bdgoga Privacy Policy
Your privacy is important to us. This Privacy Policy explains how bdgoga collects, uses, stores, and protects the personal data you provide when you register, deposit, play games, or contact support on our platform. We are committed to handling your information responsibly, transparently, and in accordance with internationally recognised data protection principles.
Privacy at a Glance
The sections below make up the full Privacy Policy for the bdgoga platform. The cards immediately below highlight six key privacy principles we follow — these summaries do not replace the full policy text. All users are required to read the complete policy. If you have any questions, contact us at [email protected] before creating your account.
SSL Encryption on All Data
Every data transmission between your browser and bdgoga's servers is protected by industry-standard SSL/TLS encryption. We use HTTPS site-wide so your personal details, payment data, and session tokens are never exposed in transit.
We Do Not Sell Your Data
bdgoga does not sell, rent, or trade your personal information to third-party advertisers or data brokers under any circumstances. Data sharing is limited strictly to service providers required to operate the platform — and only under binding data processing agreements.
Transparent Cookie Use
We use cookies for session management, fraud prevention, and anonymous analytics. We do not use third-party advertising cookies to track your browsing activity across other websites. Our cookie practices are explained in full in the Cookies section below.
KYC Data Handled Securely
Identity documents submitted during the KY C process (such as your National ID or passport) are stored in an encrypted document vault with strict access controls. Only authorised compliance team members may access verification documents, and access is logged for audit purposes.
You Control Your Data
Registered users on bdgoga have the right to access, correct, or request deletion of their personal data at any time. Submit a data request via our support team and we will respond within 30 days. Account closure requests are processed within 48 hours.
Bangladesh-Based User Focus
bdgoga's platform is designed primarily for users in Bangladesh. Payment data relating to bKash, Nagad, Rocket, and Upay transactions is handled in accordance with the data processing standards applicable to mobile financial services operating in the Bangladesh market.
Data We Collect
bdgoga collects personal data from users at various points during the account lifecycle — including at registration, during identity verification, when processing deposits and withdrawals, and when users interact with our support team. We collect only the minimum data necessary to provide our services, comply with our legal obligations, and protect the security of our platform.
Registration Data
When you create a bdgoga account, we collect the following information: your full legal name, date of birth, residential address (including city and postal code), email address, and mobile phone number. This data is used to create and maintain your account, verify your identity, and communicate with you about your account activity.
Identity Verification (KYC) Data
Before processing your first withdrawal, bdgoga requires you to complete an identity and age verification process. During this process, you will be asked to submit a copy of a valid government-issued photo identification document — such as your Bangladesh National Identity Card (NID), passport, or driving licence — along with a recent proof of address where required. These documents are used solely for the purpose of verifying your identity and age, and are stored securely in our encrypted document management system.
Financial Transaction Data
When you make a deposit or request a withdrawal, bdgoga records the following: the payment method used (e.g., bKash, Nagad, Rocket, Upay, Visa, Mastercard), the transaction reference number, the amount in Bangladeshi Taka (৳ BDT), the date and time of the transaction, and the resulting account balance. We do not store full payment card numbers or mobile wallet PINs. Card data processed via Visa and Mastercard is handled by our PCI-DSS compliant payment processor and is never stored on bdgoga's own servers.
Technical & Device Data
When you access bdgoga, our servers automatically log certain technical information including: your IP address, browser type and version, operating system, device type (mobile, tablet, desktop), referring URL, pages visited within the platform, session start and end times, and geolocation data at the country and city level. This data is used for fraud prevention, platform security, and aggregate analytics. It is not linked to individual user profiles for marketing purposes.
Gameplay & Betting Data
bdgoga records a complete history of all game rounds played and bets placed on the platform, including the game title, provider name, wager amount, outcome, and timestamp. This data is retained for regulatory compliance, dispute resolution, and responsible gaming monitoring. It is not shared with third parties for marketing profiling.
Support & Communications Data
When you contact bdgoga's support team via live chat or email, we retain a record of the conversation. This includes the content of the messages exchanged, the date and time of the interaction, and the outcome of any support request or dispute raised. These records are kept for quality assurance, staff training, and dispute resolution purposes, and are accessible only to authorised members of the support and compliance teams.
bdgoga collects only the personal data that is strictly necessary to operate the platform, verify your identity, process your transactions, and fulfil our legal obligations. We do not collect data speculatively or for purposes beyond those described in this policy.
Full card numbers and mobile wallet PINs are never stored on bdgoga servers. Card payments are routed through a PCI-DSS compliant processor. bKash and Nagad transaction data is handled via encrypted API connections.
| Data Type | Collected At |
|---|---|
| Full name, DOB | Registration |
| Address, email, phone | Registration |
| ID documents | KYC verification |
| Transaction records | Each deposit/withdrawal |
| IP address, device info | Every session |
| Game & bet history | Each game round |
| Support messages | Each support contact |
How We Use Your Data
bdgoga processes your personal data for a number of distinct purposes, each grounded in a legitimate legal basis. We do not use your data for purposes that are incompatible with those described below, and we do not engage in automated decision-making that produces significant effects on users without human review.
Account Management
Your registration data is used to create, maintain, and administer your bdgoga account. This includes processing login requests, managing account settings, sending transactional emails (such as deposit confirmations and withdrawal notifications), and enabling you to access the full range of platform features.
Identity Verification & Fraud Prevention
KYC documents and technical data (including IP address and device fingerprint) are used to verify that you are who you say you are, that you meet the minimum age requirement of 18 years, and that your account is not being used for fraudulent purposes. Our fraud prevention systems analyse patterns in account activity, transaction behaviour, and login history to identify and block suspicious activity in real time.
Payment Processing
Financial transaction data is used to process your deposits and withdrawals, apply applicable bonuses, maintain an accurate account balance, and generate transaction statements accessible from your account panel. Transaction records are also retained to comply with anti-money laundering (AML) obligations and to support any payment disputes.
Responsible Gaming Monitoring
bdgoga uses gameplay and betting history data to monitor for signs of problematic gambling behaviour. Where our systems identify patterns consistent with problem gambling — such as rapidly escalating wager sizes, extended continuous play sessions, or repeated failed self-exclusion bypass attempts — our responsible gaming team may reach out proactively. This monitoring is carried out in the interest of user welfare and is not used for marketing purposes.
Platform Improvement & Analytics
Aggregated and anonymised technical and behavioural data is used to understand how users interact with the platform, which game categories are most popular, and where the user experience can be improved. This data is never linked back to individual user profiles in our analytics systems. We use internal analytics tools rather than third-party advertising platforms for this purpose.
Marketing Communications
With your consent, bdgoga may send you promotional emails or SMS notifications about new games, seasonal offers, tournament announcements, and bonus opportunities. You may withdraw your consent and unsubscribe from marketing communications at any time by updating your notification preferences in your account settings or by contacting support. Unsubscribing from marketing does not affect the delivery of transactional communications (such as deposit confirmations), which are sent as part of the account service.
Legal & Regulatory Compliance
bdgoga retains certain categories of personal data — including KYC documents, transaction records, and account history — for the minimum periods required to comply with applicable anti-money laundering regulations, financial record-keeping obligations, and data retention standards. This data is processed on the legal basis of legal obligation and is not used for any other purpose during the retention period.
Every processing activity at bdgoga is grounded in at least one of the following lawful bases: (1) Performance of a contract with you, (2) Compliance with a legal obligation, (3) Your explicit consent, or (4) Legitimate interests of bdgoga, provided those interests are not overridden by your rights.
You can unsubscribe from bdgoga promotional emails and SMS messages at any time via your account notification settings or by emailing [email protected]. Unsubscribing takes effect within 48 hours of your request being processed.
bdgoga does not make fully automated decisions that significantly affect your account (such as permanent account closure) without a human review step. Automated fraud flags always trigger a manual compliance review before action is taken.
Data Sharing & Third Parties
bdgoga does not sell or rent your personal data to any third party. We share personal data only where it is strictly necessary to deliver our services, comply with legal obligations, or protect the security of the platform. All third parties with whom we share personal data are bound by contractual data processing agreements that require them to handle your data securely, use it only for the specified purpose, and delete it when it is no longer needed.
Game Providers
To deliver casino and sportsbook content, bdgoga integrates with third-party game providers including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, Ezugi, and Habanero. When you launch a game, a minimal set of technical data — including your anonymised session token and wager parameters — is transmitted to the provider's game server to facilitate gameplay. No personally identifiable information (such as your name, email, or address) is shared with game providers.
Payment Processors
To process your deposits and withdrawals, bdgoga works with licensed payment processors and mobile financial service integrators. Transaction data necessary to complete the payment — including the amount, currency, and reference number — is shared with these processors. bKash, Nagad, Rocket, and Upay transactions are processed via encrypted API connections to the respective MFS operators in Bangladesh. Visa and Mastercard payments are handled by a PCI-DSS Level 1 certified payment gateway.
Identity Verification Services
Where bdgoga uses a third-party KYC or identity verification platform to assist with document verification, the identity documents you submit may be processed by that service provider on our behalf. Such providers are contractually prohibited from using your identity data for any purpose other than the specific verification task requested by bdgoga.
Fraud Prevention & Security Partners
bdgoga may share technical data — such as IP addresses, device fingerprints, and login behaviour patterns — with fraud prevention and cybersecurity service providers. This sharing is carried out on the legal basis of legitimate interest in protecting the platform and its users from fraud, account takeover, and money laundering.
Legal Disclosures
bdgoga may disclose personal data to law enforcement agencies, regulatory bodies, or other authorised government authorities where required to do so by applicable law, or where we have a good-faith belief that disclosure is necessary to prevent or investigate illegal activity, protect the safety of our users, or enforce our Terms & Conditions. We will not disclose data to government authorities beyond what is legally required in the specific circumstances.
- Advertising networks
- Data brokers
- Social media platforms
- Unaffiliated third-party marketers
- Any party that has not signed a data processing agreement with bdgoga
Every third party that handles bdgoga user data on our behalf is required to sign a Data Processing Agreement (DPA) that limits the scope of their data use to the specific service they provide for bdgoga.
Data Security
bdgoga takes the security of your personal data seriously. We implement a range of technical and organisational security measures designed to protect your data from unauthorised access, accidental loss, disclosure, alteration, or destruction. While no online platform can guarantee absolute security, we continuously review and update our security controls to reflect current best practices.
Technical Security Measures
- SSL/TLS Encryption: All data transmitted between your device and bdgoga's servers is encrypted using TLS 1.2 or higher. HTTPS is enforced site-wide with HTTP Strict Transport Security (HSTS) headers.
- Database Encryption: Sensitive data fields — including identity document references, payment method identifiers, and account passwords — are stored in encrypted form in our database. Passwords are hashed using a strong one-way hashing algorithm and are never stored in plain text.
- Firewalls & Intrusion Detection: Our infrastructure is protected by enterprise-grade firewalls, web application firewalls (WAF), and intrusion detection systems that monitor for and block suspicious traffic patterns in real time.
- Access Controls: Access to user personal data within bdgoga's internal systems is governed by the principle of least privilege — staff members can access only the data categories their role requires, and all access is logged and subject to audit.
- Two-Factor Authentication: SMS two-factor authentication is available to all registered users and is strongly recommended. All internal administrative accounts at bdgoga require mandatory two-factor authentication.
Organisational Security Measures
All bdgoga staff members who handle personal data are required to complete data protection and privacy training. Staff access to production systems is reviewed regularly and revoked immediately upon termination of employment or change of role. Third-party vendors with access to personal data are vetted for their security posture before being contracted and are subject to periodic security reviews.
Breach Notification
In the event of a personal data breach that is likely to result in a risk to user rights and freedoms, bdgoga will notify affected users without undue delay. We will provide clear information about the nature of the breach, the data categories affected, the likely consequences, and the steps we have taken or will take to address the situation. Notifications will be sent to the email address registered on your bdgoga account.
Security Infrastructure Overview
- TLS 1.2+ encryption site-wide
- HSTS headers enforced
- Encrypted database fields
- Bcrypt password hashing
- Web application firewall (WAF)
- Real-time intrusion detection
- Least-privilege access controls
- Mandatory 2FA for all staff
- Regular third-party security audits
If you believe your bdgoga account has been accessed without your authorisation, contact us immediately at [email protected]. Change your password and enable 2FA right away. We respond to security reports within 2 hours.
Data Retention
bdgoga retains personal data for no longer than is necessary to fulfil the purpose for which it was collected, or to comply with applicable legal retention obligations. The specific retention periods we apply to different categories of personal data are set out in the table below. Once the applicable retention period expires, data is securely deleted or anonymised so that it can no longer be linked to an individual user.
| Data Category | Retention Period | Basis |
|---|---|---|
| Registration & account data | Duration of account + 5 years after closure | Legal obligation (AML) |
| KYC identity documents | 5 years after account closure | Legal obligation (AML / KYC regulations) |
| Financial transaction records | 7 years after transaction date | Legal obligation (financial record-keeping) |
| Gameplay & bet history | 3 years after account closure | Legitimate interest (dispute resolution) |
| Support chat & email records | 3 years after the interaction | Legitimate interest (quality, disputes) |
| Technical / session logs | 13 months from collection | Legitimate interest (fraud prevention) |
| Marketing consent records | Duration of consent + 3 years | Legal obligation (consent records) |
Where data is retained beyond the period of active account use (i.e., after you have closed your account), it is moved to a restricted archive environment with more limited access permissions. Archived data is not used for any active processing purpose — it is held solely in case it is required for legal proceedings, regulatory enquiries, or law enforcement requests during the applicable retention window.
If you request deletion of your personal data, bdgoga will honour that request to the extent that it does not conflict with our legal retention obligations. Data categories subject to a statutory retention period cannot be deleted before that period expires, but will be isolated from active processing and deleted at the earliest lawful opportunity.
Financial and identity records are retained primarily to comply with anti-money laundering (AML) regulations applicable to online financial service operators. These are legal obligations that bdgoga cannot waive, even following a voluntary account closure request.
You may request deletion of any personal data that is not subject to a legal retention obligation. We will confirm what can and cannot be deleted and action all eligible deletions within 30 days of your request.
Your Rights
As a user of the bdgoga platform, you have a number of rights in relation to the personal data we hold about you. We are committed to honouring these rights promptly and transparently. To exercise any of the rights listed below, contact our support team at [email protected] with the subject line "Data Rights Request" and include your registered email address and a brief description of your request. We will respond within 30 days of receiving a valid request.
Email [email protected] with the subject line "Data Rights Request". Include: (1) your registered email address, (2) the specific right you wish to exercise, and (3) any relevant details. We may ask you to verify your identity before fulfilling the request. All requests are responded to within 30 days. Complex requests may be extended by a further 60 days with prior notice to you.
Policy Updates & Contact
Changes to This Privacy Policy
bdgoga reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data practices, operational requirements, or applicable legal obligations. When we make material changes to this policy — that is, changes that affect how we collect, use, or share your personal data in a way that is meaningfully different from what was described in the previous version — we will notify registered users by email to the address on their bdgoga account at least 14 days before the changes take effect.
For non-material changes (such as corrections of typographical errors, clarifications of existing practices, or updates to contact details), we will update the policy directly and revise the "Last Updated" date shown at the top of this page without sending individual notifications. We encourage you to review this Privacy Policy periodically to stay informed of how bdgoga handles your personal data.
Your continued use of the bdgoga platform after a policy update has taken effect constitutes your acceptance of the revised policy. If you do not agree with the changes, you may close your account at any time by contacting our support team prior to the effective date of the update.
Version History
Previous versions of this Privacy Policy are available on request. Contact [email protected] with the subject line "Privacy Policy Version History" and we will provide copies of prior versions within 10 business days.
Contact Us About Privacy
If you have any questions, concerns, or feedback about this Privacy Policy or about how bdgoga handles your personal data, please contact our support team. We are available 24 hours a day, 7 days a week in English. Our average live chat response time is under 3 minutes, and email enquiries are responded to within 24 hours during business days.
For formal data rights requests, please use the subject line "Data Rights Request" as described in the Your Rights section above. For general privacy enquiries, any message to [email protected] will reach the appropriate team member.
bdgoga's platform is operated for users across Bangladesh, including those in Dhaka, Chittagong, Sylhet, Khulna, Rajshahi, Barisal, Rangpur, Mymensingh, and Cox's Bazar. All support communications are conducted in English. Support hours operate on Bangladesh Standard Time (BST, UTC+6). This Privacy Policy is effective as of January 2026 and supersedes all prior versions.
Privacy Contact Details
For all privacy-related enquiries, data rights requests, or policy questions:
Email:
Availability:
24/7, English language support
Response Time:
Under 3 minutes via live chat; within 24 hours via email
Material updates to this Privacy Policy are communicated to all registered users by email at least 14 days before they take effect. Ensure your registered email address is kept up to date in your account settings so you do not miss important notifications.
Have Questions About Your Privacy?
Our English-language support team is available around the clock to answer any questions about this Privacy Policy or how bdgoga handles your personal data. You can also explore our FAQ or visit the Responsible Gaming page for more information.