18aa Privacy
Policy

18aa is an online casino and sports betting platform operating at 18aa.asia, serving players primarily in Bangladesh. When this Privacy Policy refers to "18aa", "we", "us", or "our", it means the 18aa platform operator responsible for processing your personal data.

As the data controller for the personal information you provide when using 18aa, we are responsible for ensuring that your data is collected, stored, and processed in a lawful, fair, and transparent manner. This Privacy Policy applies to all users of the 18aa website, mobile app, and any related services.

If you have any questions about how 18aa handles your personal data, or if you want to exercise any of your data rights, you can contact our dedicated privacy team at [email protected]. We aim to respond to all privacy-related enquiries within 5 business days.

18aa collects personal data from you in several ways — directly when you register and use the platform, automatically when you browse the site or app, and occasionally from third-party sources such as payment processors and identity verification services. Here is a full breakdown of the categories of data we collect:

We do not collect any special category data (such as health information, political opinions, or biometric data) unless you voluntarily provide it in the context of a responsible gaming self-assessment. Any such data is treated with the highest level of confidentiality and is used solely to provide appropriate responsible gaming support.

18aa uses your personal data only for the purposes described in this Privacy Policy. We do not use your data for any purpose that is incompatible with the reason it was originally collected. The main purposes for which we use your data are:

• Account Management: To create, maintain, and manage your 18aa player account, including processing your registration, verifying your identity, and keeping your account details up to date.
• Payment Processing: To process your deposits and withdrawals via bKash, Nagad, and Rocket, and to maintain accurate financial records of all transactions on your account.
• Platform Operation: To deliver the games, features, and services available on 18aa, including personalising your experience based on your game preferences and activity history.
• Customer Support: To respond to your enquiries, resolve disputes, and provide assistance via live chat, email, or any other support channel.
• Fraud Prevention & Security: To detect, investigate, and prevent fraudulent activity, money laundering, underage gambling, and other prohibited conduct on the platform.
• Legal Compliance: To comply with our legal and regulatory obligations, including anti-money laundering (AML) requirements, age verification obligations, and any lawful requests from authorities.
• Responsible Gaming: To monitor your gaming activity for signs of problem gambling and to provide appropriate responsible gaming tools and interventions where necessary.
• Marketing (with consent): To send you promotional offers, bonus notifications, and platform updates via email or SMS — only if you have opted in to receive such communications.
• Platform Improvement: To analyse usage patterns and technical performance data to improve the 18aa platform, fix bugs, and develop new features.

Every time 18aa processes your personal data, we do so on one of the following legal bases. We are transparent about which basis applies to each type of processing so you always know why your data is being used.

• Contractual Necessity: Processing your data is necessary to fulfil our contract with you — i.e., to operate your 18aa account, process payments, and deliver the games and services you've signed up for.
• Legal Obligation: Some processing is required by law — for example, retaining transaction records for AML compliance, or verifying your age and identity before allowing you to gamble.
• Legitimate Interests: We process some data based on our legitimate business interests, such as fraud detection, platform security, and improving our services — provided those interests are not overridden by your privacy rights.
• Consent: For marketing communications and non-essential cookies, we rely on your explicit consent. You can withdraw this consent at any time without affecting the lawfulness of processing carried out before withdrawal.

18aa does not sell, rent, or trade your personal data. We share your data only in the limited circumstances described below, and only with parties who are contractually required to handle your data securely and in accordance with this Privacy Policy.

• Payment Processors: bKash, Nagad, and Rocket receive the minimum data necessary to process your deposits and withdrawals. These providers operate under their own privacy policies and are responsible for the security of data within their systems.
• Identity Verification Partners: When KYC verification is required, we share your identity documents with accredited verification service providers. These partners are bound by strict data processing agreements.
• Game Providers: The third-party game studios whose games are available on 18aa may receive anonymised or pseudonymised gameplay data for the purpose of game performance monitoring and RNG auditing. They do not receive your personal identity or financial data.
• Fraud Prevention Services: We may share data with fraud detection and anti-money laundering service providers to protect the platform and its players from financial crime.
• Legal Authorities: If required by law, court order, or regulatory authority, 18aa may disclose your personal data to the relevant authority. We will notify you of any such disclosure where we are legally permitted to do so.
• Business Transfers: In the event of a merger, acquisition, or sale of all or part of 18aa's business, your personal data may be transferred to the acquiring entity. You will be notified of any such transfer in advance.

18aa uses cookies and similar tracking technologies to make the platform work properly, to remember your preferences, and to understand how players use the site so we can keep improving it. A cookie is a small text file stored on your device when you visit a website.

You can manage your cookie preferences at any time through your browser settings or through the cookie preference centre available on the 18aa platform. Please note that disabling essential cookies will prevent you from logging in and using the platform.

18aa retains your personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable law. The following retention periods apply to the main categories of data we hold:

• Account Data: Retained for the duration of your account plus 5 years after account closure, to comply with AML and financial record-keeping obligations.
• Transaction Records: Retained for 7 years from the date of each transaction, as required by financial regulations.
• KYC Documents: Retained for 5 years after account closure or the completion of the verification process, whichever is later.
• Support Communications: Retained for 3 years from the date of the last communication, to allow us to reference previous interactions if you contact us again.
• Analytics Data: Anonymised analytics data may be retained indefinitely as it cannot be linked back to any individual player.
• Marketing Consent Records: Retained for the duration of your consent plus 3 years, to demonstrate compliance with consent requirements.

When your data is no longer required, 18aa securely deletes or anonymises it. We do not retain personal data "just in case" — every piece of data we hold has a defined purpose and a defined end date.

As a player on 18aa, you have a number of rights over your personal data. These rights are not absolute — in some cases they may be limited by our legal obligations — but we will always respond to your request and explain our reasoning clearly if we are unable to fulfil it in full.

18aa takes the security of your personal data seriously. We have implemented a range of technical and organisational measures to protect your data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:

• 256-bit SSL/TLS encryption for all data transmitted between your device and 18aa's servers
• Encryption of sensitive data at rest, including financial records and identity information
• Role-based access controls ensuring that only authorised 18aa staff can access personal data, and only to the extent necessary for their role
• Regular security audits and penetration testing of the 18aa platform
• Two-factor authentication (2FA) available for all player accounts
• Automated fraud detection systems that monitor for suspicious account activity in real time
• Secure, encrypted backups of all data with restricted access

Despite these measures, no online platform can guarantee 100% security. If you become aware of any security vulnerability or suspect that your 18aa account has been compromised, please contact our support team immediately at [email protected].

In the event of a data breach that is likely to result in a risk to your rights and freedoms, 18aa will notify you without undue delay and will take all necessary steps to contain the breach and minimise its impact.

18aa is strictly an adults-only platform. We do not knowingly collect personal data from anyone under the age of 18. Our registration process includes age verification steps designed to prevent minors from creating accounts.

If we become aware that we have inadvertently collected personal data from a person under 18, we will immediately delete that data, close the associated account, and return any deposited funds to the payment method used. If you believe a minor has registered on 18aa, please contact us at [email protected] immediately.

The 18aa platform may contain links to third-party websites or services — for example, links to payment provider portals or game studio information pages. This Privacy Policy applies only to the 18aa platform itself. Once you leave 18aa and visit a third-party site, that site's own privacy policy governs how your data is handled.

18aa is not responsible for the privacy practices of any third-party websites. We recommend that you review the privacy policy of any external site you visit before providing any personal information. If you have concerns about a third-party site linked from 18aa, please let us know at [email protected].

18aa may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or platform features. When we make a material change to this policy, we will notify all registered players via email at least 14 days before the change takes effect.

The "Last Updated" date at the top of this page will always reflect the date of the most recent revision. We encourage you to review this Privacy Policy periodically so you stay informed about how 18aa protects your personal data. Your continued use of the 18aa platform after a policy update constitutes your acceptance of the revised policy.

If you disagree with any changes to this Privacy Policy, you have the right to close your account and request deletion of your personal data, subject to our legal retention obligations described in Section 7.

If you have any questions, concerns, or requests relating to this Privacy Policy or the way 18aa handles your personal data, please don't hesitate to get in touch. Our privacy team is available 24/7 and will always respond promptly and clearly.