Privacy Policy — pokkie Data Protection
Your privacy matters to us. This Privacy Policy explains exactly what personal information pokkie collects when you use our platform, how that information is used, who it may be shared with, and what rights you have over your own data. We are committed to handling your information with transparency, security, and respect.
Information We Collect
When you register an account or interact with the pokkie platform, we collect a range of personal and technical information. This data is necessary for us to deliver a safe, functional, and personalised gaming experience. The categories of information we collect are described below.
Account Registration Data:
- Full legal name as it appears on your government-issued identification document
- Date of birth (used to verify that you are 18 years of age or older)
- Email address and mobile phone number registered in your name
- Residential address within Bangladesh (city, district, postal code)
- Username and encrypted password credentials
Identity Verification (KYC) Documents:
- National Identity Document (NID) number and scanned copy
- Passport or driving licence where NID is unavailable
- Selfie or live-photo verification image for biometric matching
- Proof of address: utility bill, bank statement, or official correspondence dated within 90 days
Financial and Transaction Data:
- bKash, Nagad, Rocket, or Upay mobile wallet number associated with deposits and withdrawals
- Bank account details for players using Dutch-Bangla Bank, City Bank, BRAC Bank, Islami Bank, or Sonali Bank transfers
- Deposit amounts, withdrawal amounts, transaction timestamps, and transaction reference numbers
- Bonus and promotional credit transaction history
Gameplay and Betting Data:
- Games played, bet amounts placed, game outcomes, and session durations
- Sports betting markets accessed and wager history on cricket, football, and other events
- Responsible gaming tool usage, including deposit limit settings and time-out activations
Technical and Device Data:
- IP address and approximate geolocation derived from IP
- Device type, operating system, browser type and version
- Session identifiers, cookies, and local storage data (see Section 3)
- Referral source and affiliate tracking codes where applicable
Communication Data:
- Records of customer support interactions via live chat, email, or any in-platform messaging system
- Survey responses, feedback submissions, and promotional opt-in records
Six Pillars of pokkie Privacy
These core principles guide every data processing decision we make at pokkie. They are not aspirational — they are operational commitments embedded in our systems and processes.
We collect personal data only for specific, explicitly stated purposes. Your registration details are used to verify your identity and manage your account — not to build advertising profiles or sell leads to third parties.
We request only the data we genuinely need. Mandatory fields during registration are limited to what is necessary for account creation, age verification, and fraud prevention. Optional fields are clearly labelled.
We take reasonable steps to keep the personal data we hold accurate and up to date. You can update your contact details and address at any time via your account dashboard. KYC document updates are processed within 48 hours.
Personal data is not retained beyond the period necessary for the purpose it was collected. Once an account is closed and all legal retention obligations are satisfied, your data is securely deleted or anonymised.
All personal data held by pokkie is protected using industry-standard security measures including AES-256 encryption at rest, TLS 1.3 in transit, and role-based access controls limiting who can view sensitive records.
pokkie maintains internal records of all data processing activities and conducts regular privacy impact assessments. Our data protection team is available to respond to any privacy query or complaint submitted to [email protected].
How We Use Your Data
pokkie processes personal data only where we have a valid legal basis to do so. The principal purposes for which we use your information are described below, together with the corresponding legal basis for each processing activity.
| Processing Purpose | Legal Basis |
|---|---|
| Account creation and management — registering your profile, storing your preferences, and providing access to the platform | Contractual necessity |
| Age and identity verification (KYC) — confirming you are 18+ and that your identity matches registration details | Legal obligation and contractual necessity |
| Payment processing — executing deposits and withdrawals via bKash, Nagad, Rocket, Upay, and bank transfers | Contractual necessity |
| Fraud prevention and security — detecting suspicious activity, preventing account takeovers, and investigating potential Prohibited Activities | Legitimate interest and legal obligation |
| Responsible gaming monitoring — identifying patterns that may indicate problem gambling and enabling timely intervention or support | Legal obligation and legitimate interest |
| Customer support — responding to enquiries, resolving disputes, and maintaining interaction records | Contractual necessity and legitimate interest |
| Promotional communications — sending bonus offers, BPL/IPL cricket promotions, Eid/Pohela Boishakh seasonal offers (only where you have opted in) | Consent |
| Platform improvement — analysing aggregated usage data to enhance game performance, navigation, and user experience | Legitimate interest |
| Legal and regulatory compliance — meeting anti-money laundering (AML), counter-financing of terrorism (CFT), and data retention obligations | Legal obligation |
Where processing is based on your consent — for example, receiving marketing communications — you may withdraw that consent at any time by updating your notification preferences in your account settings or by contacting [email protected]. Withdrawal of consent does not affect the lawfulness of any processing carried out prior to withdrawal.
pokkie does not use automated decision-making processes that produce significant legal effects on individual players without human review. Where automated fraud-detection systems flag an account for investigation, a member of our compliance team reviews the case before any account action is taken.
Cookies and Tracking Technologies
pokkie uses cookies and similar tracking technologies to ensure the platform functions correctly, to remember your preferences, and to help us understand how players use the site. The following cookie categories are in use on pokkie.net.
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Maintain your login session, remember your language and currency settings, and enable core platform features. These cannot be disabled without impairing platform functionality. | Session / up to 30 days |
| Performance / Analytics | Collect anonymised data about page visits, click paths, and feature usage to improve the pokkie user experience. No personally identifiable information is stored in these cookies. | Up to 12 months |
| Functional | Remember optional preferences such as your preferred deposit method, game filter settings, and responsible gaming reminder intervals. | Up to 6 months |
| Affiliate / Referral Tracking | Track the marketing channel through which you arrived at pokkie.net so that referral partners can be credited appropriately. These cookies do not track your activity across third-party websites. | Up to 30 days |
pokkie does not use third-party advertising networks or cross-site behavioural tracking cookies. We do not place cookies on behalf of social media platforms, and we do not sell cookie-derived data to data brokers or marketing aggregators.
Data Sharing and Third Parties
pokkie does not sell, rent, or trade your personal data to any third party for commercial purposes. However, certain operational partners require limited access to your data in order for us to deliver our service. Every third-party engagement is governed by a written data processing agreement that binds the recipient to confidentiality and data protection standards consistent with this Privacy Policy.
Categories of third parties with whom data may be shared:
- Payment Processors: bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, BRAC Bank, Islami Bank, and Sonali Bank receive transaction data necessary to process your deposits and withdrawals. These providers operate under their own data protection policies and are responsible for securing data within their networks.
- Identity Verification Partners: Third-party KYC service providers may process copies of your identity documents solely for the purpose of verifying your identity and age. Verified results are returned to pokkie; document copies are not retained by the verification partner beyond the minimum required period.
- Game Technology Providers: Software studios such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi operate the game engines behind our casino and live dealer products. These providers receive anonymised session identifiers required for game integrity; they do not receive your full name, NID, or payment details.
- Customer Support Technology: Our live chat and support ticketing platforms store interaction records for quality assurance and dispute resolution purposes.
- Fraud and AML Detection Services: Specialist compliance technology providers may analyse transactional patterns to identify money laundering or fraud risk. Any positive finding is reviewed by pokkie's human compliance team before any account action is initiated.
- Regulatory and Law Enforcement Authorities: pokkie will disclose personal data to relevant authorities where required to do so by applicable law, court order, or legitimate governmental request. We will notify affected players of such disclosures where legally permitted to do so.
Data Retention
pokkie retains personal data only for as long as is necessary to fulfil the purposes outlined in this Privacy Policy, or as required to comply with applicable legal, regulatory, or audit obligations. The following retention schedule applies as a general framework.
| Data Category | Retention Period | Basis |
|---|---|---|
| Account registration and profile data | Duration of account plus 5 years after closure | Legal / AML obligation |
| KYC identity documents | 5 years from account closure or last transaction | Legal / regulatory obligation |
| Financial transaction records | 7 years from transaction date | Financial record-keeping law |
| Betting and gaming history | 5 years from the date of each session | Dispute resolution and regulatory |
| Customer support records | 3 years from last interaction | Legitimate interest / dispute resolution |
| Marketing consent records | Until consent is withdrawn, plus 2 years thereafter | Proof of consent obligation |
| Technical / device logs | Up to 12 months on a rolling basis | Security and fraud prevention |
| Anonymised analytics data | Indefinitely (no personal identifiers retained) | Legitimate interest / platform improvement |
Upon expiry of the applicable retention period, personal data is securely deleted using data-destruction methods that render recovery impossible. Where full deletion is not immediately practicable — for example, in backup systems on a scheduled rotation — data is isolated from active processing until the next scheduled purge cycle completes.
Data Security Measures
Protecting your personal information from unauthorised access, disclosure, alteration, and destruction is a foundational commitment at pokkie. We implement a layered security architecture that combines technical controls, operational procedures, and staff training.
Technical Safeguards:
- Encryption in Transit: All data exchanged between your device and pokkie's servers is encrypted using TLS 1.3. Connections over insecure protocols are automatically redirected to HTTPS.
- Encryption at Rest: Sensitive personal data, KYC documents, and financial records stored in pokkie's databases are encrypted using AES-256.
- Password Security: Account passwords are stored as salted cryptographic hashes. pokkie staff cannot read your password in plain text. You are encouraged to choose a unique, strong password and to enable two-factor authentication (2FA) for additional protection.
- Access Controls: Role-based access controls (RBAC) ensure that only authorised personnel can access personal data, and only to the extent required for their operational role. Access logs are maintained and reviewed regularly.
- Vulnerability Management: pokkie conducts regular penetration tests and vulnerability assessments of its web infrastructure. Critical vulnerabilities are patched within 24 hours of detection.
Operational Safeguards:
- All pokkie staff with access to personal data undergo mandatory data protection training as part of their onboarding and annually thereafter.
- Data access is logged and subject to regular audit. Anomalous access patterns trigger automated alerts to the security team.
- Third-party vendor access to personal data is limited to the minimum necessary and governed by contractual data processing agreements.
Your Rights Over Your Data
pokkie recognises and respects your rights as a data subject. The following rights are available to all registered players. To exercise any of these rights, please contact our data protection team at [email protected] with the subject line "Data Rights Request". We will respond within thirty (30) days of receiving a valid, verified request.
- Right of Access: You have the right to request a copy of all personal data pokkie holds about you. This is sometimes called a Subject Access Request (SAR). We will provide your data in a structured, machine-readable format where technically feasible.
- Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to request correction. Minor corrections (such as email address updates) can be made directly in your account settings. Changes to identity documentation require a fresh KYC submission.
- Right to Erasure: You may request deletion of your personal data in certain circumstances — for example, where the data is no longer necessary for the purpose it was collected, or where you withdraw consent and there is no overriding legal basis for continued processing. Note that pokkie is required to retain certain financial and KYC records for legal compliance periods (see Section 5), which may limit the scope of erasure requests.
- Right to Restriction of Processing: In certain circumstances — for example, while the accuracy of personal data is being contested — you may request that we restrict our processing of your data to storage only, pausing active use.
- Right to Data Portability: Where processing is based on your consent or contractual necessity and is carried out by automated means, you may request that we provide your personal data in a portable format so that you can transfer it to another service provider.
- Right to Object: You have the right to object to processing carried out on the basis of legitimate interests, including profiling for fraud prevention. We will cease such processing unless we can demonstrate compelling legitimate grounds that override your interests.
- Right to Withdraw Consent: Where processing is based on your consent (for example, receiving marketing emails about BPL promotions or Eid bonus offers), you may withdraw that consent at any time via your account notification settings or by emailing [email protected]. Withdrawal does not affect the lawfulness of prior processing.
Contact and Complaints
If you have any questions about this Privacy Policy, wish to exercise a data right, or have a concern about how pokkie has handled your personal information, please contact our data protection team. We take all privacy concerns seriously and commit to acknowledging your enquiry within two (2) business hours during Bangladesh Standard Time (BST, UTC+6) operating hours.
Data Protection Contact:
- Email: [email protected] (subject line: "Privacy Enquiry" or "Data Rights Request")
- Response time: within 30 calendar days for formal data rights requests; within 2 business hours for general queries during BST operating hours
- Language: English (our primary support language for the Bangladesh market)
Complaints Process:
If you are dissatisfied with pokkie's response to a privacy concern, you have the right to escalate your complaint through the following process:
- Step 1 — Internal Review: Submit a formal written complaint to [email protected] with the subject line "Formal Privacy Complaint". Our data protection team will conduct an internal review and provide a written decision within 14 calendar days.
- Step 2 — Escalation: If you remain unsatisfied with the outcome of the internal review, you may request that the matter be escalated to senior management for a second-level review within a further 14 calendar days.
- Step 3 — External Resolution: If all internal channels have been exhausted, you retain the right to seek resolution through any applicable external dispute resolution mechanism or supervisory authority with jurisdiction over your situation.
pokkie is committed to resolving all legitimate privacy complaints fairly and transparently. We do not penalise players for raising data protection concerns, and we will not restrict access to gaming services solely on the basis of a submitted privacy complaint.
Explore pokkie's Secure Gaming Platform
Now that you understand how pokkie protects your personal data, explore everything our platform has to offer — from live cricket betting during BPL and IPL seasons, to slots, fishing games, and a full live casino experience. All secured with SSL encryption and fair-play certified gameplay. 18+ only.