Legal Document

Privacy Policy — How aec67 Protects Your Data

At aec67, the privacy and security of your personal information is a fundamental commitment, not an afterthought. This Privacy Policy explains in plain, formal English exactly what data we collect, why we collect it, how we store and protect it, and what rights you hold as a player based in Bangladesh. Please read this document carefully before creating or continuing to use your aec67 account.

Effective: 1 January 2026
256-bit SSL Encrypted
Bangladesh (en-BD)
Version 3.1
Last reviewed and updated: 1 January 2026.  |  This policy supersedes all previous versions.  |  Version 3.1

Our Privacy Commitments at a Glance

How aec67 Safeguards Your Information

256-Bit SSL Encryption
Every data transmission between your device and aec67 servers is protected by 256-bit SSL/TLS encryption — the same standard used by major international banks. This ensures your personal details, payment information, and login credentials cannot be intercepted in transit by any third party.
No Data Sold to Advertisers
aec67 does not sell, rent, or trade your personal information to advertising networks, data brokers, or any commercial third parties for marketing purposes. Your data is used exclusively to operate and improve the aec67 platform and to comply with legal obligations — nothing more.
You Control Your Data
Players have the right to request access to the personal data aec67 holds about them, request corrections to inaccurate records, and request deletion of their data subject to legal retention requirements. These requests can be submitted at any time by contacting the aec67 Data Protection team via support.
Secure Data Storage
Personal data is stored on servers protected by multiple layers of physical and digital security controls, including access controls, firewalls, intrusion detection systems, and regular independent security audits. Database access is restricted to authorised aec67 personnel only and is subject to strict internal access policies.
Payment Data Protected
aec67 does not store full card numbers, bKash PINs, Nagad PINs, or other sensitive payment credentials on its own servers. Payment transactions are processed by certified payment service providers. aec67 retains only the minimum transaction metadata required for fraud prevention and financial compliance.
Marketing Opt-Out
Players who receive promotional communications from aec67 — including bonus alerts, BPL season offers, and Eid specials — may opt out at any time by updating notification preferences within the account settings panel or by contacting support. Opting out of marketing does not affect the delivery of essential account and transaction notifications.

Section 1

Data We Collect

Data Categories Summary
  • Full name, date of birth
  • Mobile number, email address
  • NID / Passport / Driving Licence
  • Residential city / district
  • Deposit and withdrawal records
  • Wagering and betting history
  • IP address and device data
  • Support chat transcripts
  • Full card / wallet PINs — NOT stored
  • bKash / Nagad PINs — NOT stored
Legal Basis for Collection: aec67 collects personal data on the basis of contractual necessity (to provide gaming services), legal obligation (AML / KYC compliance), and legitimate interest (fraud prevention and platform security). Marketing communications are sent only with your explicit consent, which may be withdrawn at any time.

Section 2

How We Use Your Data

Purpose Legal Basis
Account & payments Contractual necessity
KYC / age verification Legal obligation
Fraud prevention Legitimate interest
Responsible gaming Legitimate interest
Marketing emails / SMS Consent (withdrawable)
Platform analytics Legitimate interest
Legal / AML reporting Legal obligation
Support & dispute resolution Contractual necessity

Section 3

Data Sharing & Third Parties

Data Processor Requirements: Every third-party organisation that processes data on behalf of aec67 must sign a Data Processing Agreement (DPA) that mandates: purpose limitation, data minimisation, security standards, breach notification obligations, and data deletion upon contract termination.
aec67 Will NEVER:
  • Sell your data to advertisers
  • Share NID details with unverified parties
  • Disclose your mobile number to marketing brokers
  • Transfer your financial data outside of payment processing
  • Share your data with social media platforms for profiling

Section 4

Cookies & Tracking

Cookie Type Purpose Duration Can Be Disabled?
Strictly Necessary Session management, login authentication, CSRF protection, load balancing Session / up to 24 hours No — required for platform to function
Functional / Preference Remember language preference, display settings, responsible gaming limit reminders Up to 12 months Yes — disabling may affect user experience
Analytics Aggregate page view counts, navigation flow analysis, game popularity metrics (anonymised) Up to 13 months Yes — disabling will not affect functionality
Security / Fraud Detection Device fingerprinting for duplicate account detection, bot prevention, suspicious session flagging Up to 6 months No — required for platform security

Section 5

Data Retention & Deletion

Data Category Retention Period
Account / registration data Account lifetime + 5 years
KYC documents 5 years post-verification or closure
Transaction records 5 years per transaction
Support transcripts 2 years or dispute resolution
Technical / session logs Maximum 12 months
Analytics (anonymised) Indefinite (no personal link)
Marketing consent records Until consent withdrawn + 3 years

Section 6

Data Security Measures

Transport Security
All communications between your browser and aec67 servers use TLS 1.2 or TLS 1.3 with 256-bit AES encryption. HTTP connections are automatically redirected to HTTPS. HSTS (HTTP Strict Transport Security) headers prevent protocol downgrade attacks.
Server & Database Security
Player databases are encrypted at rest using AES-256. Database servers are isolated on private networks with no direct public internet access. Access is restricted to authorised personnel only via multi-factor authentication (MFA) and audited access logs.
Intrusion Detection
aec67 operates 24/7 automated intrusion detection and monitoring systems that flag anomalous access patterns for immediate review. Suspicious activity triggers automated account protection measures including temporary access restrictions pending investigation.
Regular Security Audits
aec67 engages independent security professionals to conduct penetration testing and vulnerability assessments on a regular basis. Critical vulnerabilities identified during audits are remediated within defined response time targets based on severity classification.

Section 7

Your Privacy Rights

Your Rights at a Glance
  • Access your personal data
  • Correct inaccurate records
  • Request data deletion
  • Restrict processing
  • Object to direct marketing
  • Withdraw marketing consent
  • Response within 30 days
  • No fee for standard requests
How to Submit a Rights Request: Contact the aec67 Data Protection team via 24/7 live chat or by emailing [email protected] (plain text — not a link). Include your registered full name, username, and a brief description of your request. For access and deletion requests, identity verification may be required before processing.

Section 8

Policy Updates & Contact

Policy Change Notifications
  • Material changes notified 14 days in advance
  • Notification via registered email or in-platform alert
  • "Last Updated" date shown on this page
  • Version history available on request
  • Continued use = acceptance of updated policy
Data Protection Contact:
Email: [email protected] (Plain text — not a clickable link) Live Chat: 24/7 on every platform page Response time: within 2 business days
18+ Platform — Minors Strictly Prohibited: aec67 does not knowingly process data belonging to persons under 18 years of age. Any account found to belong to a minor will be immediately closed and all associated data deleted. Report suspected minor accounts to [email protected] at once.

Explore aec67 with Confidence

Now that you have read and understood how aec67 handles your personal data, you are welcome to explore the full range of games and betting markets available to players across Bangladesh — all backed by robust data protection and 256-bit SSL security.

Login to aec67 Cricket Betting Browse Slots Visit FAQ Responsible Gaming