hibije Privacy Policy
At hibije, your privacy is taken seriously. This Privacy Policy explains exactly what personal data we collect, why we collect it, how we store and protect it, and what rights you hold as a registered player in Bangladesh. We believe transparency builds trust — and trust is the foundation of everything we do.
Information We Collect
hibije collects personal data that is necessary to provide a safe, compliant, and high-quality gaming experience to players in Bangladesh. We collect only what we need, and we are transparent about every category of data we hold.
1.1 Information You Provide Directly
When you register an account with hibije, make a deposit, request a withdrawal, contact our support team, or participate in a promotion, you voluntarily provide us with personal information. This information may include:
- Identity data: Full legal name, date of birth, national identity card (NID) number, passport number, or other government-issued identification details provided during KYC verification.
- Contact data: Email address, Bangladeshi mobile phone number, and residential address.
- Payment data: bKash wallet number, Nagad wallet number, Rocket wallet number, Upay account details, bank account details (Dutch-Bangla Bank, BRAC Bank, City Bank, Islami Bank, Sonali Bank), or card details (Visa, Mastercard) used to fund your hibije account. Full card numbers are not stored by hibije — payment processing is handled by PCI-DSS compliant payment partners.
- Account credentials: Username and hashed (encrypted) password. hibije never stores your password in plain text.
- Communications data: Records of messages sent to hibije support, including the content of those messages, timestamps, and the channel used (email, live chat, or support ticket).
1.2 Information Collected Automatically
When you access or use the hibije platform, certain technical and behavioural data is collected automatically by our systems. This includes:
- Device and technical data: IP address, device type, operating system, browser type and version, screen resolution, and unique device identifiers.
- Usage data: Pages visited on the hibije platform, games launched, session duration, click paths, search queries, and time and date of access.
- Geolocation data: Approximate geographic location derived from your IP address. hibije does not use GPS-level location tracking.
- Transaction logs: A full record of all deposits, withdrawals, wagers, game outcomes, bonus claims, and balance adjustments associated with your account.
1.3 Information from Third Parties
In certain circumstances, hibije may receive personal data about you from third-party sources. These sources include:
- Payment providers: bKash, Nagad, Rocket, Upay, and banking partners may share transaction confirmation data with hibije to facilitate deposit and withdrawal processing.
- Identity verification partners: Where we use third-party KYC or anti-fraud services to verify your identity documents, those services may return verification results and flag data to hibije.
- Analytics providers: Aggregated and anonymised data about platform usage trends may be received from third-party web analytics tools. This data does not identify individual players.
- Responsible gaming databases: Where permitted and available, hibije may check responsible gaming exclusion registers to ensure that self-excluded players are not able to create new accounts.
1.4 Sensitive Data
hibije does not intentionally collect sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, health data, or biometric data, except where strictly necessary for identity verification purposes (for example, a photograph on a national ID card forms part of the KYC document submission). Such data is handled with additional safeguards and is used solely for the purpose for which it was collected.
Data Minimisation Principle
hibije collects only the minimum personal data necessary to operate the platform, comply with responsible gaming and anti-fraud obligations, and process your transactions. We do not collect data "just in case" — every data point we hold serves a specific, documented purpose.
We do not sell your personal data to any third party for marketing or commercial purposes. Ever.
Identity Data
Collected at registration and KYC. Used to confirm you are who you say you are, prevent fraud, and comply with age verification requirements. Stored securely and never shared with unrelated third parties.
Contact and Payment Data
Your mobile number, email, and payment method details (bKash, Nagad, bank account) are used exclusively to process transactions, send account notifications, and return funds upon withdrawal. Payment card numbers are never stored in full on hibije servers.
Usage and Behavioural Data
Session data, game history, and click paths help hibije improve platform performance, personalise your experience, and detect unusual account activity that may indicate fraud or problem gambling patterns.
How We Use Your Data
hibije uses personal data for clearly defined purposes. We do not use your data in ways that go beyond what is necessary to provide the hibije service, meet our legal obligations, and keep the platform safe and fair for all players.
| Purpose | Data Used | Lawful Basis |
|---|---|---|
| Account registration and management | Identity, contact, credentials | Contract performance |
| Processing deposits and withdrawals | Payment data, identity data | Contract performance |
| Identity and age verification (KYC) | Identity documents, NID, date of birth | Legal obligation |
| Fraud detection and prevention | Transaction logs, IP address, device data | Legitimate interest |
| Responsible gaming monitoring | Usage data, session data, transaction logs | Legal obligation / legitimate interest |
| Customer support | Contact data, communications data | Contract performance |
| Marketing and promotions | Contact data, usage data | Consent |
| Platform analytics and improvement | Usage data (aggregated / anonymised) | Legitimate interest |
| Legal and regulatory compliance | All categories as required | Legal obligation |
2.1 Marketing Communications
hibije may send you promotional emails or SMS messages about bonuses, new games, seasonal offers (such as Eid or Pohela Boishakh promotions), and BPL cricket betting markets — but only if you have given your explicit consent to receive marketing communications during registration or subsequently through your account preferences. You may withdraw your consent to marketing communications at any time by updating your account notification settings or by contacting hibije support at [email protected]. Withdrawal of marketing consent does not affect the processing of your data for other purposes (such as transaction processing or account management).
2.2 Automated Decision-Making
hibije uses automated systems to assist with fraud detection, responsible gaming monitoring, and bonus abuse prevention. These systems may flag an account for review or place a temporary restriction on account activity without immediate human intervention. Where an automated decision has a significant impact on your account (for example, a suspension or withdrawal hold), you have the right to request human review of that decision by contacting hibije support.
No data selling: hibije does not sell, rent, or trade your personal data to any third party for their own marketing purposes. Data shared with third parties is limited to what is necessary to deliver the hibije service — see Section 3 for details.
Data Sharing and Disclosure
hibije does not share your personal data with third parties except in the specific, limited circumstances described in this section. Every third party with whom hibije shares data is subject to appropriate data protection obligations.
3.1 Service Providers and Data Processors
hibije works with a limited number of trusted third-party service providers who process personal data on hibije's behalf, strictly in accordance with hibije's instructions and only for the purposes set out in Section 2. These service providers include:
- Payment processors: bKash, Nagad, Rocket, Upay, and banking partners who process deposit and withdrawal transactions on behalf of hibije players.
- KYC and identity verification providers: Third-party services used to verify player identity documents and screen against anti-fraud databases.
- Game content providers: Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, Ezugi, and other game studios whose software is integrated into the hibije platform. These providers may receive anonymised session and game outcome data for the purposes of game integrity monitoring and technical support.
- Cloud hosting and infrastructure providers: hibije's platform is hosted on secure cloud infrastructure. Hosting providers access data solely for infrastructure management purposes and have no rights to use that data independently.
- Customer support platform providers: Third-party software used to manage support tickets and live chat communications on the hibije platform.
- Analytics providers: Web analytics tools that help hibije understand aggregated platform usage trends. hibije ensures that analytics integrations are configured to minimise the collection of personally identifiable information.
3.2 Legal Disclosure
hibije may disclose personal data to law enforcement agencies, government authorities, or other regulatory bodies where we are required to do so by applicable law, court order, or legal process. hibije may also disclose data where we believe in good faith that disclosure is necessary to investigate, prevent, or take action against fraud, money laundering, or any other criminal activity connected to the hibije platform. hibije will notify affected players of any such disclosure where it is legally permissible to do so.
3.3 Business Transfers
In the event that hibije undergoes a merger, acquisition, restructuring, or sale of assets, personal data held about registered players may be transferred to the successor entity as part of that transaction. In such circumstances, hibije will take reasonable steps to ensure that the receiving entity provides an equivalent level of data protection to that described in this Privacy Policy, and will notify affected players of any material change in data controller via their registered contact details.
3.4 No Sale of Personal Data
hibije does not sell, license, or otherwise transfer personal data to any third party for that third party's own commercial or marketing purposes. This commitment applies unconditionally — hibije generates revenue through player activity on the platform, not through the monetisation of player data.
Data Security and Storage
Protecting your personal data is a core operational responsibility at hibije. We implement multiple layers of technical and organisational security measures to guard against unauthorised access, accidental loss, and unlawful processing of personal data.
5.1 Technical Security Measures
hibije employs the following technical controls to protect personal data stored and transmitted on its platform:
- TLS/SSL encryption: All data transmitted between your browser or device and hibije's servers is encrypted using Transport Layer Security (TLS). Look for the padlock icon in your browser's address bar when visiting hibije.
- Password hashing: Account passwords are stored using strong one-way cryptographic hashing. hibije never stores plaintext passwords and cannot retrieve your password — only reset it.
- Two-factor authentication (2FA): hibije supports 2FA on all registered accounts, providing an additional authentication layer beyond username and password.
- Access controls: Access to personal data within hibije's internal systems is restricted to authorised personnel on a need-to-know basis. All internal access to sensitive player data is logged and audited.
- PCI-DSS compliance for payment data: Full payment card numbers are never stored on hibije's systems. Card payments are processed via PCI-DSS compliant third-party payment processors.
- Intrusion detection and monitoring: hibije's infrastructure is monitored continuously for unusual activity, potential intrusions, and denial-of-service attempts.
5.2 Organisational Security Measures
In addition to technical controls, hibije maintains the following organisational safeguards:
- Staff with access to player personal data are subject to confidentiality obligations.
- Data protection training is provided to all staff who handle personal data as part of their role.
- Third-party service providers are contractually required to implement appropriate data security measures before being granted access to any hibije player data.
- hibije conducts periodic reviews of its data security practices to identify and address potential vulnerabilities.
5.3 Data Storage Location
hibije's player data is stored on secure cloud infrastructure. hibije takes reasonable steps to ensure that data storage arrangements provide an adequate level of protection for personal data, including where data is stored or processed outside Bangladesh. Contractual safeguards are applied to all cross-border data transfers involving personal data.
5.4 Data Breach Response
In the event of a personal data breach that poses a risk to the rights and interests of affected players, hibije will take immediate steps to contain the breach, assess its scope and impact, and notify affected players without undue delay. Notifications will be sent to the email address and mobile number registered to the affected account. If you believe your hibije account has been compromised, contact hibije support immediately at [email protected].
5.5 Your Role in Data Security
hibije's security measures are most effective when players also take responsibility for their own account security. hibije recommends that all players:
- Use a strong, unique password for their hibije account.
- Enable two-factor authentication (2FA).
- Never share their login credentials with any other person.
- Log out of hibije when using a shared device.
- Report any suspicious account activity to hibije support immediately.
SSL Encryption
All data in transit between your device and hibije is protected by TLS/SSL encryption — the same standard used by banks and major financial institutions.
Hashed Passwords
Your hibije password is never stored in readable form. We use industry-standard cryptographic hashing so that your credentials remain secure even in the unlikely event of a system breach.
Two-Factor Authentication
Enable 2FA on your hibije account for an additional security layer. A one-time code is required at each login, making it significantly harder for unauthorised parties to access your account.
Strict Access Controls
Internal access to player personal data at hibije is governed by role-based controls and audit logging. Only authorised staff with a legitimate operational need may access personal data.
Your Privacy Rights
As a hibije player, you have a number of rights in relation to the personal data we hold about you. hibije is committed to honouring these rights and will respond to all valid rights requests within a reasonable timeframe.
Right of Access
You have the right to request a copy of the personal data hibije holds about you, along with information about how and why it is processed.
Right to Rectification
If any personal data hibije holds about you is inaccurate or incomplete, you have the right to request that it be corrected or updated without undue delay.
Right to Erasure
In certain circumstances, you may request that hibije delete personal data we hold about you. This right is subject to limitations where data retention is required by legal or regulatory obligation.
Right to Restrict Processing
You may request that hibije restrict the processing of your personal data in certain circumstances — for example, while a dispute about data accuracy is being resolved.
Right to Data Portability
Where data is processed on the basis of your consent or for contract performance, you may request that hibije provide your personal data in a structured, machine-readable format.
Right to Object
You have the right to object to the processing of your personal data for direct marketing purposes at any time. You may also object to processing based on hibije's legitimate interests.
Rights re: Automated Decisions
Where hibije makes automated decisions that significantly affect your account, you have the right to request human review of that decision and to contest the outcome.
Right to Withdraw Consent
Where processing is based on your consent (such as marketing communications), you may withdraw that consent at any time without affecting the lawfulness of prior processing.
How to Exercise Your Rights
To exercise any of the rights described in this section, please contact hibije's data support team at [email protected], clearly identifying the right you wish to exercise and the personal data to which your request relates. hibije will acknowledge your request within five business days and will aim to fulfil valid requests within 30 days. In complex cases, this period may be extended by a further 30 days, in which case hibije will notify you of the extension and the reason for it.
hibije may need to verify your identity before processing a rights request to ensure that personal data is not disclosed to, or amended at the request of, an unauthorised third party. In most cases, verification will involve confirming the details registered to your account. hibije will not charge a fee for handling rights requests except where requests are manifestly unfounded or excessive.
Response Timelines
Acknowledgement: Within 5 business days of receiving your request.
Standard fulfilment: Within 30 days of acknowledgement.
Complex requests: Up to 60 days with prior notification.
Contact: [email protected]
Data Retention
hibije retains personal data only for as long as is necessary to fulfil the purposes for which it was collected, to meet legal and regulatory obligations, and to resolve any disputes that may arise. This section sets out the specific retention periods that apply to different categories of personal data.
| Data Category | Retention Period | Reason |
|---|---|---|
| Account registration data | Duration of account + 5 years post-closure | Legal obligation; dispute resolution |
| KYC identity documents | 5 years from verification date or account closure | Anti-fraud and regulatory compliance |
| Transaction records (deposits, withdrawals, wagers) | 7 years from transaction date | Financial record-keeping obligations |
| Customer support communications | 3 years from last contact | Service quality; dispute resolution |
| Marketing consent records | Duration of consent + 3 years | Proof of consent for compliance |
| Session and usage logs | 13 months from collection | Platform analytics and fraud detection |
| Responsible gaming records | 5 years from account closure | Regulatory obligation; player protection |
| Anonymised analytics data | Indefinite (no personal identifiers) | Platform improvement; statistical analysis |
7.1 Account Closure and Data Deletion
When a player closes their hibije account — whether voluntarily or as a result of enforcement action — the personal data associated with that account is not immediately deleted. hibije retains this data for the periods specified in the table to the left in order to meet its legal, regulatory, and contractual obligations. At the end of the applicable retention period, personal data is securely deleted or irreversibly anonymised so that it can no longer be attributed to an individual player.
If you wish to request early deletion of your personal data (subject to legal retention requirements), please submit a data erasure request to hibije support as described in Section 6. hibije will assess each erasure request individually and will inform you of any data that must be retained beyond your requested deletion date and the reason for that retention.
7.2 Self-Exclusion Records
Where a player has registered a self-exclusion with hibije as part of our responsible gaming programme, the record of that self-exclusion is retained for a minimum of 5 years from the date of self-exclusion regardless of any account closure or deletion request. This is a mandatory safeguard to prevent circumvention of self-exclusion through account re-registration. For more information about responsible gaming tools available on hibije, please visit our Responsible Gaming page.
Changes to This Policy
hibije reserves the right to update or amend this Privacy Policy from time to time to reflect changes in data processing practices, applicable legal requirements, or the addition of new services on the hibije platform. This section explains how we will communicate changes to you.
8.1 How We Notify You of Changes
When hibije makes a material change to this Privacy Policy — that is, a change that meaningfully affects how your personal data is collected, used, or shared — we will notify all registered players by:
- Sending a notification to the email address registered to your hibije account.
- Displaying a prominent notice on the hibije platform upon your next login.
- Publishing the updated Privacy Policy on this page with a revised "Last Updated" date at the top of the document.
Where a change requires your fresh consent — for example, a new category of data processing that was not covered by your original registration consent — hibije will obtain that consent before the new processing begins. Continued use of the hibije platform after notification of a material Privacy Policy change constitutes acceptance of the updated terms, except where consent is required as described above.
8.2 Minor and Administrative Changes
Non-material changes — such as corrections of typographical errors, clarifications that do not alter the substance of our data practices, or updates to contact details — may be made to this Privacy Policy without prior player notification. The "Last Updated" date on this page will always reflect the date of the most recent revision, whether material or administrative.
8.3 Previous Versions
Players who wish to review a previous version of the hibije Privacy Policy may request a copy by contacting hibije support at [email protected]. hibije retains archived versions of this Privacy Policy for a period of three years from the date on which each version was superseded.
8.4 Contact and Questions
If you have any questions, concerns, or complaints about this Privacy Policy or about how hibije handles your personal data, please contact us using the details below. hibije takes all data protection enquiries seriously and will respond promptly.
Data Protection Contact
Platform: hibije — Bangladesh's trusted online casino and sports betting platform.
Email: [email protected]
Support hours: Available 24 hours a day, 7 days a week, Bangladesh Standard Time (BST, UTC+6).
Response commitment: All Privacy Policy enquiries acknowledged within 5 business days. Full response within 30 days.
Governing version: In the event of any discrepancy between this English-language Privacy Policy and any translated summary or excerpt, the English-language version published at hibije.com/privacy-policy shall prevail.
Privacy Commitments at a Glance
- Transparency: hibije tells you clearly what data it collects, why it collects it, and who it is shared with. There are no hidden data practices.
- Data minimisation: We collect only the personal data that is genuinely necessary to operate the hibije platform, verify player identity, process transactions, and meet legal obligations.
- No data selling: hibije does not sell, rent, or trade your personal data to any third party for commercial purposes — not now, and not in the future.
- Security first: hibije invests in industry-standard technical and organisational security measures including SSL encryption, password hashing, 2FA, and role-based access controls to protect your personal data.
- Your rights are real: hibije provides genuine, actionable rights over your personal data — access, rectification, erasure, portability, and objection — and responds to all valid requests within the timelines set out in Section 6.
- Retention limits: Personal data is retained only as long as necessary. At the end of the applicable retention period, data is securely deleted or irreversibly anonymised.
- Responsible gaming priority: Self-exclusion records are protected from deletion to safeguard vulnerable players — their welfare takes precedence over data deletion requests in this specific context.
Ready to Explore hibije?
Play cricket betting, live casino, slots, Andar Bahar, and more — all in one place, with instant bKash and Nagad payments.