ace33 Privacy Policy
Your privacy matters to us. This Privacy Policy explains in clear, plain English how ace33 collects, uses, stores, and protects your personal information when you use our online casino and sports betting platform in Bangladesh. We are committed to handling your data responsibly and transparently.
How ace33 Protects Your Privacy
Six core principles that guide how ace33 handles the personal data of every player in Bangladesh.
SSL Encryption
All data transmitted between your browser and the ace33 platform is protected using industry-standard TLS/SSL encryption. Your login credentials, financial details, and personal information travel over an encrypted channel at all times.
No Data Sales
ace33 does not sell, rent, or trade your personal information to third-party marketers or data brokers under any circumstances. Your data exists solely to support your account, verify your identity, and improve your experience on our platform.
Minimal Data Collection
We collect only the personal information that is strictly necessary to provide our services, verify your age and identity, process payments, and comply with responsible gaming obligations. We do not gather data beyond what these purposes require.
Your Control
You have the right to access, correct, or request deletion of the personal data ace33 holds about you. You can also opt out of marketing communications at any time. We aim to respond to all data access requests within 30 calendar days.
Clear Retention Limits
ace33 retains personal data only for as long as it is needed to fulfil the purpose for which it was collected, or as required by applicable legal obligations. When retention is no longer justified, data is securely deleted or anonymised.
Cookie Transparency
We use cookies and similar tracking technologies only for essential platform functionality, session management, and anonymised analytics. We do not place third-party advertising cookies on your device without your knowledge.
1. Information We Collect
When you register for and use an ace33 account, we collect personal information across several categories. The type and volume of data we hold about you depends on how actively you use the platform and which services you access. Below is a comprehensive overview of the categories of personal data ace33 may collect and process.
| Data Category | Examples | When Collected |
|---|---|---|
| Identity Data | Full name, date of birth, gender, national ID number, passport number | During registration and KYC verification |
| Contact Data | Email address, mobile phone number, residential address | During registration and account updates |
| Financial Data | bKash/Nagad/Rocket/Upay wallet numbers, Visa/Mastercard last four digits, transaction history | When making deposits or withdrawals |
| Technical Data | IP address, browser type and version, device identifiers, operating system, time zone | Automatically on each platform visit |
| Usage Data | Games played, wager amounts, session duration, pages viewed, betting history | Continuously during active platform use |
| Communications Data | Support chat transcripts, email correspondence, feedback submissions | When you contact our support team |
For players in Bangladesh, we may additionally collect information about your preferred payment method type (mobile banking, card, or mobile wallet) to tailor the deposit and withdrawal experience. This preference data does not constitute financial account data and is used solely to personalise your payment screen.
2. How We Use Your Data
ace33 processes your personal data only for clearly defined, legitimate purposes. We do not use your data in ways that are incompatible with the reason it was originally collected. The following table sets out the primary purposes for which we use your data and the legal basis underpinning each use.
- Account creation and management. We use your identity and contact data to create and maintain your ace33 account, authenticate your logins, and allow you to update your profile details.
- Identity and age verification (KYC). We process identity documents and date of birth data to confirm that all ace33 players are aged 18 or above, and to fulfil our anti-money laundering obligations. This is a legal requirement that we cannot waive.
- Payment processing. We use financial data to process your deposits and withdrawals via bKash, Nagad, Rocket, Upay, Visa, and Mastercard. Payment data is transmitted to our payment processing partners over encrypted connections and is not stored in its raw form on ace33 servers beyond what is required for transaction records.
- Responsible gaming monitoring. We analyse gameplay and transaction patterns to identify signs of problem gambling behaviour, including rapid successive deposits, extended unbroken play sessions, or unusual loss patterns. Where such patterns are detected, we may reach out proactively or apply account-level safeguards in accordance with our Responsible Gaming policy.
- Fraud prevention and platform security. Technical data including IP addresses, device identifiers, and session data is used to detect fraudulent activity, identify bot use, prevent multiple account registrations, and maintain the overall security and integrity of the ace33 platform.
- Service improvement and analytics. Anonymised and aggregated usage data is used to understand how players interact with the platform, which games are most popular, and where the user experience can be improved. This analysis does not identify individual players.
- Customer support. Communications data from your support interactions is retained to allow us to respond to your queries, track the resolution of issues, and improve the quality of our support service over time.
- Marketing and promotions. Where you have opted in to receive marketing communications, we may use your contact data and gameplay preferences to send you personalised bonus offers, seasonal promotions (such as Eid specials or BPL betting offers), and relevant platform updates. You may opt out of marketing at any time by contacting [email protected].
ace33 does not use your personal data to make fully automated decisions that have significant legal or similarly significant effects on you without the involvement of a human reviewer. Automated systems may flag accounts for review, but all consequential decisions — such as permanent account closure — involve human assessment.
3. Data Sharing and Disclosure
ace33 does not sell, rent, or trade your personal data to any third party. However, to deliver our services effectively and comply with our legal obligations, we do share limited categories of personal data with the following types of third parties:
- Payment processing partners. When you make a deposit or withdrawal, your payment credentials and transaction details are shared with the relevant payment provider — such as bKash, Nagad, Rocket, Upay, or the applicable card network. These providers process your payment data under their own privacy policies and security standards. ace33 does not store raw card or mobile wallet credentials on its own servers.
- Identity verification services. To fulfil our KYC obligations, we may share identity document data with specialist third-party verification service providers. These providers process document data solely for the purpose of confirming your identity and are contractually prohibited from using the data for any other purpose.
- Game content providers. When you play a game supplied by a third-party studio — such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, or Ezugi — a minimal set of technical session data (such as a session token and your account identifier) is shared with the provider to facilitate the game session. These providers do not receive your name, payment details, or contact information.
- Legal and regulatory authorities. If required to do so by applicable law, court order, or competent regulatory authority, ace33 may disclose personal data to law enforcement agencies or other government bodies. We will always seek to limit the scope of any such disclosure to the minimum necessary to satisfy the relevant legal requirement.
- Business continuity. In the event of a merger, acquisition, or sale of all or a material part of ace33's business, personal data held about registered players may be transferred to the acquiring entity as part of the transaction. Players will be notified of any such transfer and of any change in the applicable privacy policy in advance.
4. Cookies and Tracking Technologies
ace33 uses cookies and similar local storage technologies to operate the platform and provide a consistent, secure user experience. Cookies are small text files placed on your device when you visit a website. They do not contain executable code and cannot access other files on your device.
The following categories of cookies are used on the ace33 platform:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Session authentication, login state, security tokens, fraud prevention signals | Session / up to 24 hours |
| Functional | Language preferences, preferred payment method, last-visited game category, UI state | Up to 90 days |
| Analytics | Anonymised page visit counts, session durations, navigation paths — used to improve platform UX | Up to 12 months |
ace33 does not place third-party advertising or retargeting cookies on your device. We do not share cookie-derived data with ad networks, social media platforms, or any other advertising technology providers.
Most modern browsers allow you to control cookie behaviour through your browser settings, including blocking or deleting cookies. Please note that disabling strictly necessary cookies will prevent you from logging in to your ace33 account, as these cookies are essential to maintaining your authenticated session. Disabling functional cookies may affect the personalisation of your experience. Disabling analytics cookies has no effect on your ability to use the platform.
5. Data Retention and Storage
ace33 retains personal data for as long as is necessary to fulfil the purpose for which it was collected, and no longer. The following general retention periods apply:
- Active account data — Identity, contact, financial, and usage data is retained for the full duration of your active account relationship with ace33, and for a minimum of five years following permanent account closure to satisfy legal record-keeping requirements.
- KYC and identity verification documents — Copies of identity documents submitted for KYC verification are retained for a minimum of five years after account closure. This retention period is required by anti-money laundering regulations applicable to online gaming operators.
- Transaction records — Deposit and withdrawal records, including amounts, timestamps, payment methods, and transaction identifiers, are retained for a minimum of seven years to comply with applicable financial record-keeping obligations.
- Support communications — Customer support chat transcripts and email correspondence are retained for a period of three years following the resolution of each support case, to allow for dispute resolution and service quality review.
- Marketing consent records — Records of your marketing consent or opt-out status are retained for as long as your account is active plus three years, to demonstrate compliance with applicable communications regulations.
- Anonymised analytics data — Aggregated, anonymised usage data that cannot be used to identify any individual player is retained indefinitely for product development and business planning purposes.
ace33 stores player data on secure servers. Data is not transferred to jurisdictions that do not provide an adequate level of data protection without the implementation of appropriate safeguards. Where data is processed outside Bangladesh by a third-party service provider, we ensure that appropriate contractual protections are in place.
6. Your Privacy Rights
ace33 respects your rights in relation to your personal data. The following rights are available to all registered players regardless of their location in Bangladesh:
- Right of access. You have the right to request a copy of the personal data ace33 holds about you. We will provide this information in a clear, structured format within 30 calendar days of receiving a valid request.
- Right to rectification. If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected. You may update basic profile information (such as your email address or contact number) directly within your account settings. For identity document corrections, please contact [email protected].
- Right to erasure. In certain circumstances, you have the right to request that ace33 delete the personal data we hold about you. This right is subject to overriding legal obligations — for example, we are required to retain KYC and transaction records for a minimum period regardless of an erasure request.
- Right to restrict processing. You may request that ace33 temporarily suspend the processing of your personal data — for example, while a correction request is under review — without requiring full erasure of your data.
- Right to data portability. You have the right to receive the personal data you have provided to ace33 in a structured, machine-readable format, and to request that it be transmitted to another service provider where technically feasible.
- Right to withdraw marketing consent. If you have opted in to marketing communications from ace33, you may withdraw that consent at any time by emailing [email protected] with the subject line "Unsubscribe from Marketing". Your request will be actioned within five business days.
To exercise any of the above rights, contact our support team at [email protected] with your full name, registered email address, and a description of your request. We may ask you to verify your identity before processing certain types of data request to protect against unauthorised access.
7. Data Security Measures
Protecting your personal data from unauthorised access, loss, or misuse is a core operational priority at ace33. We implement a layered security architecture that includes both technical controls and organisational procedures. The following measures are in place:
- TLS/SSL encryption in transit. All data transmitted between your browser or device and ace33 servers is encrypted using TLS 1.2 or higher. The padlock icon displayed in your browser address bar confirms that your connection to ace33 is encrypted.
- Encryption at rest. Sensitive personal data stored on ace33 servers — including identity document data, hashed passwords, and payment identifiers — is encrypted at rest using AES-256 or equivalent encryption standards.
- Password hashing. ace33 never stores your account password in plain text. Passwords are hashed using a strong one-way cryptographic algorithm before storage, meaning that even in the unlikely event of a data breach, your actual password would not be exposed in usable form.
- Access controls. Internal access to player personal data is restricted to ace33 staff members who have a legitimate operational need to access it. Access is role-based, logged, and regularly audited. Former employees have their access credentials revoked immediately upon departure.
- Intrusion detection and monitoring. ace33 operates continuous monitoring systems to detect and respond to unusual access patterns, potential intrusion attempts, and anomalous data transfers. Security events are logged and reviewed by our technical team on an ongoing basis.
- Third-party security assessments. ace33 conducts periodic reviews of its data processing practices and security controls, and requires its third-party service providers to maintain equivalent security standards as a condition of their engagement.
While ace33 takes all reasonable steps to protect your personal data, no internet-based platform can guarantee absolute security against all possible threats. You can help protect your account by using a strong, unique password, keeping your login credentials confidential, and notifying us immediately at [email protected] if you suspect your account has been accessed without your authorisation.
8. Contact and Complaints
If you have any questions, concerns, or requests regarding this Privacy Policy or the way ace33 processes your personal data, please contact our support team using the details below. We are committed to addressing all privacy-related enquiries promptly and transparently.
Email: [email protected]
Subject line: "Privacy Policy Query" or "Data Subject Request"
Response time: Within 5 business days for general queries; within 30 calendar days for formal data subject requests.
If you are not satisfied with our response to a privacy query or data subject request, you have the right to escalate the matter. We encourage players to first allow ace33 the opportunity to resolve the complaint directly before escalating, as most issues can be resolved efficiently through direct communication with our support team.
ace33 reserves the right to amend this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or platform functionality. When material changes are made, registered players will be informed via email using the address associated with their account. The most current version of this Privacy Policy is always available at ace33.club/privacy-policy. Continued use of the ace33 platform following notification of a material change constitutes acceptance of the updated Privacy Policy.
This Privacy Policy was last reviewed and updated in January 2026. It applies to all players registered on the ace33 platform, regardless of the device or method used to access the platform.
Questions About Your ace33 Account?
Our support team is available around the clock. Visit our FAQ for quick answers, review our Terms & Conditions, or explore our full game library.