cd33ap Privacy Policy
Your Data Rights & Our Commitments
At cd33ap, the privacy and security of your personal data is a foundational commitment. This Privacy Policy explains exactly what information we collect from registered players in Bangladesh, why we collect it, how it is stored and protected, and what rights you have over your own data under our platform's policies.
This Privacy Policy ("Policy") applies to all users who access the cd33ap platform at cd33ap.net, including registered account holders and visitors browsing the site without an account. By using the cd33ap platform, you acknowledge that you have read and understood this Policy and consent to the data practices described herein. This Policy should be read in conjunction with the cd33ap Terms & Conditions, which govern the overall use of the platform.
End-to-End Encryption
All data transmitted between your device and cd33ap servers is protected by 256-bit SSL/TLS encryption. Your account credentials, payment details, and personal information travel over an encrypted connection at all times.
No Data Selling
cd33ap does not sell, rent, or trade your personal information to any third-party advertiser, data broker, or marketing company. Your data is used only for operating the platform and fulfilling our service commitments to you.
You Control Your Data
Registered players can request access to their personal data, request corrections to inaccurate records, or request deletion of their data subject to legal retention requirements. Contact our support team to exercise any of these rights.
Payment Data Security
cd33ap does not store full card numbers or mobile banking PINs on our servers. Payment transactions via bKash, Nagad, Rocket, and Upay are processed through their respective secure gateways. Only masked transaction references are retained.
Transparent Cookie Use
We use cookies strictly for session management, fraud detection, and platform performance analytics. We do not use third-party advertising cookies. You can review all cookie categories in detail in the Cookies section of this Policy below.
Clear Retention Limits
Personal data is retained only for as long as it is necessary to deliver our services and meet applicable record-keeping obligations. Account data for closed accounts is held for a maximum of 5 years before being securely purged from active systems.
1. Information We Collect
cd33ap collects personal data through two primary channels: information that you provide directly to us, and information that is generated automatically through your interaction with the platform. We collect only the data that is necessary to operate the platform, verify your identity, process transactions, and maintain a safe gaming environment.
1.1 Information You Provide Directly
- Registration data: Full legal name, date of birth, country of residence, email address, and mobile phone number provided when creating your cd33ap account.
- Identity verification documents: Copies of your National Identity Card (NID), passport, or birth certificate submitted in response to a KYC verification request. These documents are processed solely for identity and age verification purposes.
- Payment information: Mobile wallet account numbers (bKash, Nagad, Rocket, Upay), bank card details (card number masked after processing), and transaction references associated with deposits and withdrawals.
- Account preferences: Language preferences, notification settings, responsible gaming limits, and any custom account configurations you apply through the platform dashboard.
- Support communications: Records of your interactions with the cd33ap support team via live chat, including the content of your messages, timestamps, and resolution notes.
- Promotional participation: Data submitted when opting into promotional offers, tournaments, or seasonal campaigns such as BPL cricket season promotions or Eid bonus offers.
1.2 Information Collected Automatically
- Device and browser data: IP address, device type, operating system version, browser type and version, and screen resolution collected at each login session.
- Session and usage data: Pages visited on cd33ap.net, time spent on each section, games launched, bets placed, session start and end timestamps, and navigation paths through the platform.
- Transaction logs: Automatically generated records of all deposits, withdrawals, bonus claims, wager amounts, game outcomes, and account balance changes.
- Geolocation data: General geographic location derived from your IP address at the time of login. cd33ap does not collect precise GPS coordinates. Location data is used for fraud detection and access control.
- Cookie and tracking data: Session cookies, authentication tokens, and analytics identifiers. See Section 4 for a full breakdown of cookie categories in use.
| Data Category | Examples | Collection Method |
|---|---|---|
| Identity Data | Name, date of birth, NID number | Registration form / KYC upload |
| Contact Data | Email address, mobile number | Registration form |
| Financial Data | bKash/Nagad number, transaction ID | Deposit / withdrawal process |
| Technical Data | IP address, device type, browser | Automatic (server logs) |
| Usage Data | Pages visited, games played, bets placed | Automatic (platform analytics) |
| Communications Data | Live chat transcripts, support tickets | Support interactions |
2. How We Use Your Data
cd33ap processes your personal data on the basis of contractual necessity (to deliver the services you have registered for), legitimate interest (to maintain platform security and prevent fraud), and your explicit consent (for optional marketing communications). The following describes every purpose for which your data is used on the cd33ap platform.
2.1 Platform Operations
- Creating and maintaining your registered player account and associated balance records.
- Processing deposits and withdrawals through your selected payment method (bKash, Nagad, Rocket, Upay, Visa, Mastercard, or Dutch-Bangla Bank).
- Calculating and crediting bonus amounts and tracking wagering requirement progress.
- Settling sports betting markets, live casino game rounds, and slot game results accurately and in accordance with the platform's published rules.
- Delivering account notifications including deposit confirmations, withdrawal approvals, bonus activations, and security alerts via email or SMS.
2.2 Identity Verification and Regulatory Compliance
- Verifying that all registered players are aged 18 years or older in compliance with the platform's age restriction policy.
- Conducting Know Your Customer (KYC) checks to confirm the identity of account holders before processing large withdrawals or when unusual activity is detected.
- Maintaining transaction records and account activity logs for anti-money laundering (AML) monitoring purposes.
- Responding to lawful requests for information from competent authorities where required.
2.3 Security and Fraud Prevention
- Detecting and preventing duplicate account creation, bonus abuse, collusion, and other forms of platform fraud.
- Monitoring login locations and device fingerprints to identify potentially unauthorised account access.
- Applying responsible gaming interventions such as triggering deposit limit alerts or initiating temporary account restrictions where usage patterns suggest problem gambling behaviour.
2.4 Platform Improvement
- Analysing aggregated, anonymised usage data to improve platform performance, game selection, and user interface design.
- Running A/B tests on new features and promotional layouts to improve the player experience for users across Bangladesh, including those in Dhaka, Chittagong, Sylhet, and Khulna.
2.5 Marketing Communications (Opt-In Only)
cd33ap will only send you direct marketing communications — including promotional emails, SMS offers, and bonus notifications — if you have explicitly opted in to receive them during registration or through your account preferences. You may withdraw your marketing consent at any time by updating your notification settings in the account dashboard or by contacting support. Withdrawal of marketing consent does not affect the processing of data required for platform operations.
3. Data Sharing & Third Parties
cd33ap does not sell, rent, or trade your personal data to any third party. However, to operate the platform effectively and securely, we share limited and necessary data with the following categories of trusted service providers under strict data processing agreements that require them to handle your information in accordance with this Privacy Policy.
3.1 Payment Processing Partners
When you initiate a deposit or withdrawal, the necessary transaction data (your registered mobile wallet number or card details) is shared with the relevant payment gateway — bKash, Nagad, Rocket, Upay, SureCash, Dutch-Bangla Bank, Visa, or Mastercard — solely for the purpose of completing that transaction. cd33ap does not store full card numbers or mobile banking PINs on our servers at any point.
3.2 Game Content Providers
The cd33ap platform is powered by third-party game studios including Pragmatic Play, Evolution Gaming, Microgaming, NetEnt, Spribe, and Ezugi. These providers operate their own game servers, and certain session data (such as your player session token and wager amounts) is transmitted to their servers during active game play in order to render the game and settle results. Game providers are contractually prohibited from using this data for any purpose other than game delivery and result verification.
3.3 Identity Verification Services
Where KYC verification is required, identity document images and personal details may be shared with a certified identity verification service provider. These providers process the data solely for verification purposes and do not retain copies of your documents beyond the verification period.
3.4 Analytics and Platform Performance
cd33ap uses server-side analytics tools to monitor platform uptime, page load performance, and error rates. Aggregated and anonymised technical data is processed by these tools. No personally identifiable information is shared with analytics providers.
3.5 Legal Disclosure
cd33ap may disclose your personal data to law enforcement agencies, regulatory bodies, or other competent authorities where we are required to do so by applicable law, court order, or legal process. We will notify you of any such disclosure to the extent permitted by law.
4. Cookies & Tracking Technologies
cd33ap uses cookies and similar local storage technologies to operate the platform, maintain your login session, and improve platform performance. This section explains every category of cookie in use on cd33ap.net and the purpose each serves.
4.1 What Are Cookies?
A cookie is a small text file placed on your device by a website when you visit it. Cookies allow the website to remember your preferences, keep you logged in across page loads, and collect aggregated usage data. Cookies cannot execute code and cannot carry viruses or malware.
| Cookie Category | Purpose | Retention | Third Party? |
|---|---|---|---|
| Strictly Necessary | Login session authentication, CSRF protection, load balancing | Session (deleted on browser close) | No |
| Functional | Storing language preference, responsible gaming limit settings | Up to 12 months | No |
| Performance / Analytics | Page load times, error tracking, aggregated traffic analysis | Up to 12 months | No (server-side only) |
| Security / Fraud Detection | Device fingerprint hashing, login anomaly detection | Up to 30 days | No |
| Game Session | Passing session tokens to game provider iframes for active game rounds | Duration of active game session | Yes (game providers only) |
4.2 Managing Cookies
You can control cookie behaviour through your browser's settings. Most modern browsers allow you to block, delete, or be notified before a cookie is set. Please note that disabling strictly necessary cookies will prevent you from logging in to your cd33ap account and will render the platform non-functional. Disabling functional cookies will cause your language and preference settings to reset on each visit. Disabling game session cookies will prevent live casino and slot games from loading.
For specific instructions on managing cookies in your browser, consult the help documentation of your browser provider. Note that clearing cookies from your browser does not delete your cd33ap account or any data stored on our servers — it only removes locally stored browser data.
5. Data Security
cd33ap implements a multi-layered technical and organisational security framework to protect your personal data against unauthorised access, alteration, disclosure, or destruction. The following measures are in place at all times across the cd33ap platform infrastructure.
256-bit SSL/TLS Encryption
All data transmitted between your device and the cd33ap platform is encrypted using industry-standard 256-bit SSL/TLS protocols. The padlock icon in your browser confirms an active secure connection at all times.
Secure Data Centres
Player data is stored on servers located in access-controlled, physically secured data centres. Server access is restricted to authorised personnel only and is logged for audit purposes.
Password Hashing
Player account passwords are stored as salted cryptographic hashes using bcrypt. cd33ap staff cannot read your password — only you know it. If you forget your password, a secure reset process is used rather than retrieval.
Intrusion Detection
The cd33ap platform infrastructure is monitored continuously for suspicious access patterns, brute-force login attempts, and anomalous data export events. Automated alerting and response protocols are in place 24/7.
5.1 Your Responsibility for Account Security
While cd33ap takes extensive technical measures to protect your data on our end, account security also requires your active participation. You are responsible for keeping your login credentials confidential, using a strong and unique password for your cd33ap account, and logging out of your account when using a shared device. If you suspect unauthorised access to your account, contact cd33ap support immediately via live chat at cd33ap.net — we can freeze your account balance within minutes of receiving your report.
5.2 Data Breach Notification
In the event that cd33ap becomes aware of a data security breach that is likely to result in a risk to the rights and freedoms of affected players, we will notify all impacted account holders via their registered email address within 72 hours of becoming aware of the breach. The notification will include a description of the nature of the breach, the categories of data affected, the likely consequences, and the measures taken by cd33ap to address the breach and mitigate its effects.
6. Data Retention
cd33ap retains personal data for the minimum period necessary to fulfil the purpose for which it was collected, and in compliance with applicable record-keeping obligations. The following table sets out the specific retention periods applied to each category of personal data.
| Data Category | Retention Period | Basis for Retention |
|---|---|---|
| Account registration data | Duration of active account + 5 years after closure | Contractual and AML compliance |
| KYC identity documents | 5 years from date of verification | Regulatory compliance |
| Financial transaction records | 7 years from transaction date | Financial record-keeping obligations |
| Support communications | 3 years from date of interaction | Legitimate interest (dispute resolution) |
| Session and usage logs | 12 months from session date | Security and fraud prevention |
| Marketing consent records | Until consent is withdrawn + 1 year | Consent audit trail |
| Responsible gaming interaction records | Duration of account + 5 years | Player protection obligations |
Upon expiry of the applicable retention period, personal data is either securely deleted from active systems or anonymised so that it can no longer be attributed to an individual player. Anonymised, aggregated statistical data (such as total wagers placed across a given game category in a month) may be retained indefinitely for business analytics purposes, as this data does not constitute personal data.
7. Your Privacy Rights
As a registered cd33ap player, you have the following rights in relation to your personal data. To exercise any of these rights, contact the cd33ap data protection team via live chat at cd33ap.net or by emailing [email protected]. We will acknowledge your request within 48 hours (Bangladesh Standard Time, UTC+6) and aim to resolve it within 30 calendar days.
8. Policy Updates & Contact
cd33ap reviews and updates this Privacy Policy periodically to reflect changes in our data practices, platform features, and applicable legal and regulatory requirements. When a material change is made to this Policy, we will notify all registered players via their registered email address at least 14 days before the updated Policy takes effect. Continued use of the cd33ap platform after the effective date of an updated Policy constitutes your acceptance of the revised terms.
The version history of this Privacy Policy is maintained internally. The current version number and effective date are displayed at the top of this page. If you wish to review a previous version of this Policy, you may request it from the support team.
8.1 Children's Privacy
cd33ap is strictly an 18+ platform. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that personal data has been collected from a person under 18, that data will be deleted immediately and the associated account will be permanently closed. If you believe that a minor has registered on the cd33ap platform, please contact us immediately at [email protected] so that we can take prompt action.
8.2 Links to Third-Party Sites
This Privacy Policy applies solely to the cd33ap platform at cd33ap.net. If any content on the platform references or links to a third-party service, such as a game provider's support page, please note that cd33ap is not responsible for the privacy practices of those third parties. We recommend reviewing the privacy policy of any external service you visit.
Contact the cd33ap Data Protection Team
For any privacy-related enquiry, data subject request, or concern about how your personal data is handled, please reach out to us through one of the following channels:
- Live Chat: Available at cd33ap.net — typical response time under 2 minutes, 24 hours a day, 7 days a week.
- Email: [email protected] — typical response within 4 hours (Bangladesh Standard Time, UTC+6).
- Subject Line: Please include "Privacy Request – [Your Registered Email]" in your email subject line to ensure your request is routed directly to the data protection team.
Ready to Experience cd33ap?
Your personal data is protected every step of the way. Explore 5,000+ games, live cricket betting, and instant bKash withdrawals — all on a secure, privacy-first platform built for Bangladesh players.