999det Privacy
Policy
Your privacy is a fundamental priority at 999det. This Privacy Policy explains precisely what personal data we collect from players in Bangladesh, how we use it, who we share it with, and the controls available to you as a data subject. We are committed to handling your information with the care and transparency it deserves.
Privacy at a Glance
How 999det Protects Your Data
We believe privacy is a right, not a feature. Here is a plain-English summary of our key data practices before you read the full policy below.
SSL Encryption
All data transmitted between your device and 999det is protected by industry-standard SSL/TLS encryption. Your login credentials, financial details, and personal information are never sent in plain text.
No Unauthorised Selling
999det does not sell, rent, or trade your personal data to third-party advertisers or data brokers. Your information is shared only with trusted operational partners under strict data processing agreements.
Defined Retention Periods
We retain your data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Closed account data is purged on a defined schedule.
Cookie Controls
We use essential, analytical, and functional cookies. Non-essential cookies are deployed only with your consent. You can adjust your cookie preferences at any time via your browser settings.
KYC & AML Compliance
Certain identity and transaction data is processed to meet Know Your Customer (KYC) and Anti-Money Laundering (AML) obligations. This is a legal requirement and cannot be opted out of while holding an active account.
Your Rights Respected
You have the right to access, correct, or request deletion of your personal data. Submit a request at any time by contacting our support team at . We respond within 30 days.
Data Controller
This Privacy Policy applies to all personal data collected and processed by 999det ("the Platform", "we", "us", "our") in connection with the operation of the online casino and sports betting platform accessible at https://999det.app. 999det acts as the data controller in respect of personal data provided by players ("you", "your") and visitors to the platform.
As data controller, 999det determines the purposes and means of processing your personal data. We are responsible for ensuring that personal data is processed lawfully, fairly, and transparently, and that it is collected for specified, explicit, and legitimate purposes. By registering an account on 999det or by continuing to use the platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein.
This Privacy Policy should be read in conjunction with the 999det Terms & Conditions, which govern the overall relationship between the platform and its players. In the event of any conflict between this Privacy Policy and the Terms & Conditions on a privacy-specific matter, this Privacy Policy shall take precedence.
Information We Collect
999det collects personal data from you through several channels: directly when you provide it during registration and account management; automatically when you use the platform; and from third parties such as payment processors and identity verification services. The categories of personal data we collect are set out below.
| Category | Data Points Collected | Collection Method |
|---|---|---|
| Identity Data | Full legal name, date of birth, gender, nationality, NID / passport number | Registration form, KYC verification |
| Contact Data | Email address, mobile phone number, residential address (city, district, Bangladesh) | Registration form, account settings |
| Financial Data | bKash / Nagad / Rocket / Upay account numbers, bank account details, transaction history, deposit and withdrawal amounts in BDT | Cashier section, payment processor |
| Technical Data | IP address, device type, browser type and version, operating system, screen resolution, time zone (Bangladesh Standard Time) | Automatic collection via cookies and server logs |
| Usage Data | Games played, bet amounts, win/loss history, session duration, pages visited, features used | Platform activity tracking |
| Communications Data | Support chat transcripts, email correspondence, feedback submissions | Customer support channels |
| Responsible Gaming Data | Self-exclusion status, deposit limit settings, session time reminders, loss limit configurations | Responsible gaming tools, account settings |
We do not knowingly collect sensitive personal data beyond what is required for identity verification and regulatory compliance (e.g., NID number for KYC purposes). We do not collect biometric data, health data, racial or ethnic origin data, or political opinion data.
How We Use Your Data
999det processes your personal data only for the purposes for which it was collected and for compatible purposes where applicable law permits. The primary purposes for which we process your data, and the legal basis for each, are described below.
- Account Administration: Processing your registration, verifying your identity, managing your account settings, and communicating account-related information to you. Legal basis: performance of a contract.
- Payment Processing: Facilitating deposits and withdrawals via bKash, Nagad, Rocket, Upay, and linked bank accounts; detecting and preventing payment fraud. Legal basis: performance of a contract and legitimate interests.
- KYC and AML Compliance: Verifying your identity and the source of funds in accordance with applicable anti-money laundering obligations. Legal basis: legal obligation.
- Platform Delivery: Providing access to casino games (Pragmatic Play, Microgaming, NetEnt, Spribe), sports betting markets (cricket BPL, IPL, T20 World Cup), and live dealer games (Evolution Gaming, Ezugi). Legal basis: performance of a contract.
- Customer Support: Responding to your enquiries, resolving disputes, and improving our support processes. Legal basis: performance of a contract and legitimate interests.
- Responsible Gaming: Monitoring gambling patterns to identify at-risk behaviour, enforcing self-exclusion requests, and communicating responsible gaming resources. Legal basis: legal obligation and legitimate interests.
- Security and Fraud Prevention: Detecting, investigating, and preventing fraudulent transactions, bonus abuse, collusion, and other prohibited activities. Legal basis: legitimate interests and legal obligation.
- Analytics and Improvement: Analysing aggregated usage data to improve platform features, game selection, and user experience. Legal basis: legitimate interests.
- Marketing Communications: Sending promotional offers, bonus notifications, and platform updates to players who have opted in to receive such communications. Legal basis: consent. You may withdraw consent at any time by updating your preference settings or contacting .
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects on you, except where required for fraud detection and responsible gaming monitoring, in which case you have the right to request human review of any automated decision.
Cookies & Tracking Technologies
999det uses cookies and similar tracking technologies (including local storage, session storage, and pixel tags) to ensure the platform functions correctly, to remember your preferences, and to analyse how the platform is used. Cookies are small text files placed on your device by your browser when you visit the site.
| Cookie Type | Purpose | Consent Required? |
|---|---|---|
| Strictly Necessary | Session management, authentication, security tokens, login state, CSRF protection | No — required for platform operation |
| Functional | Language preferences, display settings, game lobby layout preferences, responsible gaming tool state | No — required for personalised experience |
| Analytical | Page view counts, session duration, error tracking, performance monitoring, aggregate usage patterns | Yes — opt-in |
| Marketing | Tracking bonus campaign effectiveness, affiliate attribution, retargeting (limited to internal campaigns only) | Yes — opt-in |
You can control and manage cookies through your browser settings. Most modern browsers allow you to block or delete cookies, set preferences for specific sites, and receive notifications when cookies are set. Please note that disabling strictly necessary cookies will impair your ability to log in and use the 999det platform.
Data Sharing & Disclosure
999det does not sell, rent, or exchange your personal data with third parties for their own commercial purposes. We share personal data only in the limited circumstances described below, and only to the extent necessary for the stated purpose.
- Payment Service Providers: bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, BRAC Bank, City Bank, Islami Bank, Sonali Bank, Visa, and Mastercard receive transaction data necessary to process your deposits and withdrawals. These providers operate under their own privacy policies and applicable financial regulations.
- Game Technology Providers: Pragmatic Play, Microgaming, NetEnt, Spribe, Evolution Gaming, and Ezugi receive a pseudonymous player identifier and session data to deliver and record game outcomes. These providers do not receive your full identity or financial data.
- Identity Verification Services: Third-party KYC providers may receive copies of your identification documents and personal data for the purpose of verifying your identity and age. These providers are contractually bound to process the data solely for verification purposes.
- Fraud Prevention and Security: Fraud detection and cybersecurity partners may receive technical data (IP address, device fingerprint, transaction metadata) to identify and prevent fraudulent activity.
- Legal and Regulatory Authorities: We may disclose your personal data to competent authorities where required to do so by law, court order, or regulatory obligation — including anti-money laundering reporting obligations.
- Business Transfers: In the event that 999det undergoes a merger, acquisition, or asset sale, your personal data may be transferred as part of that transaction. You will be notified of any such transfer and any material changes to this Privacy Policy that result from it.
All third-party data processors that handle personal data on behalf of 999det are required to enter into data processing agreements that obligate them to process the data only on our instructions, to maintain appropriate security standards, and to delete or return the data upon termination of the relationship.
Data Retention
999det retains personal data for no longer than is necessary to fulfil the purposes for which it was collected, or as required by applicable law and regulation. The following general retention periods apply:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account & Identity Data | Duration of account + 5 years after closure | KYC, AML, and legal obligation |
| Financial Transaction Records | 7 years from date of transaction | Financial record-keeping obligations |
| Betting & Gaming History | Duration of account + 3 years after closure | Dispute resolution, responsible gaming monitoring |
| Communications & Support Logs | 3 years from date of interaction | Dispute resolution and service improvement |
| Marketing Preferences | Until opt-out or account closure | Consent management |
| Technical / Log Data | 90 days from collection | Security monitoring and fraud detection |
When the retention period for a category of data expires, that data is securely deleted or anonymised so that it can no longer be associated with an identifiable individual. Anonymised aggregate data may be retained indefinitely for statistical analysis and business planning purposes.
In certain circumstances — for example, where an account is under active investigation for fraud or where litigation is pending — we may retain relevant data beyond the standard retention period until the matter is resolved.
Your Privacy Rights
As a data subject, you have a number of rights with respect to the personal data that 999det holds about you. These rights are described below. To exercise any of these rights, please contact us at with the subject line "Privacy Rights Request" and a clear description of your request. We will respond within 30 calendar days.
- Right of Access: You have the right to request a copy of the personal data we hold about you. We will provide this in a commonly used electronic format, free of charge, within 30 days of the verified request.
- Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or complete it without undue delay. You may also update certain information directly via your account settings.
- Right to Erasure: You may request that we delete your personal data where it is no longer necessary for the purpose for which it was collected, where you have withdrawn consent, or where the processing was unlawful. Note that erasure requests may be declined where we are required to retain data by law (e.g., AML record-keeping obligations).
- Right to Restriction of Processing: You may request that we restrict processing of your data in certain circumstances — for example, while we verify the accuracy of data you have contested, or where you have objected to processing pending a determination of our legitimate grounds.
- Right to Data Portability: Where processing is based on your consent or on performance of a contract, and is carried out by automated means, you may request that we provide your personal data to you or to a third party of your choice in a structured, commonly used, machine-readable format.
- Right to Object: You have the right to object at any time to the processing of your personal data for direct marketing purposes. You may also object to processing based on our legitimate interests, though we may override that objection if we can demonstrate compelling legitimate grounds.
- Right to Withdraw Consent: Where processing is based on your consent (e.g., marketing communications, non-essential cookies), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
Security Measures
999det takes the security of your personal data seriously and implements a range of technical and organisational measures designed to protect your data against unauthorised access, disclosure, alteration, or destruction. While no system can guarantee absolute security, we apply industry-recognised best practices appropriate to the sensitivity of the data we process.
- Transport Encryption: All data transmitted between your browser and the 999det platform is encrypted using TLS 1.2 or higher, preventing interception by third parties during transit.
- Storage Encryption: Sensitive data fields — including payment method identifiers and identity document numbers — are encrypted at rest using AES-256 encryption in our database infrastructure.
- Password Security: User passwords are stored as salted cryptographic hashes. Plain-text passwords are never stored or logged. We enforce minimum password complexity requirements at the point of registration and password change.
- Two-Factor Authentication: SMS-based two-factor authentication is available for all 999det accounts and is required for high-value withdrawal requests. We strongly encourage all players to enable 2FA in their account security settings.
- Access Controls: Access to player personal data within 999det's internal systems is restricted to authorised personnel on a strict need-to-know basis. All internal access is logged and subject to periodic audit.
- Fraud Monitoring: Automated systems continuously monitor account activity for indicators of fraud, account takeover attempts, and suspicious transaction patterns. Alerts trigger human review where thresholds are exceeded.
- Incident Response: In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, 999det will notify affected players without undue delay and will take immediate remedial action to contain the breach and prevent recurrence.
Changes to This Policy
999det reserves the right to update or revise this Privacy Policy at any time to reflect changes in our data processing practices, updates to applicable law or regulatory guidance, new platform features, or improvements to the clarity of our disclosures.
When we make material changes to this Privacy Policy — meaning changes that significantly affect how we collect, use, or share your personal data — we will notify registered players by email to their registered address and by a prominent notification displayed upon login, no less than seven (7) days before the changes take effect. Non-material changes (such as corrections of typographical errors or clarifications that do not change the substance of our practices) may be made without advance notice.
The "Last Updated" date at the top of this page will always reflect the date of the most recent revision. We encourage you to review this Privacy Policy periodically so that you remain informed about how 999det protects your data. Your continued use of the platform after the effective date of any revised Privacy Policy constitutes your acceptance of the updated terms.
All questions, concerns, or formal complaints relating to this Privacy Policy or to the processing of your personal data by 999det should be directed to our support team at . We aim to resolve all privacy-related enquiries within 30 calendar days during normal business hours (Bangladesh Standard Time, UTC+6).
Ready to Play?
Explore 999det — Bangladesh's Trusted Casino Platform
Now that you understand how 999det handles your personal data, explore our full game library — from live cricket betting and slots to live dealer tables. Your data stays safe every step of the way. Players must be 18 years or older.