Privacy Policy — bdrumme Data Commitment
Your privacy matters to us. This Privacy Policy explains exactly what personal information bdrumme collects, why we collect it, how it is stored and protected, and the rights you have over your own data as a registered player on Bangladesh's leading online casino platform.
Our Privacy Commitments
bdrumme is built on a foundation of trust. The following commitments summarise our core data protection principles — each one reflected in the detailed policy sections below.
1. Information We Collect
bdrumme collects personal information through several channels: information you provide directly, information generated automatically through your use of the platform, and in limited circumstances, information received from third-party service providers. The categories below describe what we collect and why.
1.1 Information You Provide Directly
When you register an account, make a deposit or withdrawal, contact customer support, or participate in a promotion, you may provide us with the following types of personal information:
| Data Category | Examples | Collected At |
|---|---|---|
| Identity Data | Full name, date of birth, NID number, passport number | Registration and KYC verification |
| Contact Data | Email address, phone number, city of residence (e.g., Dhaka, Chittagong, Sylhet) | Registration and account updates |
| Financial Data | bKash number, Nagad number, Rocket number, bank account name, transaction history | Deposit and withdrawal requests |
| Identity Documents | Scanned NID, passport photo page, selfie with document | KYC verification process |
| Support Communications | Live chat transcripts, email correspondence, complaint records | Customer support interactions |
1.2 Information Collected Automatically
When you access bdrumme, certain technical and behavioural data is collected automatically by our systems. This data is used primarily to maintain platform security, improve performance, and comply with our anti-fraud obligations:
- Device and browser information: Device type, operating system, browser version, screen resolution, language settings.
- Network data: IP address, approximate geographic location derived from IP, internet service provider.
- Session data: Login timestamps, pages visited, time spent on pages, features accessed, game sessions initiated.
- Transaction data: Deposit amounts, withdrawal requests, game wager history, bonus claims, and balance movements.
- Cookie and tracking data: Session cookies, preference cookies, and analytics identifiers. See Section 4 for full cookie details.
1.3 Information from Third Parties
In limited circumstances, bdrumme may receive personal data about you from third parties. This includes confirmation data from payment processors (such as bKash and Nagad confirming the success or failure of a transaction), identity verification results from KYC service providers, and fraud screening results from security partners. We do not purchase marketing lists or receive data from social media platforms about our users.
2. How We Use Your Data
bdrumme processes personal data only for specific, legitimate purposes. We do not process your data in ways that are incompatible with the purposes stated at the time of collection. The following table sets out the primary purposes for which we use your information and the legal basis on which each processing activity rests.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account registration and management | Identity, contact, login credentials | Contractual necessity |
| Processing deposits and withdrawals | Financial data, identity data | Contractual necessity |
| Age and identity verification (KYC) | Identity documents, date of birth | Legal obligation |
| Fraud detection and prevention | Device data, IP, transaction history | Legitimate interest |
| Customer support | Contact data, support communications | Contractual necessity |
| Responsible gaming monitoring | Session data, deposit history, wagering patterns | Legal obligation and legitimate interest |
| Platform analytics and improvement | Session data, device data (anonymised) | Legitimate interest |
| Promotional communications (opted-in players only) | Email address, contact preferences | Consent |
| Compliance with legal and regulatory obligations | All categories as required | Legal obligation |
2.1 Marketing Communications
bdrumme will send you promotional emails, SMS messages, or in-platform notifications only if you have opted in to receive them at the time of registration or via your account communication preferences. You may withdraw your consent to marketing communications at any time by updating your account settings or by contacting our support team. Withdrawal of marketing consent does not affect the processing of data necessary for the operation of your account.
2.2 Automated Decision-Making
bdrumme uses automated systems to detect fraud, identify unusual account activity, and apply responsible gaming triggers. These systems may result in automatic actions such as a temporary account hold pending manual review. Where an automated decision has a significant impact on you — for example, account suspension — you have the right to request human review of that decision. Contact our support team to exercise this right.
3. Data Sharing and Disclosure
bdrumme does not sell your personal data to any third party. We share personal data only in the limited circumstances described below, and only to the extent necessary for each purpose. All third parties with whom we share data are contractually required to handle your information securely and to use it only for the specified purpose.
3.1 Service Providers
We engage carefully selected third-party service providers to assist with the operation of bdrumme. These providers act as data processors on our behalf and are permitted to use your data only as directed by bdrumme. Categories of service provider include:
- Payment processors: bKash, Nagad, Rocket, Upay, Visa, Mastercard, and partner banks — to process deposits and withdrawals.
- Identity verification providers: KYC and document verification partners — to confirm your identity and age.
- Game providers: Pragmatic Play, NetEnt, Microgaming, Spribe, Evolution Gaming, Ezugi — to deliver game content. These providers receive only the session and stake data required to run the game.
- Fraud and security vendors: Anti-fraud and cybersecurity partners — to protect the platform and detect prohibited conduct.
- IT infrastructure: Cloud hosting and data storage providers — to maintain platform availability and data security.
3.2 Legal Disclosures
bdrumme may disclose your personal data to law enforcement agencies, courts, regulatory authorities, or other government bodies where we are required to do so by applicable law, court order, or lawful request. We will make reasonable efforts to notify you of such a disclosure unless doing so is prohibited by law or would undermine the purpose of the disclosure (for example, in an active fraud investigation).
3.3 Business Transfers
In the event that bdrumme undergoes a merger, acquisition, restructuring, or sale of all or part of its business assets, your personal data may be transferred to the acquiring entity as part of that transaction. You will be notified of any such transfer and any material change to how your data is processed via the registered email address on your account.
3.4 Data Not Shared
For clarity, bdrumme does not share your data with: advertising networks for third-party ad targeting; social media platforms; data brokers or list aggregators; or any party for purposes outside those described in this Privacy Policy.
4. Cookies and Tracking Technologies
bdrumme uses cookies and similar tracking technologies (such as local storage and session storage) to operate the platform, remember your preferences, maintain your login session, and analyse how the platform is used. This section explains each category of cookie we use and your options for managing them.
4.1 What Are Cookies?
Cookies are small text files that are placed on your device by websites you visit. They serve a variety of functions, from keeping you logged in during a session to helping website operators understand how their pages are used. Cookies do not contain executable code and cannot access other files on your device.
4.2 Cookie Categories Used by bdrumme
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Maintain your login session, enable secure areas of the platform, prevent session hijacking | Session (deleted on browser close) |
| Functional | Remember language preferences, game display settings, account UI preferences | Up to 12 months |
| Analytics | Understand which pages and features are most used, measure platform performance, identify errors (data is anonymised or pseudonymised) | Up to 24 months |
| Security | Fraud detection, device fingerprinting for unusual login detection, rate-limit enforcement | Up to 30 days |
4.3 Managing Cookie Preferences
Strictly necessary cookies cannot be disabled as they are essential for the platform to function. You may manage functional and analytics cookies through your account settings page on bdrumme. Additionally, most web browsers allow you to block or delete cookies through their settings menus. Please note that blocking certain cookies may degrade your experience on bdrumme — for example, you may be required to log in again on each visit if session cookies are blocked.
4.4 Third-Party Cookies
Some cookies on bdrumme are set by third-party service providers, including game providers and analytics vendors. These cookies operate under the privacy policies of the respective providers and are subject to their own terms. bdrumme does not control the cookie behaviour of third-party game iframes (such as those from Pragmatic Play or Evolution Gaming), though we require all game providers to disclose their data practices and to comply with applicable data protection standards.
5. Data Retention
bdrumme retains personal data only for as long as it is necessary for the purposes described in this Privacy Policy, or as required by applicable legal and regulatory obligations. The following retention periods apply as a general guide:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account registration data | Duration of account + 5 years after closure | Legal obligation, dispute resolution |
| KYC identity documents | Duration of account + 5 years after closure | Anti-money laundering legal requirement |
| Financial transaction records | 7 years from transaction date | Financial record-keeping obligations |
| Customer support communications | 3 years from last interaction | Dispute resolution and service quality |
| Game session and wagering history | 5 years from session date | Regulatory compliance and responsible gaming audit |
| Analytics data (anonymised) | Up to 24 months on a rolling basis | Platform improvement |
| Marketing preference records | Until consent is withdrawn + 1 year | Compliance with consent obligations |
Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised. Where data must be retained for longer due to an ongoing investigation, legal proceeding, or regulatory audit, the data will be preserved until the relevant matter is fully resolved.
6. Your Privacy Rights
As a registered player on bdrumme, you hold a set of rights over the personal data we hold about you. We take these rights seriously and will respond to all valid requests within 30 days. To exercise any of the rights described below, please contact our support team via live chat or email at support@bdrumme.
7. Security Measures
bdrumme implements a comprehensive set of technical and organisational security measures designed to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. Our security programme is reviewed and updated on a regular basis to address emerging threats and vulnerabilities.
7.1 Technical Safeguards
- 256-bit SSL/TLS encryption: All data transmitted between your device and bdrumme servers is encrypted in transit using industry-standard TLS protocols. This applies to every page, including account login, deposit flows, and personal data updates.
- Encrypted data storage: Sensitive personal data — including identity documents and financial account references — is stored in encrypted form at rest. Encryption keys are managed separately from the data they protect.
- Access controls: Access to personal data within bdrumme systems is restricted on a strict need-to-know basis. Staff members are granted only the minimum level of access required to perform their duties, and all access is logged and auditable.
- Two-factor authentication: Administrative access to systems containing personal data requires multi-factor authentication. We also encourage all players to enable two-factor authentication on their bdrumme accounts.
- Intrusion detection: Our infrastructure is monitored continuously for unusual activity, attempted intrusions, and anomalous data access patterns. Automated alerts are configured to notify our security team of any suspicious events in real time.
- Penetration testing: bdrumme engages independent security specialists to conduct periodic penetration tests and vulnerability assessments of our platform and data infrastructure.
7.2 Organisational Safeguards
- Staff training: All bdrumme staff who handle personal data receive mandatory data protection training at onboarding and on a regular refresher basis.
- Data processing agreements: Every third-party service provider that processes personal data on our behalf is required to sign a data processing agreement committing them to appropriate security standards.
- Incident response plan: bdrumme maintains a documented data breach response procedure. In the event of a breach that is likely to result in a risk to your rights, we will notify affected users promptly and take immediate steps to contain and remediate the incident.
- Privacy by design: Data protection considerations are built into the design of new features and systems from the outset, rather than applied as an afterthought.
7.3 Your Role in Data Security
While bdrumme takes extensive precautions to protect your data, the security of your account also depends on actions you take as a user. We strongly recommend the following:
- Use a strong, unique password for your bdrumme account that is not reused on other websites.
- Enable two-factor authentication via your account security settings.
- Never share your login credentials with anyone, including individuals who claim to represent bdrumme support. Our staff will never ask for your password.
- Log out of your account when using shared or public devices.
- Contact support immediately at support@bdrumme if you suspect your account has been accessed without your authorisation.
8. Contact and Complaints
If you have any questions about this Privacy Policy, wish to exercise any of your data rights, or have a concern about how bdrumme handles your personal information, please get in touch with our support team using the contact details below. We aim to acknowledge all privacy-related enquiries within 3 business days and to resolve them within 30 days.
8.1 How to Contact Us
- Email: support@bdrumme (plain text — not a clickable link)
- Live Chat: Available 24/7 through the bdrumme platform after logging in to your account
- WhatsApp: Contact details are available in your account dashboard after login
When contacting us about a data privacy matter, please include your registered email address, account username, and a clear description of your request or concern. This helps us locate your records and respond as efficiently as possible.
8.2 Identity Verification for Data Requests
To protect your privacy, bdrumme will verify your identity before acting on any request to access, correct, delete, or export your personal data. We may ask you to confirm account details or provide a copy of identity documentation consistent with the KYC information already held on file. This step ensures that personal data is disclosed or modified only at the request of the legitimate account holder.
8.3 Updates to This Privacy Policy
bdrumme reserves the right to update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. Where a material change is made, we will notify registered users via the email address associated with their account at least 14 days before the change takes effect. The "Last Updated" date at the top of this page will always reflect the date of the most recent revision. Continued use of bdrumme following notification of a material change constitutes acceptance of the updated Privacy Policy.
8.4 Complaints
If you are not satisfied with our response to a privacy concern, you have the right to escalate your complaint. bdrumme encourages users to contact us first so that we have the opportunity to resolve the issue directly. We are committed to handling all complaints fairly, promptly, and transparently in accordance with our data protection obligations.
Now that you understand how we protect your privacy, you can enjoy Bangladesh's most trusted online casino with confidence. Explore our games, read our FAQ, or log in to your account to manage your privacy preferences.