gb997 Privacy Policy
At gb997 we take your privacy seriously. This Privacy Policy explains precisely what personal data we collect from players in Bangladesh, why we collect it, how we use and protect it, and what rights you hold over your own information under our platform's practices.
Privacy at a Glance
Six core commitments that define how gb997 handles your personal data every day.
Section 1
Data We Collect
gb997 collects personal data from players in Bangladesh across several categories. We only collect data that is necessary to deliver a safe, compliant, and high-quality gaming experience. The specific data we collect depends on how you interact with the gb997 platform — whether you are simply browsing, registering an account, making a deposit, or contacting our support team.
1.1 Registration & Identity Data
When you create a gb997 account, we collect the personal information you provide in the registration form. This includes:
- Full legal name (as it appears on your official identity document)
- Date of birth (used to verify that you meet the 18+ age requirement)
- Email address (used for account communications and verification)
- Mobile phone number (used for account security and payment verification)
- Residential address including city (e.g., Dhaka, Chittagong, Sylhet, Khulna, Rajshahi)
- Chosen username and encrypted password (passwords are never stored in plain text)
1.2 KYC Verification Documents
To comply with anti-money laundering requirements and to confirm player eligibility, gb997 may request the following documents as part of its Know Your Customer process:
- Government-issued photo ID (Bangladesh National ID Card, passport)
- Proof of address (utility bill, bank statement, or other official correspondence dated within 90 days)
- Payment method confirmation (screenshot of bKash, Nagad, or bank account registered in your name)
- Source of funds declaration for high-value deposits where required by our compliance team
1.3 Financial Transaction Data
gb997 records all deposit and withdrawal transactions processed through the platform. This includes transaction amounts in BDT, timestamps, payment method used (bKash, Nagad, Rocket, Upay, Visa, Mastercard, Dutch-Bangla Bank, BRAC Bank), transaction reference numbers, and the outcome of each transaction. gb997 does not store full card numbers or mobile banking PINs — only masked identifiers are retained.
1.4 Gaming & Betting Activity Data
We record all wagering activity on the gb997 platform, including game sessions played, bet amounts, wins and losses, bonus activations, sports betting selections (cricket BPL, IPL, T20 World Cup, football, kabaddi), session start and end times, and crash game cash-out decisions. This data is used for account integrity, responsible gaming monitoring, and dispute resolution.
1.5 Technical & Device Data
When you access gb997.org, our servers automatically log technical data including your IP address, browser type and version, operating system, device type (mobile or desktop), referring URL, pages visited, session duration, and approximate geolocation derived from your IP address. This data is used to secure the platform, detect fraud, and improve user experience.
1.6 Communications Data
When you contact gb997 support via live chat or email, we retain records of those communications including the content of messages, timestamps, the support agent involved, and the resolution outcome. These records are kept for quality assurance and regulatory compliance purposes.
- Identity: Name, DOB, address, contact details
- KYC Documents: Government-issued ID, proof of address
- Financial: Transaction records (masked payment details only)
- Gaming Activity: Bets, game sessions, bonus use
- Technical: IP address, device data, session logs
- Communications: Support chat and email records
Section 2
How We Use Your Data
gb997 processes your personal data only for legitimate, specified purposes. The legal basis for each processing activity is either the performance of our contract with you (delivering the platform services you signed up for), compliance with our legal obligations (KYC, AML, age verification), our legitimate business interests (fraud prevention, platform security, service improvement), or your explicit consent where required (such as for marketing communications).
- Account Management: We use your registration data to create and manage your gb997 account, verify your identity, authenticate your logins, and communicate account-related information such as password resets and security alerts.
- Payment Processing: Transaction data is used to process your deposits and withdrawals via bKash, Nagad, Rocket, Upay, Visa, Mastercard, Dutch-Bangla Bank, and BRAC Bank. We share necessary transaction details with our certified payment gateway partners to complete these operations.
- KYC & Compliance: Identity and document data is processed to fulfil our age verification obligations (18+ enforcement), satisfy anti-money laundering requirements, and comply with applicable financial crime regulations.
- Responsible Gaming: Gaming activity data, session duration, deposit frequency, and betting patterns are monitored to identify potential problem gambling behaviour. This allows gb997 to proactively offer responsible gaming tools such as deposit limits, cooling-off periods, and self-exclusion to players who may need them.
- Fraud Prevention & Platform Security: Technical data including IP addresses, device fingerprints, and session logs are analysed to detect unauthorised access, fraudulent transactions, duplicate account creation, and other prohibited conduct as defined in the gb997 Terms & Conditions.
- Customer Support: Communications data is used to manage your support enquiries, investigate complaints, and improve the quality of gb997's customer service. Support records may also be used as evidence in any dispute resolution process.
- Platform Improvement: Aggregated, anonymised analytics data derived from player behaviour (page visit patterns, game preferences, navigation flows) is used to improve the design, performance, and content of gb997.org. This analysis does not identify individual players.
- Marketing Communications: With your consent, gb997 may use your email address and phone number to send you promotional communications about new games, bonuses, and seasonal offers (such as Eid promotions, Pohela Boishakh specials, or BPL cricket season offers). You may withdraw your marketing consent at any time by contacting support or updating your account preferences.
- Contract Performance: Account management, payments, game delivery
- Legal Obligation: KYC, AML, age verification (18+)
- Legitimate Interest: Fraud prevention, platform security, analytics
- Consent: Marketing emails and SMS promotions
Section 3
Data Sharing & Third Parties
gb997 does not sell your personal data to any third party. We share your data only in the limited circumstances described below, and only with partners and service providers who are contractually bound to protect it in accordance with standards equivalent to those described in this Privacy Policy.
| Third Party Category | Data Shared | Purpose |
|---|---|---|
| Payment Gateways bKash, Nagad, Rocket, Upay, Visa, Mastercard, Dutch-Bangla Bank, BRAC Bank |
Transaction amount, account reference, masked payment identifier | Process deposits and withdrawals securely |
| KYC Verification Services | Identity documents, date of birth, name | Age and identity verification (18+ enforcement, AML) |
| Game Studios Pragmatic Play, Evolution Gaming, NetEnt, Spribe, Ezugi, JILI, etc. |
Session token, anonymised player ID, bet amounts | Deliver certified game content and resolve game disputes |
| Fraud Prevention & Analytics Providers | IP address, device fingerprint, session metadata | Detect and prevent fraudulent activity and account abuse |
| Cloud Hosting & Infrastructure | Encrypted database records, server logs | Store and serve platform data securely |
| Legal & Regulatory Authorities | Any data required by a valid legal order | Comply with applicable law, respond to lawful requests |
All third-party service providers engaged by gb997 are required to process your data only for the specific purpose for which it was shared, to implement adequate technical and organisational security measures, and to delete or return the data once the processing purpose has been fulfilled. gb997 does not authorise any service provider to use your data for their own independent purposes, including advertising.
- Third-party advertisers or ad networks
- Data brokers or list aggregators
- Other gambling operators or affiliate networks
- Social media platforms for tracking purposes
- Any party without a valid data processing agreement
- Any party outside a legitimate legal or operational need
Section 4
Cookies & Tracking Technologies
gb997 uses cookies and similar tracking technologies to operate the platform, maintain your session while you are logged in, remember your preferences, and gather anonymised analytics about how players use gb997.org. This section explains each category of cookie we use and how you can manage them.
| Cookie Type | Purpose | Can Be Disabled? |
|---|---|---|
| Essential Session Cookies | Maintain your logged-in state, prevent CSRF attacks, manage your active game session | No — required for platform to function |
| Security Cookies | Detect suspicious login attempts, flag unusual session behaviour, support fraud detection | No — required for account security |
| Preference Cookies | Remember your language setting, display preferences, and last-visited game category | Yes — via browser settings |
| Analytics Cookies | Measure page traffic, game popularity, navigation patterns using anonymised data | Yes — via browser settings |
| Performance Cookies | Monitor page load times, identify technical errors, support infrastructure optimisation | Yes — via browser settings |
You can control and manage cookies through your web browser settings. Most modern browsers allow you to view, delete, and block cookies on a per-site basis. Please note that disabling essential and security cookies will prevent you from logging into your gb997 account and using the platform. Disabling preference, analytics, and performance cookies has no effect on your ability to play games or make deposits.
gb997 does not use cross-site tracking cookies, does not participate in advertising networks, and does not place any tracking pixels or beacons on behalf of third-party advertisers. The analytics data we collect is aggregated and anonymised — it cannot be used to identify individual players.
- Session cookies: Deleted when you close your browser
- Security cookies: Up to 30 days
- Preference cookies: Up to 90 days
- Analytics cookies: Up to 12 months (anonymised)
- Performance cookies: Up to 30 days
Section 5
Data Security & Storage
gb997 implements a comprehensive set of technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. Data security is a foundational priority for the gb997 platform, and our security practices are reviewed and updated on a regular basis.
- Encryption in Transit: All data transmitted between your browser and gb997.org is encrypted using TLS 1.3, the current industry standard for transport layer security. Unencrypted HTTP connections are not accepted.
- Encryption at Rest: Personal data stored in gb997's databases is encrypted at rest using AES-256 encryption. This applies to identity records, transaction histories, and KYC documents.
- Password Hashing: Account passwords are never stored in plain text. gb997 uses a strong, salted cryptographic hashing algorithm to store password credentials. Even gb997's own engineering staff cannot read your password.
- Access Controls: Access to personal data is restricted on a strict need-to-know basis. Only authorised personnel with a legitimate operational or compliance reason may access player records, and all such access is logged and audited.
- Intrusion Detection: gb997's infrastructure is monitored 24/7 by automated intrusion detection and anomaly alerting systems. Suspected security incidents trigger an immediate response from the gb997 security team.
- KYC Document Security: Identity documents submitted for KYC are stored in an isolated, access-controlled document vault with restricted staff access. Documents are not attached to general player records and are accessed only for compliance review purposes.
- Payment Card Security: gb997 does not store full payment card numbers, CVV codes, or mobile banking PINs. All card transactions are handled by certified PCI-DSS compliant payment gateway partners. gb997 retains only masked identifiers (e.g., last 4 digits of a card) for reference purposes.
Despite these measures, no online platform can guarantee absolute security. In the unlikely event of a data breach that poses a risk to your rights and freedoms, gb997 will notify affected players without undue delay, explain what data was involved, describe the steps gb997 has taken to contain the breach, and advise on protective measures you can take.
Section 6
Your Data Rights
As a gb997 player, you have a meaningful set of rights over the personal data we hold about you. gb997 is committed to respecting and facilitating these rights in a timely and transparent manner. To exercise any of the rights listed below, please contact gb997's data team at [email protected] with the subject line "Data Rights Request". We will respond within 14 business days of receiving a valid request.
gb997 will not charge a fee to process a legitimate data rights request. We may, however, request additional information to verify your identity before actioning a request, in order to protect your account from unauthorised data access by third parties. Where a request is manifestly unfounded or excessive, gb997 reserves the right to charge a reasonable administrative fee or decline the request, with written reasons provided.
- Acknowledgement: Within 2 business days
- Access request: Within 14 business days
- Rectification: Within 14 business days
- Erasure request: Within 14 business days (subject to retention obligations)
- Portability export: Within 21 business days
- Objection review: Within 14 business days
Section 7
Data Retention
gb997 retains personal data only for as long as is necessary to fulfil the purposes for which it was collected, to comply with applicable legal and regulatory obligations, to resolve disputes, and to enforce our agreements. The specific retention periods applicable to each data category are set out in the table below.
| Data Category | Retention Period | Reason |
|---|---|---|
| Account Registration Data | Duration of account + 5 years after closure | AML compliance, dispute resolution, regulatory audit |
| KYC Identity Documents | Duration of account + 5 years after closure | Anti-money laundering regulatory requirement |
| Financial Transaction Records | 7 years from transaction date | Financial record-keeping obligations |
| Gaming & Betting Activity | Duration of account + 3 years after closure | Responsible gaming monitoring, dispute resolution |
| Support Communications | 3 years from the date of each communication | Quality assurance, complaint history, dispute evidence |
| Technical / Server Logs | 90 days (rolling) | Security monitoring and fraud detection |
| Analytics Data (Anonymised) | Up to 24 months | Platform performance and UX improvement |
| Marketing Consent Records | Until consent is withdrawn + 12 months | Evidence of consent for compliance purposes |
Once a retention period expires and there is no longer a legitimate legal or operational basis to retain the data, gb997 will securely delete or irreversibly anonymise the relevant records. Anonymised data (data from which all identifying characteristics have been permanently removed) may be retained indefinitely for aggregated statistical purposes, as it no longer constitutes personal data.
Where you submit a Right to Erasure request, gb997 will assess whether the data in question is subject to a mandatory retention obligation (for example, transaction records required by financial regulations). Where a retention obligation applies, gb997 will retain the data for the required period but will restrict its processing to the minimum necessary for compliance purposes only.
- KYC documents retained for at least 5 years post-closure
- Financial records retained for 7 years per standard obligations
- Server logs deleted on a rolling 90-day cycle
- Marketing data erased promptly upon consent withdrawal
- Anonymised analytics data does not constitute personal data
Section 8
Policy Updates & Contact
gb997 may update this Privacy Policy from time to time to reflect changes in our data processing practices, changes in applicable law, or improvements to our platform. When we make a material change to this Policy, we will notify registered players via the email address on their account at least 14 days before the change takes effect. The updated Policy will also be published on this page with a revised effective date at the top of the document.
Your continued use of the gb997 platform after the effective date of a revised Privacy Policy constitutes your acceptance of the updated terms. If you do not agree with any changes to the Privacy Policy, you should cease using the platform and may request account closure by contacting our support team.
We encourage you to review this Privacy Policy periodically so that you remain informed about how gb997 collects, uses, and protects your personal data. The current effective date of this Policy is displayed in the hero section at the top of this page and is updated whenever a new version is published.
Contact gb997 About Privacy
If you have any questions about this Privacy Policy, wish to exercise any of your data rights, or have a concern about how gb997 has handled your personal data, please contact the gb997 data team using the details below. We are committed to resolving all privacy enquiries in a prompt, respectful, and transparent manner.
- Email: [email protected] — please use the subject line "Privacy Enquiry" or "Data Rights Request"
- Live Chat: Available 24/7 on gb997.org — for general privacy questions and initial guidance
- Response Time: gb997 will acknowledge all privacy-related emails within 2 business days and provide a substantive response within 14 business days
- Language: Privacy enquiries may be submitted in English. Our support team is fully equipped to handle all privacy communications in English.
- Material changes notified by email 14 days in advance
- Updated effective date published on this page
- Summary of key changes included in the notification email
- Continued use constitutes acceptance of revised Policy
- Email: [email protected]
- Subject line: "Privacy Enquiry" or "Data Rights Request"
- Live Chat: 24/7 on gb997.org
- Response: Within 14 business days
Our support team is available around the clock to address any data privacy concerns. You can also explore our FAQ for quick answers, review our Responsible Gaming commitment, or head back to the casino to enjoy 5,000+ certified games.
View FAQ Responsible Gaming Explore Casino