Your Privacy Matters to ase67
This Privacy Policy explains exactly what personal data ase67 collects from players across Bangladesh, how that data is used, who it is shared with, and the rights you hold over your own information. Transparency is at the core of how we operate.
Important: By registering an account or continuing to use the ase67 platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, you must not use the ase67 platform. For questions regarding your data, contact us at [email protected].
01 Data Controller Information
ase67 ("we", "us", or "our") operates the online sports betting and casino platform accessible at ase67.app (the "Platform"). For the purposes of this Privacy Policy, ase67 acts as the data controller — meaning we determine the purposes and means by which your personal data is collected, processed, and stored.
Our platform is specifically designed to serve players based in Bangladesh, including users in Dhaka, Chittagong, Sylhet, Khulna, Rajshahi, Barisal, Rangpur, Mymensingh, and Cox's Bazar. All data processing activities described in this policy are carried out in connection with providing our sports betting and online casino services to registered users in the Bangladesh market.
If you have any questions, concerns, or requests relating to this Privacy Policy or the way in which ase67 handles your personal data, please contact our Data Protection team at: [email protected]. We aim to respond to all privacy-related inquiries within 5 business days, aligned to Bangladesh Standard Time (BST, UTC+6).
02 Personal Data We Collect
ase67 collects personal data in several ways: directly from you when you register and use the Platform, automatically through technical systems as you interact with the Platform, and in certain cases from trusted third-party verification partners. The categories of personal data we collect are described in the table below.
| Category | Examples | Collection Method |
|---|---|---|
| Identity Data | Full legal name, date of birth, national ID or passport number | Registration form, KYC submission |
| Contact Data | Email address, phone number, residential address | Registration form, account settings |
| Financial Data | bKash / Nagad / Rocket account numbers, bank account details, transaction history | Deposit/withdrawal process |
| Technical Data | IP address, browser type and version, device identifiers, operating system | Automated collection via server logs |
| Usage Data | Pages visited, games played, bets placed, session duration, click paths | Analytics systems, server logs |
| Verification Data | Scanned ID documents, proof-of-address documents, selfie verification images | KYC identity verification process |
| Communications Data | Support chat logs, email correspondence, feedback submissions | Direct communication with ase67 support |
| Preference Data | Responsible gaming limits set, notification preferences, favourite game categories | Account settings, in-platform interactions |
We do not knowingly collect personal data from individuals under the age of 18. If we become aware that personal data belonging to a minor has been collected, we will delete that data immediately and close the associated account. If you believe a minor has provided personal data to ase67, please notify us without delay at [email protected].
Sensitive Data: ase67 does not seek to collect sensitive personal data (such as racial or ethnic origin, political opinions, religious beliefs, or health data) as part of standard account registration or game play. Where sensitive data is incidentally included in documents submitted for KYC purposes, it is processed solely for identity verification and is not used for any other purpose.
03 How We Use Your Personal Data
ase67 processes your personal data only for specific, legitimate purposes. We do not sell your personal data to third parties for their own marketing purposes. The primary purposes for which we use your data are as follows:
- Account Management: To create, maintain, and administer your registered ase67 account, including verifying your identity, age, and payment details in accordance with our KYC obligations.
- Service Delivery: To provide you with access to sports betting markets — including BPL, IPL, T20 World Cup, and other cricket events — and to operate our 3,200+ game casino library, including live dealer games from Evolution Gaming, Ezugi, and other certified studios.
- Transaction Processing: To process deposits and withdrawals via your chosen payment method (bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, BRAC Bank, Visa, or Mastercard) and to maintain accurate financial records.
- Security & Fraud Prevention: To monitor account activity for signs of fraud, collusion, bonus abuse, money laundering, or other prohibited conduct described in our Terms & Conditions. This includes automated risk-scoring systems that analyse betting patterns and account behaviour.
- Responsible Gaming: To administer deposit limits, loss limits, session time limits, cooling-off periods, and self-exclusion arrangements that you set via your account dashboard or request through our support team.
- Customer Support: To respond to your queries, complaints, and requests submitted via email or live chat, and to maintain records of those communications for quality assurance and dispute resolution purposes.
- Legal Compliance: To fulfil our obligations under applicable laws, including anti-money laundering (AML) requirements, and to respond to lawful requests from regulatory or law enforcement authorities.
- Platform Improvement: To analyse aggregated, anonymised usage data in order to improve the Platform's performance, user experience, game selection, and promotional offerings.
- Marketing Communications: To send you promotional offers, bonus notifications, and information about cricket betting events where you have consented to receive such communications. You may opt out at any time by contacting [email protected] or updating your account preferences.
04 Legal Basis for Processing
Each processing activity carried out by ase67 is supported by at least one of the following legal bases:
- Contractual Necessity: Processing required to fulfil our obligations to you under the Terms & Conditions you accepted upon registration — including account management, payment processing, and service delivery.
- Legal Obligation: Processing required to comply with applicable laws, such as KYC identity verification, AML transaction monitoring, and responding to lawful regulatory or law enforcement requests.
- Legitimate Interests: Processing that serves ase67's legitimate business interests, provided those interests do not override your rights and freedoms. This includes fraud detection, platform security, and service improvement through anonymised analytics.
- Consent: Processing based on your freely given, specific, and informed consent — primarily for direct marketing communications. You have the right to withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
Where processing is based on legitimate interests, ase67 has assessed that those interests are proportionate and do not prejudice your fundamental privacy rights. You may request details of the specific legitimate interests assessment applied to any particular processing activity by contacting our support team.
05 Data Sharing & Third Parties
ase67 does not sell, rent, or trade your personal data to external parties for their own marketing purposes. We share your personal data only in the following limited circumstances and only to the extent necessary for the stated purpose:
- Payment Service Providers: Your financial data is shared with the payment providers you select (such as bKash, Nagad, Rocket, Upay, and banking partners) solely for the purpose of processing your deposits and withdrawals. These providers are bound by their own regulatory obligations and data protection standards.
- Identity Verification Partners: For KYC compliance, we may share identity document data with certified third-party identity verification services. These partners process your data only for verification purposes and are contractually prohibited from using it for any other purpose.
- Game Technology Providers: When you play games provided by third-party studios (such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, or Ezugi), certain technical session data is shared with those providers to facilitate gameplay and calculate results. No financial or identity data is shared with game providers beyond what is technically necessary to run the game session.
- Fraud Prevention & Security Services: ase67 uses third-party security and fraud detection tools that may process technical data (such as IP addresses, device fingerprints, and behavioural patterns) to identify and prevent fraudulent activity on the Platform.
- Legal & Regulatory Authorities: We may disclose personal data to law enforcement agencies, regulatory bodies, or courts where we are required to do so by law or where disclosure is necessary to protect the rights, property, or safety of ase67, its users, or the public.
- Business Transfers: In the event of a merger, acquisition, reorganisation, or sale of all or part of ase67's business assets, personal data held by ase67 may be transferred to the acquiring entity as part of that transaction, subject to equivalent data protection obligations being maintained.
International Transfers: Where personal data is transferred to third-party service providers operating outside Bangladesh, ase67 ensures that appropriate safeguards are in place, including contractual data protection clauses, to maintain a standard of protection equivalent to that applied within Bangladesh.
06 Cookies & Tracking Technologies
ase67 uses cookies and similar tracking technologies on the Platform to ensure correct functionality, improve performance, and deliver a personalised experience. A cookie is a small text file stored on your device by your browser when you visit a website. The types of cookies used on the ase67 platform are described below:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Session management, login authentication, security tokens, load balancing | Session / Up to 24 hours |
| Functional | Remembering language preferences, game preferences, responsible gaming limit settings | Up to 12 months |
| Performance & Analytics | Measuring page load times, identifying technical errors, tracking which pages are most visited (data is aggregated and anonymised) | Up to 24 months |
| Marketing | Tracking whether a user came from a specific promotional campaign so that bonus offers can be correctly attributed and applied | Up to 30 days |
Strictly necessary cookies are placed without requiring your consent as they are essential for the Platform to function. Functional, performance, and marketing cookies are placed only where you have consented to their use. You may withdraw consent for non-essential cookies at any time by adjusting your browser settings to block or delete cookies. Please note that disabling certain cookies may affect the functionality of the Platform, including your ability to log in or access game features.
In addition to cookies, ase67 may use pixel tags (also known as web beacons) and local storage technologies for similar tracking purposes. These technologies operate in accordance with the same consent framework described above.
07 Data Retention
ase67 retains personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable legal, regulatory, or contractual obligations. The following general retention periods apply:
- Account Data (active accounts): Retained for the full duration of your active account relationship with ase67, plus a minimum period of 5 years following account closure, to satisfy AML and financial record-keeping requirements.
- KYC Verification Documents: Retained for a minimum of 5 years from the date of submission or from the date of account closure, whichever is later, in accordance with anti-money laundering regulations.
- Transaction Records: Retained for a minimum of 5 years from the date of each transaction. Financial transaction records may be retained for longer periods where required by law or where they are relevant to ongoing dispute resolution or legal proceedings.
- Support Communications: Retained for 3 years from the date of the most recent communication in a thread, for quality assurance, training, and dispute resolution purposes.
- Technical & Usage Data (log files): Typically retained for 12 months, after which data is anonymised and may be retained indefinitely for aggregate analytics purposes.
- Marketing Consent Records: Retained for the duration of your marketing consent plus 3 years thereafter, to demonstrate compliance in the event of a regulatory inquiry.
When personal data is no longer required for any active purpose and its retention period has elapsed, ase67 securely deletes or anonymises that data using industry-standard data destruction procedures. You may request early deletion of your personal data (subject to legal retention obligations) by contacting [email protected].
08 Your Privacy Rights
As a registered user of the ase67 platform, you have the following rights with respect to your personal data. To exercise any of these rights, please submit a written request to [email protected]. We will respond to all valid requests within 30 days, though we may extend this period by a further 30 days where the request is complex or where we have received a high volume of requests.
- Right of Access: You have the right to request a copy of the personal data that ase67 holds about you, along with information about how that data is processed, the purposes for which it is used, and the parties with whom it is shared.
- Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated. You may update certain account details directly through your account dashboard.
- Right to Erasure: In certain circumstances, you have the right to request that ase67 delete your personal data. This right is subject to exceptions where retention is required for legal compliance or to establish, exercise, or defend legal claims.
- Right to Restrict Processing: You may request that we restrict the processing of your personal data in certain circumstances — for example, where you contest the accuracy of the data or where you have objected to processing based on legitimate interests (pending verification of whether our legitimate grounds override yours).
- Right to Data Portability: Where processing is based on consent or contractual necessity and is carried out by automated means, you may request a copy of your personal data in a structured, commonly used, machine-readable format.
- Right to Object: You have the right to object to processing of your personal data based on legitimate interests, including profiling, and to withdraw consent for marketing communications at any time.
- Right Not to Be Subject to Automated Decision-Making: Where ase67 makes decisions about you solely by automated means (including automated risk assessment), you have the right to request human review of that decision, to express your point of view, and to contest the outcome.
Identity Verification for Rights Requests: To protect your privacy and prevent unauthorised access, ase67 may ask you to verify your identity before processing any privacy rights request. We will not fulfil requests where we are unable to confirm the requester's identity to a reasonable standard.
09 Data Security Measures
ase67 takes the security of your personal data seriously and has implemented a comprehensive set of technical and organisational measures to protect your information against unauthorised access, accidental loss, destruction, alteration, or disclosure. These measures include:
- 256-bit SSL/TLS Encryption: All data transmitted between your device and the ase67 Platform is encrypted using industry-standard 256-bit SSL/TLS protocols, ensuring that data cannot be intercepted in transit.
- Encrypted Data Storage: Sensitive personal data, including identity documents and financial information, is stored in encrypted form within secured database systems with access restricted to authorised personnel only.
- Access Controls: ase67 operates a strict need-to-know access control policy. Employee access to personal data systems is role-based and requires multi-factor authentication. Access logs are maintained and reviewed regularly.
- Penetration Testing & Security Audits: The Platform undergoes regular third-party security assessments, including penetration testing, to identify and remediate vulnerabilities before they can be exploited.
- Incident Response: ase67 maintains a documented data breach response procedure. In the event of a confirmed data breach that poses a risk to users, we will take immediate containment action and notify affected users and relevant authorities in accordance with applicable legal requirements.
- Staff Training: All ase67 personnel who handle personal data are required to complete data protection training and are contractually bound to maintain confidentiality of user information.
While ase67 employs robust security measures, no system connected to the internet can be guaranteed as completely secure. You also have a responsibility to protect your account by maintaining a strong, unique password and by logging out of the Platform when using a shared device. If you suspect that your account has been compromised, notify us immediately at [email protected].
10 Policy Updates
ase67 reserves the right to update or revise this Privacy Policy from time to time to reflect changes in our data processing practices, applicable laws, or Platform features. When material changes are made, we will notify registered users by posting a prominent notice on the Platform and, where appropriate, by sending a notification to your registered email address.
The "Last Reviewed" date displayed at the top of this document will be updated each time this Policy is revised. We encourage you to review this Privacy Policy periodically to remain informed about how we protect your personal data. Your continued use of the ase67 Platform following the posting of an updated Privacy Policy constitutes your acceptance of the revised terms, to the extent permitted by applicable law.
If you object to any changes made to this Privacy Policy and no longer wish to use the ase67 Platform, please contact our support team at [email protected] to request account closure. Any personal data collected prior to the date of the revised Policy will continue to be processed in accordance with the version of the Policy that was in effect at the time of collection, except where applicable law requires otherwise.
Contact for Privacy Enquiries: For any question, concern, or request relating to this Privacy Policy or the personal data ase67 holds about you, please write to us in English at [email protected]. Our Data Protection team operates Monday to Sunday, 24 hours a day, aligned to Bangladesh Standard Time (BST, UTC+6).
How We Protect You
Our Core Privacy Commitments
At ase67, privacy is not a checkbox — it is a core part of how we build and operate our platform for players across Bangladesh.
256-bit SSL Encryption
Every byte of data transmitted between your device and our servers is protected by industry-standard 256-bit SSL encryption — the same technology used by leading global banks and financial institutions.
No Data Selling
ase67 never sells, rents, or trades your personal information to third parties for marketing purposes. Your data exists to serve your experience on our platform — nothing else.
Transparent KYC
Documents submitted for identity verification are processed only for KYC compliance. Verification partners are contractually prohibited from using your documents for any other purpose whatsoever.
Your Data, Your Control
You hold the right to access, correct, delete, and export your personal data. Submit a request to our support team and we will respond within 30 days with full transparency about what we hold.
Certified RNG & Fair Play
Game session data is shared with certified studios like Evolution Gaming and Pragmatic Play solely to run your game. No financial or identity data is passed to game providers beyond technical session requirements.
Easy Marketing Opt-Out
Marketing communications from ase67 — including BPL season promotions and Eid bonus offers — are only sent with your consent. You can withdraw that consent at any time with a single email to our support team.
Your Privacy Is Protected
Explore ase67 With Confidence
Now that you understand how ase67 safeguards your personal data, explore our full platform — from live BPL and IPL cricket markets to 3,200+ casino games — backed by robust security and a dedicated 24/7 English support team.