ave67 Privacy Policy
Your privacy matters to us. This Privacy Policy explains exactly what personal data ave67 collects when you use our platform, how we use and protect that data, and the rights you hold over your own information. We are committed to handling your data responsibly and transparently at every step.
This Privacy Policy ("Policy") applies to all users of the ave67 platform, accessible at ave67.net. ave67 ("we", "us", "our") operates this online casino and sports betting service primarily for players located in Bangladesh. We understand that your personal data is sensitive, and we are committed to protecting it with industry-standard security measures and transparent data practices.
By registering an account on ave67, making a deposit, placing a wager, or otherwise accessing our platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with how we collect and process personal data as described herein, you must discontinue use of the ave67 platform immediately.
This Policy should be read alongside the ave67 Terms & Conditions and Responsible Gaming Policy. In the event of any conflict between this Policy and the Terms & Conditions regarding data matters, this Privacy Policy shall take precedence. We reserve the right to update this Policy from time to time. The version date shown above reflects the most recent revision.
1 Information We Collect
ave67 collects personal data through several channels: information you provide directly during registration and account management, data generated automatically through your use of the platform, and information received from third-party partners such as payment processors and identity verification providers. The categories of data we collect are described below.
Information You Provide to Us
- Registration Data: Full legal name, date of birth, residential address, email address, and mobile phone number (Bangladesh-registered).
- Identity Verification (KYC) Documents: Copies of government-issued photo identification (National ID card, passport, or driving licence) and proof of address documents submitted during the mandatory KYC verification process.
- Payment Information: Mobile financial service account identifiers (bKash, Nagad, Rocket, Upay numbers) and bank account details used to process deposits and withdrawals. Full payment card numbers are never stored on ave67 servers.
- Communications: Records of any correspondence you send to the ave67 support team, including emails sent to [email protected], live chat transcripts, and feedback submissions.
- Account Preferences: Responsible gaming settings you configure, such as deposit limits, loss limits, session time reminders, and self-exclusion requests.
Information Collected Automatically
- Device & Browser Data: IP address, device type, operating system, browser type and version, screen resolution, and language settings.
- Usage Data: Pages visited, games launched, duration of gameplay sessions, wagers placed, betting history, bonus claims, and navigation paths through the ave67 platform.
- Session & Log Data: Login timestamps, logout timestamps, session duration, failed login attempts, and security events associated with your account.
- Geolocation Data: Approximate geographic location derived from your IP address, used to verify that you are accessing the platform from a permitted location and to fulfil our obligations under applicable anti-money laundering standards.
- Cookie & Tracking Data: Data collected via cookies, local storage, and similar tracking technologies as described in Section 4 of this Policy.
Information Received from Third Parties
- Payment Processors: Transaction reference numbers, payment status confirmations, and fraud-screening indicators from bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, and BRAC Bank.
- Identity Verification Providers: Verification outcomes and document authenticity signals from KYC service providers engaged by ave67.
- Game Providers: Aggregated session and gameplay data passed from game studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi, used for dispute resolution and technical support purposes.
- Fraud Prevention Services: Risk scores and flagging signals from third-party fraud detection platforms used to protect the integrity of the ave67 ecosystem.
2 How We Use Your Data
ave67 uses personal data only for legitimate, clearly defined purposes. We do not sell your personal data to third parties for their own marketing purposes under any circumstances. The table below summarises our primary processing activities, the legal basis for each, and the categories of data involved.
| Purpose | Data Categories Used | Legal Basis |
|---|---|---|
| Account registration and management | Registration data, device data | Contract performance |
| Processing deposits and withdrawals | Payment information, KYC documents | Contract performance |
| Identity verification (KYC/AML) | KYC documents, registration data | Legal obligation |
| Fraud prevention and security monitoring | Usage data, device data, geolocation | Legitimate interest |
| Customer support and dispute resolution | Communications, account data, gameplay data | Contract performance |
| Responsible gaming monitoring | Usage data, account preferences, gameplay data | Legal obligation / legitimate interest |
| Personalised promotions and offers | Usage data, account preferences | Consent |
| Platform analytics and improvement | Usage data, session data, cookie data | Legitimate interest |
| Legal and regulatory compliance | All categories as required | Legal obligation |
Marketing Communications
ave67 may send you promotional emails, SMS notifications, or in-platform messages about bonuses, seasonal campaigns (such as BPL and IPL promotions, Eid offers, and Pohela Boishakh specials), and new game releases — but only where you have given explicit consent at the time of registration or at any subsequent point via your account settings. You may withdraw consent for marketing communications at any time by adjusting your notification preferences within your account, or by contacting [email protected]. Withdrawal of marketing consent does not affect your ability to use the platform.
Automated Decision-Making
ave67 uses automated processes for certain risk-management and responsible gaming functions — for example, triggering account reviews when unusual wagering patterns are detected, or automatically enforcing deposit limits that you have self-imposed. Where a significant decision affecting your account is made solely by automated means, you have the right to request human review of that decision by contacting our support team.
3 Data Sharing & Third Parties
ave67 shares personal data with third parties only in the limited circumstances described below. All third-party recipients of ave67 player data are required to process that data in accordance with applicable data protection standards and are prohibited from using it for purposes beyond those for which it was shared.
Payment Processors
To facilitate deposits and withdrawals, ave67 transmits your payment identifiers and transaction details to the relevant payment service providers — including bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, and BRAC Bank. These providers are independent data controllers for their own systems and their privacy practices are governed by their respective privacy policies.
Identity Verification Providers
ave67 engages specialist KYC and AML service providers to verify the identity of registered players and to screen for politically exposed persons (PEPs), sanction lists, and adverse media. These providers receive only the minimum data necessary to perform verification — typically your name, date of birth, and document images.
Game Software Providers
Game studios such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi receive session identifiers and gameplay tokens necessary to deliver their games to your browser. These providers do not receive your full registration data and are contractually restricted from using session data for independent profiling or marketing.
Fraud Prevention & Security
ave67 uses third-party fraud prevention and cybersecurity services that may process your IP address, device fingerprint, and behavioural data to assess transaction risk and detect account compromise. This processing is necessary for the protection of both ave67 and its players.
Legal Authorities
ave67 will disclose personal data to law enforcement agencies, regulatory bodies, or other competent authorities when required to do so by applicable law, court order, or where we have a good-faith belief that disclosure is necessary to prevent serious harm, financial crime, or threat to the safety of individuals.
Business Transfers
In the event that ave67 undergoes a merger, acquisition, restructuring, or sale of assets, player data may be transferred to the acquiring entity as part of that transaction. Affected players will be notified in advance via their registered email address, and the incoming entity will be required to honour the terms of this Privacy Policy.
We do not sell, rent, lease, or otherwise transfer your personal data to unaffiliated third parties for their independent commercial or advertising purposes. Period.
4 Cookies & Tracking
The ave67 platform uses cookies and similar technologies to deliver a functional, personalised, and secure experience. A cookie is a small text file placed on your device by a web server. Cookies cannot execute programs or deliver malware; they are used solely to remember information about your session and preferences.
Types of Cookies We Use
- Strictly Necessary Cookies: These cookies are essential for the platform to function. They manage your login session, maintain your account security state, enforce deposit limits, and ensure that game sessions are correctly attributed to your account. These cookies cannot be disabled without impairing core platform functionality.
- Functional Cookies: These cookies remember your preferences — such as your chosen language, display settings, and responsible gaming notifications — so that you do not need to reconfigure them on each visit.
- Analytics Cookies: ave67 uses first-party analytics to understand how players navigate the platform, which games are most popular, and where technical issues occur. This data is aggregated and anonymised before analysis. No individual player profile is built from analytics cookies alone.
- Performance Cookies: These cookies measure page load times, game launch performance, and connection quality. The data informs technical optimisation work on the ave67 infrastructure.
Managing Cookies
You may control cookie settings through your browser's privacy settings. Most modern browsers allow you to block or delete cookies; however, please note that blocking strictly necessary cookies will prevent you from accessing your ave67 account. Ave67 does not currently use third-party advertising cookies or cross-site behavioural tracking cookies.
Local Storage
In addition to cookies, ave67 may use browser local storage to persist session state and user interface preferences between page loads. Local storage data is stored on your device and is not transmitted to third parties. You may clear local storage data at any time through your browser's developer tools or by clearing your browser's site data for ave67.net.
5 Data Security
ave67 implements a layered set of technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, disclosure, alteration, or destruction. While no online platform can guarantee absolute security, our practices are designed to meet industry standards for online gaming operators.
Technical Measures
- 256-bit SSL/TLS Encryption: All data transmitted between your browser or device and the ave67 platform is encrypted in transit using TLS 1.2 or higher. The padlock indicator in your browser's address bar confirms this encryption is active.
- Encryption at Rest: Sensitive data held in ave67 databases — including identity documents and payment identifiers — is encrypted at rest using AES-256 encryption standards.
- Two-Factor Authentication (2FA): All ave67 player accounts support two-factor authentication via one-time passwords (OTP) sent to your registered mobile number. Enabling 2FA is strongly recommended and significantly reduces the risk of account takeover.
- Penetration Testing: ave67 engages independent security professionals to conduct regular penetration tests and vulnerability assessments of the platform's technical infrastructure.
- Access Controls: Internal access to player data is restricted on a strict need-to-know basis. ave67 staff access to personal data is role-limited, logged, and audited.
Organisational Measures
- All personnel with access to player data are subject to confidentiality obligations and receive data protection training.
- ave67 maintains documented incident response procedures. In the event of a data breach that is likely to result in a risk to player rights, affected players will be notified without undue delay.
- Third-party vendors are subject to data processing agreements that mandate equivalent security standards for any player data they handle on ave67's behalf.
If you believe your ave67 account has been compromised or that you have identified a security vulnerability in the platform, please contact [email protected] immediately. ave67 operates a responsible disclosure programme and takes all such reports seriously.
6 Data Retention
ave67 retains personal data only for as long as is necessary to fulfil the purposes for which it was collected, to comply with applicable legal and regulatory obligations, and to resolve disputes or enforce our agreements. The retention periods below reflect the minimum periods required under our operational and compliance obligations.
| Data Category | Retention Period | Basis |
|---|---|---|
| Account registration data | Duration of account + 5 years after closure | Legal / AML obligation |
| KYC identity documents | Duration of account + 5 years after closure | Legal / AML obligation |
| Transaction and payment records | Duration of account + 5 years after closure | Financial record-keeping |
| Betting and gameplay history | Duration of account + 3 years after closure | Dispute resolution |
| Support correspondence | 3 years from last interaction | Legitimate interest |
| Marketing consent records | Until consent withdrawn + 3 years | Legal obligation |
| Analytics and usage data | 26 months (anonymised) | Legitimate interest |
| Self-exclusion records | Duration of exclusion + 7 years | Responsible gaming obligation |
On expiry of the applicable retention period, personal data is securely deleted or anonymised such that it can no longer be linked to an identifiable individual. Where data is anonymised rather than deleted, the anonymised dataset may be retained indefinitely for statistical and analytical purposes.
Players who close their ave67 account voluntarily may request confirmation of the deletion timeline for their personal data by contacting [email protected]. Requests will be acknowledged within 5 business days.
7 Your Privacy Rights
ave67 respects your rights over your personal data. Depending on your jurisdiction, you may hold some or all of the following rights with respect to the personal data ave67 holds about you. We are committed to responding to all valid rights requests without undue delay and within 30 calendar days of receipt.
- Right of Access: You have the right to request a copy of the personal data ave67 holds about you, along with information about how it is being processed. This is sometimes referred to as a Subject Access Request (SAR).
- Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data. For registration details such as your name or address, you may be able to update these directly within your account settings. For KYC documents, please contact [email protected].
- Right to Erasure: In certain circumstances, you may request that ave67 delete your personal data. Please note that this right is subject to overriding legal retention obligations — for example, AML regulations require us to retain certain account and transaction records for a minimum of five years following account closure, and we cannot delete data that is subject to those obligations.
- Right to Restriction of Processing: You may request that ave67 temporarily restrict the processing of your personal data — for example, while the accuracy of the data is being contested, or while you are exercising your right to object.
- Right to Data Portability: You may request a copy of the personal data you have provided to ave67 in a structured, commonly used, machine-readable format, for transfer to another service provider where technically feasible.
- Right to Object: You have the right to object to processing of your personal data that is based on ave67's legitimate interests. You also have an unconditional right to object to your data being used for direct marketing purposes at any time.
- Rights Related to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing where that decision produces significant effects on your account, and to request human review of such decisions.
- Right to Withdraw Consent: Where ave67 processes your data on the basis of consent (for example, for marketing communications), you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out prior to withdrawal.
How to Exercise Your Rights
To exercise any of the rights listed above, please submit a written request to [email protected] with the subject line "Privacy Rights Request". Please include your full name, the email address registered to your ave67 account, and a clear description of the right you wish to exercise. ave67 may request additional identification to verify your identity before processing the request.
There is no charge for submitting a rights request. If a request is manifestly unfounded or excessive, ave67 reserves the right to charge a reasonable administrative fee or decline the request, with written reasons provided.
8 Policy Updates & Contact
Changes to This Policy
ave67 reserves the right to update this Privacy Policy at any time to reflect changes in our data practices, applicable law, or the services we offer. When material changes are made, we will notify registered players via the email address on file at least 14 days prior to the changes taking effect. The "Last updated" date at the top of this page will always reflect the date of the most recent revision. We encourage you to review this page periodically to stay informed about how ave67 protects your data.
Continued use of the ave67 platform following notification of a material change constitutes your acceptance of the revised Policy. If you do not agree with any changes, you must close your account before the revised Policy takes effect. Account closure requests can be submitted to [email protected].
Children's Data
ave67 is strictly an 18+ platform. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that a minor has registered an account or provided personal data without appropriate parental consent, we will immediately close the account and securely delete all associated personal data. If you have reason to believe a minor is using the ave67 platform, please notify us at [email protected] without delay.
International Data Transfers
ave67 operates primarily in Bangladesh; however, some of our third-party service providers (including game studios and security vendors) are headquartered in other countries. Where personal data is transferred internationally, ave67 takes steps to ensure that appropriate contractual protections are in place to maintain a standard of data protection equivalent to that described in this Policy.
Contact Our Privacy Team
For any questions, concerns, or requests relating to your personal data and this Privacy Policy, please contact the ave67 privacy team. All privacy-related correspondence should be sent in writing to:
Email (plain text — not a clickable link):
[email protected]
Support hours: 24/7 | Response target: under 4 hours | Time zone: BST (UTC+6)
How ave67 Protects Your Privacy
Privacy protection is not a legal checkbox for us — it is a core part of how ave67 operates. Here are the six pillars of our data protection commitment.
256-bit SSL Encryption
Every connection between your device and ave67.net is protected by 256-bit TLS encryption. Your login credentials, payment details, and personal data travel in an encrypted tunnel that cannot be intercepted by third parties.
Strict KYC Verification
ave67 verifies the identity of every player before processing withdrawals. This protects you from fraud, ensures that your winnings are paid only to you, and keeps the platform safe for all users in Bangladesh.
No Data Selling
ave67 does not sell, rent, or trade your personal data to any third party for their own advertising or commercial purposes — full stop. Your data is used exclusively to deliver and improve ave67 services.
Two-Factor Authentication
All ave67 accounts support OTP-based 2FA via your Bangladesh-registered mobile number. Enabling 2FA adds a vital second layer of security so that even a compromised password cannot unlock your account.
Transparent Data Use
Every purpose for which ave67 processes your data is documented in this Policy with a clear legal basis. You will never find vague or catch-all data use clauses here — we say exactly what we do and why.
Your Rights, Respected
Access, rectification, erasure, portability — your data rights are real and exercisable. Submit a request to our support team and receive a substantive response within 30 days, at no charge to you.
Questions About Your Privacy?
Our support team is available around the clock on Bangladesh Standard Time to address any data protection concerns. You can also explore the FAQ for quick answers, review the full Terms & Conditions, or head straight to the casino floor.