1 Definitions
The following terms carry the meanings set out below throughout this Privacy Policy:
- "Personal Data" means any information that identifies or could reasonably identify a living individual, including but not limited to name, email address, phone number, date of birth, device identifiers, and payment method details.
- "Processing" means any operation performed on Personal Data, including collection, storage, retrieval, use, disclosure, erasure, or destruction.
- "Platform" means the ase365 website at ase365.club and all associated interfaces, games, betting markets, and account tools.
- "Player" / "You" means any individual who accesses, registers on, or otherwise interacts with the ase365 Platform.
- "KYC" means Know Your Customer — identity and age verification procedures applied by ase365 to confirm a Player's eligibility.
- "Cookie" means a small text file placed on your device by the Platform to facilitate session management, analytics, and personalisation.
- "Third-Party Processor" means any external organisation that processes Personal Data on behalf of ase365 under a formal data-processing agreement, such as payment providers and fraud-detection services.
2 Data Controller
ase365 acts as the data controller for all Personal Data collected through the Platform. As data controller, ase365 determines the purposes and means by which your Personal Data is processed. All data-related enquiries, access requests, and erasure requests should be directed to our Data Protection contact at [email protected].
Support is available 24 hours a day, 7 days a week, including Bangladesh public holidays, via live chat on the Platform and by email at the address above.
3 Data We Collect
ase365 collects Personal Data through several channels. The table below summarises the categories of data collected and the primary source of each:
| Category |
Examples |
Source |
| Identity Data |
Full legal name, date of birth, nationality, government-issued ID number |
Provided by you during registration or KYC verification |
| Contact Data |
Email address, mobile phone number, city/district (e.g., Dhaka, Chittagong, Sylhet) |
Provided by you during registration or account updates |
| Financial Data |
bKash/Nagad/Rocket wallet number, bank account reference, Visa/Mastercard last four digits, transaction history |
Provided by you when making deposits or requesting withdrawals |
| Verification Documents |
Scanned copies of national ID card, passport, or driving licence; selfie photo for liveness check |
Uploaded by you during KYC verification |
| Technical Data |
IP address, browser type and version, device type, operating system, screen resolution, time zone (BST/UTC+6) |
Automatically collected when you access the Platform |
| Usage Data |
Pages visited, games played, bets placed, session duration, click patterns, feature interactions |
Automatically collected via analytics tools |
| Communications Data |
Live chat transcripts, support email content, feedback submissions |
Generated when you contact our support team |
| Marketing Preferences |
Opt-in/opt-out status for email, SMS, and push notifications; preferred promotion categories |
Set by you in account settings or inferred from usage behaviour |
| Responsible Gaming Data |
Deposit limit settings, session time reminders, self-exclusion status and period |
Set by you or applied by ase365 at your request |
ase365 does not collect or store full payment card numbers, card verification values (CVVs), or complete bank account numbers. All card transactions are tokenised by our payment processor partners. bKash, Nagad, Rocket, and Upay wallet transactions are processed via the respective provider's secure API, and we store only the anonymised wallet reference required for withdrawal matching.
4 How We Use Your Data
ase365 processes your Personal Data for the following purposes. Each purpose is linked to a specific legal basis described in Section 5:
- Account Registration & Management: Creating, maintaining, and administering your ase365 account, including password resets, account upgrades, and VIP tier progression.
- Identity & Age Verification (KYC): Confirming that you are at least 18 years of age and that your identity matches the payment methods registered to your account — a prerequisite for processing withdrawals.
- Payment Processing: Facilitating deposits and withdrawals via bKash, Nagad, Rocket, Upay, bank transfer, and card payment partners. Reconciling transaction records for accounting and dispute resolution.
- Service Delivery: Providing access to cricket betting markets, live casino games (Evolution Gaming, Ezugi), slot titles (Pragmatic Play, NetEnt, Microgaming), crash games (Spribe Aviator), and all other Platform services.
- Customer Support: Responding to queries, resolving account issues, processing complaints, and maintaining records of support interactions for quality and training purposes.
- Fraud Prevention & Security: Detecting and investigating suspicious account activity, multiple-account violations, money laundering patterns, bonus abuse, and unauthorised access attempts. Sharing relevant data with payment providers and law enforcement where legally required.
- Responsible Gaming: Monitoring gaming patterns to identify potential problem gambling behaviour; enforcing deposit limits, session controls, and self-exclusion periods requested by Players or applied proactively by ase365.
- Legal & Regulatory Compliance: Meeting record-keeping, anti-money-laundering, and identity verification obligations applicable to online entertainment platforms serving the Bangladesh market.
- Platform Improvement & Analytics: Analysing aggregated usage data to improve game performance, interface design, betting market offerings, and promotional relevance. Analytics data is aggregated and de-identified wherever possible.
- Marketing Communications: Sending promotional offers, bonus alerts, tournament notifications (BPL, T20 World Cup, IPL), and seasonal campaigns (Eid, Pohela Boishakh) to Players who have opted in to receive them.
5 Legal Basis for Processing
ase365 processes Personal Data on the following legal bases:
- Contractual Necessity: Processing required to perform the contract between ase365 and the Player — including account operation, payment processing, and service delivery — is carried out on the basis of contractual necessity.
- Consent: Where ase365 relies on your consent for processing — particularly for marketing communications and optional analytics cookies — you may withdraw that consent at any time without affecting the lawfulness of processing that took place prior to withdrawal.
- Legitimate Interests: Certain processing activities, including fraud detection, platform security monitoring, and product analytics, are conducted on the basis of ase365's legitimate interest in operating a safe, reliable, and commercially viable platform.
- Legal Obligation: Processing necessary to comply with applicable legal and regulatory obligations, such as KYC identity verification, anti-money-laundering record retention, and mandatory reporting obligations, is conducted on the basis of legal obligation.
6 Data Sharing & Third Parties
ase365 does not sell, rent, or trade your Personal Data to unaffiliated third parties for their own commercial purposes. We share your data only in the following limited and controlled circumstances:
- Payment Processors: bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, BRAC Bank, City Bank, Islami Bank, Sonali Bank, Visa, and Mastercard — shared only to the extent required to execute and verify payment transactions.
- KYC & Identity Verification Providers: Specialist third-party services that perform automated document verification and liveness checks on our behalf under formal data-processing agreements.
- Game Providers: Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, Ezugi, and other certified game studios receive anonymised session identifiers for the purposes of game functionality and fairness auditing. They do not receive your full identity or financial data.
- Fraud & Security Services: Third-party fraud-detection platforms that analyse technical and behavioural data to identify suspicious activity and protect the Platform from abuse.
- Analytics Providers: Aggregated, de-identified usage data may be shared with analytics platforms to assist with Platform performance monitoring and improvement.
- Legal Authorities: Where ase365 is required by law, court order, or regulatory instruction to disclose Personal Data to law enforcement, financial intelligence units, or other competent authorities, we will do so and will notify the affected Player where legally permitted to do so.
- Business Transfers: In the event of a merger, acquisition, or transfer of all or part of ase365's business assets, Personal Data may be transferred to the acquiring entity as part of that transaction. Affected Players will be notified in advance where practically feasible.
All third-party processors engaged by ase365 are bound by formal data-processing agreements that require them to implement appropriate technical and organisational security measures, process data only on documented instructions from ase365, and not sub-process data without prior written consent.
7 Cookies & Tracking Technologies
ase365 uses cookies and similar tracking technologies to operate and improve the Platform. The following cookie categories are in use:
| Cookie Type |
Purpose |
Consent Required |
| Strictly Necessary |
Session management, authentication tokens, security controls, load balancing |
No — essential for Platform operation |
| Functional |
Remembering language preferences, display settings, and last-used payment method |
No — used to personalise your experience |
| Analytics |
Tracking page visits, session duration, game interactions, and navigation paths to improve the Platform |
Yes — opt-in only |
| Marketing |
Measuring campaign effectiveness and delivering relevant promotional content |
Yes — opt-in only |
You may manage your cookie preferences at any time from your account settings. Please note that disabling strictly necessary cookies may impair the functionality of the Platform, including the ability to log in and place bets.
8 Data Retention
ase365 retains Personal Data only for as long as necessary to fulfil the purposes for which it was collected or as required by applicable legal and regulatory obligations. The following indicative retention periods apply:
- Active Account Data: Retained for the lifetime of your ase365 account and for a period of five years following account closure, to satisfy anti-money-laundering record-keeping obligations.
- KYC Documents: Retained for five years from the date of verification or from the date of account closure, whichever is later.
- Transaction Records: Retained for seven years from the date of each transaction, consistent with standard financial record-keeping requirements.
- Support Communications: Retained for three years from the date of last interaction, to allow for dispute resolution and quality assurance.
- Technical & Log Data: Retained for up to 12 months in identifiable form, after which data is aggregated and anonymised for statistical analysis purposes.
- Marketing Preferences: Retained for the lifetime of your account or until you withdraw consent, whichever comes first.
Upon expiry of the applicable retention period, Personal Data is securely deleted or irreversibly anonymised in accordance with ase365's data disposal procedures.
9 Security Measures
ase365 implements a layered approach to data security, combining technical, organisational, and procedural controls designed to protect Personal Data against unauthorised access, accidental loss, destruction, or alteration. Key measures include:
- Transport Encryption: All data in transit between Players and ase365 servers is encrypted using 256-bit SSL/TLS protocols. SSL certificates are monitored and renewed automatically before expiry.
- Password Hashing: Player passwords are never stored in plain text. ase365 uses industry-standard hashing algorithms with salting to protect credential data at rest.
- Two-Factor Authentication: OTP-based two-factor authentication is available to all Players and is strongly encouraged. Enabling 2FA provides a significant additional barrier against unauthorised account access.
- Access Controls: Internal access to Personal Data is restricted on a strict need-to-know basis. ase365 staff with access to Player data are subject to confidentiality obligations and regular security-awareness training.
- Intrusion Detection: Automated monitoring systems are in place to detect and respond to anomalous access patterns, brute-force attacks, and other indicators of compromise in real time.
- Penetration Testing: The Platform is subject to regular third-party penetration testing and vulnerability assessments to identify and remediate security weaknesses before they can be exploited.
Despite these measures, no online platform can guarantee absolute security. If you suspect your ase365 account has been compromised, contact our support team immediately at [email protected] or via live chat. Our security team operates around the clock (Bangladesh Standard Time, UTC+6) to respond to account security incidents.
10 Your Privacy Rights
As a Player on the ase365 Platform, you hold the following rights in relation to your Personal Data. To exercise any of these rights, contact us at [email protected] with the subject line "Privacy Rights Request" and your registered email address. We will respond within 30 days of receiving a verified request.
- Right of Access: You have the right to request a copy of the Personal Data ase365 holds about you, together with information about how it is being used.
- Right to Rectification: You have the right to request correction of any inaccurate or incomplete Personal Data held about you. Minor corrections to contact details may be made directly from your account settings.
- Right to Erasure ("Right to Be Forgotten"): You may request deletion of your Personal Data where it is no longer necessary for the purposes for which it was collected, where you have withdrawn consent (and no other legal basis applies), or where processing was unlawful. Note that erasure requests cannot override legal obligations to retain data (e.g., anti-money-laundering retention requirements).
- Right to Restrict Processing: You may request that ase365 suspend processing of your Personal Data in certain circumstances, such as while a rectification request is being investigated.
- Right to Data Portability: Where processing is based on consent or contractual necessity and is carried out by automated means, you may request your Personal Data in a structured, commonly used, machine-readable format.
- Right to Object: You have the right to object to processing of your Personal Data where ase365 relies on legitimate interests as the legal basis. You also have an unconditional right to object to the use of your data for direct marketing purposes.
- Right to Withdraw Consent: Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
11 Minors & Age Restriction
The ase365 Platform is strictly intended for adults aged 18 and above. ase365 does not knowingly collect or process Personal Data from persons under the age of 18. If you are under 18, you must not use the ase365 Platform, create an account, or submit any Personal Data through our registration forms.
If ase365 becomes aware that Personal Data has been collected from a person under the age of 18, that data will be permanently deleted without delay and the associated account will be closed immediately. Parents and guardians who believe a minor has registered on the ase365 Platform should contact our support team immediately at [email protected].
ase365 encourages parents and guardians to use device-level parental control software to prevent minors from accessing online gambling and casino entertainment services.
12 Marketing Communications
ase365 may send promotional communications — including bonus offers, cricket tournament notifications, seasonal promotions for events such as Eid and Pohela Boishakh, VIP tier updates, and new game announcements — to Players who have opted in to receive them.
Marketing communications may be delivered via the following channels, subject to your preferences:
- Email to your registered ase365 email address
- SMS to your registered mobile number
- Push notifications via the ase365 mobile-optimised web interface (where browser permissions have been granted)
- On-Platform inbox messages visible when you are logged into your ase365 account
You may update your marketing preferences or opt out of all marketing communications at any time through your account settings or by contacting [email protected]. Opt-out requests are processed within 48 hours. Note that transactional communications — such as deposit confirmations, withdrawal notifications, and account security alerts — are not marketing communications and will continue to be sent regardless of your marketing opt-out status.
13 International Data Transfers
ase365 primarily stores and processes Player data on servers located in secure, certified data centres. In the course of providing the Platform's services — particularly in relation to game providers such as Evolution Gaming, Pragmatic Play, and Spribe, and payment processors with global infrastructure — some Personal Data may be processed in countries outside Bangladesh.
Where Personal Data is transferred internationally, ase365 ensures that appropriate safeguards are in place, including:
- Contractual clauses in Third-Party Processor agreements that require equivalent levels of data protection to those applied by ase365 itself.
- Transfers only to processors operating in jurisdictions with recognised data-protection frameworks or those bound by ase365's security and confidentiality standards.
For more information about the safeguards applied to international transfers of your Personal Data, contact us at [email protected].
14 Amendments to This Policy
ase365 reserves the right to update or replace this Privacy Policy at any time. When material changes are made, ase365 will notify active Players via the registered email address and/or via a prominent notice on the Platform. The updated policy will take effect 7 days after notification, or immediately where changes are required to address legal, security, or regulatory obligations.
Your continued use of the ase365 Platform following the effective date of any updated Privacy Policy constitutes your acceptance of those changes. We encourage you to review this page periodically to stay informed about how your data is protected. The "Last updated" date at the top of this document indicates when the most recent changes were made.
For all privacy-related enquiries, data access requests, correction requests, erasure requests, or complaints relating to the handling of your Personal Data by ase365, please contact our Data Protection team through the following channels:
- Email: [email protected] — use the subject line "Privacy Rights Request" and include your registered email address for identity verification.
- Live Chat: Available 24/7 directly on the Platform after completing the ase365 Login process. Average response time: under 3 minutes.
- Response Time: Written responses to formal data requests will be provided within 30 calendar days of receiving a verified request. Complex requests may take up to 60 days, in which case we will notify you of the extension.
- Support Hours: 24 hours a day, 7 days a week, Bangladesh Standard Time (UTC+6), including all public holidays.
When contacting us about a privacy matter, please provide your full name as registered on your ase365 account, your registered email address, and a clear description of your request. This allows us to verify your identity and process your request efficiently. ase365 will never charge a fee for
handling a privacy rights request unless a request is manifestly unfounded or excessive, in which case a reasonable administrative fee may apply.