acs27 Privacy Policy
Your privacy matters. This Privacy Policy explains what personal data acs27 collects when you use our platform, how we use and store that data, who we share it with, and what rights you hold as a user based in Bangladesh or elsewhere. We are committed to handling your information with the highest standards of care and transparency.
End-to-End Encryption
All data transmitted between your device and acs27 is protected by SSL/TLS encryption, ensuring your personal and financial information cannot be intercepted in transit.
No Data Selling
acs27 does not sell, rent, or trade your personal data to third-party marketers or advertisers under any circumstances. Your information exists to serve you — not to generate revenue for others.
Your Rights, Always
You retain the right to access, correct, export, and request deletion of your personal data at any time by contacting our support team. We respond to all valid data requests within 30 days.
Transparent Cookies
We use cookies only for essential platform functionality, security, and anonymised analytics. We do not deploy intrusive behavioural tracking cookies or share cookie data with ad networks.
Secure Data Storage
Personal data is stored on hardened, access-controlled servers. Only authorised acs27 personnel with a legitimate operational need are granted access to identifiable user records.
Defined Retention Limits
We do not keep your data indefinitely. Retention periods are set according to legal obligations and operational necessity. Data that is no longer needed is securely deleted or anonymised.
Data We Collect
When you interact with acs27 — whether by registering an account, depositing funds, placing bets, contacting support, or simply browsing the platform — we collect certain categories of personal data. Below is a comprehensive overview of the data types we collect, along with the context in which each category arises.
| Data Category | Specific Data Points | When Collected |
|---|---|---|
| Identity Data | Full legal name, date of birth, nationality, gender | At registration and during KYC verification |
| Contact Data | Email address, mobile phone number | At registration and account updates |
| Address Data | Residential address, city, district (e.g., Dhaka, Chittagong), postal code | At registration and during KYC |
| Identity Document Data | Bangladesh NID number, passport number, document images | During KYC verification process |
| Financial Data | bKash/Nagad/Rocket/bank account numbers used for deposit and withdrawal | When making deposits or requesting withdrawals |
| Transaction Data | Deposit amounts, withdrawal amounts, bet history, win/loss records, bonus usage | Continuously during platform use |
| Technical Data | IP address, device type, browser type and version, operating system, screen resolution | Automatically on every platform visit |
| Usage Data | Pages visited, games played, session duration, click patterns, feature usage | Automatically during platform sessions |
| Communications Data | Live chat transcripts, support email content, complaint records | When you contact acs27 support |
| Responsible Gaming Data | Self-exclusion requests, deposit limit settings, time-out activations | When responsible gaming tools are used |
We do not collect special categories of sensitive personal data (such as racial or ethnic origin, political opinions, religious beliefs, or health data) except where strictly necessary for responsible gaming assessments or where you have voluntarily provided such information in a support context. Where we do process sensitive data, we apply enhanced safeguards appropriate to its sensitivity.
How We Use Your Data
acs27 processes your personal data only for clearly defined, legitimate purposes. We never use your data for purposes that are incompatible with the original reason it was collected. The following table details the specific purposes for which we process each category of data and the legal basis that justifies each processing activity.
2.1 Service Delivery
The primary purpose of processing your data is to provide you with the acs27 service. This includes creating and managing your account, processing deposits and withdrawals, settling bets, applying bonuses, and delivering customer support. Without processing your identity and contact data, we cannot operate your account or complete financial transactions on your behalf.
2.2 Legal Compliance and Regulatory Obligations
As an internationally operated platform, acs27 is subject to a range of legal obligations that require us to process certain categories of your data. These obligations include anti-money laundering (AML) checks, Know Your Customer (KYC) identity verification, and the maintenance of transaction records for audit purposes. We retain data for as long as these legal obligations require, even after your account has been closed.
2.3 Fraud Prevention and Platform Security
We analyse technical data (IP addresses, device fingerprints, login patterns) and transaction data to detect and prevent fraudulent activity, account takeovers, collusion, and bonus abuse. This processing is in the legitimate interests of acs27 and its player community — a secure platform benefits every honest user. Where fraud is confirmed, relevant data may be shared with law enforcement or payment providers.
2.4 Responsible Gaming
acs27 uses your gameplay and transaction data to monitor for signs of problem gambling behaviour. Where our systems identify patterns consistent with harmful gambling (such as unusually rapid deposits, extended play sessions, or erratic bet sizing), our responsible gaming team may proactively reach out to offer support tools. This processing is in your vital interests and in the public interest of promoting safe gambling in Bangladesh.
2.5 Platform Improvement and Analytics
We use aggregated and anonymised usage data to understand how players interact with the acs27 platform, which features are most used, where technical issues arise, and how we can improve the overall user experience. Analytics data is processed in aggregate wherever possible — we are not building individual behavioural profiles for marketing purposes.
2.6 Communications and Support
We use your contact data to send transactional communications — account confirmations, password reset emails, withdrawal confirmation notices, and important policy update notifications. We may also send promotional communications about bonuses and platform features, but only where you have consented to receive them. You may withdraw this consent at any time by contacting [email protected].
Data Sharing and Disclosure
acs27 does not sell, rent, or trade your personal data to third parties. We share your data only in the limited circumstances described in this section, and only to the minimum extent necessary for each stated purpose.
3.1 Payment Processors
To process deposits and withdrawals, we share necessary financial and identity data with our payment processing partners, including mobile money operators (bKash, Nagad, Rocket, Upay) and banking partners (Dutch-Bangla Bank, City Bank, BRAC Bank, and others). These partners are contractually obligated to process your data only for payment purposes and to maintain appropriate security standards.
3.2 Game Providers and Software Partners
The games available on acs27 — including slots, live casino, and specialty games — are supplied by third-party game studios such as Pragmatic Play, Evolution Gaming, Spribe, Ezugi, NetEnt, and Microgaming. When you play these games, certain session data (player identifier, bet amounts, game results) is transmitted to the relevant game provider for game resolution purposes. Game providers do not receive your full identity profile; they receive only the data necessary to run the game session.
3.3 Identity Verification Services
For KYC verification, we may engage specialist identity verification service providers to validate the authenticity of documents submitted. These providers process your identity document data strictly for verification purposes under data processing agreements with acs27.
3.4 Legal and Regulatory Disclosure
acs27 will disclose personal data to law enforcement agencies, regulatory bodies, or other authorities when required to do so by applicable law, court order, or in response to a formal legal request. We will also disclose data where we reasonably believe disclosure is necessary to prevent fraud, money laundering, or imminent harm to any individual.
3.5 Business Transfers
In the event of a merger, acquisition, restructuring, or sale of all or part of acs27's business assets, your personal data may be transferred to the acquiring entity as part of that transaction. We will provide notice of any such transfer and the privacy commitments applicable to your data post-transfer.
Cookies and Tracking Technologies
acs27 uses cookies and similar tracking technologies on the platform to ensure core functionality, maintain session security, and gather aggregated analytics data. This section explains what cookies we use, why we use them, and how you can manage your cookie preferences.
| Cookie Type | Purpose | Duration | Can Be Disabled? |
|---|---|---|---|
| Essential / Session | Maintains your login session, remembers your cart/wallet state, enables secure navigation between pages | Session (deleted when browser closes) | No — platform will not function without these |
| Security | Detects suspicious login attempts, prevents cross-site request forgery (CSRF), rate-limits automated requests | Session to 7 days | No — required for account security |
| Preference | Remembers your language preference, display settings, and previously selected payment methods | Up to 12 months | Yes — disabling affects convenience only |
| Analytics | Aggregated, anonymised data on page visits, session durations, feature engagement — used to improve the platform | Up to 13 months | Yes — disabling does not affect functionality |
4.1 Managing Cookies
You can control and manage cookies through your browser settings. Most modern browsers allow you to block all cookies, accept only first-party cookies, or delete cookies at the end of each session. Please note that disabling essential or security cookies will impair your ability to use the acs27 platform — you may not be able to log in or complete transactions if these cookies are blocked.
For guidance on managing cookies in popular browsers — Chrome, Firefox, Safari, Edge, and Opera — please refer to that browser's official help documentation. acs27 does not use third-party advertising cookies or behavioural retargeting cookies.
4.2 Local Storage
In addition to cookies, acs27 may use browser local storage to retain non-sensitive preferences on your device. Local storage data is not transmitted to acs27 servers on every page load; it resides entirely on your device and is used only to improve the responsiveness of the platform interface. You can clear local storage data via your browser's developer tools or site settings.
Data Retention
acs27 retains your personal data only for as long as is necessary for the purposes described in this Privacy Policy, or as required by applicable legal obligations. The following retention schedule provides a general guide to how long different categories of data are retained.
| Data Category | Retention Period | Reason |
|---|---|---|
| Account and Identity Data | Duration of account + 5 years after closure | AML/KYC regulatory record-keeping obligations |
| Transaction and Financial Data | Duration of account + 7 years after closure | Financial audit and anti-money laundering compliance |
| Communications and Support Records | 3 years from last contact | Dispute resolution, complaint management |
| KYC Document Copies | 5 years after account closure | Regulatory compliance, fraud prevention audits |
| Responsible Gaming Records | 5 years from self-exclusion end date | Preventing re-registration during self-exclusion period |
| Technical / Log Data | 13 months | Security investigation, anomaly detection |
| Analytics Data | 13 months (anonymised after 90 days) | Platform performance improvement |
At the end of the applicable retention period, personal data is securely deleted or irreversibly anonymised. Anonymised data — from which no individual can reasonably be identified — may be retained indefinitely for statistical and research purposes.
If you request Account closure, acs27 will cease active processing of your data for platform purposes, but will retain records in accordance with the schedule above. You will receive confirmation of Account closure and a summary of applicable retention periods upon request.
Your Privacy Rights
As a user of acs27, you hold a set of meaningful rights over your personal data. We are committed to facilitating the exercise of these rights in a straightforward and timely manner. Below is a full description of each right and how to exercise it.
Right of Access
Request a copy of all personal data acs27 holds about you. We will provide this within 30 days.
Right to Rectification
Request correction of any inaccurate or incomplete personal data held on your account.
Right to Erasure
Request deletion of your data where it is no longer necessary, subject to legal retention obligations.
Right to Restriction
Request that we restrict processing of your data while a correction or objection is being assessed.
Right to Portability
Request your personal data in a structured, machine-readable format for transfer to another service.
Right to Object
Object to processing of your data for direct marketing or where processing is based on legitimate interests.
To exercise any of the rights listed above, please contact our support team in writing at [email protected] with the subject line "Data Rights Request". Please include your full name, registered email address, and a clear description of the right you wish to exercise. We will acknowledge your request within five business days and provide a substantive response within 30 days. In complex cases, this period may be extended by a further 30 days, in which case we will notify you of the extension and the reason for it.
We will not charge a fee for reasonable requests. Where requests are manifestly unfounded or excessive (for example, repetitive requests within a short period), we reserve the right to charge a reasonable administrative fee or decline to action the request, with written explanation.
Data Security
acs27 takes the security of your personal data seriously. We employ a multi-layered security architecture designed to protect against unauthorised access, disclosure, alteration, and destruction of user data. The following measures are in place at all times:
- SSL/TLS Encryption in Transit: All data transmitted between your browser or device and the acs27 platform is encrypted using industry-standard TLS 1.2 or higher. This prevents interception of your data by any third party during transmission.
- Encryption at Rest: Sensitive data — including identity document copies, payment account details, and passwords — is encrypted using strong cryptographic algorithms when stored on our servers. Passwords are never stored in plain text; they are hashed using a secure, salted algorithm.
- Access Controls: Access to systems containing personal data is restricted to authorised acs27 personnel on a strict need-to-know basis. Access is controlled via multi-factor authentication and comprehensive audit logging. All access events are logged and reviewed.
- Regular Security Assessments: acs27's technical infrastructure undergoes regular vulnerability assessments and penetration testing conducted by qualified security professionals. Critical vulnerabilities are remediated on a priority basis.
- Intrusion Detection: Our platform is monitored around the clock by automated intrusion detection systems that flag and alert on anomalous activity, including unusual login patterns, mass data access, and suspicious API calls.
- Data Minimisation: We collect only the data that is strictly necessary for each defined purpose. Personnel accessing user records are granted access only to the minimum data fields required for their specific task.
- Third-Party Security Requirements: All third parties who process data on behalf of acs27 are contractually required to maintain appropriate technical and organisational security measures equivalent to our own standards.
While acs27 takes every reasonable precaution to protect your data, no system connected to the internet can be guaranteed to be 100% secure against all possible threats. In the event of a data security incident that poses a material risk to your rights, acs27 will notify affected users promptly and take immediate corrective action.
Contact and Data Queries
If you have any questions, concerns, or requests relating to this Privacy Policy or the way acs27 processes your personal data, please reach out to our support team using the details below. We treat all privacy-related enquiries with priority and aim to provide a substantive response within five business days.
8.1 How to Contact Us
All data-related queries, rights requests, and privacy complaints should be directed to our support team in writing. Please use the contact details below and include as much detail as possible about your query so we can assist you efficiently.
- Email: [email protected] (subject line: "Privacy Query" or "Data Rights Request")
- Live Chat: Available 24 hours a day, 7 days a week directly on the acs27 platform
- Response Time: Data rights requests responded to within 30 days; general privacy queries within 5 business days
- Support Hours: 24/7 — Bangladesh Standard Time (BST, UTC+6) and beyond
8.2 Policy Updates
acs27 reserves the right to update this Privacy Policy at any time to reflect changes in our data practices, legal obligations, or platform features. When we make material changes to this policy, we will notify registered users via email and post a prominent notice on the platform for a minimum of 14 days before the changes take effect. The effective date at the top of this document will always reflect the most recent revision.
We encourage you to review this Privacy Policy periodically to stay informed about how acs27 is protecting your data. Continued use of the platform after a policy update constitutes your acknowledgement of the revised terms.
8.3 Governing Principles
acs27 processes personal data in accordance with internationally recognised principles of data protection, including lawfulness, fairness and transparency; purpose limitation; data minimisation; accuracy; storage limitation; integrity and confidentiality; and accountability. These principles guide every data processing decision made by our organisation.
Ready to Explore acs27?
Now that you know how we protect your data, dive into the full acs27 experience — cricket betting, live casino, slots, and more — all on a platform built with your security and privacy at its core.