Privacy & Data

Heibaji Privacy Policy

Your privacy is important to us. This policy explains exactly what personal data heibaji collects, why we collect it, how we use it, and what rights you have over your own information. We keep things straightforward — no legal jargon, no surprises.

Last Updated: January 2025
Privacy at a Glance

How Heibaji Protects Your Data

These cards give you a quick overview of heibaji's approach to data privacy. The full details are in the policy sections below — but this is the short version of what matters most.

Secure Data Storage

All personal data collected by heibaji is stored on encrypted servers with restricted access. We use industry-standard security protocols to protect your information from unauthorised access, disclosure, or loss. Your data is never stored in plain text.

No Data Selling

Heibaji does not sell, rent, or trade your personal data to third parties for marketing or commercial purposes. Your information is used only to operate your account, process payments, verify your identity, and improve the platform experience.

Minimal Data Collection

Heibaji only collects the data that is genuinely necessary to provide the service. We do not collect data speculatively or build profiles beyond what is needed for account management, payment processing, and regulatory compliance.

Your Rights, Always Respected

You have the right to access, correct, or request deletion of your personal data at any time. Heibaji will respond to all data requests promptly. You can also withdraw consent for optional data processing without affecting your ability to use the platform.

Payment Data Protection

Heibaji does not store full payment credentials. Transactions via bKash, Nagad, and Rocket are processed through the respective payment providers' secure systems. Heibaji only retains the minimum transaction reference data required for account records and dispute resolution.

Marketing Opt-Out

If you have opted in to receive promotional communications from heibaji, you can opt out at any time from your account settings or by contacting support. Opting out of marketing does not affect transactional communications such as deposit confirmations or withdrawal notifications.

Contents
01 Introduction

This Privacy Policy explains how heibaji collects, uses, stores, and protects the personal data of players who use the heibaji platform. It applies to all users of the heibaji website, mobile app, and any related services. By registering an account or using the heibaji platform, you confirm that you have read and understood this Privacy Policy.

Heibaji is committed to handling your personal data responsibly. We collect only what we need, we use it only for the purposes described in this policy, and we take reasonable steps to keep it secure. If you have questions about how your data is handled, you can contact us at any time using the details at the end of this policy.

This policy may be updated from time to time. When changes are made, the revised version will be published on this page with an updated "Last Updated" date. We encourage you to review this policy periodically so you are always aware of how heibaji handles your information.

Scope: This Privacy Policy covers data collected through the heibaji website and platform only. It does not cover third-party websites or services that may be linked from our platform. Heibaji is not responsible for the privacy practices of any third-party service.
02 Data We Collect

Heibaji collects personal data in several ways — directly from you when you register or use the platform, automatically through your use of the site, and from third-party services such as payment providers. Below is a summary of the categories of data we collect and why.

Data Category Examples Why We Collect It
Identity Data Full name, date of birth, national ID number Account registration, age verification, KYC compliance
Contact Data Mobile number, email address Account communications, support, notifications
Financial Data Payment method type, transaction reference numbers Processing deposits and withdrawals, fraud prevention
Technical Data IP address, device type, browser, operating system Platform security, fraud detection, service optimisation
Usage Data Pages visited, games played, session duration, bet history Platform improvement, responsible gaming monitoring
Verification Data Copies of ID documents, selfies for identity checks KYC verification, regulatory compliance
Communications Data Support chat logs, email correspondence Customer service, dispute resolution, quality assurance
Payment Credentials: Heibaji does not store full payment credentials such as bKash PINs or Nagad passwords. All payment transactions are processed directly through the respective payment provider's secure systems. Heibaji only retains transaction reference data for record-keeping purposes.
03 How We Use Your Data

Heibaji uses the personal data we collect for specific, legitimate purposes. We do not use your data in ways that are incompatible with the purposes for which it was collected. The main ways we use your data are described below.

  • Account Management: To create and maintain your heibaji account, verify your identity, and manage your account settings and preferences.
  • Payment Processing: To process deposits and withdrawals via bKash, Nagad, and Rocket, and to maintain accurate financial records for your account.
  • Customer Support: To respond to your queries, resolve disputes, and provide assistance when you contact the heibaji support team.
  • Security and Fraud Prevention: To detect and prevent fraudulent activity, unauthorised account access, money laundering, and other prohibited conduct.
  • Regulatory Compliance: To meet our obligations under applicable laws and regulations, including age verification and anti-money laundering requirements.
  • Responsible Gaming: To monitor gaming activity and identify patterns that may indicate problem gambling, and to apply responsible gaming tools where appropriate.
  • Platform Improvement: To analyse how players use the heibaji platform and to improve the quality, performance, and features of our service.
  • Marketing Communications: To send you promotional offers and updates, but only if you have opted in to receive them. You can opt out at any time.
No Profiling for Sale: Heibaji does not build commercial profiles of players for sale to advertisers or data brokers. Any profiling we do is strictly for the purposes of fraud prevention, responsible gaming, and improving your experience on the platform.
04 Legal Basis for Processing

Heibaji processes your personal data on one or more of the following legal bases, depending on the specific purpose of the processing:

  • Contractual Necessity: Processing that is necessary to fulfil our contract with you — for example, processing your deposits and withdrawals, or managing your account.
  • Legal Obligation: Processing that is required to comply with applicable laws and regulations — for example, age verification and anti-money laundering checks.
  • Legitimate Interests: Processing that is necessary for heibaji's legitimate business interests — for example, fraud prevention, platform security, and service improvement — provided those interests are not overridden by your rights.
  • Consent: Processing that is based on your explicit consent — for example, sending you marketing communications. You can withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
05 Data Sharing

Heibaji does not sell your personal data. We share your data only in the limited circumstances described below, and only to the extent necessary for the specific purpose.

  • Payment Providers: We share necessary transaction data with bKash, Nagad, and Rocket to process your deposits and withdrawals. These providers have their own privacy policies governing how they handle your data.
  • Identity Verification Services: We may share identity documents with third-party KYC verification providers to confirm your identity and age as required by our compliance obligations.
  • Fraud Prevention Services: We may share technical and usage data with fraud detection services to identify and prevent fraudulent activity on the platform.
  • Legal and Regulatory Authorities: We may disclose your data to law enforcement, regulatory bodies, or other authorities where required by law or where we believe disclosure is necessary to protect the rights, property, or safety of heibaji, our players, or others.
  • Service Providers: We may share data with trusted third-party service providers who assist us in operating the platform — for example, hosting providers and analytics services. These providers are contractually required to handle your data securely and only for the purposes we specify.
International Transfers: Some of heibaji's service providers may be located outside Bangladesh. Where data is transferred internationally, heibaji ensures that appropriate safeguards are in place to protect your data in accordance with applicable privacy standards.
06 Cookies and Tracking

Heibaji uses cookies and similar tracking technologies to operate the platform, remember your preferences, and analyse how the site is used. Cookies are small text files stored on your device when you visit the heibaji website.

The types of cookies heibaji uses include:

  • Essential Cookies: Required for the platform to function correctly. These include session cookies that keep you logged in and security cookies that help protect your account. These cannot be disabled.
  • Functional Cookies: Used to remember your preferences and settings, such as your preferred language or display options.
  • Analytics Cookies: Used to collect anonymised data about how players use the heibaji platform, helping us identify areas for improvement. This data does not identify you personally.
  • Security Cookies: Used to detect and prevent fraudulent activity, including identifying unusual login patterns or suspicious device behaviour.

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect the functionality of the heibaji platform. Essential cookies cannot be disabled as they are required for the site to operate.

07 Data Retention

Heibaji retains your personal data for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law. The specific retention periods depend on the type of data and the purpose for which it is held.

  • Account Data: Retained for the duration of your account and for a period after account closure as required by regulatory obligations.
  • Financial Records: Transaction records are retained for a minimum period as required by applicable financial regulations.
  • KYC Documents: Identity verification documents are retained for the period required by anti-money laundering regulations.
  • Support Communications: Chat logs and email correspondence are retained for a reasonable period to support dispute resolution and quality assurance.
  • Technical and Usage Data: Retained in anonymised or aggregated form for platform analytics and improvement purposes.

When data is no longer required, heibaji will securely delete or anonymise it. If you request deletion of your account, heibaji will process the request subject to any legal obligations that require us to retain certain data for a specified period.

08 Your Rights

As a heibaji player, you have the following rights in relation to your personal data. To exercise any of these rights, contact the heibaji support team using the details at the end of this policy.

Right of Access

Request a copy of the personal data heibaji holds about you.

Right to Rectification

Ask us to correct any inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your personal data, subject to legal retention obligations.

Right to Restriction

Ask us to restrict processing of your data in certain circumstances.

Right to Portability

Receive your data in a structured, machine-readable format where applicable.

Right to Object

Object to processing based on legitimate interests, including direct marketing.

Response Time: Heibaji will respond to all data rights requests within a reasonable timeframe. In most cases we aim to respond within 30 days. If a request is complex or involves a large volume of data, we will notify you and provide an estimated completion date.
09 Data Security

Heibaji takes the security of your personal data seriously. We implement a range of technical and organisational measures to protect your data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:

  • Encryption of data in transit using TLS (Transport Layer Security) protocols.
  • Encryption of sensitive data at rest on heibaji's servers.
  • Strict access controls ensuring that only authorised personnel can access personal data.
  • Regular security assessments and vulnerability testing of the heibaji platform.
  • Staff training on data protection and security best practices.
  • Incident response procedures to detect, report, and address data security breaches promptly.

While heibaji takes all reasonable steps to protect your data, no online platform can guarantee absolute security. You also play a role in keeping your account secure — use a strong, unique password, do not share your login credentials, and contact support immediately if you suspect your account has been compromised.

Data Breach Notification: In the event of a data breach that is likely to result in a risk to your rights or freedoms, heibaji will notify affected players as soon as reasonably practicable and will take immediate steps to contain and remediate the breach.
10 Children's Privacy

The heibaji platform is strictly for adults aged 18 and over. Heibaji does not knowingly collect personal data from anyone under the age of 18. If we become aware that a minor has registered an account or provided personal data, we will close the account immediately and delete the associated data as quickly as possible.

If you believe that a minor has registered on heibaji or that we have inadvertently collected data from a child, please contact us immediately at [email protected] so we can take prompt action.

11 Changes to This Policy

Heibaji may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, the updated policy will be published on this page with a revised "Last Updated" date at the top.

For significant changes that materially affect how we handle your personal data, heibaji will notify registered players via email or an in-platform notification before the changes take effect. We encourage you to review this policy periodically. Continued use of the heibaji platform after an updated policy has been published constitutes your acceptance of the changes.

12 Contact Us

If you have any questions about this Privacy Policy, want to exercise any of your data rights, or have a concern about how heibaji handles your personal data, please get in touch with us. Our support team is available 24 hours a day, 7 days a week.

You can reach us via live chat on the heibaji platform, or by email at [email protected]. We aim to respond to all privacy-related enquiries within 30 days. For urgent matters, live chat is the fastest way to reach us.

We're Here to Help: Privacy can feel complicated, but we want to make it easy for you to understand how your data is used and to exercise your rights. Don't hesitate to reach out — our team is happy to explain anything in plain language.
🔒 Safe, Secure, Trusted

Play with Confidence on Heibaji

Your data is protected, your payments are secure, and your privacy is respected. Register your heibaji account today and experience Bangladesh's most trusted online gaming platform.

Create Your Free Account Sign In to Heibaji

18+ only. Please play responsibly. Visit Responsible Gaming for support tools and resources.