345bdt Privacy Policy — Your Data, Your Rights
At 345bdt, protecting the personal information of every Bangladeshi player is a core commitment, not an afterthought. This Privacy Policy explains exactly what data we collect, why we collect it, how it is stored and protected, and the rights you hold over your own information at every stage of your relationship with us.
Data We Collect
345bdt collects personal data in three primary ways: information you provide directly during registration and account management, information generated automatically through your use of the platform, and information obtained from trusted third-party verification partners where necessary to comply with our know-your-customer (KYC) and anti-money-laundering (AML) obligations.
Information you provide directly:
- Identity data: Full legal name, date of birth, gender, and copies of government-issued identification documents such as your National Identity Card (NID) or passport.
- Contact data: Residential address in Bangladesh (including city — Dhaka, Chittagong, Sylhet, Khulna, Rajshahi, Barisal, Rangpur, Mymensingh, or Cox's Bazar), email address, and Bangladeshi mobile phone number.
- Account credentials: Username and encrypted password. 345bdt does not store passwords in plain text at any point.
- Financial data: Payment method details including bKash account number, Nagad account number, Rocket number, Upay identifier, or bank account information for Dutch-Bangla Bank, BRAC Bank, or City Bank transfers. Card details (Visa or Mastercard where applicable) are tokenised and never stored in full on 345bdt servers.
- Responsible gaming data: Deposit limits, session time limits, self-exclusion requests, and any communications you send to our support team regarding your gaming behaviour.
- Communications data: Records of emails, live chat transcripts, and support tickets exchanged between you and the 345bdt support team.
Information collected automatically:
- Device and technical data: IP address, browser type and version, operating system, device model, screen resolution, and time zone setting.
- Usage data: Pages visited, games played, bet amounts, session duration, login timestamps, and navigation paths within the platform.
- Transaction data: Records of all deposits, withdrawals, wagers, bonuses credited, and winnings paid to your account.
- Cookie and tracking data: Data collected via cookies, web beacons, and similar tracking technologies as described in the Cookies section of this Policy.
Information from third parties:
- Identity and age verification results from licensed KYC service providers engaged by 345bdt to confirm document authenticity.
- Fraud and risk screening results from third-party anti-fraud platforms used to protect the platform and its players.
- Payment confirmation data from bKash, Nagad, Rocket, Upay, and banking partners confirming successful transaction processing.
345bdt does not knowingly collect personal data from individuals under the age of 18. If we discover that data belonging to a person under 18 has been collected, that data will be deleted and the associated account closed without delay.
How We Use Your Data
345bdt processes your personal data only for defined, legitimate purposes. We do not use your data for any purpose that is incompatible with the purposes for which it was originally collected. The table below summarises the key processing activities and the legal basis on which each is carried out:
| Processing Purpose | Data Used | Legal Basis |
|---|---|---|
| Account registration and management | Identity, contact, credentials | Contractual necessity |
| Age and identity verification (KYC) | Identity documents, date of birth | Legal obligation |
| Processing deposits and withdrawals | Financial data, transaction records | Contractual necessity |
| Fraud prevention and AML monitoring | Financial, device, usage data | Legal obligation / legitimate interest |
| Delivering responsible gaming tools | Responsible gaming data, usage data | Legal obligation / contractual necessity |
| Providing customer support | Communications, account data | Contractual necessity |
| Sending promotional communications | Contact data, usage preferences | Consent (opt-in only) |
| Platform analytics and improvement | Usage data, cookie data | Legitimate interest |
| Compliance with legal obligations | All categories as required | Legal obligation |
Where 345bdt relies on your consent as the legal basis for processing — specifically for sending marketing communications — you have the right to withdraw that consent at any time by contacting our support team at [email protected] or by using the unsubscribe mechanism included in any marketing message. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
345bdt does not use your personal data for automated decision-making that produces legal or similarly significant effects without human review. Risk and fraud screening tools flag accounts for human investigation; they do not unilaterally close accounts or confiscate funds without a manual review step.
Data Sharing & Third Parties
The categories of third parties with whom 345bdt may share your personal data are as follows:
- Payment service providers: bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, BRAC Bank, and City Bank receive the minimum financial data necessary to process deposit and withdrawal transactions on your behalf. These providers operate under their own privacy policies and are independently regulated.
- KYC and identity verification partners: Licensed verification service providers receive copies of identity documents submitted during the account verification process. These partners are contractually bound to process data solely for verification purposes and to delete documents upon completion of the verification task.
- Game content providers: Providers such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi may receive a session token and anonymised player identifier to deliver game content. These providers do not receive your full identity or financial data through this process.
- Anti-fraud and security platforms: Third-party fraud prevention services receive device data, IP addresses, and transaction metadata to identify and mitigate fraudulent activity. No full identity documents are shared with these providers.
- Cloud infrastructure and hosting providers: 345bdt uses enterprise-grade cloud hosting services to store and process platform data. These providers act as data processors under written agreements that prohibit any independent use of the data entrusted to them.
- Legal and regulatory authorities: Where required by applicable law, court order, or instruction from a competent regulatory authority, 345bdt may disclose personal data to government agencies, law enforcement bodies, or financial intelligence units. 345bdt will, where legally permitted, notify affected players of any such disclosure.
All third-party data processors engaged by 345bdt are required to implement technical and organisational security measures no less rigorous than those applied by 345bdt itself. Third parties are prohibited from using your data for any purpose beyond the specific service they have been engaged to provide.
Cookies & Tracking
345bdt uses cookies and similar tracking technologies — including web beacons, pixel tags, and local storage objects — to deliver core platform functionality, improve user experience, and understand how players interact with the site. Cookies are small text files placed on your device when you visit the platform.
The following categories of cookies are used on the 345bdt platform:
- Strictly necessary cookies: Required for the platform to function. These include session authentication cookies that keep you logged in during a gaming session, CSRF protection tokens, and load-balancing cookies that route your traffic to the correct server. These cookies cannot be disabled without breaking core functionality.
- Functional cookies: Store your platform preferences such as language selection (English), display settings, and last-visited game category to deliver a personalised experience on return visits. These are non-essential but significantly improve usability.
- Analytics cookies: Collect anonymised usage data — pages visited, session duration, button clicks, and error events — to help the 345bdt product team understand how the platform is being used and where improvements can be made. No personally identifiable information is attached to analytics data.
- Security and fraud-detection cookies: Assign a device fingerprint to help identify unusual login patterns, detect account sharing, and flag suspicious transaction behaviour for human review.
345bdt does not use cookies to serve third-party advertising on behalf of external advertisers. Any tracking technologies used are solely for internal platform operation, analytics, and security purposes.
Data Security
345bdt implements a layered, defence-in-depth approach to securing the personal data of all Bangladeshi players on the platform. Security is not treated as a single measure but as an ongoing programme of technical controls, operational procedures, and staff training.
The technical security measures in place include:
- TLS/SSL encryption: All data transmitted between your device and the 345bdt platform is encrypted using industry-standard TLS protocols. The padlock icon in your browser confirms an active encrypted connection at all times.
- Encryption at rest: Sensitive personal data — including identity documents, payment method details, and account credentials — is encrypted at rest using AES-256 encryption within 345bdt's database infrastructure.
- Password hashing: Account passwords are never stored in recoverable form. They are processed through a cryptographic one-way hashing algorithm with per-account salting before any storage occurs.
- Two-factor authentication (2FA): 345bdt supports SMS-based 2FA via your registered Bangladeshi mobile number. Players are strongly encouraged to enable 2FA to add a second layer of protection to their account.
- Access controls: Access to production data systems is restricted to a minimal set of authorised 345bdt personnel on a need-to-know basis. All access is logged and audited. Third-party contractors do not receive direct database access.
- Penetration testing and vulnerability management: The 345bdt platform undergoes periodic security assessments conducted by independent security professionals to identify and remediate vulnerabilities before they can be exploited.
Despite these measures, no online platform can guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights or interests, 345bdt will notify affected players via their registered email address as promptly as practicable, and will take immediate steps to contain the breach and prevent further unauthorised access. You can also help protect your account by using a strong, unique password and never sharing your login credentials with any other person.
Data Retention
345bdt retains your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required to comply with applicable legal obligations. The retention periods applied to the main categories of personal data are summarised below:
- Account and identity data: Retained for the duration of your account relationship with 345bdt, plus a minimum of five (5) years following account closure. This extended retention period reflects AML compliance obligations, which require gaming platforms to maintain records of customer identities and transaction histories for regulatory inspection purposes.
- Transaction records: All deposit, withdrawal, and wagering records are retained for a minimum of five (5) years from the date of the transaction, consistent with financial record-keeping requirements.
- Communications and support records: Email correspondence, live chat transcripts, and support tickets are retained for three (3) years from the date of the last communication in each case. This period allows us to resolve any disputed matters that may arise after account closure.
- Responsible gaming records: Self-exclusion requests, deposit limit settings, and related records are retained for the duration of the exclusion period plus five (5) years, to prevent circumvention of self-exclusion by re-registration.
- Analytics and usage data: Anonymised, aggregated analytics data that cannot be linked back to an individual player may be retained indefinitely for platform improvement purposes. Where usage data is linked to an individual account, it is deleted when the account data is purged.
- Cookie data: Session cookies are deleted at the end of each browser session. Persistent cookies expire within a maximum of 12 months from the date they are set.
When your personal data is no longer required under any of the above retention schedules, it is securely deleted or anonymised using processes that render re-identification impossible. Deletion requests submitted by players are honoured promptly, subject to the overriding retention obligations described above — data that must be kept for legal compliance purposes cannot be deleted on request during the applicable retention period.
Your Privacy Rights
345bdt respects your rights over your personal data. You may exercise the following rights at any time by submitting a request to the 345bdt support team at [email protected]. Requests are processed within 30 days of receipt. Where a request is complex or where a large volume of requests is received simultaneously, this period may be extended by a further 30 days, and you will be informed of the extension.
- Right of access: You may request a copy of all personal data that 345bdt holds about you. We will provide this in a structured, readable format within the applicable timeframe.
- Right to rectification: If any personal data we hold about you is inaccurate or incomplete, you may request that it be corrected or completed. Minor account details such as contact addresses can often be updated directly through your account settings panel.
- Right to erasure: You may request that we delete your personal data where it is no longer necessary for the purpose for which it was collected, where you have withdrawn consent (and no other legal basis applies), or where you object to processing and there are no overriding legitimate grounds. Note that erasure requests cannot override legally mandated retention periods.
- Right to restriction of processing: You may request that we restrict the processing of your data in certain circumstances — for example, while the accuracy of data you have contested is being verified.
- Right to data portability: Where processing is based on your consent or contractual necessity and is carried out by automated means, you may request that your data be provided in a machine-readable format suitable for transfer to another service provider.
- Right to object: You may object to processing carried out on the basis of our legitimate interests, including profiling for fraud prevention. We will cease processing unless we can demonstrate compelling legitimate grounds that override your rights. You may object to direct marketing processing at any time, and we will stop without requiring justification.
- Right to withdraw consent: Where consent is the basis for processing (specifically for marketing communications), you may withdraw your consent at any time. Withdrawal does not affect processing that took place before the withdrawal.
To exercise any of these rights, please contact us at [email protected] with the subject line "Privacy Rights Request" and include your registered account username and a description of the right you wish to exercise. We may need to verify your identity before processing the request to ensure data is not disclosed to or acted upon by an unauthorised party.
Policy Updates & Contact
345bdt reserves the right to update this Privacy Policy at any time to reflect changes in our data processing practices, changes in applicable law, or operational changes to the platform. Where updates are material — that is, where they significantly affect how your data is used or the rights available to you — we will provide advance notice via the email address registered to your 345bdt account and via an in-platform notification prior to the changes taking effect.
The effective date displayed at the top of this Policy will be updated each time a revision is published. Minor corrections, such as typographical fixes or clarifications that do not alter the substance of the Policy, may be made without prior notice. We encourage you to review this Policy periodically to remain informed about how 345bdt protects your information.
Continued use of the 345bdt platform following the effective date of any revised Policy constitutes your acceptance of the revised terms. If you do not agree with the revised Policy, you should cease using the platform and contact the support team to request account closure and data deletion in accordance with your rights under Section 07 above.
This Privacy Policy is written in English and constitutes the authoritative version. Any translation provided for reference purposes is supplementary only; in the event of any conflict or ambiguity between a translated version and this English version, the English version shall take precedence in all respects.
January 2026
TLS/SSL encryption on all connections. AES-256 encryption at rest. Passwords hashed and salted. 2FA supported.
Data Protection Commitments
How 345bdt Safeguards Your Privacy
Every connection between your device and the 345bdt platform is protected by TLS/SSL encryption. Your personal data and payment information travel across the internet in an unreadable, encrypted form that only the 345bdt platform can decode.
345bdt does not sell, rent, or trade your personal data to any third party for commercial gain. Your information is shared only with the service providers strictly necessary to operate the platform — payment processors, KYC partners, and game providers.
You hold clear rights to access, correct, delete, restrict, and port the personal data that 345bdt holds about you. Submit a request to our support team and we will respond within 30 days, in English, Bangladesh Standard Time.
Identity documents, financial data, and account credentials stored on 345bdt servers are encrypted at rest using AES-256, the same standard applied by global financial institutions. Passwords are additionally hashed and salted — they are never stored in recoverable form.
345bdt supports SMS 2FA via your registered Bangladeshi mobile number, adding a second layer of account security beyond your password. Enable 2FA from your account security settings to prevent unauthorised login attempts.
345bdt keeps your data only for as long as it is legally or operationally required. Most account data is deleted within five years of account closure. Session cookies expire at the end of every browser session, and persistent cookies have a hard cap of 12 months.
Questions About Your Privacy at 345bdt?
Our 24/7 English-language support team is ready to handle any data rights request, cookie preference update, or privacy enquiry. You can also review the full FAQ for common questions, or explore the 345bdt Casino to experience our secure gaming platform. 18+