Privacy Policy — How 48rbajee Handles Your Data
At 48rbajee, your personal data belongs to you. This Privacy Policy sets out in plain, formal terms exactly what information we collect, why we collect it, how we store and protect it, and what rights you hold as a registered user in Bangladesh.
1. Data We Collect
1.1 Overview. 48rbajee collects personal data that you provide directly during registration and account use, data generated automatically as you interact with the Platform, and data received from trusted third-party payment processors and identity verification services. We collect only the data that is necessary for the purposes described in this Policy and do not collect excessive or irrelevant information.
1.2 Data You Provide Directly
When you register an account on 48rbajee or interact with our services, you provide us with the following categories of personal data:
| Data Category | Examples | When Collected |
|---|---|---|
| Identity Data | Full legal name, date of birth, gender, Bangladeshi National ID (NID) number, NID document image | Registration & KYC verification |
| Contact Data | Mobile phone number, email address, residential address (division, district, thana) | Registration |
| Financial Data | bKash/Nagad/Rocket/Upay mobile wallet number, bank account details (if applicable), transaction history | Deposit & withdrawal processing |
| Account Credentials | Username, hashed password (never stored in plain text) | Registration |
| Support Communications | Content of emails or messages sent to support@48rbajee | Customer support interactions |
1.3 Data Collected Automatically
When you access the 48rbajee platform — whether on a mobile browser, desktop browser, or any other device — our servers automatically collect certain technical and behavioural data:
- Device and Browser Data: Device type, operating system, browser type and version, screen resolution, language settings.
- Connection Data: IP address, approximate geographic location derived from IP (city/division level), internet service provider (ISP).
- Session Data: Pages visited, time spent on each page, features used, search queries within the Platform, bet history, game session logs.
- Cookie and Tracking Data: Information stored in cookies, session tokens, local storage, and similar technologies — described fully in Section 4 of this Policy.
1.4 Data from Third Parties
48rbajee may receive personal data about you from the following third-party sources:
- Payment Processors: bKash, Nagad, Rocket, Upay, and banking partners confirm transaction status, reference numbers, and the registered mobile/account holder name associated with a payment. We use this data solely to verify deposits and process withdrawals.
- Identity Verification Services: Where we use a third-party KYC service to verify your Bangladeshi NID, that service may provide us with a verification outcome and confidence score. We do not receive raw biometric data beyond what you submit directly.
- Fraud Prevention Partners: We may receive risk signals and flagged account patterns from fraud-prevention service providers to protect the Platform and its users from financial crime.
2. How We Use Your Data
2.1 Legal Bases for Processing. 48rbajee processes your personal data on one or more of the following legal bases: (a) performance of a contract — processing necessary to provide the betting and gaming services you have requested; (b) legitimate interests — processing necessary for fraud prevention, platform security, and service improvement; (c) legal obligation — processing required to comply with applicable law, including anti-money laundering (AML) obligations; and (d) consent — where you have provided explicit consent for a specific processing activity, such as receiving promotional communications.
2.2 Primary Uses of Your Data. We use your personal data for the following purposes:
- Creating and managing your 48rbajee account, including authentication and account security.
- Processing deposits and withdrawals via bKash, Nagad, Rocket, Upay, and other accepted payment channels.
- Verifying your identity and age (18+) through the KYC process using your Bangladeshi National ID documentation.
- Settling bets, calculating winnings, and maintaining accurate account balance records.
- Providing customer support in English, including responding to queries, complaints, and dispute submissions sent to support@48rbajee.
- Sending transactional communications — deposit confirmations, withdrawal notifications, account security alerts, and system maintenance notices. These communications are essential to service delivery and cannot be opted out of while your account is active.
- Sending promotional communications (bonus offers, BPL season promotions, Eid offers, new game announcements) — only where you have consented to receive marketing messages. You may withdraw this consent at any time through your account notification settings.
- Enforcing responsible gaming tools — including applying deposit limits, session reminders, and self-exclusion restrictions you have configured, and monitoring for patterns that may indicate problem gambling.
- Complying with anti-money laundering (AML), counter-terrorism financing (CTF), and other applicable legal obligations, including filing reports with relevant authorities where required by law.
- Improving the 48rbajee platform through aggregated, anonymised analysis of user behaviour patterns, feature usage, and performance metrics.
2.3 Automated Decision-Making. 48rbajee uses automated processes to assess fraud risk and identify potentially problematic gambling patterns. These automated assessments may result in account flags, withdrawal delays pending manual review, or temporary account restrictions. Where an automated decision has a significant effect on your account, you have the right to request a manual review by contacting support@48rbajee. We will acknowledge such requests within 24 hours and complete the manual review within 5 business days.
3. Data Sharing & Third Parties
3.1 Our Position on Data Selling. 48rbajee does not sell, rent, or trade your personal data to any third party for their own marketing or commercial purposes. Your data is not a product. Any sharing of personal data described in this section is limited strictly to what is necessary to operate the Platform and fulfil our legal obligations.
3.2 Categories of Recipients. We may share your personal data with the following categories of third parties, under strict confidentiality and data processing agreements where applicable:
- Payment Service Providers: bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, BRAC Bank, City Bank, Islami Bank, Sonali Bank, Visa, and Mastercard — solely to process your financial transactions. Each provider receives only the data fields necessary to execute or verify the specific transaction.
- Identity Verification Providers: Third-party KYC services that assist in verifying your Bangladeshi NID and confirming your age eligibility. These providers act as data processors under our instruction and are contractually prohibited from using your data for any other purpose.
- Game Content Providers: Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, Ezugi, and other game studios whose titles appear on 48rbajee. These providers may receive a session token and anonymised player identifier to deliver game content; they do not receive your full name, contact details, or financial data.
- Fraud Prevention and Security Providers: Specialist services that help 48rbajee detect and prevent fraudulent account activity, money laundering, and platform abuse. Data shared is limited to technical identifiers and risk-relevant behavioural patterns.
- Legal and Regulatory Authorities: Where required by applicable law or a valid order from a competent authority, we may disclose personal data to law enforcement agencies, financial intelligence units, or other government bodies. We will notify you of such disclosures where legally permitted to do so.
- Professional Advisors: Lawyers, auditors, and accountants engaged by 48rbajee who require access to certain data in the course of providing professional services, subject to confidentiality obligations.
3.3 Cross-Border Data Transfers. Some of the third-party service providers used by 48rbajee may be located outside Bangladesh. Where personal data is transferred internationally, we take steps to ensure that appropriate safeguards are in place, including contractual data processing agreements and technical security measures consistent with applicable data protection standards.
3.4 Business Transfers. In the event that 48rbajee undergoes a merger, acquisition, or sale of all or substantially all of its assets, your personal data may be transferred as part of that transaction. You will be notified via the email address registered to your account before your data becomes subject to a materially different privacy policy as a result of such a transfer.
4. Cookies & Tracking Technologies
4.1 What Are Cookies. Cookies are small text files placed on your device by the 48rbajee platform when you visit our website. They allow the Platform to recognise your device across sessions, remember your preferences, maintain your login state, and collect information about how you use the site. In addition to cookies, we may use similar technologies such as session storage, local storage, pixel tags, and device fingerprinting.
4.2 Types of Cookies We Use. The following categories of cookies are used on the 48rbajee platform:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Maintain your login session, remember your account state, process transactions securely, and prevent cross-site request forgery (CSRF). These cannot be disabled without breaking core platform functionality. | Session / up to 30 days |
| Functional | Remember your language preference, display settings, and responsible gaming tool configurations (e.g., deposit limit values you have set) so you do not need to re-enter them on each visit. | Up to 12 months |
| Analytics | Collect aggregated, anonymised data about page views, session duration, feature usage, and navigation paths to help us understand how users interact with the Platform and identify areas for improvement. | Up to 24 months |
| Fraud Prevention | Collect device and behavioural signals to identify and block fraudulent account activity, bot traffic, and unauthorised access attempts. These are active at all times for platform integrity reasons. | Up to 12 months |
4.3 Managing Cookies. You may control non-essential cookies through your browser settings. Most modern browsers allow you to block or delete cookies, restrict cookies to specific sites, or receive notifications before a cookie is placed. Please note that disabling strictly necessary cookies will prevent you from logging in and using core Platform features. Instructions for managing cookies in commonly used browsers are available in each browser's help documentation. Disabling analytics or functional cookies will not affect your ability to bet or play games on 48rbajee.
5. Data Security Measures
5.1 Technical Safeguards. 48rbajee implements a layered set of technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include, but are not limited to:
- TLS/SSL Encryption: All data transmitted between your device and the 48rbajee servers is encrypted using Transport Layer Security (TLS). Our SSL certificate is maintained with a current, valid configuration at all times.
- Password Hashing: Account passwords are stored using a cryptographically strong one-way hashing algorithm with per-account salts. Plain-text passwords are never stored or retrievable by 48rbajee staff.
- Access Controls: Access to systems containing personal data is restricted to authorised personnel whose roles require it. Access is governed by role-based permissions, and all access events are logged and auditable.
- Two-Factor Authentication (2FA): We strongly recommend enabling SMS-based 2FA from your account security settings. When enabled, a second verification step is required on login from unrecognised devices.
- Infrastructure Security: Platform servers are hosted in data centres with physical access controls, redundant power systems, and network-level intrusion detection. Regular vulnerability assessments and penetration testing are conducted.
- Data Minimisation: We restrict access to personal data to the minimum necessary for any given operational process and conduct regular internal audits to identify and remove data that is no longer required.
5.2 No Absolute Guarantee. While 48rbajee employs robust security practices, no internet-based platform can guarantee absolute security against all possible threats. We encourage you to take personal security precautions, including using a strong unique password, enabling 2FA, keeping your device's operating system and browser updated, and never sharing your login credentials with anyone.
5.3 Data Breach Response. In the event of a personal data breach that poses a risk to your rights and freedoms, 48rbajee will take immediate containment action, assess the scope and impact of the breach, and notify affected users via the email address registered to their account within a reasonable timeframe. We will also notify relevant authorities as required by applicable law.
6. Data Retention & Deletion
6.1 Retention Periods. 48rbajee retains your personal data for no longer than is necessary for the purposes for which it was collected, subject to any overriding legal retention obligations. The following general retention periods apply:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account and Identity Data | Duration of account + 5 years after closure | AML/CTF legal obligations, dispute resolution |
| Transaction Records | 7 years from transaction date | Financial record-keeping and audit requirements |
| KYC Documents | Duration of account + 5 years after closure | Regulatory compliance and legal obligation |
| Support Communications | 3 years from last interaction | Dispute evidence and service quality review |
| Analytics & Session Data | Up to 24 months (anonymised after 6 months) | Platform improvement and fraud pattern analysis |
| Marketing Preferences | Until consent is withdrawn or account is closed | Consent management |
6.2 Account Closure and Data Deletion. When you close your 48rbajee account, we will deactivate your account and remove or anonymise data that is no longer required for the purposes listed above. However, certain categories of data — particularly identity records and transaction logs — must be retained for the statutory periods described in the table above, regardless of account closure. After the applicable retention period expires, your data will be securely deleted or irreversibly anonymised.
6.3 Requesting Deletion. You may request deletion of your personal data by contacting support@48rbajee. We will assess your request and respond within 30 days. Where a legal obligation requires us to retain certain data, we will explain which data cannot be deleted and why, and confirm what data has been or will be deleted.
7. Your Privacy Rights
7.1 Rights Available to You. As a user of the 48rbajee platform, you hold the following rights with respect to your personal data. To exercise any of these rights, please contact us at support@48rbajee with a clear description of your request. We will respond within 30 days and may ask you to verify your identity before processing your request.
- Right of Access: You have the right to request a copy of the personal data that 48rbajee holds about you, along with information about how that data is used, where it came from, and with whom it has been shared.
- Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated. You may also update certain information (such as your contact details) directly from your account settings page.
- Right to Erasure: Subject to legal retention obligations described in Section 6, you have the right to request deletion of your personal data. We will confirm what data has been deleted and explain any data that must be retained.
- Right to Restriction of Processing: In certain circumstances — for example, if you contest the accuracy of data we hold or if you have objected to processing — you may request that we restrict the use of your data while the matter is under review.
- Right to Data Portability: You may request that we provide your personal data in a structured, commonly used, machine-readable format so that you can transfer it to another service provider where technically feasible.
- Right to Object: You have the right to object to processing of your personal data where that processing is based on our legitimate interests. We will review the objection and cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
- Right to Withdraw Consent: Where processing is based on your consent (for example, receipt of promotional communications), you may withdraw that consent at any time through your account notification settings or by contacting support@48rbajee. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.
7.2 Complaints. If you believe that 48rbajee has handled your personal data in a manner that violates applicable data protection principles, you have the right to raise a complaint by contacting us directly at support@48rbajee. We take all privacy complaints seriously and will investigate and respond within 30 days.
8. Policy Updates & Contact
8.1 Policy Amendments. 48rbajee reserves the right to update this Privacy Policy at any time to reflect changes in our data practices, legal obligations, or platform features. When material changes are made, we will update the effective date at the top of this page and, where the changes are significant, notify registered users via the email address associated with their account or via an in-platform notification. We encourage you to review this Policy periodically.
8.2 Continued Use as Acceptance. Your continued use of the 48rbajee platform following the publication of an updated Privacy Policy constitutes your acceptance of the revised terms. If you do not agree with any update, you must cease using the Platform and may request account closure in accordance with the Terms & Conditions.
8.3 Contact Us. If you have any questions, concerns, or requests relating to this Privacy Policy or to the way 48rbajee processes your personal data, please contact our support team. We are available in English, 24 hours a day, 7 days a week:
- Email: support@48rbajee (plain text — not a clickable link)
- Response Time: Typically within 1 hour during Bangladesh Standard Time (BST, UTC+6) peak hours; within 4 hours at all other times.
8.4 Minors. The 48rbajee platform is strictly for adults aged 18 and above. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that a minor has provided us with personal data, we will take immediate steps to delete that data and close the associated account. If you believe a minor has registered on 48rbajee, please notify us immediately at support@48rbajee.
Our Data Protection Commitments
Six principles that guide how 48rbajee treats your personal information across every interaction on our platform.
End-to-End TLS Encryption
Every data exchange between your device and the 48rbajee servers is protected by TLS encryption. Your login credentials, payment details, and personal information are never transmitted in plain text under any circumstances.
We Never Sell Your Data
48rbajee does not sell, rent, or trade your personal information to any third party for commercial or marketing purposes. Data sharing is limited strictly to service delivery — payment processing, identity verification, and legal compliance.
Your Rights, Clearly Stated
Access, correct, restrict, port, or delete your personal data at any time by contacting our support team. We respond to all privacy requests within 30 days and explain clearly which data can be deleted and which must be retained for legal reasons.
Minimal Data Collection
We collect only the personal data that is genuinely necessary for the specific purpose for which it is collected. We do not build expansive profiles, collect sensitive categories of data beyond KYC requirements, or retain data past its required retention period.
Secure BDT Payment Processing
Your bKash, Nagad, Rocket, and Upay transaction data is shared only with the relevant payment processor to complete the specific transaction. Financial data is never stored in full on our servers beyond what is required for transaction records and regulatory compliance.
Cookie Transparency
48rbajee uses only four categories of cookies — strictly necessary, functional, analytics, and fraud prevention. We do not use third-party advertising cookies or behavioural targeting cookies. You can manage non-essential cookies through your browser settings at any time.
Have a Privacy Question or Data Request?
Our support team handles all privacy-related queries in English, available 24/7. You can also review our Terms & Conditions for the complete legal framework governing your use of 48rbajee, or visit our FAQ for quick answers to common account and security questions.