tibaje Privacy Policy
This Privacy Policy explains how tibaje collects, uses, stores, and protects the personal data of players who access tibaje.net. We take the privacy of every Bangladesh player seriously. This document sets out your rights, our obligations, and the principles that govern every data decision we make.
This Privacy Policy ("Policy") is issued by tibaje ("tibaje", "we", "us", "our") and applies to all personal data processed in connection with your use of tibaje.net, including account registration, financial transactions, game play, customer support interactions, and any other engagement with the tibaje platform or its affiliated services. By creating an account or using any tibaje service, you acknowledge that you have read and understood this Policy and consent to the data practices described herein.
tibaje is committed to handling personal data responsibly, transparently, and in accordance with applicable data protection principles. This Policy is written in plain English to ensure that every player — regardless of technical background — can understand exactly how their information is managed.
1. Information We Collect
tibaje collects personal data through several channels: information you provide directly, data generated automatically through your use of the platform, and information received from third-party partners such as payment providers. The categories of personal data we collect are described below.
1.1 Information You Provide Directly
- Account registration data: Full legal name, date of birth, email address, mobile phone number, and preferred username.
- Identity verification documents: Copies of government-issued photo ID (National ID Card, passport, or driving licence), proof of address, and payment method ownership confirmation. These are collected as part of our Know Your Customer (KYC) process.
- Financial information: Details of the payment method you use to deposit and withdraw funds — for example, your bKash or Nagad mobile wallet number, or card details for Visa and Mastercard transactions. Full card numbers are never stored on tibaje systems; payment processing is handled by certified third-party providers.
- Communications: Any messages, enquiries, or complaints you submit to the tibaje support team via email or live chat, including the content of those communications.
- Responsible gaming preferences: Any deposit limits, session time reminders, or self-exclusion requests you set or submit through the tibaje platform.
1.2 Data Collected Automatically
- Device and technical data: IP address, browser type and version, operating system, device model, screen resolution, and connection type.
- Usage and behavioural data: Pages visited on tibaje.net, game sessions initiated, betting activity, session duration, click patterns, and navigation paths.
- Log data: Server-side logs that record platform interactions, error events, and security-relevant activity such as login attempts and session initiation.
- Cookie and tracking data: Information collected via cookies and similar technologies as described in Section 4 of this Policy.
1.3 Data from Third Parties
tibaje may receive personal data about you from the following third-party sources:
- Payment providers (bKash, Nagad, Rocket, Upay, Visa, Mastercard) — transaction confirmation and account ownership verification data.
- Identity and age verification services — confirmation of the validity of documents submitted during KYC.
- Fraud prevention and anti-money laundering (AML) screening services — risk scoring and watchlist check results.
2. How We Use Your Data
tibaje processes personal data only for legitimate, specified purposes. The table below summarises the primary purposes for which we use your data and the legal basis for each.
| Purpose | Examples | Legal Basis |
|---|---|---|
| Account Management | Creating and maintaining your tibaje Account, verifying your identity and age, processing your login credentials. | Contract performance |
| Payment Processing | Handling deposits and withdrawals via bKash, Nagad, Rocket, Upay, Visa, and Mastercard; reconciling transaction records. | Contract performance |
| Regulatory Compliance | KYC identity checks, AML transaction monitoring, fraud prevention screening, and record-keeping obligations. | Legal obligation |
| Platform Security | Detecting and preventing unauthorised account access, bot activity, multi-accounting, and payment fraud. | Legitimate interest |
| Customer Support | Responding to enquiries, resolving disputes, and maintaining a record of support interactions for quality assurance. | Contract performance |
| Responsible Gaming | Monitoring play patterns for signs of problem gambling, enforcing self-exclusion requests, and applying player protection tools. | Legal obligation / Legitimate interest |
| Marketing Communications | Sending promotional offers, bonus notifications, and platform updates where you have opted in to receive such communications. | Consent |
| Platform Improvement | Analysing aggregated usage data to improve game performance, site navigation, and overall player experience. | Legitimate interest |
tibaje will not use your personal data for any purpose that is incompatible with those listed above without first obtaining your explicit consent or being required to do so by applicable law.
3. Data Sharing & Third Parties
tibaje does not sell, rent, or trade your personal data to any third party for commercial gain. We share personal data only in the limited circumstances described below, and only to the extent necessary for the specified purpose.
3.1 Service Providers
We engage trusted third-party service providers who process personal data on our behalf under strict contractual data processing agreements. These include:
- Payment processors: bKash, Nagad, Rocket, Upay, and card networks (Visa, Mastercard) process transaction data necessary to complete your deposits and withdrawals.
- Identity verification providers: Third-party KYC and document verification services that confirm the authenticity of identity documents submitted to tibaje.
- Fraud and AML screening services: Providers that screen transactions and account activity against watchlists and risk models to prevent financial crime.
- Cloud hosting and infrastructure providers: Secure cloud platforms that host the tibaje platform and its associated databases under industry-standard security configurations.
- Customer support technology: Live chat and ticketing system providers that facilitate support interactions between players and the tibaje support team.
3.2 Game Content Providers
The tibaje platform integrates games developed by third-party studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. These providers may receive anonymised or pseudonymised session data for the purposes of game integrity verification and technical performance monitoring. They do not receive your personally identifiable information except where required for regulatory compliance specific to their own licensing obligations.
3.3 Legal and Regulatory Disclosures
tibaje may disclose personal data to competent authorities, law enforcement agencies, or regulatory bodies where we are legally required to do so, or where we have a good-faith belief that disclosure is necessary to protect the safety of our players, prevent fraud, or comply with a valid legal process.
3.4 Business Transfers
In the event of a merger, acquisition, or sale of all or part of tibaje's business assets, personal data held by tibaje may be transferred to the acquiring entity as part of that transaction. In such cases, tibaje will notify affected account holders and ensure that the receiving entity is bound by data protection obligations no less protective than those set out in this Policy.
4. Cookies & Tracking Technologies
tibaje uses cookies and similar tracking technologies to operate the platform effectively, maintain session integrity, and improve the player experience. A cookie is a small text file placed on your device when you visit tibaje.net. Cookies do not contain executable code and cannot access other files stored on your device.
4.1 Types of Cookies We Use
- Strictly necessary cookies: Essential for the platform to function. These enable user authentication, session management, and security features. They cannot be disabled without disrupting core platform functionality.
- Performance and analytics cookies: Used to collect anonymised data about how players navigate tibaje.net — which pages are visited most frequently, how long sessions last, and where technical errors occur. This data helps us improve platform performance.
- Functional cookies: Store your preferences such as language settings, preferred payment method, and responsible gaming configurations so that these are retained between sessions.
- Marketing cookies: Used only where you have provided explicit consent. These cookies track your interactions with tibaje promotional content to help us deliver relevant offers and measure campaign effectiveness.
You may manage or withdraw your cookie consent at any time by adjusting your browser settings. Please note that disabling strictly necessary cookies may prevent you from accessing certain features of the tibaje platform. For further information on managing cookies, refer to your browser's help documentation.
5. Data Retention & Storage
tibaje retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable law. The following retention periods apply as a general guide:
- Account data and KYC documents: Retained for the lifetime of your tibaje Account plus a minimum of five (5) years following account closure, in accordance with anti-money laundering record-keeping requirements.
- Transaction records: Retained for a minimum of seven (7) years to satisfy financial regulatory obligations applicable to online payment processing in Bangladesh.
- Customer support communications: Retained for three (3) years from the date of the interaction, or longer if the interaction is connected to an active dispute or legal proceeding.
- Marketing preferences and consent records: Retained for the duration of your Account and for two (2) years following account closure, to evidence the basis on which marketing communications were sent.
- Technical and server log data: Retained for up to twelve (12) months, after which it is automatically purged or anonymised.
All personal data held by tibaje is stored on secure servers protected by industry-standard encryption, access controls, and intrusion detection systems. Where data is processed by third-party service providers, tibaje requires those providers to implement equivalent security standards under the terms of their data processing agreements.
6. Your Privacy Rights
As a tibaje account holder, you have the following rights in relation to your personal data. To exercise any of these rights, please contact us at [email protected]. tibaje will respond to all verified requests within a reasonable timeframe and in any event within thirty (30) calendar days of receipt.
- Right of access: You have the right to request a copy of the personal data that tibaje holds about you, along with information about how it is being used.
- Right to rectification: If any of your personal data held by tibaje is inaccurate or incomplete, you have the right to request that it be corrected.
- Right to erasure: You may request that tibaje delete your personal data where it is no longer necessary for the purpose for which it was collected. Please note that this right is subject to our legal obligations to retain certain data (e.g., KYC and transaction records). In such cases, we will explain the retention requirements that apply.
- Right to restrict processing: You may request that tibaje temporarily suspend the processing of your personal data while a complaint or accuracy dispute is being resolved.
- Right to data portability: You have the right to receive a copy of the personal data you have provided to tibaje in a structured, commonly used, machine-readable format.
- Right to withdraw consent: Where tibaje processes your data on the basis of consent (e.g., marketing communications), you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.
- Right to object: You may object to tibaje processing your personal data on the basis of legitimate interest, including profiling, where you have grounds relating to your particular situation.
7. Data Security Measures
tibaje employs a multi-layered approach to data security to protect your personal information against unauthorised access, disclosure, alteration, and destruction. Our security framework includes the following measures:
- SSL/TLS encryption: All data transmitted between your device and tibaje.net is encrypted using SSL/TLS protocols. Look for the padlock icon in your browser address bar when accessing the platform.
- Access controls: Personal data is accessible only to tibaje staff and third-party providers who have a legitimate need to process it in the performance of their role. Access is governed by role-based permissions and regularly reviewed.
- Password security: Account passwords are stored in hashed form using industry-standard cryptographic algorithms. tibaje staff cannot view your plain-text password and will never ask you to disclose it.
- Intrusion detection and monitoring: The tibaje platform is monitored continuously for suspicious activity, unauthorised access attempts, and anomalous data access patterns.
- Data breach response: In the event of a personal data breach that poses a risk to account holders, tibaje will notify affected players promptly and take all necessary steps to contain and remediate the incident.
While tibaje takes every reasonable precaution to protect your data, no online platform can guarantee absolute security. You are encouraged to use a strong, unique password for your tibaje Account and to contact [email protected] immediately if you suspect any unauthorised activity on your account.
8. Changes to This Policy
tibaje reserves the right to update this Privacy Policy at any time to reflect changes in our data practices, applicable law, or platform features. When a material change is made, we will notify registered account holders by email and post a prominent notice on tibaje.net for a period of at least thirty (30) days prior to the change taking effect.
The "Last Updated" date at the top of this Policy will always reflect the date of the most recent revision. We encourage you to review this Policy periodically. Continued use of the tibaje platform following the publication of an updated Policy constitutes acceptance of the revised terms.
If you have any questions, concerns, or requests relating to this Privacy Policy or tibaje's data practices, please contact our dedicated privacy team at [email protected]. We are based in the Bangladesh Standard Time zone (BST, UTC+6) and aim to respond to all privacy enquiries within one business day.
For a full overview of your rights and obligations as a tibaje player, please also review our Terms & Conditions and Responsible Gaming pages.
Our Privacy Commitments
How tibaje Protects Your Data
Behind every technical measure is a genuine commitment to treating your personal information with care and respect.
End-to-End Encryption
Every connection between your device and tibaje.net is secured by SSL/TLS encryption. Your account credentials, payment details, and personal data travel across an encrypted channel that cannot be intercepted by third parties.
No Data Sales, Ever
tibaje has never sold player data and never will. Your personal information is used solely to operate your account, process payments, and keep the platform secure — never to generate revenue through third-party advertising networks.
You Stay in Control
tibaje gives you clear, accessible tools to manage your data: access requests, correction rights, deletion rights, and marketing opt-out — all available by contacting [email protected]. Your privacy preferences are respected immediately.
Transparent Cookie Use
tibaje uses only necessary, performance, and functional cookies by default. Marketing cookies are activated only with your explicit consent. You can adjust or revoke cookie permissions at any time through your browser settings.
Vetted Third-Party Partners
Every service provider that handles tibaje player data — from payment processors like bKash and Nagad to identity verification services — is bound by a data processing agreement that enforces security standards equivalent to our own.
Clear Retention Limits
tibaje does not hold your data indefinitely. Retention periods are tied to specific legal and operational requirements. When the retention period expires, data is securely deleted or anonymised — not quietly archived.
Questions About Your Privacy?
Our FAQ covers the most common questions about accounts, data security, and payments. You can also read our full Terms & Conditions, explore the tibaje Casino game catalogue, or check out live Cricket Betting markets — all for players aged 18 and above across Bangladesh.
18+ only · SSL Secured · bKash & Nagad Accepted · Data never sold · Bangladesh Standard Time support