Data Protection & Privacy
ad365 Privacy Policy — How We Collect, Use, and Safeguard Your Personal Data
Your privacy matters to us. This Privacy Policy explains in plain English exactly what personal data ad365 collects from Bangladeshi players, why we collect it, how it is stored and protected, and what rights you have over your own information at any time.
Our Commitment
Privacy at a Glance
Before diving into the full legal text, here are the six core privacy principles that guide every data decision at ad365.
Your Data Stays Private
ad365 does not sell, rent, or trade your personal information to any third-party marketing organisations. Data shared with service partners (payment processors, identity verifiers) is strictly limited to what is necessary for those services to function. No data broker ever receives your details from ad365.
256-bit SSL Encryption
Every data transmission between your browser or device and the ad365 platform is protected by 256-bit TLS/SSL encryption — the same standard used by major banks and financial institutions operating in Dhaka, Chittagong, and across Bangladesh. Your login credentials, payment details, and personal documents never travel unencrypted.
Minimum Necessary Collection
ad365 collects only the personal data that is genuinely necessary to operate your account, process your BDT transactions, verify your identity for KYC compliance, and deliver a safe, personalised gaming experience. We do not collect data speculatively or for purposes unrelated to the operation of the ad365 platform.
Transparent Processing
ad365 tells you clearly what data is collected, why it is collected, how long it is kept, and who it may be shared with. There are no hidden data practices. This Privacy Policy is written in plain English so that every Bangladeshi player can understand exactly how their information is handled — no legal jargon without explanation.
Your Rights Are Respected
You have the right to access, correct, export, or request deletion of your personal data at any time. ad365 provides a clear process for exercising each of these rights, with a guaranteed response time of no more than 30 days from the date of a formal request submitted to [email protected].
Defined Retention Periods
ad365 does not keep your data indefinitely. Each category of personal data has a defined retention period tied to the purpose for which it was collected. Transaction records required for regulatory compliance are retained for up to 5 years. Marketing preference data is deleted promptly upon withdrawal of consent.
01 Data We Collect
When you register, use, or interact with the ad365 platform, we collect certain categories of personal data. The specific data collected depends on how you engage with the platform — whether you are browsing as a guest, registering a new account, depositing funds via bKash or Nagad, submitting a KYC document, or contacting our support team.
The following table sets out the main categories of personal data that ad365 collects, the typical source of that data, and the lawful basis under which it is processed:
| Data Category | Examples | Source | Lawful Basis |
|---|---|---|---|
| Identity Data | Full name, date of birth, National ID number, passport number | You (registration / KYC) | Contract performance; legal obligation (KYC/AML) |
| Contact Data | Email address, mobile number (Grameenphone, Robi, Banglalink, Teletalk, Airtel), home address | You (registration) | Contract performance; legitimate interests |
| Financial Data | bKash/Nagad/Rocket account references, bank account last-4 digits, deposit/withdrawal history in BDT | You; payment processors | Contract performance; legal obligation (AML) |
| Technical Data | IP address, device type, browser type, operating system, session timestamps | Automatic collection | Legitimate interests (security, fraud prevention) |
| Usage Data | Pages visited, games played, bets placed, session duration, feature interactions | Automatic collection | Legitimate interests (platform improvement) |
| Communications Data | Live chat transcripts, support emails, complaint records | You; our support systems | Contract performance; legitimate interests |
| KYC Document Data | Scanned copies of National ID, passport, proof of address, selfie for liveness check | You (KYC submission) | Legal obligation (identity verification) |
| Responsible Gaming Data | Deposit limits set, self-exclusion periods, cool-off requests, problem gambling referrals | You; our responsible gaming system | Legal obligation; vital interests |
Data You Choose Not to Provide: Where collection of a particular category of data is optional, we will make this clear at the point of collection. However, certain data — particularly identity data and financial data — is mandatory for KYC compliance and cannot be waived. If you decline to provide mandatory data, ad365 may be unable to open your account, process withdrawals, or continue providing services to you.
Data About Third Parties: You must not provide ad365 with personal data about any third party (for example, a family member's payment method or ID document) without that person's knowledge and consent. Using a third-party payment method to fund your ad365 account is a breach of our Terms & Conditions regardless of privacy considerations.
No Sensitive Special Category Data Is Collected
ad365 does not intentionally collect special category data as defined under international privacy standards — including data revealing racial or ethnic origin, political opinions, religious beliefs, biometric data for identification purposes, or health data — except where strictly required to fulfil a responsible gaming obligation (e.g., recording a self-exclusion linked to a disclosed gambling problem). Such data is handled with the highest level of protection and is never used for profiling or marketing.
02 How We Use Your Data
ad365 uses your personal data only for purposes that are directly connected to the operation of the platform, the fulfilment of our contractual obligations to you, and the discharge of our legal and regulatory responsibilities. We do not use your data for purposes that are incompatible with those for which it was originally collected.
The key purposes for which ad365 processes personal data are as follows:
- Account Registration and Management: Creating and maintaining your ad365 player account, authenticating your identity at login, and managing your account preferences, game history, and balance information in BDT.
- Payment Processing: Facilitating deposits and withdrawals via bKash, Nagad, Rocket, Upay, Visa, Mastercard, and partner banks including Dutch-Bangla Bank, BRAC Bank, City Bank, Islami Bank, and Sonali Bank. Financial data is shared with payment processors solely to execute your transactions.
- Identity Verification (KYC): Complying with our Know Your Customer obligations to verify that you are who you say you are, that you are aged 18 or above, and that your source of funds is legitimate. KYC is also required to combat fraud, money laundering, and the financing of prohibited activities.
- Customer Support: Responding to your queries, complaints, and support requests via live chat, email, and other communication channels. Support interaction records may be retained to improve service quality and for training purposes.
- Responsible Gaming: Monitoring gameplay patterns to identify potential signs of problem gambling, enforcing deposit limits and self-exclusion requests you have activated, and ensuring that players who have self-excluded from ad365 are prevented from accessing the platform.
- Fraud Prevention and Security: Detecting and investigating suspicious account activity, unauthorised access, bonus abuse, multi-accounting, collusion, and other prohibited conduct as defined in our Terms & Conditions.
- Platform Improvement: Analysing aggregated, anonymised usage data to improve the design, performance, game offering, and overall user experience of the ad365 platform for Bangladeshi players.
- Marketing Communications: Sending you promotional offers, bonus notifications, and seasonal promotions (such as Eid offers, BPL cricket promotions, and Pohela Boishakh specials) where you have given your explicit consent to receive marketing communications. You may withdraw this consent at any time by updating your notification preferences in Account Settings or by contacting [email protected].
- Legal and Regulatory Compliance: Retaining transaction records, KYC documentation, and account activity logs for the minimum periods required by applicable law and as reasonably required to defend ad365 in the event of a legal dispute or regulatory enquiry.
Marketing Opt-Out Is Always Available
You can opt out of all ad365 marketing communications at any time without affecting your ability to use the platform. Simply visit Account Settings and toggle off marketing notifications, or send an opt-out request to [email protected]. Opt-outs are actioned within 48 hours. Note that transactional communications (deposit confirmations, withdrawal notifications, security alerts) are not subject to opt-out as they are required for the operation of your account.
03 Cookies & Tracking Technologies
ad365 uses cookies and similar tracking technologies to operate and improve the platform. A cookie is a small text file stored on your device by your web browser when you visit the ad365 website. Cookies help us keep you logged in securely, remember your preferences, understand how the platform is being used, and protect the platform from fraud.
The cookies used by ad365 fall into the following categories:
| Cookie Type | Purpose | Retention | Can Be Declined? |
|---|---|---|---|
| Strictly Necessary | Session authentication, security tokens, CSRF protection, load balancing | Session / up to 24 hours | No — required for platform operation |
| Functional | Language preferences, last-played game memory, responsible gaming tool state, notification settings | Up to 12 months | Yes — optional, but some features may be degraded |
| Analytics | Aggregated page view counts, session duration, error reporting, feature usage rates (anonymised data only) | Up to 13 months | Yes — opt out via cookie preferences |
| Fraud Prevention | Device fingerprinting, IP consistency checks, bot detection, multi-account detection signals | Up to 12 months | No — required for platform security |
Managing Your Cookie Preferences: You can manage your cookie preferences at any time via the Cookie Preferences panel accessible from the footer of the ad365 website. You can also control cookies through your browser settings — most modern browsers allow you to block or delete cookies. Note that disabling strictly necessary or fraud prevention cookies may prevent you from logging into your account or using certain platform features.
Third-Party Cookies: Some cookies on the ad365 platform are set by third-party service providers, including game providers such as Pragmatic Play, Evolution Gaming, and Spribe, as well as our payment processing partners. These third-party cookies are governed by the respective providers' privacy policies. ad365 does not control these cookies and is not responsible for the data practices of third-party providers.
No Advertising Cookies
ad365 does not use advertising or retargeting cookies. We do not share cookie data with advertising networks, social media platforms, or data brokers. The ad365 platform does not display third-party advertising and does not participate in programmatic advertising ecosystems.
04 Data Sharing & Third Parties
ad365 does not sell, rent, or trade your personal data. We share personal data with third parties only in the limited circumstances described in this section, and only to the extent necessary to fulfil the stated purpose.
- Payment Processors: To process your BDT deposits and withdrawals, ad365 shares the minimum necessary financial data with our payment processing partners — bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, BRAC Bank, City Bank, Islami Bank, Sonali Bank, and international card processors (Visa/Mastercard). These partners are contractually bound to handle your data securely and are prohibited from using it for any purpose other than processing your transaction.
- Identity Verification Providers: To comply with KYC and anti-money laundering obligations, ad365 uses third-party identity verification services to validate the identity documents you submit. Your name, date of birth, ID document images, and liveness check data are shared with these providers for verification purposes only. Results are returned to ad365 as a pass/fail determination; your document images are not retained indefinitely by verification providers.
- Game Providers: Live casino and RNG game sessions are delivered by providers including Evolution Gaming, Pragmatic Play, Ezugi, Spribe, NetEnt, and Microgaming. These providers may process certain technical data (session ID, bet history within the game session) to deliver their games. They do not receive your full personal profile, contact details, or financial data.
- Fraud Prevention and Security Services: ad365 uses specialist fraud detection and cybersecurity services that process technical and behavioural data (device fingerprint, IP address, session pattern) to identify and prevent fraudulent activity on the platform.
- Legal and Regulatory Authorities: ad365 may be required to disclose personal data to law enforcement agencies, regulatory bodies, or courts in Bangladesh or other applicable jurisdictions in response to a lawful request, court order, or legal obligation. We will notify you of such disclosure where legally permitted to do so.
- Business Transfers: In the event of a merger, acquisition, restructuring, or sale of assets involving ad365, your personal data may be transferred to the successor entity as part of the transaction. You will be notified of any such transfer and the privacy practices of the acquiring entity before the transfer takes effect.
All third-party service providers that process personal data on behalf of ad365 are required to enter into a Data Processing Agreement that imposes obligations of confidentiality, data security, and purpose limitation consistent with the standards described in this Privacy Policy. ad365 conducts due diligence on the data protection practices of all significant third-party processors before engaging their services.
We Never Sell Your Data
ad365 does not and will never sell, license, or otherwise monetise your personal data to third-party marketers, data brokers, or any entity whose primary purpose is the commercial use of consumer data. If you receive unsolicited marketing communications claiming to originate from ad365 or its partners, please report them immediately to [email protected].
05 Data Retention & Storage
ad365 retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable law, regulatory obligation, or legitimate business need. The following retention schedule applies to the main categories of personal data held by ad365:
| Data Category | Retention Period | Reason for Retention |
|---|---|---|
| Account & Identity Data | Duration of account + 5 years after closure | AML / KYC regulatory compliance |
| Financial Transaction Records | 5 years from transaction date | Legal / regulatory obligation |
| KYC Documents | 5 years after account closure | Anti-money laundering compliance |
| Support Communications | 3 years from last interaction | Dispute resolution; service improvement |
| Responsible Gaming Records | Indefinite (self-exclusion must persist) | Player protection obligation |
| Technical & Log Data | Up to 12 months | Security monitoring; fraud investigation |
| Marketing Preferences | Until consent withdrawn + 30 days | Evidence of consent basis |
| Analytics Data (anonymised) | Up to 26 months | Platform improvement; trend analysis |
Data Storage Location: Personal data collected from Bangladeshi players is stored on servers located in secure, access-controlled data centre facilities. ad365 employs physical and technical security controls at all storage facilities, including restricted access, 24/7 monitoring, and encrypted storage for sensitive data categories such as identity documents and payment references.
International Transfers: Some of the third-party service providers used by ad365 — particularly game providers and identity verification services — may process data on servers located outside Bangladesh. Where such transfers occur, ad365 takes reasonable steps to ensure that the receiving party provides an adequate level of data protection, including contractual safeguards and technical security measures consistent with industry standards.
Deletion Process: When a retention period expires and no legal obligation requires continued retention, ad365 deletes or anonymises the data in a manner that makes re-identification impossible. Deletion requests submitted by players are processed in accordance with the rights described in Section 06 of this Privacy Policy.
Secure, Encrypted Storage
All personal data stored by ad365 — including your identity documents, contact details, and financial references — is stored in encrypted form at rest using AES-256 encryption. Access to stored personal data is restricted to authorised ad365 personnel on a strict need-to-know basis. Access logs are maintained and audited regularly.
06 Your Privacy Rights
As a player on the ad365 platform, you have a range of rights over your personal data. These rights are set out below. To exercise any of these rights, please contact us at [email protected] with the subject line "Privacy Rights Request" and a description of the right you wish to exercise. ad365 will respond to all valid requests within 30 days. We may need to verify your identity before processing your request to prevent unauthorised access to another person's data.
Right of Access
Request a copy of all personal data ad365 holds about you, including the categories of data, its sources, and the purposes for which it is processed.
Right to Rectification
Request correction of any inaccurate or incomplete personal data held in your ad365 account. You may also update many details directly in Account Settings without needing to contact support.
Right to Erasure
Request deletion of your personal data where it is no longer necessary for the purpose collected, where consent has been withdrawn, or where no legal obligation requires its retention.
Right to Restriction
Request that ad365 restrict the processing of your personal data in certain circumstances — for example, while you contest the accuracy of the data or are awaiting a response to an erasure request.
Right to Portability
Request that ad365 provide your personal data in a structured, commonly used, machine-readable format (such as CSV or JSON) so that you can transfer it to another service if you wish.
Right to Object
Object to the processing of your personal data for direct marketing purposes at any time with immediate effect. Also available for processing based on legitimate interests, subject to ad365's overriding justification.
Right to Withdraw Consent
Where processing is based on your consent (such as marketing communications), you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.
Right Against Automated Decisions
The right not to be subject to a decision based solely on automated processing — including profiling — that produces significant legal or similarly significant effects on you, without meaningful human review.
Limitations on Rights: Some rights are not absolute. In certain circumstances, ad365 may be required to retain and process your data notwithstanding an erasure or restriction request — for example, where legal or regulatory obligations require that transaction records be kept for a minimum period, or where data must be retained to investigate a suspected fraud or money laundering case. Where ad365 is unable to fulfil a rights request in full, we will explain the reason clearly and in writing.
How to Submit a Rights Request
Email [email protected] with subject line "Privacy Rights Request". Include your registered name, email address, and a clear description of the right you are exercising. We will acknowledge your request within 3 business days (Bangladesh Standard Time, UTC+6) and provide a full response within 30 days.
07 Data Security Measures
ad365 takes data security seriously and implements a layered set of technical, organisational, and physical controls designed to protect your personal data from unauthorised access, disclosure, alteration, loss, or destruction. The following security measures are in place across the ad365 platform:
- TLS/SSL Encryption in Transit: All data transmitted between your device and the ad365 platform is encrypted using TLS 1.2 or higher (256-bit SSL). This protects your login credentials, personal details, and payment information from interception during transmission.
- Encryption at Rest: Sensitive personal data stored on ad365 servers — including identity documents, financial references, and password hashes — is encrypted at rest using AES-256 encryption. Passwords are never stored in plain text; they are hashed using a strong, salted cryptographic algorithm.
- Access Controls: Access to personal data within the ad365 organisation is restricted on a strict need-to-know basis. System permissions are role-based and reviewed regularly. No employee has unrestricted access to the entire database of player information.
- Two-Factor Authentication (2FA): 2FA is available to all players via SMS OTP and is strongly recommended. Internal ad365 systems that access personal data require mandatory multi-factor authentication for all staff members.
- Intrusion Detection and Monitoring: ad365 operates continuous network monitoring, intrusion detection systems, and automated alerting for anomalous access patterns. Security incidents are investigated and remediated promptly by our dedicated security team.
- Regular Security Assessments: ad365 conducts periodic vulnerability assessments and security reviews of its platform infrastructure. Third-party penetration testing is performed on a scheduled basis to identify and address potential weaknesses before they can be exploited.
- Data Breach Response: In the event of a data breach that is likely to result in a risk to your rights and freedoms, ad365 will notify affected players without undue delay — and in no event later than 72 hours after becoming aware of the breach — providing details of the nature of the breach, the categories and approximate number of individuals affected, and the steps taken to address it.
Your Role in Data Security: While ad365 takes every reasonable technical measure to protect your data, security is a shared responsibility. You are responsible for maintaining the confidentiality of your login credentials, using a strong and unique password, enabling 2FA, logging out after each session on shared devices, and promptly notifying ad365 if you suspect unauthorised access to your account. ad365 will never ask for your password via email, live chat, or any other channel.
SSL Secured — Always
Look for the padlock icon in your browser's address bar whenever you access ad365. If you ever access the ad365 website and the padlock is absent or your browser displays a certificate warning, do not enter any personal information and contact [email protected] immediately to report the issue.
08 Policy Updates & Contact
ad365 reserves the right to update this Privacy Policy from time to time to reflect changes in our data processing practices, applicable law, regulatory requirements, or the services we offer. When we make a material change to this Privacy Policy, we will notify registered players via email to the address on file, via an in-platform notification visible on next login, and by updating the "Last Updated" date displayed at the top of this page.
Minor Updates: Non-material clarifications — such as correcting typographical errors, improving the readability of existing provisions, or updating contact details — may be made without specific advance notice. The updated policy will take effect immediately upon publication. We encourage you to review this Privacy Policy periodically to stay informed about how ad365 handles your personal data.
Material Changes: If a proposed change to this Privacy Policy would materially affect the way we process your personal data — for example, introducing a new data sharing arrangement, extending retention periods, or adding a new processing purpose — we will give registered players at least 14 days' advance notice before the change takes effect, and will request fresh consent where the lawful basis for processing requires it.
Continued Use as Acceptance: Your continued use of the ad365 platform after a Privacy Policy update has been notified to you constitutes your acceptance of the updated policy. If you do not accept an updated Privacy Policy, you should stop using the platform and contact [email protected] to discuss your options, which may include closing your account.
Governing Language: This Privacy Policy is written in English. In the event of any inconsistency between the English version and any translated version, the English version shall prevail. This policy is intended for players based in Bangladesh and is written with the needs of Bangladeshi players in mind.
Privacy Questions? Contact Us
If you have any questions about this Privacy Policy, wish to exercise your data rights, or want to report a privacy concern, please contact the ad365 Privacy Team at [email protected] with the subject line "Privacy Enquiry". Our team operates 24/7 Bangladesh Standard Time (UTC+6) and will acknowledge your message within 3 business days. For urgent security concerns, please use the Live Chat feature available on the ad365 platform for a faster response.
Effective Date: This Privacy Policy is effective as of January 2026 and supersedes all previous versions of the ad365 Privacy Policy. The current version will always be accessible at ad365.club/privacy-policy.
Ready to Play?
Explore ad365 — Bangladesh's Trusted Online Casino
Now that you know exactly how ad365 protects your privacy, explore our full range of casino games, live cricket betting, slots, and more — all accessible in BDT via bKash, Nagad, and Rocket.