Table of Contents
- 1. Introduction
- 2. Data We Collect
- 3. How Data Is Collected
- 4. How We Use Your Data
- 5. Legal Basis for Processing
- 6. Data Sharing & Disclosure
- 7. Cookies & Tracking
- 8. Data Retention
- 9. Data Security
- 10. Your Rights
- 11. Minors & Age Verification
- 12. International Data Transfers
- 13. Changes to This Policy
- 14. Contact & Data Requests
1. Introduction
bea999 ("we", "us", "our", "the Platform") is committed to protecting the privacy and security of all personal data entrusted to us by players and visitors using the bea999 website at bea999.app. This Privacy Policy describes our practices regarding the collection, use, storage, transfer, and deletion of personal data in connection with your use of the bea999 platform and all associated services.
This Policy applies to all registered users of bea999, including players based in Bangladesh, and to any visitor who accesses the bea999 website regardless of whether they hold a registered account. It applies to data collected through the bea999 website, mobile-optimised interface, and any communication channels operated by bea999, including support email and in-platform live chat.
This Privacy Policy should be read in conjunction with the bea999 Terms & Conditions, which together govern the contractual and data relationship between bea999 and its users. Defined terms used but not defined in this Policy carry the meanings assigned to them in the Terms & Conditions.
2. Data We Collect
bea999 collects the following categories of personal data:
2.1 Identity Data
- Full legal name as it appears on your national identity document.
- Date of birth (used for age verification — bea999 is an 18+ platform).
- National Identity Card (NID) number or passport number where provided for KYC verification.
- Photograph or scanned copy of identity document where submitted for verification purposes.
2.2 Contact Data
- Registered mobile phone number (Bangladeshi number format).
- Email address where provided during registration or support contact.
- Residential address where provided for KYC or withdrawal verification purposes.
2.3 Account & Transaction Data
- Username and encrypted account credentials.
- Account registration date, login history, and session timestamps (Bangladesh Standard Time, UTC+6).
- Deposit history, withdrawal history, transaction amounts in Bangladeshi Taka (BDT), and associated payment method identifiers (e.g., bKash wallet number, Nagad account reference, bank account last digits).
- Bonus claims, wagering activity, and promotional participation records.
2.4 Gaming & Betting Activity Data
- Game play history across all products including slots, live casino tables, Texas Hold'em, Plants vs Dino, and sports betting markets.
- Bet amounts, bet outcomes, win/loss records, and game session durations.
- Responsible gaming settings chosen by the player, including deposit limits, session limits, and self-exclusion status.
2.5 Technical & Device Data
- IP address and approximate geolocation derived from IP at time of login and transaction.
- Device type, operating system, browser type and version.
- Referring URL and pages visited within the bea999 platform.
- Cookie identifiers and session tokens (see Section 7).
2.6 Communications Data
- Content of support tickets, live chat transcripts, and email correspondence submitted to bea999.
- Records of promotional communications sent to you and your engagement with them.
3. How Data Is Collected
bea999 collects personal data through the following means:
3.1 Directly from You
The majority of personal data held by bea999 is provided directly by you during the account registration process, identity verification (KYC), deposit and withdrawal requests, support interactions, and your voluntary participation in promotions and surveys.
3.2 Automatically During Platform Use
When you access and use the bea999 platform, certain technical and behavioural data is collected automatically through server logs, cookies, and similar tracking technologies. This includes your IP address, device identifiers, session activity, and in-platform navigation patterns. This data is collected to ensure platform security, prevent fraud, and improve the user experience.
3.3 From Third-Party Service Providers
bea999 may receive supplementary data from third-party identity verification and KYC service providers engaged to confirm the accuracy of identity information you have submitted. In addition, payment processors such as bKash, Nagad, and banking partners may share transaction confirmation data with bea999 to reconcile deposits and withdrawals.
3.4 From Publicly Available Sources
In limited circumstances relating to fraud prevention and regulatory compliance, bea999 may cross-reference data against publicly available databases or sanction screening lists. This is conducted solely for the purpose of meeting legal and compliance obligations and does not involve the collection of additional personal data beyond what is necessary for that verification.
4. How We Use Your Data
bea999 uses collected personal data for the following purposes:
| Purpose | Data Used |
|---|---|
| Account registration and management | Identity data, contact data, account credentials |
| Age and identity verification (KYC) | Identity data, document scans, date of birth |
| Processing deposits and withdrawals | Transaction data, payment method identifiers |
| Providing game play and betting services | Account data, gaming activity data |
| Customer support and dispute resolution | Identity data, communications data, transaction data |
| Bonus and promotion administration | Account data, transaction data, gaming activity data |
| Fraud prevention and security monitoring | Technical data, transaction data, identity data |
| Responsible gaming compliance | Gaming activity data, responsible gaming settings |
| Platform analytics and improvement | Technical data, aggregated behavioural data (anonymised) |
| Legal and regulatory compliance | All categories as required by applicable law |
bea999 does not use personal data for automated decision-making that produces legal or similarly significant effects on users, except in cases of fraud detection where automated systems may flag an account for human review. Any account action resulting from such a flag is reviewed by a human operator before being applied.
5. Legal Basis for Processing
bea999 processes your personal data on the following legal bases:
- Contractual necessity: Processing required to fulfil our contractual obligations to you, including account management, payment processing, and game play delivery.
- Legal obligation: Processing necessary for bea999 to comply with applicable laws, including anti-money laundering (AML) requirements, age verification mandates, and financial record-keeping obligations.
- Legitimate interests: Processing conducted for bea999's legitimate business interests, including fraud prevention, platform security, and service improvement, where those interests are not overridden by your rights and freedoms.
- Consent: Where processing is based on consent — for example, sending promotional communications — you may withdraw that consent at any time by updating your account communication preferences or contacting support.
6. Data Sharing & Disclosure
bea999 does not sell, rent, or otherwise transfer your personal data to unaffiliated third parties for their own marketing or commercial purposes. Personal data is shared only in the following limited circumstances:
6.1 Payment Service Providers
To process deposits and withdrawals, bea999 shares necessary transaction data with payment service providers including bKash, Nagad, Rocket, Upay, and partnering banks such as BRAC Bank, Dutch-Bangla Bank, City Bank, Islami Bank, and Sonali Bank. These providers act as data processors and are contractually obligated to protect your data and use it solely for the purpose of completing the relevant financial transaction.
6.2 Identity Verification Providers
For KYC and age verification purposes, bea999 may share identity documents and related data with accredited third-party identity verification service providers. These providers are bound by data processing agreements and operate under strict confidentiality obligations.
6.3 Game Software Providers
Game studios and live casino providers including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi may receive game session data — such as player identifiers and bet amounts — to facilitate game delivery, resolve disputes, and ensure fair play. These providers do not receive full identity data and cannot identify individual players by name or contact details through game session data alone.
6.4 Legal and Regulatory Disclosure
bea999 may disclose personal data to law enforcement agencies, regulatory bodies, or courts of competent jurisdiction where required by applicable law, a valid court order, or in response to a lawful request. bea999 will notify affected users of such a request where legally permitted to do so.
6.5 Business Transfers
In the event of a merger, acquisition, restructuring, or sale of all or a substantial part of bea999's assets, personal data held by bea999 may be transferred to the acquiring entity as part of that transaction. Affected users will be notified in advance where reasonably practicable, and the receiving entity will be required to honour the terms of this Privacy Policy.
7. Cookies & Tracking
bea999 uses cookies and similar tracking technologies to operate the platform effectively, maintain your session, detect fraud, and analyse usage patterns. The following categories of cookies are used:
- Strictly necessary cookies: Essential for the platform to function. These include session authentication tokens, CSRF protection tokens, and load-balancing cookies. These cannot be disabled without affecting platform functionality.
- Functional cookies: Used to remember your preferences such as language settings, preferred game categories, and responsible gaming configuration choices.
- Analytical cookies: Used to collect anonymised, aggregated data about how users interact with the bea999 platform, helping us identify areas for improvement. No personal identifiers are included in analytical data exports.
- Security cookies: Used to detect and prevent fraudulent login attempts, bot activity, and account takeover attempts.
You may manage cookie preferences through your browser settings. Disabling strictly necessary cookies will impair or prevent access to your bea999 account. Disabling analytical or functional cookies will not prevent platform access but may reduce the quality of your experience.
bea999 does not use third-party advertising cookies or permit third-party advertising networks to place tracking cookies on the bea999 platform.
8. Data Retention
bea999 retains personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by applicable legal and regulatory obligations. The following general retention periods apply:
- Active account data: Retained for the duration of the account relationship and for a minimum of five (5) years following account closure, in line with anti-money laundering record-keeping requirements.
- Transaction records: Retained for a minimum of five (5) years from the date of the transaction.
- KYC / identity verification documents: Retained for a minimum of five (5) years following the completion of the verification process or account closure, whichever is later.
- Support communications: Retained for three (3) years from the date of the last communication in a support thread.
- Technical and device logs: Retained for up to twelve (12) months from collection, unless retained longer for active fraud investigation or legal proceedings.
Once data is no longer required for any of the above purposes, bea999 will securely delete or anonymise it. Anonymised data may be retained indefinitely for statistical and analytical purposes as it can no longer be linked to any individual.
9. Data Security
bea999 implements a layered set of technical and organisational security measures designed to protect your personal data against unauthorised access, disclosure, alteration, and destruction. These measures include:
- 256-bit SSL/TLS encryption for all data in transit between user devices and bea999 servers.
- Encryption of sensitive data fields at rest within the bea999 database infrastructure.
- Role-based access controls limiting staff access to personal data strictly to those with a business need.
- Regular security assessments and penetration testing of the bea999 platform infrastructure.
- Two-factor authentication options for account login to prevent unauthorised access.
- Automated monitoring and alerting systems for anomalous login behaviour and suspicious transaction patterns.
While bea999 takes data security seriously and applies industry-standard protective measures, no internet-based platform can guarantee absolute security. Users are responsible for maintaining the confidentiality of their own account credentials. bea999 support staff will never request your password.
10. Your Rights
As a user of bea999, you have the following rights in relation to your personal data:
- Right of access: You may request a copy of the personal data bea999 holds about you at any time. bea999 will respond to verified access requests within 30 days.
- Right to rectification: If any personal data held by bea999 is inaccurate or incomplete, you have the right to request that it be corrected. Minor corrections (such as contact number updates) can be made directly in your account settings.
- Right to erasure: You may request the deletion of your personal data where it is no longer necessary for the purpose for which it was collected, where you have withdrawn consent, or where the data has been unlawfully processed. Note that bea999 may be required to retain certain data to comply with legal obligations even following a deletion request.
- Right to restriction of processing: You may request that bea999 restrict the processing of your personal data in certain circumstances, for example while a rectification request is being assessed.
- Right to data portability: Where processing is based on your consent or a contract, you may request a copy of your personal data in a structured, machine-readable format.
- Right to withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing that occurred prior to withdrawal.
- Right to object: You may object to processing conducted on the basis of bea999's legitimate interests. bea999 will assess such objections and cease the relevant processing unless compelling legitimate grounds override your interests.
To exercise any of these rights, please contact the bea999 data team at [email protected] with the subject line "Data Rights Request". bea999 may require you to verify your identity before processing a data rights request. Requests will be acknowledged within five (5) business days and resolved within 30 days wherever possible.
11. Minors & Age Verification
bea999 implements age verification checks at the point of registration and during the KYC process. Where bea999 discovers that personal data has been collected from an individual who is under 18 years of age, that data will be deleted promptly, the account will be closed, and any deposits will be returned in accordance with the process described in the Terms & Conditions.
Parents and guardians who believe that a minor may have registered an account on bea999 or submitted personal data to the platform are encouraged to contact support at [email protected] immediately. bea999 will investigate and take appropriate action without delay.
12. International Data Transfers
The bea999 platform primarily serves players in Bangladesh, and data is stored and processed within infrastructure that prioritises data residency consistent with applicable requirements. However, certain third-party service providers engaged by bea999 — including game software providers and identity verification partners — may process data in jurisdictions outside Bangladesh.
Where personal data is transferred internationally, bea999 ensures that appropriate safeguards are in place, including contractual clauses that require the receiving party to protect your data to a standard at least equivalent to the protections described in this Privacy Policy. bea999 does not transfer personal data to jurisdictions that do not provide adequate data protection guarantees without implementing such safeguards.
13. Changes to This Policy
bea999 reserves the right to update or revise this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or platform features. When material changes are made, bea999 will update the "Last Updated" date at the top of this page and, where appropriate, notify registered users via in-platform notification or email to the address on file.
We encourage you to review this Privacy Policy periodically to stay informed about how bea999 collects, uses, and protects your personal data. Continued use of the bea999 platform following the publication of an updated Privacy Policy constitutes your acceptance of the revised terms.
14. Contact & Data Requests
If you have questions about this Privacy Policy, wish to exercise any of your data rights, or need to report a privacy concern, please contact the bea999 data team using the details below. All communications relating to data privacy are handled with priority.
Email: [email protected]
Subject line for data requests: "Data Rights Request" or "Privacy Concern"
Response time: Acknowledgement within 5 business days (Bangladesh Standard Time, UTC+6)
SSL Encrypted
Every connection to bea999 is protected by 256-bit SSL encryption. Your data in transit is always secure.
No Data Selling
bea999 never sells your personal data to advertisers or marketing companies. Full stop.
5-Year Retention
Account and transaction data is retained for 5 years post-closure to meet AML compliance requirements.
Exercise Your Rights
Access, correct, or delete your data. Contact [email protected] with subject "Data Rights Request".
Controlled Sharing
Data is shared only with payment processors, KYC providers, and game studios — under strict contractual controls.