Data Protection & Privacy
29bdt Privacy Policy
At 29bdt, the privacy and security of your personal data is a fundamental responsibility, not an afterthought. This Privacy Policy sets out in clear, formal terms exactly what information we collect when you use our platform, why we collect it, how we store and protect it, who we may share it with, and what rights you hold over your own data. Please read this document carefully before creating an account or submitting any personal information to 29bdt.
This Privacy Policy applies to all personal data processed by 29bdt in connection with the online casino and sports betting services available at 29bdt.bet (hereinafter "the Platform", "we", "us", or "our"). By registering an account, accessing the Platform, or submitting any personal information, you confirm that you have read and understood this Privacy Policy and that you consent to the collection and processing of your data as described herein. If you do not agree to the terms of this Privacy Policy, you must not use the Platform.
Scope: This Privacy Policy covers all data processing activities carried out by 29bdt in relation to registered players, prospective players who visit the Platform without registering, and individuals who contact our customer support team. It applies across all devices and access methods, including mobile browsers, desktop browsers, and any future 29bdt applications.
1. Data We Collect
29bdt collects personal data through several channels: directly from you during registration and account management, automatically through your use of the Platform, and in limited circumstances from third-party verification and payment service providers. The categories of data we collect are described below.
1.1 Registration and Identity Data
When you create a 29bdt account, we collect your full legal name, date of birth, Bangladeshi mobile number, and any username or display name you choose. This information is necessary to establish your account, verify your identity, and comply with our obligation to prevent underage gambling. 18+
1.2 Identity Verification (KYC) Data
Before any withdrawal can be processed, you are required to complete our Know Your Customer (KYC) verification process. During this process we may collect copies of your national identity card (NID), passport, or driver's licence as issued by the Government of Bangladesh. We may also collect a selfie photograph or short video for liveness verification purposes. KYC documents are stored securely and used solely for identity verification and fraud prevention.
1.3 Financial Transaction Data
We collect records of all financial transactions conducted through your 29bdt account, including deposit amounts, withdrawal requests, bonus credits, and wager history. We record the payment method used (bKash, Nagad, Rocket, Upay, or bank transfer) and the associated transaction reference numbers. We do not store complete mobile financial service PINs or full bank account credentials — these are handled directly by the respective payment service providers.
1.4 Usage and Activity Data
We automatically collect data about how you interact with the Platform, including: pages and game sections visited, games played, bet amounts and outcomes, session start and end times, search queries within the Platform, and features accessed. This data helps us improve the user experience, identify technical issues, and personalise the content we display to you.
1.5 Device and Technical Data
When you access 29bdt from any device, we automatically collect certain technical information, including your IP address, device type and model, operating system and version, browser type and version, screen resolution, and approximate geographic location derived from your IP address. This data is used for security monitoring, fraud detection, and platform optimisation. We do not use IP-based geolocation to identify your precise home address.
1.6 Communications Data
If you contact our customer support team via live chat or email, we retain records of those communications, including the content of messages, timestamps, and the support agent's responses. This data is used for quality assurance, dispute resolution, and to improve our support service.
2. How We Use Your Data
29bdt processes your personal data only for specific, legitimate purposes. We do not process data in ways that are incompatible with the purpose for which it was originally collected. The primary purposes for which we use your data are as follows:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account creation & management | Registration data, contact details | Contractual necessity |
| Identity & age verification | KYC documents, date of birth | Legal obligation |
| Processing deposits & withdrawals | Financial transaction data, payment method details | Contractual necessity |
| Fraud prevention & security | Device data, IP address, transaction patterns | Legitimate interest |
| Responsible gaming compliance | Activity data, session times, betting patterns | Legal obligation & legitimate interest |
| Platform improvement | Usage data, device data | Legitimate interest |
| Customer support | Communications data, account data | Contractual necessity |
| Promotional communications | Contact details, preferences | Consent (opt-in only) |
Promotional Communications
Where you have expressly opted in to receive promotional messages from 29bdt, we may use your registered mobile number to send you information about bonuses, special offers, cricket season promotions, and new game launches. You may withdraw your consent to receive promotional communications at any time by contacting our support team via live chat. Withdrawal of consent does not affect the lawfulness of any processing carried out prior to that withdrawal.
3. Cookies & Tracking Technologies
29bdt uses cookies and similar tracking technologies to operate the Platform effectively, maintain your session, and analyse usage patterns. A cookie is a small text file placed on your device by the Platform when you visit. The cookies we use fall into the following categories:
- Strictly necessary cookies: These are essential for the Platform to function. They enable core features such as user authentication, session management, and security token validation. You cannot opt out of strictly necessary cookies while using the Platform.
- Performance and analytics cookies: These cookies collect aggregated, anonymised data about how visitors use the Platform — which pages are visited most frequently, how long sessions last, and where technical errors occur. This information is used exclusively to improve the Platform's performance.
- Functional cookies: These cookies remember your preferences, such as your selected language and display settings, so that you do not need to re-enter them on each visit.
- Security cookies: These cookies help us detect and prevent fraudulent activity, bot traffic, and credential-stuffing attacks. They form part of our multi-layered security infrastructure.
💡 Cookie Management: Most modern browsers allow you to control cookie settings through the browser's privacy or settings menu. Disabling certain categories of cookies (beyond strictly necessary ones) may affect some features of the Platform. Refer to your browser's help documentation for instructions on managing cookies.
29bdt does not use third-party advertising cookies or cross-site tracking pixels to build advertising profiles about you. We do not sell or share your browsing data with advertising networks.
4. Data Sharing & Disclosure
29bdt does not sell, rent, or trade your personal data to any third party. We may, however, share your data with carefully selected third parties in the following limited circumstances:
4.1 Payment Service Providers
To process your deposits and withdrawals, we share the minimum necessary transaction data with your chosen payment provider — such as bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, or BRAC Bank. Each payment provider processes this data under their own privacy policies and security standards. 29bdt is not responsible for the data practices of third-party payment providers.
4.2 Identity Verification Partners
To fulfil our KYC obligations, we may share identity documents and verification requests with licensed identity verification service providers. These providers are contractually bound to process data only for the purpose of identity verification and to maintain standards of data security equivalent to or exceeding those applied by 29bdt.
4.3 Game Technology Providers
The games available on 29bdt are supplied by third-party game studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. These providers may receive anonymised game session data (such as bet amounts and round outcomes) for the purposes of game integrity monitoring and RNG certification. Personal identifiers are not shared with game studios.
4.4 Legal and Regulatory Disclosure
We may disclose your personal data to law enforcement agencies, regulatory authorities, or courts where we are legally required to do so, or where disclosure is necessary to protect the rights, property, or safety of 29bdt, our players, or the public. In such cases, we will disclose only the minimum data required to comply with the legal obligation.
4.5 Business Transfers
In the event that 29bdt undergoes a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred to the successor entity as part of that transaction. You will be notified via your registered mobile number prior to any such transfer, and the successor entity will be required to honour the commitments set out in this Privacy Policy.
5. Data Retention
29bdt retains your personal data only for as long as is necessary to fulfil the purposes described in this Privacy Policy, or as required by applicable law. The following retention periods apply:
- Active account data: Retained for the full duration that your account remains active on the Platform.
- KYC and identity documents: Retained for a minimum of 5 years following account closure, in line with anti-money laundering obligations.
- Financial transaction records: Retained for a minimum of 7 years from the date of each transaction, in accordance with financial record-keeping standards.
- Customer support communications: Retained for 3 years from the date of the last communication in a given support case.
- Usage and activity logs: Retained in identifiable form for up to 24 months, after which data is anonymised or deleted.
- Marketing consent records: Retained for as long as you remain opted in, plus 3 years after consent is withdrawn, to evidence compliance.
Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised. Where anonymisation is not technically feasible, the data is encrypted and placed in an isolated archive inaccessible to operational systems.
6. Security Measures
29bdt implements a robust, multi-layered approach to data security designed to protect your personal information against unauthorised access, alteration, disclosure, or destruction. Our security infrastructure includes the following measures:
- 256-bit SSL/TLS encryption applied to all data transmitted between your device and the 29bdt Platform, ensuring that information in transit cannot be intercepted or read by third parties.
- Encrypted data storage for all sensitive fields including KYC documents, financial transaction records, and authentication credentials. Passwords are never stored in plain text; they are hashed using industry-standard algorithms.
- Access controls and role-based permissions that restrict access to personal data to only those 29bdt employees and contractors who have a legitimate operational need. All staff with data access undergo security training and are bound by confidentiality obligations.
- Intrusion detection and monitoring systems that continuously analyse network traffic for anomalies, attempted breaches, and suspicious patterns. Security incidents trigger automated alerts and escalation procedures.
- Regular security audits and penetration testing conducted by independent security specialists to identify and remediate vulnerabilities before they can be exploited.
- Two-factor authentication (2FA) available to all players as an optional but strongly recommended additional security layer for account login.
Your Responsibility: While 29bdt takes comprehensive measures to protect your data on the Platform side, the security of your account also depends on the strength and confidentiality of your login credentials. Use a strong, unique password for your 29bdt account and do not share it with anyone. If you suspect your account has been compromised, contact our support team immediately via live chat.
7. Your Privacy Rights
As a player on the 29bdt Platform, you hold the following rights with respect to your personal data. To exercise any of these rights, please contact our support team via live chat or at the email address provided in Section 8 below.
- Right of access: You have the right to request a copy of the personal data that 29bdt holds about you. We will provide this information within 30 days of receiving a verified request.
- Right to rectification: If any of your personal data held by 29bdt is inaccurate or incomplete, you have the right to request that it be corrected. You may update certain account details (such as your contact number) directly through your account settings.
- Right to erasure: You may request that 29bdt delete your personal data where it is no longer necessary for the purposes for which it was collected, subject to our legal obligations to retain certain data categories (see Section 5). This right does not apply to data we are required by law to retain.
- Right to restrict processing: In certain circumstances, you may request that 29bdt restrict the processing of your data — for example, while a dispute regarding the accuracy of your data is being resolved.
- Right to data portability: Where processing is based on your consent or contractual necessity, you have the right to receive your personal data in a structured, commonly used, machine-readable format.
- Right to withdraw consent: Where processing is based on your consent (such as for promotional communications), you may withdraw that consent at any time. Withdrawal does not affect processing carried out prior to withdrawal.
- Right to object: You have the right to object to processing of your data that is carried out on the basis of legitimate interest, including profiling, where you believe your interests or fundamental rights override those legitimate interests.
29bdt will respond to all privacy rights requests within 30 calendar days of receipt. In complex or high-volume cases, we may extend this period by a further 30 days, in which case we will notify you of the extension and the reason for it.
8. Policy Changes & Contact
29bdt reserves the right to update or modify this Privacy Policy at any time. Where changes are material — meaning they significantly affect how we collect, use, or share your personal data — we will notify registered players via their registered mobile number at least 14 days before the revised policy takes effect. Minor updates (such as formatting corrections or clarifications that do not alter the substance of the policy) may be made without prior notice.
The date at the top of this document reflects when the current version was last updated. We encourage you to review this Privacy Policy periodically to remain informed about how 29bdt protects your data.
Contact for Privacy Matters
If you have questions, concerns, or requests relating to this Privacy Policy or the handling of your personal data, please contact the 29bdt data team. Our support team is available 24/7 via live chat on the Platform. For formal written privacy requests, please use the following email address (plain text — not a clickable link):
We commit to acknowledging all privacy-related enquiries within 3 business days (Bangladesh Standard Time, UTC+6) and providing a substantive response within 30 calendar days.
Why Your Data is Safe with 29bdt
Our Data Protection Commitments
End-to-End Encryption
Every byte of data exchanged between your device and 29bdt is protected by 256-bit SSL/TLS encryption — the same standard used by leading global financial institutions.
Strict Access Controls
Personal data is accessible only to authorised 29bdt personnel on a strict need-to-know basis. All staff undergo data security training and sign confidentiality agreements.
Zero Data Selling Policy
29bdt has a firm zero-tolerance policy on the sale or commercial transfer of player data. Your information is used solely to operate the Platform and provide you with our services.
Local Payment Security
Transactions via bKash, Nagad, Rocket, and Upay are processed through each provider's secure infrastructure. 29bdt never stores your mobile banking PINs or full account numbers.
Regular Security Audits
Independent security specialists conduct regular penetration tests and vulnerability assessments of the 29bdt platform to identify and address potential weaknesses proactively.
You Control Your Data
Access, correct, export, or request deletion of your personal data at any time. 29bdt responds to all verified data rights requests within 30 calendar days, no questions asked.
Questions About Your Privacy?
Our support team is available around the clock via live chat. You can also explore our full FAQ for quick answers, review our Responsible Gaming commitment, or head back to the platform and start playing with confidence. 18+
Browse the FAQ Responsible Gaming Explore 29bdt Casino