app22 Privacy Policy
Your privacy matters to us. This Privacy Policy explains exactly what personal data app22 collects from players in Bangladesh, why we collect it, how we use and protect it, and what rights you have over your information at every stage of your relationship with the platform.
1. Information We Collect
When you interact with the app22 platform, we collect certain categories of personal information in order to provide our services, verify your identity, process payments, and comply with applicable regulatory obligations. The categories of data we collect are described below.
1.1 Registration Information
When you create an app22 account, we collect your full legal name, date of birth, residential address in Bangladesh, mobile phone number, and email address. This information is required to open your account, verify your age and identity, and communicate with you about your account activity. Providing inaccurate registration information constitutes a breach of our Terms and Conditions.
1.2 Identity Verification (KYC) Documents
As part of our Know Your Customer (KYC) process, we may request copies of government-issued identification documents such as your National Identity Card (NID), passport, or driving licence. We may also request proof of address documents such as a recent utility bill or bank statement issued in Bangladesh. These documents are used solely for identity and age verification purposes and are stored securely in accordance with Section 5 of this Policy.
1.3 Financial and Transaction Data
We collect records of all deposits and withdrawals made through your account, including the payment method used (bKash, Nagad, Rocket, Upay, or bank transfer), transaction amounts in BDT, transaction dates, and reference numbers. We do not store full mobile banking PINs, passwords, or complete account numbers belonging to your payment provider — these credentials are handled exclusively by the relevant payment service provider.
1.4 Gaming Activity Data
We maintain records of your game sessions on the app22 platform, including games played, wager amounts, outcomes, bonus usage, and session timestamps. This data is used to calculate loyalty points, resolve disputes, monitor for responsible gaming indicators, detect potential fraud or bonus abuse, and fulfil our regulatory record-keeping obligations.
1.5 Technical and Device Data
When you access app22, our servers automatically log certain technical data including your IP address, browser type and version, operating system, device identifiers, screen resolution, and general geographic location derived from your IP address. This data helps us maintain platform security, detect unauthorised access, and optimise the platform experience across different devices used by players in Bangladesh.
1.6 Communications Data
We retain records of communications you have with the app22 support team via live chat, email, or WhatsApp. These records are used to resolve queries, improve service quality, and maintain an audit trail of player interactions. Support communications are kept for a minimum of two years from the date of the interaction.
2. How We Use Your Data
app22 uses the personal data we collect for specific, legitimate purposes. We do not use your data for purposes that are incompatible with those listed below, and we do not sell your personal data to third-party marketing organisations or data brokers.
2.1 Account Management and Service Delivery
Your registration and KYC data is used to open and maintain your account, verify your identity, process deposits and withdrawals, award loyalty programme points, and personalise your experience on the platform. Without this data, we are unable to provide you with access to app22's games and services.
2.2 Fraud Prevention and Security
Technical and transaction data is analysed to detect and prevent fraudulent activity, unauthorised account access, bonus abuse, and money laundering. Where suspicious activity is detected, we may temporarily suspend account access while an investigation is conducted. app22 cooperates with relevant authorities as required by applicable law.
2.3 Regulatory Compliance
Certain data must be retained to fulfil our obligations under anti-money laundering standards and responsible gaming requirements. This includes maintaining records of identity verification, transaction history, and self-exclusion requests. Retention periods for compliance data are described in Section 5.
2.4 Responsible Gaming Monitoring
We analyse gaming activity and account behaviour to identify potential signs of problem gambling — such as rapidly increasing deposit frequency, extended session durations, or patterns consistent with chasing losses. Where such indicators are detected, our responsible gaming team may reach out to offer support tools including deposit limits, session reminders, or temporary account cool-off periods.
2.5 Customer Support
Your account data and communications history is accessed by our support team when you contact us with a query or complaint. This allows our team to understand your account context quickly and provide an accurate, efficient response. Support access to your data is logged and audited.
2.6 Platform Improvement and Analytics
Aggregated and anonymised data derived from player activity across the app22 platform is used to understand how players navigate the site, which games are most popular, and where technical issues occur. This analysis informs product development and UX improvements. Where analytics rely on individual-level data, such data is pseudonymised before analysis.
2.7 Marketing Communications
With your consent, we may send you promotional emails or platform notifications about new games, active promotions, seasonal offers such as Eid specials or BPL season bonuses, and VIP programme updates. You may withdraw your consent to marketing communications at any time by updating your notification preferences in your account dashboard or by contacting our support team.
3. Data Sharing and Disclosure
app22 does not sell, rent, or trade your personal data. We share data with third parties only in the limited circumstances described in this section, and only to the extent necessary for the stated purpose.
3.1 Payment Service Providers
To process deposits and withdrawals, we share necessary transaction data with your chosen payment provider — including bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, and BRAC Bank. The data shared is limited to what is required to execute the transaction and comply with the payment provider's own verification requirements. Each payment provider operates under their own privacy policy, which governs their handling of your financial data.
3.2 Game Software Providers
The games on the app22 platform are developed and operated by third-party studios including Pragmatic Play, Evolution Gaming, Spribe, Ezugi, NetEnt, and Microgaming. To deliver game sessions, your account identifier and session data is shared with the relevant studio. These providers are contractually prohibited from using player data for any purpose other than delivering the game service and maintaining their own compliance obligations.
3.3 Identity Verification Services
app22 may use third-party identity verification service providers to assist in KYC processing. Where such a provider is used, your identity documents and personal details are shared securely for the sole purpose of verifying your identity and age. Verification providers are required to maintain confidentiality and are not permitted to retain your documents beyond the period required to complete the verification.
3.4 Legal and Regulatory Disclosure
app22 may disclose your personal data to law enforcement agencies, regulatory bodies, or other competent authorities where we are legally required to do so, or where we reasonably believe disclosure is necessary to prevent fraud, protect the rights of other players, or respond to a valid legal process. We will notify you of any such disclosure where legally permitted to do so.
3.5 Business Transfers
In the event that app22 undergoes a business restructuring, merger, or acquisition, your personal data may be transferred to a successor entity as part of that transaction. We will provide reasonable notice of any such transfer and ensure that the successor entity is bound by privacy commitments no less protective than those set out in this Policy.
5. Data Retention and Storage
5.1 Retention Periods
app22 retains personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable regulatory and compliance obligations. The following retention periods apply as a general guide:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account registration data | Duration of account + 5 years after closure | Compliance and dispute resolution |
| KYC / identity documents | Duration of account + 5 years after closure | Anti-money laundering obligations |
| Transaction records | 7 years from transaction date | Financial record-keeping standards |
| Gaming activity logs | 5 years from session date | Dispute resolution and compliance |
| Support communications | 2 years from interaction date | Service quality and dispute records |
| Self-exclusion records | Duration of exclusion + 5 years | Responsible gaming compliance |
| Marketing preferences | Until withdrawn or account closed | Consent management |
5.2 Data Storage Location
Personal data collected by app22 is stored on secure servers. Where data is processed or stored outside of Bangladesh, app22 ensures that appropriate safeguards are in place to protect your information to a standard equivalent to the protections described in this Policy. Data transfers to game studio providers are governed by contractual data protection clauses.
5.3 Data Deletion
When a retention period expires, personal data is securely deleted or anonymised so that it can no longer be associated with an individual player. Where you request deletion of your data before the end of the applicable retention period, we will delete what we are not legally required to retain and inform you of any data that must be kept for compliance reasons, along with the applicable retention period for that data.
6. Security Measures
app22 takes the security of your personal data seriously. We implement a layered set of technical and organisational measures designed to protect your information against unauthorised access, loss, alteration, or disclosure.
6.1 Technical Safeguards
All data in transit between your device and our servers is encrypted using TLS 1.2 or higher. Data at rest in our databases is encrypted using AES-256 encryption. Access to production databases containing player data is restricted to authorised personnel only, via authenticated and audited access controls. Our infrastructure undergoes regular security assessments and vulnerability testing.
6.2 Account Security Features
app22 provides two-factor authentication (2FA) for all registered accounts and strongly encourages all players to enable it. Login attempts from unrecognised devices or IP addresses trigger additional verification steps. Multiple consecutive failed login attempts result in a temporary account lock, followed by an identity verification step before access is restored.
6.3 Internal Access Controls
Access to player data within the app22 organisation is governed by a strict role-based access control policy. Support staff may access only the data necessary to assist with a specific enquiry. Senior account management, finance, and compliance teams have access to broader data sets under enhanced authentication and audit logging. No employee may access player data for personal purposes, and all access is logged and periodically reviewed.
6.4 Data Breach Response
In the event of a data breach that affects the security of your personal information, app22 will investigate the incident promptly, take steps to contain and remediate it, and notify affected players without undue delay where the breach poses a risk to their rights or interests. Notifications will be sent to the email address registered to your account and will include a description of the breach, the data involved, and the steps we are taking in response.
7. Your Privacy Rights
As a player on the app22 platform, you have a number of rights in relation to the personal data we hold about you. These rights are outlined below. To exercise any of these rights, contact our support team at [email protected] with the subject line "Privacy Rights Request — [Your Username]". We will respond within 30 calendar days.
8. Policy Updates and Contact
8.1 Updates to This Policy
app22 reviews this Privacy Policy periodically and updates it when our data practices change, when we introduce new services, or when relevant legal or regulatory developments require it. The effective date at the top of this page reflects the date on which the current version came into force. For material changes, we will notify registered players via email or a platform notification at least 7 days before the change takes effect. Your continued use of app22 after a revised Policy comes into force constitutes your acceptance of the updated terms.
8.2 Children's Privacy
app22 is strictly an 18+ platform and does not knowingly collect personal data from persons under the age of 18. If we become aware that an account has been registered by a person under 18, we will close the account, delete all associated personal data, and handle any balance in accordance with applicable regulatory guidance. If you believe a minor has registered an account on app22, please contact us immediately at [email protected].
8.3 Links to Third-Party Content
The app22 platform may contain references to third-party game providers and payment services. While we take care to work with reputable partners, app22 is not responsible for the privacy practices of third-party services. We encourage you to review the privacy policies of any third-party service you interact with in connection with your use of app22.
8.4 Contact Us
If you have any questions about this Privacy Policy, wish to exercise your privacy rights, or want to raise a data-related concern, please contact the app22 privacy team using the details below. We are committed to resolving any privacy concern you raise promptly and transparently.
- Email: [email protected] — subject line: "Privacy Enquiry"
- Live Chat: Available 24/7 via your app22 account dashboard
- WhatsApp: +880 1XXX-XXXXXX — response within 15 minutes
- Response Language: English
Have Questions About Your Privacy?
Our support team is available around the clock to answer any questions about how app22 handles your personal data. You can also review our FAQ for quick answers to common platform questions.
18+ only. Play responsibly. app22 promotes responsible gaming.