Privacy Policy
hibazze is committed to protecting the privacy and personal data of every player on our platform. This Privacy Policy explains exactly what data we collect, why we collect it, how we store and protect it, and what rights you hold as a registered user in Bangladesh. Please read this document carefully before using the hibazze platform.
Data We Collect
When you interact with hibazze — whether by visiting the site, registering an account, making a deposit, placing a bet, or contacting our support team — we collect certain categories of personal and technical data. This data is collected only to the extent necessary to provide you with a safe, compliant, and enjoyable experience on the hibazze platform. We do not collect data for its own sake; every category listed below serves a specific, documented purpose.
Data collection at hibazze falls into three broad categories: data you provide directly, data we collect automatically, and data we receive from third-party payment and identity verification partners. The table below summarises all data types, their source, and the legal basis under which each category is processed.
| Data Category | Examples | Source | Legal Basis |
|---|---|---|---|
| Identity Data | Full name, date of birth, NID number, passport number | You (registration / KYC) | Legal obligation / contract |
| Contact Data | Mobile number, email address, city (e.g., Dhaka, Chittagong) | You (registration / profile) | Contract performance |
| Financial Data | bKash / Nagad / Rocket number, transaction history, deposit amounts in BDT | You / Payment provider | Contract / legal obligation |
| Technical Data | IP address, device type, browser, operating system, session tokens | Automatic (platform) | Legitimate interest |
| Usage Data | Pages visited, games played, bets placed, session duration, click paths | Automatic (platform) | Legitimate interest |
| Communications Data | Support chat transcripts, email correspondence, complaint records | You (support interactions) | Contract / legal obligation |
| Verification Documents | Scanned NID, passport photo page, selfie with ID, utility bill | You (KYC verification) | Legal obligation |
- Minimum Necessary: hibazze applies a data-minimisation principle. We collect only what is genuinely necessary to operate the platform, comply with anti-money-laundering obligations, and protect users from fraud.
- Children's Data: hibazze does not knowingly collect any data from persons under 18 years of age. If we discover that an account belongs to an underage user, all associated data will be deleted and the account permanently closed.
- Sensitive Financial Data: Full payment card numbers and full mobile banking PINs are never stored on hibazze servers. Financial transactions are processed directly by the payment provider using tokenisation.
Data Minimisation Principle
hibazze collects the minimum amount of personal data required to operate a safe and compliant betting platform for Bangladesh players. We do not profile users beyond what is necessary for account security and responsible gaming obligations.
Mobile-First Data Collection
Because hibazze is built for Bangladesh's mobile-first audience, the primary identifier for most accounts is a Bangladeshi mobile number. This number is used for OTP verification and is linked to all financial activity on the account.
How We Use Your Data
Every piece of personal data collected by hibazze is processed for one or more specific, documented purposes. We do not sell your personal data. We do not use your data to serve advertising campaigns for third-party brands. We do not build anonymous profiles of your activity to sell to data brokers. The purposes for which your data is used are limited to the following categories, each of which is tied to a legitimate operational or legal need.
The primary purpose of data processing at hibazze is the delivery and improvement of our betting and casino platform. This encompasses account creation and authentication, processing of deposits and withdrawals in Bangladeshi Taka via bKash, Nagad, Rocket, Upay, and bank channels, providing access to sportsbook markets including BPL, IPL, and international cricket, and resolving any disputes or queries you raise with our support team.
- Account Management: Your identity and contact data are used to create, authenticate, and maintain your hibazze account, including verifying your identity during the hibazze Login process and processing password resets via OTP.
- Transaction Processing: Your financial data and contact data are used to process BDT deposits and withdrawals via supported payment methods, reconcile transaction records, and issue receipts or confirmations.
- Regulatory Compliance: Your identity and financial data are used to fulfil Know Your Customer (KYC) obligations, conduct anti-money-laundering (AML) checks, and respond to lawful requests from competent authorities.
- Fraud Prevention and Security: Your technical and usage data are used to detect unusual account activity, identify potential fraud, prevent unauthorised access, and protect the integrity of betting markets.
- Responsible Gaming Monitoring: Usage data and betting history are analysed to identify patterns that may indicate problem gambling behaviour. This data is used to trigger responsible gaming interventions such as deposit limit suggestions or self-exclusion prompts.
- Platform Improvement: Aggregated, anonymised usage data is used to improve the hibazze platform — identifying popular games, optimising page performance, and enhancing the betting experience for Bangladesh players.
- Customer Support: Communications data from your support interactions is used to resolve your queries, maintain records of complaint outcomes, and train our support team on recurring issues.
- Marketing Communications (Opt-in Only): If you have explicitly opted in to receiving promotional communications, your contact data may be used to send you information about bonuses, seasonal promotions (such as BPL season offers or Eid bonuses), and new platform features. You may withdraw consent at any time by contacting support.
Purpose Limitation
Data collected for one purpose will not be repurposed for an unrelated secondary use without your explicit consent. For example, your KYC identity documents will not be used for marketing segmentation.
Responsible Gaming Analytics
hibazze uses behavioural analytics on an anonymised basis to identify responsible gaming risks. No individual profiling is shared externally. This data is used solely to protect players on the hibazze platform.
Data Sharing and Third Parties
hibazze does not share your personal data with third parties except in the limited and specific circumstances described in this section. Every third party that receives data from hibazze is contractually obligated to process that data only for the stated purpose, to maintain appropriate security standards, and to delete the data once the purpose is fulfilled. We do not permit our data-processing partners to use your data for their own independent purposes.
The categories of third parties with whom hibazze shares data are: payment processing providers, identity verification services, game technology providers, platform infrastructure and hosting services, and competent legal or regulatory authorities where disclosure is required by law. Each category is described in detail below.
| Third-Party Category | Examples | Data Shared | Purpose |
|---|---|---|---|
| Payment Providers | bKash, Nagad, Rocket, Upay, Visa, Mastercard | Mobile number, transaction amount, account reference | Process deposits and withdrawals in BDT |
| Identity Verification | KYC verification service partners | Name, date of birth, ID document image | AML compliance and age verification |
| Game Providers | Pragmatic Play, Evolution Gaming, Spribe, Ezugi, Microgaming, NetEnt | Anonymous player session token, bet amount | Game delivery and RNG certification |
| Hosting & Infrastructure | Cloud hosting and CDN providers | Technical data, encrypted account data | Platform operation and uptime |
| Legal Authorities | Law enforcement, courts, regulatory bodies | Identity, financial, and usage data (as required) | Compliance with lawful orders |
What We Never Do
hibazze will never:
- Sell your data to advertisers
- Share your data with social media platforms
- Transfer your data to unvetted third parties
- Use your data for political purposes
Data Processing Agreements
Every third-party partner that processes hibazze user data is bound by a formal Data Processing Agreement (DPA). These agreements specify data use limits, retention rules, and security requirements that align with this Privacy Policy.
Data Security and Storage
hibazze takes the security of your personal data seriously. We employ a layered security architecture that combines technical controls, organisational policies, and staff training to protect your data against unauthorised access, disclosure, alteration, or destruction. No data transmission over the internet or electronic storage system can be guaranteed to be 100% secure; however, hibazze uses industry-standard measures to minimise risk to the greatest practicable extent.
All data transmitted between your device and hibazze servers is protected by Transport Layer Security (TLS 1.2 or higher), commonly displayed as HTTPS in your browser. Sensitive data at rest — including identity documents, financial records, and account credentials — is stored in encrypted form using AES-256 encryption. Access to personal data within hibazze's internal systems is restricted on a strict need-to-know basis and is protected by role-based access controls and multi-factor authentication for all staff accounts.
- TLS Encryption: All communications between your browser or app and hibazze servers are encrypted via TLS 1.2 or TLS 1.3. The padlock icon in your browser confirms this connection is active.
- AES-256 at Rest: Personal data stored in hibazze databases is encrypted at rest using AES-256 — the same standard used by international financial institutions.
- Access Controls: Internal access to personal data is restricted to authorised personnel only, on a documented need-to-know basis. All internal access is logged and regularly audited.
- Password Hashing: Your account password is never stored in plain text. It is stored as a salted cryptographic hash, meaning that even in the event of a data breach, your password cannot be directly recovered from the stored value.
- Incident Response: hibazze maintains a documented data breach response plan. In the event of a confirmed data breach affecting your personal data, you will be notified promptly with details of what data was affected and what steps are being taken.
- Payment Security: Full payment card details and mobile banking PINs are never stored by hibazze. All financial data is processed via PCI-DSS-compliant payment partners including bKash, Nagad, Rocket, Visa, and Mastercard.
Fair Play Certified
All casino and slot games on hibazze are sourced from certified providers whose RNG engines are independently audited. Player account security is reviewed alongside game integrity as part of our regular compliance checks.
Your Role in Security
You are responsible for keeping your hibazze Login credentials confidential. Use a strong, unique password. Enable OTP verification on your mobile number. Never share your account details with anyone claiming to represent hibazze via SMS or messaging apps.
Your Privacy Rights
As a registered user of hibazze, you hold a set of meaningful rights over your personal data. These rights are not token gestures — they reflect hibazze's genuine commitment to data transparency and user control. You may exercise any of the rights listed below by contacting our support team at support@hibazze. We will acknowledge your request within 5 business days (Bangladesh Standard Time, UTC+6) and aim to complete the response within 30 calendar days of receipt. Complex requests may take longer, in which case we will notify you of the extended timeline.
Right to Access
You have the right to request a copy of all personal data hibazze holds about you. We will provide this in a structured, readable format within 30 days.
Right to Rectification
If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated without undue delay.
Right to Erasure
You may request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to our legal retention obligations.
Right to Restriction
You have the right to request that we restrict the processing of your personal data in certain circumstances — for example, while a dispute about its accuracy is being resolved.
Right to Portability
Where processing is based on your consent or on a contract, you have the right to receive your data in a portable format and to transfer it to another service provider.
Right to Object
You have the right to object to processing based on legitimate interests — including processing for marketing purposes. Objecting to marketing is always honoured without question.
Right to Withdraw Consent
Where processing is based on your consent (e.g., marketing emails), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of prior processing.
Right to Complain
If you believe hibazze has mishandled your personal data, you have the right to raise a complaint. Contact support@hibazze with full details of your concern.
How to Exercise Your Rights
To exercise any of the rights described in this section, send a written request to:
Email: support@hibazze
Please include your registered username and a brief description of the right you wish to exercise. We will verify your identity before processing the request to protect against fraudulent data access claims.
Data Retention Policy
hibazze retains personal data only for as long as it is necessary to fulfil the purpose for which it was collected or as required by applicable law. Different categories of data are subject to different retention periods, which are determined by the nature of the data, the purpose of processing, and any legal obligations that require us to keep records for a minimum period. The table below summarises our standard retention schedule.
| Data Category | Retention Period | Basis for Retention |
|---|---|---|
| Account and identity data | Duration of account + 5 years post-closure | AML / legal obligation |
| Financial transaction records | 7 years from transaction date | Financial record-keeping obligation |
| KYC verification documents | 5 years post-account closure | AML / legal obligation |
| Support communications | 3 years from last contact | Legitimate interest / dispute resolution |
| Technical / usage data | 13 months (rolling) | Legitimate interest / security |
| Marketing consent records | Duration of consent + 2 years | Legal compliance (consent evidence) |
Once the applicable retention period has elapsed, personal data is either securely deleted from hibazze systems or anonymised such that it can no longer be linked to any identifiable individual. Anonymised or aggregated data may be retained indefinitely for platform analytics and statistical reporting purposes, as it no longer constitutes personal data once the link to any identifiable individual has been irreversibly removed.
Why We Retain Data
Retention periods at hibazze are driven by two factors: the operational need to support ongoing accounts and resolve disputes, and the legal obligation to maintain financial and identity records under anti-money-laundering frameworks applicable to online platforms serving Bangladesh players.
Requesting Early Deletion
If your account has been closed and you wish to request deletion of data that is not subject to a mandatory legal retention period, contact support@hibazze. We will confirm which data can be deleted immediately and which must be retained under applicable obligations.
Updates to This Policy
hibazze reserves the right to update or amend this Privacy Policy at any time. Changes may be made to reflect updates to the platform's data practices, changes in applicable law, new payment methods or game providers added to the platform, or improvements to our security infrastructure. Every version of this Privacy Policy is dated, and the effective date shown at the top of this document always reflects the most recently published version.
When a material change is made to this Privacy Policy — meaning a change that significantly affects how your personal data is collected, used, or shared — hibazze will notify registered users via the email address or mobile number associated with their account. Non-material changes, such as clarifications of existing language or correction of typographical errors, will be published without individual notification. We encourage you to review this Privacy Policy periodically to stay informed of how hibazze protects your data.
Your continued use of the hibazze platform after a revised Privacy Policy has been published constitutes your acceptance of the updated terms. If you do not agree with any changes to this Privacy Policy, you should discontinue use of the platform and contact support@hibazze to request account closure and data deletion in accordance with your rights under Section 6 above.
- Versioning: Every published version of this Privacy Policy carries a unique effective date. Previous versions are available on request by contacting support@hibazze.
- Material Change Notification: For changes that significantly affect your rights or how your data is used, hibazze will provide at least 14 days' advance notice before the updated policy takes effect.
- Governing Language: This Privacy Policy is written in English. In the event of any dispute about the meaning of a provision, the English-language version of this document is the authoritative reference.
- Contact for Queries: If you have any questions about this Privacy Policy or about how hibazze handles your personal data, contact our support team at support@hibazze. We aim to respond to all privacy queries within 5 business days (Bangladesh Standard Time, UTC+6).
Stay Informed
To ensure you always have access to the current Privacy Policy, bookmark the hibazze Privacy Policy page. When a material update is published, registered users receive a notification to their registered mobile number or email address before the changes take effect.
Privacy Questions?
If anything in this Privacy Policy is unclear, or if you want to understand how a specific data practice applies to your account, reach out to our support team. We are committed to answering privacy queries in plain English — no legal jargon, no runaround.
Our Privacy Commitments
Six principles that define how hibazze approaches the privacy and data protection of every Bangladesh player on our platform.
End-to-End Encryption
Every byte of data exchanged between your device and hibazze travels over a TLS-encrypted connection. All sensitive data stored on our servers is encrypted at rest using AES-256, the same standard used by international banks.
You Control Your Data
hibazze gives you eight clearly defined rights over your personal data — from access and correction to erasure and portability. Exercising any of these rights is straightforward: one email to support@hibazze is all it takes.
Zero Data Sales
hibazze will never sell, rent, or broker your personal data to any third party for commercial gain. Your data is collected to run the platform — not to generate revenue from data-hungry advertisers or analytics brokers.
Responsible Data Retention
Data is kept only for as long as it is genuinely needed or legally required. Once the retention period expires, data is securely deleted or irreversibly anonymised. We do not hoard data indefinitely as a business asset.
No Advertising Tracking
hibazze uses no advertising cookies, no third-party retargeting pixels, and no social media tracking scripts. Your browsing history on hibazze stays strictly within hibazze — it is not shared with Facebook, Google Ads, or any ad network.
Plain-English Transparency
This Privacy Policy is written in plain, accessible English — not in impenetrable legal boilerplate. We believe Bangladesh players deserve to understand exactly how their data is handled without needing a law degree to decode the document.
Your Privacy Is Safe at hibazze
Now that you understand how hibazze protects your personal data, explore our platform with confidence. Check our FAQ for quick answers, review our Responsible Gaming tools, or head to the casino to get started.