hibaee Privacy Policy — How We Protect Your Personal Data
At hibaee, your privacy is taken seriously. This Privacy Policy explains exactly what personal information we collect when you use our platform, how we use and store that data, who we may share it with, and the rights you hold over your own information. We are committed to transparent, responsible data practices for every user in Bangladesh and beyond.
Our Privacy Commitments
These six principles define how hibaee approaches every aspect of user data — from the moment you register your account to the day you close it.
Minimal Data Collection
hibaee collects only the personal data that is strictly necessary to provide the services you use. We do not collect data speculatively or for purposes unrelated to operating the Platform. Every data point we request has a clear, documented purpose that is explained in this Policy.
No Unauthorised Selling
hibaee does not sell, rent, or trade your personal data to third-party advertisers or data brokers. Where data is shared with third parties — such as payment processors or game providers — it is done under strict data processing agreements and only to the extent necessary to deliver the service.
Encryption at Every Layer
All data transmitted between your device and the hibaee Platform is protected by industry-standard SSL/TLS encryption. Sensitive data stored in our systems — including financial records and identity documents — is encrypted at rest using AES-256 or equivalent standards. Your data is never transmitted in plain text.
User Control & Access Rights
You have the right to access, correct, export, or request deletion of your personal data at any time. hibaee provides a straightforward process for exercising these rights via our support team. We will respond to all verified data requests within 30 days of receipt, in line with applicable data protection standards.
Transparent Cookie Use
hibaee uses cookies and similar technologies to operate the Platform, remember your preferences, and analyse usage patterns. We do not use third-party advertising cookies that track you across unrelated websites. Our cookie practices are fully described in the Cookies & Tracking section of this Policy, and you may manage cookie preferences through your browser settings.
Responsible Gaming Data
Data collected through hibaee's responsible gaming tools — including deposit limit settings, self-exclusion requests, and session time preferences — is treated with the highest level of confidentiality. This data is used exclusively to enforce the protective measures you have requested and is never used for marketing profiling or shared with third parties outside mandatory reporting obligations.
1 Data We Collect
When you interact with the hibaee Platform, we may collect the following categories of personal data depending on the nature of your interaction:
1.1 Registration Data
When you create a hibaee account, we collect your full legal name, date of birth, residential address (including city and district within Bangladesh — such as Dhaka, Chittagong, Sylhet, Khulna, Rajshahi, Barisal, Rangpur, or Mymensingh), email address, and mobile phone number. This information is required to create your account, verify your identity, and communicate with you about your account.
1.2 Identity Verification Data
As part of our Know Your Customer (KYC) obligations and to prevent underage gambling, we may request copies of government-issued identity documents such as your National ID Card (NID), passport, or driving licence. We may also request proof of address in the form of a recent utility bill or bank statement. These documents are processed securely and retained only for as long as required by our compliance obligations.
1.3 Financial Transaction Data
We collect records of all deposits and withdrawals made through your hibaee account, including the payment method used (bKash, Nagad, Rocket, Upay), transaction amounts in BDT (৳), transaction timestamps, and transaction reference numbers. We do not store full mobile banking PINs or passwords — payment authentication is handled directly by the respective MFS provider.
1.4 Gameplay and Betting Data
We record your activity on the Platform, including games played, bets placed, stakes wagered, outcomes, session durations, and balance changes. This data is used to operate the Platform, resolve disputes, enforce responsible gaming limits, and improve our services.
1.5 Technical and Device Data
When you access the hibaee Platform, we automatically collect certain technical data including your IP address, device type, operating system, browser type and version, screen resolution, language settings, referring URL, and pages visited within the Platform. This data is used for security monitoring, fraud prevention, and Platform optimisation.
1.6 Communications Data
If you contact hibaee support via email, live chat, or any other channel, we retain records of that communication — including your contact details, the content of your message, and our response — for a period sufficient to resolve your query and for quality assurance purposes.
2 How We Use Your Data
hibaee processes your personal data only for the purposes described in this Policy and only where we have a lawful basis for doing so. The following table summarises the primary purposes for which we use your data and the corresponding legal basis:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account creation and management | Registration data, device data | Contractual necessity |
| Identity and age verification (KYC) | Identity documents, registration data | Legal obligation |
| Processing deposits and withdrawals | Financial transaction data | Contractual necessity |
| Fraud prevention and security monitoring | Technical data, transaction data | Legitimate interest |
| Responsible gaming enforcement | Gameplay data, account settings | Legal obligation / Contractual necessity |
| Customer support and dispute resolution | Communications data, account data | Contractual necessity |
| Platform analytics and improvement | Technical data, gameplay data | Legitimate interest |
| Promotional communications (where opted in) | Registration data, gameplay data | Consent |
hibaee will never use your personal data for purposes incompatible with those listed above without first obtaining your explicit consent or establishing a separate lawful basis. You may withdraw consent for marketing communications at any time by contacting [email protected] or using the opt-out link in any marketing email.
3 Cookies & Tracking
hibaee uses cookies — small text files stored on your device — and similar technologies such as local storage and session tokens to operate and improve the Platform. The categories of cookies we use are as follows:
- Strictly Necessary Cookies: These cookies are essential for the Platform to function correctly. They manage your login session, maintain your account security state, and remember your language and currency preferences. These cookies cannot be disabled without severely impairing Platform functionality.
- Performance and Analytics Cookies: These cookies collect anonymous, aggregated information about how users navigate the Platform — such as which pages are visited most frequently, where users exit, and how long sessions last. This data helps us identify areas for improvement. No personally identifiable information is captured by these cookies.
- Functional Cookies: These cookies remember choices you have made on the Platform, such as your preferred game lobby view, notification settings, or responsible gaming limit configurations. They make your experience more personalised without tracking you across other websites.
hibaee does not use third-party advertising cookies or cross-site tracking technologies that follow you to unrelated websites after you leave the hibaee Platform. You can manage or delete cookies through your browser settings. Please note that disabling strictly necessary cookies may prevent you from logging in or using core Platform features. For detailed browser-level cookie management instructions, refer to the help documentation of your browser (e.g., Chrome, Firefox, Samsung Internet, Opera Mini).
4 Data Sharing & Third Parties
hibaee does not sell, rent, or otherwise commercially exploit your personal data. We may share your data with the following categories of third party only to the extent necessary and under appropriate data protection safeguards:
4.1 Payment Service Providers
To process deposits and withdrawals, hibaee shares the minimum necessary transaction data with licensed mobile financial services (MFS) providers including bKash, Nagad, Rocket (Dutch-Bangla Bank), and Upay. These providers operate under their own privacy policies and are independently regulated. hibaee is not responsible for the data practices of third-party payment providers once data leaves our systems.
4.2 Game Content Providers
Games hosted on the hibaee Platform are supplied by third-party certified studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. These providers may receive anonymised session tokens or game-round identifiers to deliver game content and calculate outcomes. They do not receive your full registration data, financial details, or identity documents.
4.3 Compliance and Legal Authorities
hibaee may be required to disclose personal data to regulatory bodies, law enforcement agencies, or courts in response to lawful requests, court orders, or legal proceedings. We will notify you of any such disclosure to the extent permitted by law. Where disclosure is mandatory and immediate, prior notice may not be possible.
4.4 Service Providers and Processors
hibaee engages third-party service providers for functions including cloud hosting, data analytics, customer support software, and security monitoring. These providers act as data processors under written agreements that restrict them from using your data for any purpose other than providing the contracted service to hibaee.
4.5 Business Transfers
In the event of a merger, acquisition, or sale of all or part of hibaee's business assets, your personal data may be transferred to the acquiring entity as part of that transaction. We will provide notice of any such transfer and ensure the acquiring entity is bound by privacy standards no less protective than those described in this Policy.
5 Data Retention
hibaee retains your personal data for as long as your account remains active and for a defined period thereafter, as required by our legal and compliance obligations. The following retention periods apply as a general guide:
- Account registration data: Retained for the duration of the account and for a minimum of 5 years after account closure, to satisfy anti-money laundering record-keeping requirements.
- Identity verification documents: Retained for a minimum of 5 years from the date of verification or account closure, whichever is later.
- Financial transaction records: Retained for a minimum of 5 years from the date of each transaction.
- Gameplay and betting records: Retained for 2 years from the date of each session for operational and dispute-resolution purposes.
- Customer support communications: Retained for 2 years from the date of the last message in each support thread.
- Marketing preferences and consent records: Retained for the duration of the account and for 1 year after account closure.
After the applicable retention period, personal data is securely deleted or anonymised so that it can no longer be associated with you as an individual. Anonymised, aggregated data may be retained indefinitely for statistical and analytical purposes, as it no longer constitutes personal data.
6 Your Privacy Rights
As a user of the hibaee Platform, you hold the following rights with respect to your personal data. To exercise any of these rights, please contact [email protected] with the subject line "Data Rights Request" and include your registered email address and a brief description of your request. We will verify your identity before processing any request and will respond within 30 days.
- Right of Access: You may request a copy of all personal data hibaee holds about you, along with information about how it is used and with whom it is shared.
- Right to Rectification: If any personal data we hold is inaccurate or incomplete, you have the right to request that we correct or update it without undue delay.
- Right to Erasure: Subject to our legal retention obligations, you may request the deletion of your personal data. We will comply where we do not have an overriding legal obligation to retain the data.
- Right to Restrict Processing: You may request that we restrict the processing of your data in certain circumstances — for example, while the accuracy of data you have contested is being verified.
- Right to Data Portability: You may request that we provide your data in a structured, commonly used, machine-readable format so you can transfer it to another service provider.
- Right to Object: You may object to our processing of your data on the basis of legitimate interest, including profiling for direct marketing purposes. We will cease processing upon receipt of a valid objection unless we can demonstrate compelling legitimate grounds that override your interests.
- Right to Withdraw Consent: Where processing is based on your consent (e.g., marketing emails), you may withdraw that consent at any time without affecting the lawfulness of processing that occurred prior to withdrawal.
7 Data Security Measures
hibaee implements a layered security architecture to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include, but are not limited to, the following:
- SSL/TLS encryption for all data transmitted between your device and the hibaee Platform.
- AES-256 encryption for sensitive data stored in our databases, including identity documents and financial records.
- Role-based access controls that restrict internal access to personal data to only those employees or contractors who require it to perform their job function.
- Multi-factor authentication requirements for all staff accessing systems that contain personal data.
- Regular penetration testing and vulnerability assessments conducted by independent security specialists.
- Automated fraud detection and anomaly-monitoring systems that flag unusual account activity in real time.
- Secure data centre infrastructure with physical access controls, redundant power, and network-level intrusion detection.
Despite these measures, no digital system can guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, hibaee will notify affected users without undue delay and will take all reasonable steps to mitigate the impact of the breach. If you suspect unauthorised access to your hibaee account, please contact [email protected] immediately.
8 Policy Updates & Contact
8.1 Changes to This Policy
hibaee reserves the right to update or amend this Privacy Policy at any time. When we make material changes, we will update the effective date at the top of this document and, where appropriate, notify registered users by email at the address associated with their account. We encourage you to review this Policy periodically to stay informed about how we are protecting your data. Your continued use of the Platform following the publication of an updated Policy constitutes your acceptance of the revised terms.
8.2 Children's Privacy
The hibaee Platform is strictly for adults aged 18 and above. We do not knowingly collect personal data from any person under the age of 18. If we become aware that a minor has provided us with personal data, we will take immediate steps to delete that data and close the associated account. If you are a parent or guardian and believe your child may have created a hibaee account, please contact [email protected] without delay.
8.3 Links to Third-Party Websites
The hibaee Platform does not contain links to external third-party websites for browsing purposes. All hyperlinks on the Platform navigate within the hibaee domain. hibaee is not responsible for the privacy practices of any external website that you may access independently, and this Policy applies solely to the hibaee Platform.
8.4 Contact Our Privacy Team
If you have any questions, concerns, or complaints regarding this Privacy Policy or the way in which hibaee handles your personal data, please contact our privacy team at the following address. We aim to respond to all privacy-related enquiries within 5 business days:
Subject Line: Privacy Policy Enquiry
Response Time: Within 5 business days
Operating Hours: 06:00–00:00 Bangladesh Standard Time (BST, UTC+6), 7 days a week
Play with Confidence on hibaee
Now that you understand how hibaee handles your data, explore our full range of games and betting markets — all protected by SSL encryption and backed by a transparent privacy commitment. Instant deposits via bKash and Nagad. For adults aged 18 and above only.