicking the "Unsubscribe" link in any bdta1 marketing email, updating your notification preferences in Account Settings, or by contacting support. Opting out of marketing does not affect transactional notifications such as withdrawal confirmations or security alerts.

8. Policy Updates & Contact

bdta1 reserves the right to update this Privacy Policy at any time to reflect changes in our data practices, applicable law, or platform functionality. When a material change is made, we will update the "Last Updated" date at the top of this page and, where the change significantly affects your rights, we will notify you directly via the email address registered to your account.

We encourage all players to review this Privacy Policy periodically. Continued use of the bdta1 platform following publication of a revised Privacy Policy constitutes your acceptance of the updated terms.

8.1 How to Contact Us About Privacy

If you have any questions about this Privacy Policy, wish to exercise your data rights, or believe that bdta1 has not handled your personal data in accordance with this Policy, please contact our privacy team:

  • Email: [email protected] (subject line: "Privacy Request")
  • Live Chat: Available 24/7 from within your bdta1 account dashboard
  • Response Time: Acknowledgement within 5 business days; resolution within 30 calendar days

We take all privacy complaints seriously. If you are not satisfied with our response, you retain the right to escalate your complaint to an appropriate data protection authority or seek independent legal advice.

Document version: 1.0  |  Effective: 1 January 2026  |  Applies to: All bdta1 registered players  |  Language: English


18+ Only. bdta1 is strictly for adults aged 18 and above. If you believe your data has been used without your consent, contact us immediately at [email protected]. Visit our Responsible Gaming page for player protection tools.

Play with Confidence on bdta1

Your data is protected. Your account is secure. Now explore everything bdta1 has to offer — from live cricket betting and classic slots to instant BDT payments via bKash and Nagad.

Explore bdta1 Casino bdta1 Login Read the FAQ

18+ only. Play responsibly. Review our Terms & Conditions and Responsible Gaming policy before playing.