Data Protection
133bed Privacy Policy
Your privacy matters to us. This Privacy Policy explains precisely what personal data 133bed collects from players in Bangladesh, the lawful basis on which we process it, how we keep it secure, and the rights you hold over your own information.
1 Data Controller & Scope
133bed ("we", "us", "our") is the data controller responsible for your personal information collected through the 133bed platform at https://133bed.app. As data controller, 133bed determines the purposes and means by which your personal data is processed and is accountable for its lawful, fair, and transparent handling.
This Privacy Policy applies to all users of the 133bed platform, including registered players, prospective players who visit the website without registering, and individuals who communicate with 133bed through any support channel. It governs all personal data collected via:
- The 133bed website at https://133bed.app and all subpages.
- Account registration and verification processes.
- Deposit and withdrawal transactions processed through bKash, Nagad, Rocket, Upay, and other payment partners.
- Live chat, email, and any other customer support communications.
- Cookies, analytics tools, and tracking technologies deployed on the platform.
This Policy does not apply to third-party websites or services that may be referenced from the 133bed platform. 133bed is not responsible for the privacy practices of any third-party operators, game studios (such as Pragmatic Play, Evolution Gaming, or Spribe), or payment service providers. We recommend reviewing the privacy policies of those parties directly.
If you have questions about how 133bed handles your data, you may contact our support team at support[at]133bed.app. We aim to respond to all privacy-related enquiries within five business days.
2 Information We Collect
133bed collects personal data through several channels, including information you provide directly, data generated automatically by your use of the platform, and information received from third-party service providers in connection with payment processing and identity verification. The categories of data we collect are set out below.
| Category | Specific Data Points | Collection Method |
|---|---|---|
| Identity Data | Full legal name, date of birth, national ID number, passport number | Registration form, KYC verification |
| Contact Data | Email address, mobile number, residential address (city, district) | Registration form, account settings |
| Financial Data | bKash/Nagad/Rocket/Upay wallet numbers, transaction IDs, deposit and withdrawal amounts in BDT | Payment processor, cashier records |
| Technical Data | IP address, browser type, operating system, device identifiers, session tokens | Automatic collection via cookies and server logs |
| Usage Data | Pages visited, games played, bet history, session duration, click-path data | Platform analytics and game logs |
| Communications Data | Live chat transcripts, email correspondence, support ticket content | Customer support interactions |
| Verification Documents | Copies of NID, passport, utility bills, payment method screenshots | KYC document submission |
Data we do not collect. 133bed does not collect or store full card numbers, CVV codes, or online banking credentials. Payment card details entered during deposit transactions are processed directly by our payment partners and are never stored on 133bed servers. We do not collect biometric data, health data, or any data revealing racial or ethnic origin, political opinions, or religious beliefs.
Minors. 133bed does not knowingly collect personal data from individuals under the age of 18. If we become aware that personal data has been submitted by a person under 18, we will delete that data promptly and close the associated account.
3 How We Use Your Data
133bed processes personal data only where there is a lawful basis to do so. The primary bases we rely on are: performance of a contract (operating your account and processing transactions), compliance with legal obligations (KYC and anti-money laundering requirements), legitimate interests (fraud prevention, security, platform improvement), and, in limited cases, your explicit consent (marketing communications).
The specific purposes for which we use your personal data include:
- Account creation and management: Registering your account, authenticating your identity at login, and maintaining your account profile and preferences.
- Transaction processing: Handling deposits and withdrawals via bKash, Nagad, Rocket, Upay, and other accepted payment methods, and maintaining accurate financial records in BDT.
- Identity and age verification: Conducting KYC checks to confirm that you are aged 18 or above and that your account details match your provided documentation.
- Fraud prevention and security: Monitoring account activity for signs of fraudulent transactions, bonus abuse, money laundering, or other prohibited conduct described in our Terms & Conditions.
- Responsible gaming: Monitoring play patterns to identify potential problem gambling behaviours and, where applicable, enforcing self-exclusion periods and deposit limits at your request.
- Customer support: Responding to your enquiries, processing complaints, and managing support tickets submitted via live chat or email.
- Platform improvement: Analysing aggregated usage data to optimise game performance, improve user experience, and identify and fix technical issues.
- Marketing and promotions: Sending promotional emails or notifications about bonuses and offers where you have provided consent. You may withdraw consent at any time by updating your communication preferences in your account settings.
- Legal compliance: Retaining and disclosing records as required by applicable law, regulatory guidance, or a lawful order from a competent authority.
133bed will not use your personal data for any purpose that is incompatible with the purposes listed above without first notifying you and, where required, obtaining your consent.
4 Cookies & Tracking Technologies
133bed uses cookies and similar tracking technologies to operate the platform, remember your preferences, maintain your login session, and collect analytics data that helps us understand how players interact with the site. A cookie is a small text file placed on your device by your browser when you visit a website.
We use the following categories of cookies:
- Strictly Necessary Cookies: These are essential for the platform to function. They maintain your login session, remember items in your account workflow, and prevent cross-site request forgery. These cookies cannot be disabled without breaking core platform functionality.
- Functional Cookies: These remember your preferences such as language settings, preferred game categories, and display options. Disabling them may reduce your personalised experience but will not prevent access to the platform.
- Analytics Cookies: These collect anonymised data about how pages are visited and how long players spend on each section. We use this data solely to improve the platform. Analytics data is aggregated and cannot be used to identify individual players.
- Security Cookies: These help detect and prevent fraudulent or automated access attempts, protect against brute-force login attacks, and support our responsible gaming monitoring systems.
133bed does not use third-party advertising cookies or behavioural profiling cookies for the purpose of selling your data to advertisers. We do not operate programmatic ad networks on this platform.
You may manage or delete cookies through your browser settings at any time. Most modern browsers allow you to block all cookies, accept only first-party cookies, or clear existing cookies. Please note that blocking strictly necessary cookies will impair your ability to log in and use the platform. Refer to your browser's help documentation for guidance on managing cookie preferences.
5 Data Sharing & Third Parties
133bed does not sell, rent, or trade your personal data to third parties for their own commercial purposes. We share personal data only in the limited circumstances described below, and only to the extent necessary for the specified purpose.
- Payment Service Providers: We share transaction reference data with bKash, Nagad, Rocket, Upay, Visa, Mastercard, and other accepted payment processors solely to facilitate deposits and withdrawals. These providers are bound by their own data protection obligations and are not permitted to use your data for any other purpose.
- Identity Verification Partners: Where KYC checks require third-party support, we may share identity document data with accredited verification service providers. All such providers operate under strict confidentiality agreements.
- Game Software Providers: Studios such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi may receive anonymised player session identifiers necessary to deliver game content and maintain game integrity. No personally identifiable information such as your name, address, or payment details is shared with game studios.
- Analytics Providers: Aggregated, anonymised usage data may be shared with platform analytics tools to help us measure performance. Raw personally identifiable data is not shared with analytics providers.
- Legal and Regulatory Authorities: We may disclose personal data to law enforcement agencies, courts, or regulatory bodies where we are legally required to do so or where disclosure is necessary to prevent fraud, money laundering, or other criminal activity.
- Business Transfers: In the event of a merger, acquisition, or sale of all or part of 133bed's business, your personal data may be transferred to the acquiring entity as part of that transaction. You will be notified of any such transfer and the privacy protections that apply to your data going forward.
6 Data Retention
133bed retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable law or regulatory obligation. The retention periods we apply are as follows:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account identity and contact data | Duration of account + 5 years after closure | Anti-money laundering compliance and dispute resolution |
| Transaction and financial records | 7 years from transaction date | Financial record-keeping obligations |
| KYC verification documents | 5 years after account closure | Regulatory compliance and fraud prevention |
| Customer support communications | 3 years from last interaction | Dispute resolution and service quality review |
| Technical and usage data (logs) | 13 months from collection | Platform security, analytics, and debugging |
| Marketing consent records | Until consent is withdrawn + 1 year | Proof of lawful marketing basis |
When personal data is no longer required, 133bed will delete or anonymise it securely. Where anonymisation is used, the resulting data set can no longer be linked back to any individual and is no longer considered personal data for the purposes of this Policy.
In cases where account closure is the result of confirmed fraud or a legal hold, 133bed may retain relevant records for an extended period as required to support ongoing investigations or legal proceedings.
7 Your Privacy Rights
As a 133bed player, you hold a number of rights in relation to the personal data we hold about you. 133bed is committed to honouring these rights promptly and transparently. To exercise any of the rights described below, please contact our support team at support[at]133bed.app with the subject line "Privacy Rights Request" and your registered account details.
- Right of Access: You have the right to request a copy of the personal data we hold about you, along with information about how it is being used. We will provide this within a reasonable timeframe upon verification of your identity.
- Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected. You may update many details directly via your account settings without contacting support.
- Right to Erasure: In certain circumstances, you may request that we delete your personal data. This right applies where the data is no longer necessary for its original purpose, where you withdraw consent, or where the processing was unlawful. Note that this right is subject to our legal retention obligations — we may be required to retain certain records even after an erasure request.
- Right to Restrict Processing: You may ask us to pause the processing of your personal data in specific situations, such as while a dispute about the accuracy of your data is resolved.
- Right to Data Portability: Where processing is based on your consent or a contractual necessity, and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format.
- Right to Object: You have the right to object to processing carried out on the basis of legitimate interests, including profiling. You also have an absolute right to object to the use of your data for direct marketing purposes at any time.
- Right to Withdraw Consent: Where 133bed processes your data on the basis of your consent (for example, marketing emails), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
We aim to respond to all privacy rights requests within 10 business days. If a request is complex or involves a large volume of data, we may extend this period by up to a further 20 business days and will notify you accordingly. There is no charge for exercising your rights unless requests are manifestly unfounded or excessive, in which case a reasonable administrative fee may apply.
8 Data Security Measures
133bed takes the security of your personal data seriously and implements a range of technical and organisational measures to protect it against unauthorised access, accidental loss, alteration, or disclosure. While no platform can guarantee absolute security, we continuously review and strengthen our security posture.
The security measures we employ include:
- 256-bit SSL/TLS Encryption: All data transmitted between your browser or device and the 133bed platform is encrypted using industry-standard TLS protocols. The padlock icon in your browser address bar confirms an active secure connection.
- Encrypted Data Storage: Sensitive personal data — including identity documents, financial records, and verification materials — is stored in encrypted form on secured servers. Encryption keys are managed separately from the data they protect.
- Access Controls: Access to personal data within 133bed is restricted on a strict need-to-know basis. Staff members are granted only the minimum level of access required to perform their role, and all access is logged and audited.
- Two-Factor Authentication (2FA): Players are encouraged to enable 2FA on their accounts for an additional layer of login security. 2FA is available via time-based one-time password (TOTP) applications.
- Intrusion Detection and Monitoring: The 133bed platform is monitored continuously for anomalous activity, potential intrusion attempts, and data exfiltration signals. Our security team investigates and responds to incidents promptly.
- Regular Security Audits: 133bed conducts periodic internal and third-party security assessments to identify vulnerabilities and verify that security controls are operating effectively.
Data breach notification. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, 133bed will notify affected players without undue delay and will take immediate steps to contain and remediate the breach. A summary of the breach, the data affected, and the measures taken will be communicated to affected individuals via email or prominent in-platform notice.
If you believe that your account has been compromised or that there has been unauthorised access to your personal data, please contact our support team immediately at support[at]133bed.app so that we can investigate and take protective action on your behalf.
Our Privacy Commitments
What Protects Your Data at 133bed
Beyond policy language, these are the practical safeguards that protect your personal data every time you interact with the 133bed platform.
End-to-End Encryption
Every byte of data transmitted between your device and 133bed is protected by 256-bit TLS encryption, the same standard used by leading financial institutions. Your session data, payment details, and account credentials are never sent in plaintext.
Minimal Data Principle
133bed collects only the data it genuinely needs to operate your account, process payments, and satisfy legal obligations. We do not harvest data for advertising profiling and do not share identifiable player data with third-party marketers.
No Third-Party Ad Tracking
133bed does not embed third-party advertising trackers or behavioural profiling scripts. Your on-platform activity is used solely to improve your experience and to maintain platform security — never to build advertising profiles.
Clear Retention Schedules
Every category of data we hold has a defined maximum retention period. When that period expires, data is securely deleted or irreversibly anonymised. We do not hold personal data indefinitely or for vague operational reasons.
Your Rights, Respected
Access, rectification, erasure, portability, and objection rights are not just legal obligations — they are operational processes at 133bed. Submit a privacy rights request and our team will respond within 10 business days.
KYC Without Over-Collection
Identity verification is required to comply with responsible gaming and anti-fraud standards. 133bed verifies what it needs and no more. Document copies are encrypted at rest, access-controlled, and deleted once the applicable retention period ends.
Have Questions About Your Privacy?
If you want to know what data 133bed holds about you, request a correction, or exercise any of your privacy rights, our support team is available 24/7. You can also review our full Terms & Conditions or visit the FAQ for quick answers.