ac35 Privacy Policy —
Your Data, Your Rights
At ac35, we treat the privacy of our players with the same seriousness we apply to platform security. This Privacy Policy explains precisely what personal data we collect, why we collect it, how we use and protect it, and what rights you hold over your own information as a player in Bangladesh.
Section 1
Information We Collect
ac35 collects personal data that is necessary to deliver our services safely, securely, and in compliance with applicable regulations. We collect data in three primary ways: information you provide directly to us, information collected automatically as you use the Platform, and information we receive from third-party sources such as payment processors and identity verification providers.
Information You Provide Directly
When you register an account, make a transaction, contact support, or otherwise interact with ac35, you may provide the following categories of personal data:
- Identity data: Full legal name, date of birth, gender, and copies of government-issued identity documents (e.g., National ID card, passport) submitted during KYC verification.
- Contact data: Bangladeshi mobile phone number, email address, and residential address including district and division (e.g., Dhaka, Chittagong, Sylhet, Rajshahi, Khulna).
- Account credentials: Username and encrypted password. ac35 never stores passwords in plain text.
- Financial data: Mobile Financial Service (MFS) account numbers (bKash, Nagad, Rocket, Upay) and bank account details (Dutch-Bangla Bank, City Bank, BRAC Bank) used for deposits and withdrawals. Full card numbers are never stored by ac35.
- Communications data: Records of your interactions with ac35 customer support, including live chat transcripts, support ticket content, and email correspondence.
- Self-reported preference data: Responsible gaming preferences, deposit limits, and self-exclusion requests submitted via your account settings.
Information Collected Automatically
When you access the ac35 Platform, certain technical data is collected automatically by our systems. This data is used primarily for security monitoring, fraud prevention, and service optimisation:
- Device data: Device type, operating system, browser type and version, screen resolution, and device identifiers.
- Network data: IP address, approximate geographic location derived from IP, internet service provider, and connection type.
- Usage data: Pages visited, features accessed, bet history, game session data, session duration, click-stream data, and navigation paths within the Platform.
- Log data: Server-side access logs recording timestamps, request types, response codes, and error events associated with your account activity.
Information from Third Parties
ac35 may receive personal data about you from third-party sources in the following contexts: identity verification and KYC service providers who confirm the authenticity of documents you submit; payment processors who confirm the status of deposit and withdrawal transactions; fraud prevention partners who provide risk signals associated with device fingerprints or IP addresses; and publicly available databases used to fulfil our anti-money-laundering obligations.
Section 2
How We Use Your Data
| Purpose | Data Categories Used | Legal Basis |
|---|---|---|
| Account creation and management | Identity, contact, credentials | Contractual necessity |
| Processing deposits and withdrawals | Financial, identity, contact | Contractual necessity |
| Identity verification (KYC/AML) | Identity, financial, network | Legal obligation |
| Fraud detection and prevention | Device, network, usage, log | Legitimate interest |
| Responsible gaming monitoring | Usage, preference, financial | Legal obligation / legitimate interest |
| Customer support | Communications, identity, account | Contractual necessity |
| Platform improvement and analytics | Usage, device, log | Legitimate interest |
| Promotional communications (opt-in) | Contact, preference | Consent |
Marketing Communications
ac35 will only send promotional emails, SMS messages, or push notifications where you have explicitly opted in to receive such communications during registration or via your account settings. Each marketing message will include a clear and functional opt-out mechanism. Withdrawing your consent to marketing communications will not affect the processing of your personal data for other purposes (e.g., account management or transaction processing).
Automated Decision-Making
ac35 uses automated systems to detect fraud, unusual account behaviour, and responsible gaming triggers. In some cases, these automated systems may result in temporary account restrictions without prior human review. Where a significant decision affecting your account is made solely by automated means, you have the right to request a human review of that decision by contacting [email protected].
Section 3
Data Sharing & Disclosure
Service Providers and Data Processors
ac35 engages carefully selected third-party service providers who process personal data on our behalf and under our instruction. These providers are contractually bound to process data only as directed by ac35 and to maintain appropriate security standards. Categories of service providers include:
- Payment processors: bKash, Nagad, Rocket, Upay, and partner banks who process financial transactions. These providers receive only the financial and identity data strictly required to execute your requested transaction.
- Identity verification providers: KYC and document verification partners who validate identity documents and confirm age eligibility.
- Game technology providers: Software providers such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi whose gaming platforms are integrated into ac35. These providers may receive session identifiers and game-result data necessary to operate their games.
- Fraud prevention and security partners: Providers of device fingerprinting, IP intelligence, and transaction risk-scoring services.
- Cloud infrastructure providers: Hosting and content delivery network providers on whose infrastructure the ac35 Platform operates.
- Customer support tools: Live chat and ticketing platform providers used to deliver our support services.
Legal Disclosures
ac35 may disclose your personal data to law enforcement agencies, regulatory bodies, or other public authorities where we are legally required to do so, or where disclosure is necessary to prevent, detect, or prosecute fraud, money laundering, or other criminal activity. ac35 will, where permitted by law, notify affected users of any such disclosure.
Business Transfers
In the event of a merger, acquisition, restructuring, or sale of assets involving ac35, your personal data may be transferred to the successor entity as part of that transaction. You will be notified of any such transfer and of any material changes to this Privacy Policy that result from it, prior to the transfer taking effect where reasonably practicable.
Section 4
Cookies & Tracking Technologies
Essential Cookies
Required for the Platform to function. They maintain your login session, remember your account state, and enable core security features. These cannot be disabled without impairing your ability to use the Platform.
Analytics Cookies
Used to understand how players navigate the Platform — which pages are visited most, where users encounter errors, and how features perform. This data is aggregated and does not identify you personally.
Functional Cookies
Remember your preferences such as language settings, display options, and responsible gaming configurations so that you do not need to reset them each time you visit.
Security Cookies
Support fraud detection and account security functions by identifying suspicious session behaviour, detecting automated bots, and flagging anomalous login patterns that may indicate unauthorised access.
Managing Cookie Preferences
You may control non-essential cookie categories through your browser settings. Most modern browsers allow you to block or delete cookies via their settings menus. Please note that disabling analytics or functional cookies may reduce the quality of your experience on the ac35 Platform but will not prevent you from accessing core betting and gaming features. Disabling essential or security cookies may prevent you from logging in or completing financial transactions securely.
Local Storage and Session Storage
In addition to cookies, ac35 may use browser local storage and session storage to store small amounts of data on your device. These storage mechanisms are used for the same purposes as functional and essential cookies — to maintain session state, cache preferences, and support security features. This data does not leave your device except as part of standard HTTPS requests to ac35's servers.
Section 5
Data Security Measures
TLS/SSL Encryption
All data transmitted between your device and ac35's servers is protected by industry-standard Transport Layer Security (TLS) encryption. The padlock icon in your browser confirms that your connection to ac35.app is encrypted at all times.
Encrypted Data Storage
Sensitive data fields — including passwords, payment account references, and identity document metadata — are stored in encrypted form within ac35's databases. Encryption keys are managed separately from the data they protect, using industry-standard key management practices.
Access Controls
Access to personal data within ac35's internal systems is restricted on a strict need-to-know basis. Staff members are granted only the minimum access required for their specific role. All internal data access is logged and subject to regular audit review.
Data Breach Response
ac35 maintains an internal data breach response procedure. In the event of a confirmed personal data breach that poses a risk to your rights and freedoms, ac35 will notify affected players without undue delay via their registered email address. The notification will describe the nature of the breach, the categories of data affected, the likely consequences, and the measures ac35 has taken or is taking to address the breach.
Your Responsibility
While ac35 takes all reasonable technical and organisational measures to protect your personal data, the security of your account also depends on your own behaviour. You are responsible for keeping your login credentials confidential, using a strong and unique password, enabling two-factor authentication, and logging out of your account when using shared or public devices. ac35 is not liable for data breaches that result from your failure to maintain the security of your account credentials.
Section 6
Data Retention Policy
ac35 retains personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable legal or regulatory obligations. The following general retention periods apply:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account and identity data | Duration of account + 5 years after closure | AML / legal obligation |
| Transaction records | 7 years from transaction date | Financial record-keeping obligation |
| KYC documents | 5 years after account closure | Regulatory compliance |
| Betting and game history | 3 years from date of activity | Dispute resolution / responsible gaming |
| Support communications | 3 years from last interaction | Service quality and dispute records |
| Usage and log data | 13 months on a rolling basis | Security monitoring and analytics |
| Marketing consent records | Until consent is withdrawn + 1 year | Evidence of lawful processing basis |
Upon expiry of the applicable retention period, ac35 will securely delete or irreversibly anonymise the relevant personal data. Where data is anonymised rather than deleted, the resulting dataset contains no information that could be used to identify you and is no longer considered personal data subject to this Privacy Policy.
If you request deletion of your personal data before the expiry of an applicable retention period, ac35 will delete all data that is not subject to a mandatory retention obligation and will restrict processing of the remaining data to only those purposes that justify the continued retention.
Section 7
Your Privacy Rights
As a player on the ac35 Platform, you hold the following rights in relation to your personal data. To exercise any of these rights, contact our Data Protection team at [email protected] with the subject line "Privacy Rights Request". ac35 will respond within 30 days of receiving a valid request. We may ask you to verify your identity before processing a rights request to protect against unauthorised access.
Right to Access
Request a copy of all personal data ac35 holds about you, together with information about how it is used and with whom it is shared.
Right to Rectification
Request correction of any inaccurate or incomplete personal data we hold about you. You may also update many details directly via your account settings.
Right to Erasure
Request deletion of your personal data where it is no longer necessary for the purpose it was collected, subject to overriding legal retention obligations.
Right to Restrict Processing
Request that ac35 restricts how it uses your data in certain circumstances, such as while the accuracy of data is being disputed.
Right to Data Portability
Request your personal data in a structured, machine-readable format so that it can be transferred to another service provider where technically feasible.
Right to Object
Object to the processing of your data where ac35 relies on legitimate interests as the legal basis, including profiling for direct marketing purposes.
Right Against Automated Decisions
Request human review of any significant decision made solely by automated processing that affects your account, such as automated fraud-triggered suspensions.
Right to Withdraw Consent
Withdraw consent at any time for processing activities where consent is the legal basis, such as receiving marketing communications. Withdrawal does not affect prior lawful processing.
Section 8
Policy Updates & Contact
Changes to This Privacy Policy
ac35 reviews this Privacy Policy periodically and reserves the right to update it at any time to reflect changes in our data practices, legal obligations, or service offerings. When material changes are made, we will notify registered players by posting a prominent notice on the Platform and, where appropriate, by sending a notification to your registered email address. The "Last Updated" date at the top of this policy reflects the date of the most recent revision.
We encourage you to review this Privacy Policy regularly to stay informed about how ac35 protects your data. Your continued use of the Platform following the posting of any changes constitutes your acknowledgment and acceptance of the revised policy.
Contact Our Data Protection Team
If you have any questions, concerns, or requests relating to this Privacy Policy or ac35's data practices, please contact our Data Protection team using the details below. We are committed to addressing all privacy enquiries promptly, fairly, and transparently.
Email: [email protected]
Subject line for privacy matters: Privacy Rights Request
Response time: Within 30 calendar days of receiving a valid request.
Operating hours: Monday to Sunday, 09:00–22:00 Bangladesh Standard Time (BST, UTC+6).
Complaints
If you believe ac35 has not handled your personal data appropriately or has failed to honour your privacy rights, you are entitled to raise a formal complaint by writing to [email protected] with the subject line "Privacy Complaint". ac35 will acknowledge your complaint within 5 working days and provide a substantive response within 30 calendar days. If you remain dissatisfied after ac35's internal complaint process has concluded, you may seek further recourse through applicable consumer protection or data protection channels available in Bangladesh.
Ready to Play on a Platform You Can Trust?
ac35 is built on transparency, security, and fair play. Review our full Terms & Conditions, explore our game library, or log in to your account with confidence knowing your data is protected.
ac35 Login Terms & Conditions Visit FAQ