e2bit Privacy Policy — How We Protect Your Data
At e2bit, your privacy is fundamental to how we operate. This Privacy Policy explains exactly what personal data we collect, why we collect it, how it is stored and secured, and the full set of rights you hold over your own information.
Privacy Principles We Live By
These six principles underpin every data decision we make at e2bit. They are not aspirational — they are operational commitments reflected in our systems, processes, and team training.
We collect personal data only for specific, explicit, and legitimate purposes. We do not use your data in ways that are incompatible with the reason it was originally collected. No data is harvested speculatively.
All data stored and transmitted on the e2bit platform is protected by industry-standard SSL/TLS encryption. Access to personal data within our organisation is restricted on a strict need-to-know basis.
We request only the minimum amount of personal information necessary to deliver our services, comply with legal obligations, and verify your identity. We do not ask for data we do not need.
We take reasonable steps to keep your personal data accurate and up to date. You can update your registered details at any time by contacting our support team, and we will act promptly on your request.
Personal data is retained only for as long as it is needed to fulfil the purpose for which it was collected, or as required by applicable law. Data that is no longer needed is securely deleted or anonymised.
You have meaningful rights over your personal data, including the right to access, correct, and request deletion of your information. We provide a clear process for exercising each of these rights, detailed in Section 7 below.
This Privacy Policy ("Policy") applies to all personal data collected and processed by e2bit ("we", "us", "our") in connection with your use of the e2bit platform at e2bit.app, including all casino games, sports betting markets, account management features, promotional programmes, and customer support interactions. By creating an account or continuing to use the e2bit platform, you acknowledge that you have read and understood this Policy. If you do not agree with this Policy, you must not use the e2bit platform. This Policy should be read alongside our Terms & Conditions and Responsible Gaming Policy.
1 Data We Collect
e2bit collects personal data through several channels: directly from you during registration and use of our services, automatically as you interact with our platform, and from third parties such as payment service providers and identity verification agencies. The categories of personal data we collect include:
| Category | Examples | Collection Method |
|---|---|---|
| Identity Data | Full legal name, date of birth, nationality, National ID number, passport number | Registration form, KYC documents |
| Contact Data | Email address, mobile phone number, residential address (including district and division within Bangladesh) | Registration form, account settings |
| Financial Data | bKash account number, Nagad mobile wallet number, Rocket number, bank account details, transaction history | Deposit and withdrawal forms |
| Technical Data | IP address, device type, browser type and version, operating system, screen resolution, time zone | Automatically via cookies and server logs |
| Usage Data | Pages visited, games played, bet amounts, session duration, clickstream data, feature usage patterns | Automatically via analytics tools |
| Communications Data | Support ticket content, live chat transcripts, email correspondence with our team | Customer support interactions |
We do not collect sensitive personal data (such as racial or ethnic origin, religious beliefs, or health information) unless you voluntarily provide it in the context of a responsible gaming self-exclusion request. In that specific context, the data is used solely to administer your exclusion and is handled with additional safeguards.
Where you provide personal data relating to a third party (for example, a referral), you confirm that you have that individual's permission to share their information with e2bit and that they are aware of this Policy.
2 How We Use Your Data
e2bit uses the personal data we collect for the following specific purposes, each of which is supported by a lawful basis for processing:
- Account creation and management: To register your account, verify your identity, and manage your ongoing relationship with the e2bit platform. Lawful basis: contract performance.
- Payment processing: To process deposits and withdrawals via bKash, Nagad, Rocket, Upay, and partner banks, and to maintain accurate financial records. Lawful basis: contract performance and legal obligation.
- Identity verification (KYC): To verify your age and identity in compliance with anti-money laundering (AML) obligations and to prevent underage gambling. Lawful basis: legal obligation.
- Fraud prevention and security: To detect, investigate, and prevent fraudulent transactions, bonus abuse, multi-accounting, and other prohibited activities. Lawful basis: legitimate interests.
- Responsible gaming: To monitor your gaming behaviour for signs of problem gambling and to administer self-exclusion, deposit limits, and time-out requests. Lawful basis: legitimate interests and legal obligation.
- Customer support: To respond to your enquiries, resolve disputes, and improve our support quality by reviewing past interactions. Lawful basis: contract performance and legitimate interests.
- Marketing communications: To send you promotional offers, bonus notifications, and platform updates by email or SMS, where you have given your explicit consent. Lawful basis: consent. You may withdraw consent at any time by contacting [email protected].
- Platform improvement: To analyse usage patterns, identify technical issues, and improve the overall performance and user experience of the e2bit platform. Lawful basis: legitimate interests.
We do not use your personal data for automated decision-making that produces significant legal effects, with the exception of automated fraud detection systems that may temporarily restrict your account pending human review.
3 Data Sharing & Disclosure
e2bit does not sell, rent, or trade your personal data to any third party for their own marketing purposes. We share your personal data only in the limited circumstances described below, and always under appropriate contractual safeguards:
- Payment service providers: We share relevant financial data with bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, BRAC Bank, City Bank, Islami Bank, and Sonali Bank solely to process your transactions. These providers are data processors acting under our instructions.
- Identity verification agencies: We may share identity documents with third-party KYC verification services to confirm your identity and age. These providers are contractually bound to handle your data securely and only for the stated purpose.
- Game content providers: Game providers such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi may receive limited technical data (such as session tokens and bet identifiers) necessary to deliver gameplay. They do not receive your full personal profile.
- Fraud prevention and security vendors: We work with security technology providers to monitor for suspicious activity. Relevant technical and usage data may be shared for this purpose.
- Legal and regulatory authorities: We will disclose personal data to competent authorities where required by applicable law, court order, or regulatory demand. We will notify you of any such disclosure where we are legally permitted to do so.
- Business transfers: In the event of a merger, acquisition, or sale of all or part of our business, your personal data may be transferred to the acquiring entity, subject to equivalent privacy protections.
Our commitment: Every third party that processes your data on our behalf is bound by a data processing agreement that requires them to maintain confidentiality, implement appropriate security measures, and process your data only for the purposes we specify. We conduct due diligence on all data processors before engaging them.
4 Cookies & Tracking
The e2bit platform uses cookies and similar tracking technologies to ensure the platform functions correctly, to remember your preferences, to keep your session secure, and to understand how users interact with our site. The types of cookies we use are as follows:
- Strictly necessary cookies: These cookies are essential for the platform to function. They enable core features such as account login session management, security token validation, and load balancing. These cookies cannot be disabled without breaking core platform functionality.
- Functional cookies: These cookies remember your preferences, such as your preferred language setting, display preferences, and recently visited game categories. They improve your experience by reducing the need to re-enter settings on each visit.
- Analytics cookies: We use analytics tools to collect aggregated, anonymised data about how users navigate the platform — including which pages are most visited, how long sessions typically last, and which features are most frequently used. This data helps us improve the platform over time.
- Security cookies: These cookies help us detect and prevent fraudulent activity, including bot traffic, credential stuffing attacks, and session hijacking attempts. They are a core part of our commitment to keeping your account safe.
You can manage your cookie preferences through your browser settings. Most modern browsers allow you to block, delete, or receive alerts about cookies. Note that disabling strictly necessary cookies will impair your ability to log in and use the platform. Disabling functional or analytics cookies will not prevent you from accessing core features.
We do not use third-party advertising cookies or share cookie data with advertising networks. Your browsing activity on e2bit is not used to build advertising profiles or to serve targeted advertisements on third-party platforms.
5 Data Retention
e2bit retains personal data for no longer than is necessary for the purposes described in this Policy, subject to any longer retention periods required by applicable law. Our general retention periods are as follows:
- Account and identity data: Retained for the duration of your active account relationship with e2bit, and for a period of five (5) years following account closure. This period is required for AML compliance, dispute resolution, and audit purposes.
- Financial transaction data: Retained for a minimum of five (5) years from the date of each transaction, in accordance with financial record-keeping requirements.
- KYC verification documents: Retained for five (5) years following account closure or the completion of the relevant KYC review, whichever is later.
- Customer support communications: Retained for three (3) years from the date of the last interaction, to enable us to reference previous correspondence in the event of a future related query or dispute.
- Usage and analytics data: Aggregated, anonymised analytics data may be retained indefinitely. Data that can be linked to a specific individual is deleted or anonymised within twelve (12) months of collection.
- Marketing consent records: Retained for the duration of your marketing subscription plus three (3) years, as evidence of consent in the event of a complaint.
When personal data is no longer required, e2bit securely deletes or anonymises it using industry-standard data destruction methods. If you request deletion of your account, we will action that request within 30 days, subject to any legal hold obligations that require us to retain specific data for a defined period.
6 Data Security
e2bit implements a layered approach to data security, combining technical, organisational, and procedural controls to protect your personal data against unauthorised access, disclosure, alteration, or destruction. Our key security measures include:
- TLS/SSL encryption: All data transmitted between your device and our servers is encrypted using Transport Layer Security (TLS). Our SSL certificate is maintained at all times, and HTTPS is enforced across the entire platform.
- Data encryption at rest: Sensitive personal data stored in our databases — including identity documents, payment information, and KYC records — is encrypted at rest using AES-256 encryption.
- Access controls: Access to personal data within e2bit is governed by a role-based access control (RBAC) system. Only staff with a legitimate operational need can access personal data, and all access is logged and audited.
- Penetration testing and security audits: Our platform undergoes regular security assessments, including automated vulnerability scanning and periodic manual penetration testing by independent security professionals.
- Incident response: e2bit maintains a documented data breach response procedure. In the event of a security incident that poses a risk to your personal data, we will notify affected users promptly with details of the incident and the steps we have taken to contain it.
- Staff training: All e2bit staff who handle personal data receive regular data protection training covering their obligations under this Policy and applicable data protection principles.
While we take all reasonable steps to protect your personal data, no internet-based system can be guaranteed 100% secure. You play an important role in keeping your account safe by using a strong, unique password, enabling any two-factor authentication options we make available, and notifying us immediately at [email protected] if you suspect unauthorised access to your account.
7 Your Privacy Rights
As a user of the e2bit platform, you hold the following rights with respect to the personal data we hold about you. To exercise any of these rights, please contact us at [email protected] with the subject line "Privacy Rights Request" and specify which right you wish to exercise.
You have the right to request a copy of all personal data we hold about you, along with information about how it is being used. We will provide this within 30 days of a verified request, free of charge for reasonable requests.
If any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct it. We will action corrections within 10 business days of a verified request.
You may request deletion of your personal data where it is no longer necessary for the purpose it was collected, where you withdraw consent (for consent-based processing), or where you object to processing based on legitimate interests. This right is subject to legal retention obligations.
You may request that we restrict the processing of your personal data in certain circumstances — for example, while the accuracy of data you have disputed is being verified, or while an objection to processing is under consideration.
Where processing is based on your consent or contract performance, you have the right to receive a copy of your personal data in a structured, commonly used, machine-readable format (such as CSV or JSON), suitable for transfer to another service provider.
You may object at any time to the processing of your personal data for direct marketing purposes. You may also object to processing based on legitimate interests, and we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
We will respond to all privacy rights requests within 30 calendar days of receipt. In complex cases, we may extend this period by a further 60 days, in which case we will notify you of the extension and the reason for the delay within the initial 30-day period.
We may need to verify your identity before processing a rights request to ensure that personal data is not disclosed to, or acted upon at the request of, an unauthorised person. Identity verification will be conducted by asking you to confirm details we hold on your registered account.
8 Contact & Complaints
If you have any questions, concerns, or requests relating to this Privacy Policy or the way e2bit handles your personal data, please contact our data protection team using the details below. All privacy-related communications should reference your registered account username or email address to enable us to locate your records efficiently.
Contact method: email only. Send your enquiry to [email protected] with the subject line "Privacy Enquiry" or "Privacy Rights Request" as appropriate. Our team acknowledges all privacy emails within 48 hours and aims to resolve enquiries within 10 business days. Support is available in English, 24 hours a day, 7 days a week. Bangladesh Standard Time (BST, UTC+6) is used as our primary reference time zone for response time commitments.
If you are not satisfied with our response to a privacy complaint, you have the right to escalate the matter to the appropriate data protection authority in your jurisdiction. e2bit will cooperate fully with any such regulatory inquiry and provide all requested documentation promptly.
e2bit reserves the right to update this Privacy Policy at any time. When we make material changes, we will notify registered users by email and display a prominent notice on the platform for a minimum of 30 days following the change. The effective date at the top of this Policy reflects the date of the most recent revision. Continued use of the e2bit platform after a Policy update constitutes your acceptance of the revised Policy.
Privacy contact: For all data protection and privacy matters, write to [email protected] — please include "Privacy" in your subject line. For account-related queries unrelated to privacy, our general support team handles all enquiries at the same address and will route your message to the appropriate team.
Ready to Play on a Platform You Can Trust?
Your privacy and security are protected every step of the way at e2bit. Explore our games, check the FAQ for common questions, or log in to your account to get started.
18+ only. Please gamble responsibly. e2bit is a safe and reliable gaming platform.