Privacy Policy — How aec678 Handles Your Data
Your privacy matters. This Privacy Policy explains exactly what personal information aec678 collects from registered players in Bangladesh, how it is used, who it may be shared with, and how you can exercise your rights over your own data at any time.
Privacy at a Glance
aec678 treats every player's personal data with the highest standard of care. The following cards highlight the six core principles that shape our approach to privacy. The full binding policy text follows below.
Minimal Data Collection
aec678 collects only the personal information that is strictly necessary to operate your account, process transactions, and comply with identity verification requirements. We do not harvest data beyond what serves a clear, stated purpose.
Secure Storage
All personal data held by aec678 is stored on encrypted servers protected by SSL/TLS protocols and industry-standard access controls. Only authorised personnel with a verified operational need can access identifiable player records.
No Third-Party Data Sales
aec678 does not sell, rent, or commercially trade your personal information with any third party. Data is shared only with service providers who are contractually bound to process it solely on aec678's behalf and for no other purpose.
Player Control
You retain the right to access, correct, or request deletion of your personal data at any time by contacting the aec678 support team. Where deletion is not possible due to regulatory obligations, we will explain the reason and the applicable retention period in writing.
Transparent Cookie Use
aec678 uses cookies strictly for session management, fraud prevention, and platform performance analytics. We do not use cookies to build advertising profiles or share browsing data with ad networks. You can manage cookie preferences within your browser settings.
Defined Retention Periods
aec678 does not store personal data indefinitely. Retention periods are defined by the purpose for which data was collected and by applicable regulatory requirements. Account data is typically retained for five years following account closure to meet anti-money-laundering obligations.
This Privacy Policy ("Policy") applies to all users of the aec678 online casino and sports betting platform ("Platform"), accessible at https://aec678.app. By creating an account or using any feature of the Platform, you acknowledge that you have read and understood this Policy in its entirety. If you do not agree with any part of this Policy, you must not use the Platform.
1. Information We Collect
aec678 collects personal information from players at various stages of the account lifecycle — during registration, during the KYC verification process, and through ongoing use of the Platform. The categories of information collected are described below.
1.1 Information You Provide Directly
- Registration data: Full legal name, date of birth, mobile phone number, email address, and preferred payment method.
- Identity verification (KYC) documents: Copies of your National Identity Card (NID), passport, or driving licence, and any proof-of-address documents submitted during the verification process.
- Payment information: Mobile banking account details (bKash, Nagad, Rocket, Upay), bank account numbers, and card details where applicable. Full card numbers are never stored by aec678; payment processing is handled by PCI-DSS-compliant third-party gateway providers.
- Communication data: Messages sent to the aec678 support team via live chat or email, including the content of queries and any attachments provided.
- Self-reported preferences: Responsible gaming settings such as deposit limits, session limits, and self-exclusion elections that you configure within your account.
1.2 Information Collected Automatically
- Device and technical data: IP address, browser type and version, operating system, device model, screen resolution, and time zone setting.
- Usage data: Pages visited on the Platform, games played, bets placed, session start and end times, and navigation paths through the site.
- Transaction logs: A complete history of deposits, withdrawals, bets, wins, losses, and bonus redemptions associated with your account.
- Cookie and session data: Session identifiers, authentication tokens, and analytics identifiers placed on your device as described in Section 4 of this Policy.
1.3 Information from Third Parties
aec678 may receive information about you from third-party identity verification providers engaged to assist with KYC compliance, from payment processors confirming transaction status, and from fraud-screening services that flag potentially suspicious activity. In all cases, the receipt and use of such third-party data is governed by the same principles set out in this Policy.
aec678 does not knowingly collect personal data from individuals under the age of 18. If we become aware that a minor has provided personal data through registration or use of the Platform, the account will be closed immediately and all associated data will be deleted or anonymised without delay.
2. How We Use Your Information
aec678 processes your personal data only for purposes that are clearly defined and proportionate to the information collected. The table below sets out the primary processing purposes and the lawful basis for each.
| Processing Purpose | Examples | Lawful Basis |
|---|---|---|
| Account Management | Creating and maintaining your player account, processing logins, managing passwords and OTPs | Contractual necessity |
| Payment Processing | Handling deposits and withdrawals via bKash, Nagad, Rocket, Upay, and bank transfer | Contractual necessity |
| Identity Verification | KYC checks, age verification, document review | Legal obligation |
| Fraud Prevention | Monitoring for suspicious activity, duplicate account detection, bot detection | Legitimate interest |
| Responsible Gaming | Enforcing deposit limits, self-exclusion periods, and session time-outs you have configured | Contractual necessity / Legal obligation |
| Customer Support | Responding to queries, resolving disputes, processing complaints | Contractual necessity |
| Platform Improvement | Analysing aggregated usage patterns to improve site performance and game selection | Legitimate interest |
| Marketing Communications | Sending promotional offers, bonus notifications, and seasonal campaign updates | Consent (opt-in only) |
aec678 will never use your personal data for automated decision-making that produces legal or similarly significant effects without a human review stage. Where profiling is used (for example, to personalise game recommendations), it is based on anonymised or aggregated behavioural data and does not affect account terms, credit decisions, or eligibility for promotions.
3. Data Sharing and Third Parties
aec678 does not sell, rent, or commercially disclose your personal data to any third party. Data is shared externally only in the following limited and controlled circumstances:
3.1 Service Providers
aec678 engages a number of specialist third-party companies to support the operation of the Platform. These include payment gateway operators (processing bKash, Nagad, Rocket, Upay, and card transactions), KYC and identity verification platforms, fraud and risk-screening services, cloud hosting and infrastructure providers, and customer support technology vendors. All service providers are subject to binding data processing agreements that restrict their use of your data solely to the services they provide to aec678. They are not permitted to use your data for their own purposes.
3.2 Game Studio and Software Providers
When you play a game provided by a third-party studio (such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Ezugi, or Spribe), certain technical data — such as your session token, bet amounts, and game results — is transmitted to that provider's servers in order to render the game and record the outcome. This data transfer is governed by the contractual terms between aec678 and each game studio and is limited to what is technically necessary to deliver the gaming experience.
3.3 Legal and Regulatory Disclosure
aec678 may disclose personal data to law enforcement agencies, regulatory authorities, or financial intelligence units where required by applicable law, a valid court order, or a lawful regulatory instruction. In such cases, aec678 will disclose only the minimum data necessary to satisfy the legal requirement and will, where legally permitted, notify you of the disclosure.
3.4 Business Transfers
In the event that aec678 undergoes a merger, acquisition, or sale of all or part of its business, player data may be transferred to the acquiring entity as part of the transaction. You will be notified of any such transfer and the privacy terms applicable to your data going forward before the transfer takes effect.
Important: aec678 will never contact you by phone, SMS, or email requesting your full password, OTP, or payment account PIN. If you receive any such communication claiming to be from aec678, treat it as fraudulent and report it immediately via the live chat support channel.
4. Cookies and Tracking Technologies
aec678 uses cookies and similar browser-based storage technologies to deliver a functional, secure, and personalised experience on the Platform. A cookie is a small text file placed on your device when you visit the Platform. The types of cookies used by aec678 are described below.
- Strictly necessary cookies: These are essential for the Platform to function. They maintain your login session, prevent cross-site request forgery, and enable secure navigation between pages. These cookies cannot be disabled without breaking core Platform functionality.
- Performance and analytics cookies: These collect anonymised data about how players navigate the Platform — which pages are visited most frequently, how long sessions last, and which features are used. This information is used exclusively to improve the Platform experience. No personally identifiable information is included in analytics reports.
- Functional cookies: These remember your preferences, such as your chosen language setting, display preferences, and responsible gaming configuration, so that you do not need to re-enter them on each visit.
- Fraud prevention tokens: aec678 uses device fingerprinting and session tokens to detect and prevent automated bot access, duplicate account creation, and other forms of fraudulent activity.
aec678 does not use advertising or targeting cookies, and does not participate in third-party advertising networks or retargeting programmes. You may manage or delete cookies at any time through your browser's privacy settings. Note that disabling strictly necessary cookies will prevent you from logging in to the Platform.
5. Data Security Measures
aec678 applies a layered security architecture to protect all personal data held on its systems. The following technical and organisational measures are in place:
- Encryption in transit: All data exchanged between your browser and the aec678 Platform is encrypted using TLS 1.2 or higher. The Platform enforces HTTPS across all pages without exception.
- Encryption at rest: Sensitive personal data stored in aec678 databases — including identity documents and payment records — is encrypted at rest using AES-256 encryption.
- Access controls: Internal access to player data is granted on a strict need-to-know basis. All staff with data access privileges are required to use multi-factor authentication and are subject to regular access reviews.
- Penetration testing: The Platform undergoes regular third-party security assessments to identify and remediate vulnerabilities before they can be exploited.
- Incident response: aec678 maintains a documented data breach response procedure. In the event of a breach affecting player data, affected players will be notified within 72 hours of aec678 becoming aware of the incident, along with a description of the nature of the breach and the steps being taken to contain it.
While aec678 employs all reasonable technical safeguards, no internet transmission or electronic storage system is entirely immune to risk. Players are strongly encouraged to use a strong, unique password for their aec678 account and to enable any additional security features available within account settings.
aec678 undergoes regular independent security audits. All payment processing integrations (bKash, Nagad, Rocket, Visa, Mastercard) are handled through PCI-DSS-compliant gateways. Full card numbers and mobile banking PINs are never stored on aec678 servers.
6. Data Retention Policy
aec678 retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable law. The following retention schedule applies:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account registration data | Duration of account + 5 years after closure | Anti-money-laundering regulatory requirement |
| KYC identity documents | Duration of account + 5 years after closure | Regulatory compliance and fraud investigation |
| Transaction records | 7 years from transaction date | Financial record-keeping obligations |
| Customer support communications | 3 years from last interaction | Dispute resolution and audit trail |
| Analytics and usage data | 13 months from collection | Platform performance analysis cycle |
| Marketing consent records | Until consent is withdrawn + 3 years | Proof of consent for compliance purposes |
Once the applicable retention period has elapsed, personal data is securely deleted or irreversibly anonymised. Anonymised aggregate data may be retained indefinitely for statistical and research purposes, as it can no longer be linked to any individual.
7. Your Privacy Rights
As a registered player on the aec678 Platform, you have the following rights regarding your personal data. To exercise any of these rights, contact the aec678 support team via live chat or by email to . aec678 will respond to all privacy rights requests within 10 business days.
- Right of access: You may request a copy of all personal data that aec678 holds about you. This will be provided in a structured, machine-readable format where technically feasible.
- Right to rectification: If any personal data held about you is inaccurate or incomplete, you have the right to request that it be corrected. Minor corrections (such as updating a phone number) can be made directly within account settings.
- Right to erasure: You may request that aec678 delete your personal data. This right is subject to applicable legal retention obligations — aec678 cannot delete data that it is required to retain by law for a defined period. Where deletion is not possible, aec678 will provide a written explanation.
- Right to restrict processing: In certain circumstances (for example, where you contest the accuracy of data, or where you have objected to processing pending verification of our legitimate grounds), you may request that aec678 pause its processing of your data.
- Right to data portability: Where processing is based on your consent or on a contractual relationship, you may request that your data be provided to you in a portable format so that it can be transferred to another service provider.
- Right to withdraw consent: Where aec678 processes your data based on your consent (for example, for marketing communications), you may withdraw that consent at any time by updating your communication preferences within account settings or by contacting support. Withdrawal of consent does not affect the lawfulness of processing that took place prior to withdrawal.
- Right to object to marketing: You may opt out of receiving promotional emails, SMS messages, and in-platform notifications at any time by adjusting your marketing preferences in account settings or by using the unsubscribe link included in every marketing message.
8. Updates to This Policy
aec678 reviews this Privacy Policy periodically and may update it to reflect changes in our data practices, changes to the Platform's functionality, or changes in applicable law. When a material update is made, we will publish the revised Policy on this page and update the effective date shown at the top of the document. Where a change is particularly significant — for example, a new category of data being collected or a new type of third-party sharing — we will notify registered players via the Platform's notification system or by email to the address on the account.
Your continued use of the aec678 Platform after a revised Privacy Policy has been published constitutes your acceptance of the updated terms. If you do not agree with the changes, you should stop using the Platform and contact the support team to request account closure. aec678 will process any such closure request in accordance with Section 8 of the Terms and Conditions.
For any questions, concerns, or formal privacy rights requests relating to this Policy, please contact the aec678 privacy team at: . All privacy correspondence is handled in English and will receive a response within 10 business days.
This Privacy Policy should be read alongside the aec678 Terms & Conditions and Responsible Gaming policy, which together form the complete legal framework governing your use of the aec678 Platform.
Document Details
- Version: January 2026
- Language: English
- Market: Bangladesh
- Encryption: TLS 1.2+
- Storage: AES-256
Related Pages
Privacy Contact
For data requests or privacy concerns, contact our team directly.
Gambling involves financial risk. Only bet what you can afford to lose. 18+ only.
Ready to Play on a Platform You Can Trust?
aec678 keeps your data safe while you enjoy cricket betting, live casino tables, slots, and more. Our support team is available 24/7 should you have any questions about your privacy or account.