Personal data we collect

• Identity and verification details: name, date of birth, National ID or passport, face verification results where required by law.
• Contact information: mobile number, email, address.
• Account and security: username, hashed credentials, security questions, verification codes.
• Transaction information: deposits, withdrawals, payment method details, Bangladesh Taka (BDT) settlement records.
• Technical data: device identifiers, IP address, browser, app logs, approximate location, cookies.
• Usage data: account activity, responsible gaming settings, interaction history, support tickets.

Why we collect and process

• To provide and maintain services, manage accounts, process payments, and resolve issues.
• To verify age and identity, meet anti–money laundering and counter–terrorist financing obligations, and prevent fraud.
• To support responsible gaming measures and comply with dispute resolution requirements.
• To meet legal duties in Bangladesh and other relevant jurisdictions.

Protection measures

• Encryption in transit using TLS and encryption at rest for sensitive records.
• Strict access controls, role-based permissions, and staff training.
• Network segregation, monitoring, and regular security testing.
• Vendor due diligence, confidentiality agreements, and audit reviews.
• Retention schedules that limit collection and storage to what is necessary.

User rights

• Access: request a copy of personal information held.
• Correction: fix inaccurate or incomplete records.
• Deletion: request erasure where permitted by law.
• Restriction and objection: limit or object to certain processing.
• Consent: withdraw consent for non-essential processing at any time.

Compliance statement

• Processing follows applicable laws of Bangladesh relating to data and cybersecurity, including the Cyber Security Act 2023 and any data protection regulations in force.
• Where relevant, processing aligns to international standards and principles such as lawfulness, fairness, transparency, purpose limitation, and minimisation, including GDPR-aligned practices where required.

How personal information is used

• Account services: registration, login, profile management, responsible gaming tools.
• Payments and transactions: deposits, withdrawals, refunds, and chargeback handling.
• Customer support: investigate requests, complaints, and dispute resolution.
• Service improvement: troubleshoot, test new features, develop online products, and enhance user experience based on aggregated analytics.
• Marketing and communication: send service messages and, where consented, tailored updates. Users can opt out at any time.
• Compliance: age and identity checks, AML and sanctions screening, fraud prevention, and regulatory reporting.

Lawful and transparent processing

• Processing is based on one or more legal grounds: consent, performance of a contract, legal obligation, or legitimate interests balanced against user rights.
• Non-essential processing relies on user consent, which can be withdrawn without affecting the lawfulness of prior processing.
• Records of collection and processing are maintained to document compliance.

How a user can act on their data

• Access: submit a request through Account Settings or the Help Centre to obtain a copy of personal data and processing information.
• Update: edit profile details in Account Settings or request correction through Support for records that cannot be edited directly.
• Deletion: request erasure where retention is not required by law or for dispute handling. Identity checks will apply.
• Response times: verified requests are handled within a reasonable period, subject to legal and technical constraints.

Consent to checks and payment processing

• By using Baji Live, the user consents to security screening, identity verification, AML checks, and the processing of payment information by authorised payment providers for collection and settlement.
• Providers process information under their own privacy documents and contractual safeguards.

• Services are intended for persons aged 18 or over. Registration by minors is not permitted.
• The operator cannot verify age without reliable documents. Identity and age checks may be requested to prevent underage use.
• If a parent or guardian believes a minor has provided personal information, contact Support. Upon verification, the account will be closed and the data deleted where permitted by law.
• Attempts by minors to use online services may be reported if required by applicable rules.

• Personal data may be stored or processed outside Bangladesh, including where technology, payment, verification, and customer support partners operate.
• Using the site and services indicates consent to such transfers for the purposes described in this document.
• Safeguards include contractual protections, access controls, encryption, and confidentiality obligations imposed on all partners.
• Where required, standard contractual clauses or equivalent mechanisms are applied to protect information during transfer and processing.

• This Privacy Policy forms part of the terms governing the use of services. A disclaimer may limit or clarify the scope, application, or effect of certain rules to the extent allowed by law.
• The disclaimer applies once the user accepts this policy by registration, affirmative acceptance on the site, or continued use that indicates accession.
• Nothing in this document limits non-excludable rights under applicable law. If any provision is invalid, the remaining terms continue to operate.

What cookies are

• Cookies are small text files placed on a device by websites to store settings and identify a browser.

How cookies are used

• Statistics and analytics: measure online traffic, diagnose issues, and understand service performance.
• Behaviour analysis and personalisation: remember preferences and improve user experience.
• Site improvement: test features, secure sessions, and prevent abuse.

Retention and control

• Standard cookie retention is up to 1 year unless a shorter period is necessary.
• Users can manage cookies through browser settings and, where available, a preference centre. Blocking some cookies may affect service functionality.

• Using the online services constitutes full acceptance of this Privacy Policy.
• The current version published on the website prevails over any previous version. Continued use after an update indicates acceptance of the revised document.

Sharing of personal information

• Third parties may receive data to comply with law, respond to lawful requests, manage disputes, or perform obligations under service agreements.
• Typical recipients include payment processors, identity and KYC providers, AML and fraud-prevention vendors, cloud and security services, analytics providers, and professional advisors.

Transparency and consent

• The list of categories or specific partners is provided on the website or upon request. If not listed, the purpose and scope of sharing will be communicated where required by law.
• Providing information for a feature that involves a partner is treated as consent to processing by that partner under its own privacy policy and contractual safeguards.

• The site may contain links to external websites or apps that have their own privacy policies.
• The operator is not responsible for how those services collect, use, or protect information.
• Users should review the privacy policy of any external site before providing personal data.