dk365 Privacy
Policy
At dk365, the privacy and security of your personal data is a core commitment, not an afterthought. This Privacy Policy explains exactly what data dk365 collects from players in Bangladesh, how that data is used, how it is protected, and what rights you hold over your own information. We operate entirely in English to keep our obligations clear and transparent.
This Privacy Policy applies to all users of the dk365 platform, including registered account holders, visitors browsing without an account, and anyone interacting with dk365 content, promotions, or support channels. By using dk365, you confirm that you have read and understood this Privacy Policy. If you do not agree with any part of this Policy, you must stop using the dk365 platform immediately.
Six Privacy Commitments at a Glance
The following six points summarise dk365's core privacy commitments to every player in Bangladesh. Full details are set out in the numbered sections below.
SSL Encryption by Default
Every connection to dk365 is protected by TLS 1.3 encryption. Your login credentials, payment details, and personal information are transmitted securely at all times, with no unencrypted data exposure.
No Sale of Personal Data
dk365 does not sell, rent, or trade your personal information to third-party advertisers or data brokers. Your data is used solely for the purposes described in this Privacy Policy — never for commercial resale.
Purpose-Limited Data Use
Data collected by dk365 is used only for the specific purposes for which it was gathered — account management, payment processing, fraud prevention, regulatory compliance, and player support. No scope creep.
Player Rights Respected
You retain the right to access, correct, and request deletion of your personal data held by dk365 at any time. All such requests are handled in English by dk365 support within a 30-day response window.
Bangladesh-Focused Data Practices
dk365 is built specifically for Bangladeshi players. Our data practices account for the Bangladesh market — payments via bKash, Nagad, and Rocket are processed with transaction-level security aligned to local MFS standards.
Transparent Cookie Usage
dk365 uses cookies only for essential platform functionality, session management, and anonymised analytics. We do not deploy third-party advertising cookies or cross-site tracking cookies on the dk365 platform.
1. Data We Collect
dk365 collects personal data from players and site visitors in order to operate a safe, compliant, and enjoyable gaming platform. We collect only the minimum data necessary for each specific purpose. The categories of personal data collected by dk365 are set out below.
1.1 Registration Data
When you create a dk365 account, we collect the information you provide during the registration process. This includes your full legal name, Bangladeshi mobile phone number, date of birth, and a self-selected password (stored as a one-way cryptographic hash — dk365 never stores passwords in plain text). This data is necessary to create and maintain your account, verify your identity, and communicate with you about your account.
1.2 Identity Verification (KYC) Data
As part of our mandatory Know Your Customer (KYC) process, dk365 collects copies of government-issued identity documents for all registered players. Accepted documents include your Bangladeshi National Identity Card (NID) — front and back — and your Bangladeshi Passport photo page. These documents are used solely for age verification and identity confirmation. KYC documents are stored in an encrypted document vault with access restricted to the dk365 compliance team.
1.3 Financial Transaction Data
dk365 records all deposits, withdrawals, and bonus transactions made on your account. This includes the transaction amount in BDT, the payment method used (bKash, Nagad, Rocket, or Upay), the transaction reference number issued by the payment provider, and the date and time of the transaction in Bangladesh Standard Time (BST, UTC+6). dk365 does not store full mobile financial service account numbers — only the last four digits are retained for reference purposes.
1.4 Gaming Activity Data
dk365 logs your gaming activity on the platform, including the games played, bet amounts placed, game outcomes, session start and end times, and bonus usage. This data is required for bet settlement, bonus verification, fraud detection, and responsible gaming monitoring. Gaming activity logs are retained in accordance with the data retention schedule in Section 7.
1.5 Device and Technical Data
When you access dk365 via a browser or mobile device, our servers automatically collect certain technical data. This includes your IP address, browser type and version, operating system, device type, screen resolution, referring URL, pages visited within dk365, and session duration. This technical data is used for platform security, fraud detection, and anonymised analytics to improve the dk365 user experience. IP addresses are not associated with your registered identity in our analytics systems.
1.6 Support and Communications Data
If you contact dk365 support via email or the on-site live chat, we retain a record of the conversation, including the content of messages exchanged and the date and time of contact. This data is used to resolve support queries, maintain a history of account-related issues, and improve our support quality. Support correspondence is retained for a period of 24 months from the date of the most recent interaction.
| Data Category | Examples | Primary Purpose | Retention Period |
|---|---|---|---|
| Registration Data | Name, mobile, date of birth | Account creation, KYC | Duration of account + 5 years |
| KYC Documents | NID, Passport scan | Age & identity verification | Duration of account + 7 years |
| Financial Data | Deposit/withdrawal records | Payment processing, AML | 7 years from transaction date |
| Gaming Activity | Bets placed, game history | Settlement, fraud detection | 5 years from account closure |
| Technical Data | IP address, device type | Security, analytics | 12 months (rolling) |
| Support Records | Chat logs, email threads | Query resolution | 24 months from last contact |
2. How We Use Your Data
dk365 processes your personal data only where there is a lawful basis for doing so. The primary lawful bases on which dk365 relies are: (a) performance of a contract — processing your data is necessary to provide the services you have registered for; (b) legal obligation — processing is required to comply with applicable regulatory and anti-money laundering requirements; and (c) legitimate interests — processing is necessary for fraud prevention, platform security, and responsible gaming monitoring, balanced against your privacy rights.
The specific purposes for which dk365 uses your personal data are as follows:
- Account Management — creating and maintaining your dk365 account, verifying your identity, processing password resets, and managing account settings.
- Payment Processing — facilitating deposits and withdrawals in BDT via bKash, Nagad, Rocket, and Upay; matching payment transactions to registered accounts; issuing withdrawal confirmations.
- KYC and Regulatory Compliance — verifying that you meet the 18+ age requirement; satisfying anti-money laundering (AML) and counter-terrorist financing (CTF) obligations; maintaining audit-ready transaction records.
- Fraud Prevention and Security — detecting and investigating suspicious account activity, multiple account registrations, bonus abuse, payment chargebacks, and unauthorised access attempts.
- Responsible Gaming — monitoring gaming activity for indicators of problem gambling; enforcing deposit limits, cooling-off periods, and self-exclusion requests submitted by players; flagging accounts for intervention in line with our Responsible Gaming Policy.
- Customer Support — responding to enquiries, resolving account disputes, processing bonus queries, and maintaining support records.
- Platform Improvement — using anonymised, aggregated analytics data to improve the performance, layout, and game offering of the dk365 platform. No individual player is identified in analytics reports.
- Marketing Communications — sending promotional emails or SMS notifications about bonuses, seasonal offers (BPL cricket betting boosts, Eid promotions, Pohela Boishakh specials), and new game launches to players who have opted in to marketing communications. Players may opt out at any time by contacting [email protected].
dk365 will not use your personal data for any purpose that is incompatible with the purposes listed above without first obtaining your explicit consent.
3. Data Sharing & Third Parties
dk365 does not sell, rent, or share your personal data with third parties for their own marketing purposes. However, in order to operate the dk365 platform, we work with a limited set of trusted third-party service providers who process data on our behalf. All third-party processors are bound by data processing agreements that restrict their use of your data to the specific purpose for which it was shared.
3.1 Payment Service Providers
dk365 shares transaction reference data with your chosen mobile financial service provider (bKash, Nagad, Rocket, or Upay) as necessary to process deposits and withdrawals. The data shared is limited to the transaction amount, reference number, and the registered mobile number associated with your payment account. Payment providers operate under their own privacy policies and regulatory frameworks applicable to mobile financial services in Bangladesh.
3.2 Game Content Providers
Games hosted on the dk365 platform are provided by licensed third-party game studios including Pragmatic Play, Evolution Gaming, JILI, Ezugi, NetEnt, Microgaming, and Spribe. When you play a game provided by one of these studios, the game client may receive a session token and anonymised player identifier to enable game functionality and return bet results. No personally identifiable information (full name, mobile number, NID) is shared with game content providers.
3.3 Analytics and Security Services
dk365 uses internal analytics and third-party security tools — including fraud detection and bot-prevention services — to protect the platform and improve performance. These tools process technical data (IP addresses, device fingerprints, session patterns) under strict data minimisation and purpose-limitation controls. Analytics data is anonymised before being used for any reporting or product-improvement purpose.
3.4 Legal and Regulatory Disclosure
dk365 may disclose personal data to regulatory bodies, law enforcement agencies, or courts where we are legally required to do so — for example, in connection with an AML investigation, a court order, or a regulatory compliance audit. In such cases, dk365 will disclose only the minimum data required to satisfy the legal obligation and will, where permissible by law, notify the affected player of the disclosure.
3.5 Business Transfers
In the event that dk365 undergoes a merger, acquisition, or transfer of its business assets, player data held by dk365 may be transferred to the acquiring entity as part of that transaction. Players will be notified of any such transfer and any material change to this Privacy Policy that results from it.
5. Data Security
dk365 implements a layered, defence-in-depth approach to protecting the personal data of all players. Security is not a single feature — it is a principle applied across every layer of the dk365 platform architecture.
5.1 Encryption
All data transmitted between your browser or mobile device and the dk365 platform is encrypted using TLS 1.3. Data stored in dk365 databases — including personal information, KYC documents, and financial records — is encrypted at rest using AES-256 symmetric encryption. Passwords are never stored in plain text; dk365 uses a modern cryptographic hashing algorithm with per-user salting to ensure password data cannot be reversed or bulk-cracked in the event of a security incident.
5.2 Access Controls
Access to personal data within dk365's internal systems is restricted on a strict need-to-know basis. dk365 staff are assigned role-based access permissions that grant only the minimum data access required to perform their job function. All internal access to player data is logged and subject to periodic access review. KYC document storage is further restricted to the compliance team and is inaccessible to customer-facing support staff by default.
5.3 Incident Response
dk365 maintains a documented data breach response plan. In the event that a security incident results in the unauthorised access, disclosure, or loss of player personal data, dk365 will: (a) contain the breach and assess its scope within 24 hours of detection; (b) notify affected players via their registered mobile number or email within 72 hours where the breach is likely to result in a risk to their rights or interests; (c) document the incident and remediation actions taken. Players are encouraged to notify dk365 immediately at [email protected] if they suspect that their account has been compromised.
5.4 Player-Side Security
While dk365 takes every reasonable technical measure to protect your data on the platform side, account security also depends on actions taken by you as the account holder. dk365 recommends that all players: use a unique, strong password for their dk365 account that is not reused on any other platform; enable two-factor authentication (2FA) via OTP where offered; never share their password or OTP codes with any person — including anyone claiming to be dk365 support; log out of their dk365 account when using shared or public devices.
6. Your Rights
dk365 respects your rights over your own personal data. The following rights are available to all registered dk365 players and site visitors. To exercise any of these rights, contact [email protected] in English with the subject line "Privacy Rights Request". dk365 will respond within 30 days of receiving a valid request.
- Right of Access — You have the right to request a copy of the personal data dk365 holds about you. Upon a valid access request, dk365 will provide a structured summary of your registration data, transaction history, KYC status, and gaming activity log in a readable English-language format.
- Right to Rectification — If any personal data held by dk365 about you is inaccurate or incomplete, you have the right to request that it be corrected. Identity-sensitive corrections (e.g., name or date of birth changes) may require re-submission of KYC documentation.
- Right to Erasure — You may request that dk365 delete your personal data. This right is subject to important limitations: dk365 is legally required to retain financial transaction records and KYC documents for a minimum of 7 years to comply with anti-money laundering obligations. Data subject to mandatory retention cannot be erased until the retention period expires, even upon request.
- Right to Restriction of Processing — In certain circumstances — for example, while a dispute about the accuracy of your data is being investigated — you may request that dk365 restrict further processing of your data pending resolution.
- Right to Data Portability — You may request a copy of the personal data you have provided to dk365 in a structured, commonly used, machine-readable format (such as JSON or CSV) for the purpose of transferring it to another service provider.
- Right to Object to Marketing — You have the right to object to the use of your personal data for direct marketing purposes at any time. To opt out of marketing communications from dk365, send a message to [email protected] with the subject line "Marketing Opt-Out". Opt-out requests are processed within 5 business days.
- Right to Withdraw Consent — Where dk365 processes your data on the basis of your consent (for example, optional marketing communications), you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out before the withdrawal.
Email: [email protected] — Subject line: "Privacy Rights Request" — Include: your registered mobile number, the specific right you are exercising, and a brief description of your request. dk365 operates on Bangladesh Standard Time (BST, UTC+6) and responds within 30 calendar days.
7. Data Retention
dk365 retains personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable legal and regulatory obligations. The retention periods applied by dk365 are set out in the table in Section 1 and summarised below.
7.1 Active Accounts
While your dk365 account is active, all personal data associated with your account is retained in full. This includes registration data, KYC documents, financial transaction records, gaming activity logs, and support correspondence, each retained for the periods specified in Section 1.
7.2 Closed or Suspended Accounts
Following the closure or permanent suspension of a dk365 account — whether player-initiated or dk365-initiated — personal data is retained for a post-closure period as follows: financial transaction records and KYC documents for 7 years (AML compliance requirement); gaming activity data for 5 years; registration data and support records for 5 years from the date of account closure; technical and session data for 12 months from the date of last access. After the applicable retention period expires, data is securely deleted or irreversibly anonymised.
7.3 Inactive Accounts
Accounts with no login activity for a continuous period of 12 months are classified as inactive. dk365 will attempt to contact inactive account holders via SMS to their registered mobile number before taking any action on the account. If no activity is recorded within 90 days of the inactivity notification, dk365 may archive the account. Archived account data continues to be retained in accordance with the retention periods above and may be fully re-activated upon the player's request.
7.4 Secure Deletion
When personal data reaches the end of its retention period, dk365 securely deletes it using industry-standard data destruction procedures. For digital records, this means cryptographic erasure (key destruction) for encrypted data stores and secure overwrite for unencrypted records. Paper KYC documents (if any are retained in physical form) are destroyed by cross-cut shredding.
8. Contact & Complaints
If you have any questions about this Privacy Policy, wish to exercise any of the player rights described in Section 6, or want to raise a concern about how dk365 has handled your personal data, please contact the dk365 privacy team using the details below.
8.1 Privacy Enquiries
All privacy-related enquiries should be submitted in English to: [email protected]. Please use the subject line "Privacy Enquiry" for general questions or "Privacy Rights Request" when formally exercising a data subject right. dk365 aims to acknowledge all privacy enquiries within 48 hours and to resolve them within 30 calendar days, operating on Bangladesh Standard Time (BST, UTC+6).
8.2 Updates to This Privacy Policy
dk365 may update this Privacy Policy from time to time to reflect changes in platform features, legal requirements, or data processing practices. When a material update is made, the "Last Updated" date at the top of this page will be revised and registered players will be notified via their registered mobile number or email. Continued use of the dk365 platform after the effective date of a revised Privacy Policy constitutes acceptance of the updated Policy. If you do not agree to a revised Policy, you must stop using dk365 and may request account closure by contacting [email protected].
dk365 will never contact you by phone or SMS to ask for your account password, OTP codes, or full payment account details. If you receive any such communication claiming to be from dk365, do not respond and report it immediately to [email protected].
Safe, Secure & Trusted — That's dk365
Now that you understand how dk365 protects your personal data, explore everything our platform has to offer — from BPL cricket betting to thousands of slots and live casino tables. All in English, all in BDT, with SSL-secured transactions. 18+