ae7 Privacy Policy
At ae7, your privacy is not an afterthought. This Privacy Policy explains exactly what personal data we collect when you use ae7.bio, why we collect it, how we store and protect it, and what rights you have over your own information. We are committed to handling your data with transparency, security, and respect — in full compliance with sound data protection principles applicable to our operations in Bangladesh.
256-Bit SSL Encryption
Every data transmission between your device and ae7.bio is protected by 256-bit SSL encryption. Your personal details, payment information, and account credentials are never sent over unencrypted connections, keeping your data private at every step.
No Data Selling
ae7 does not sell, rent, or trade your personal data to third-party marketing companies. The information you provide when registering and playing on ae7 is used solely for operating your account, processing payments, and improving the platform experience.
Payment Data Protection
bKash, Nagad, Rocket, and Upay transaction data is processed exclusively through each provider's secure API. ae7 never stores your full mobile banking PIN or raw payment credentials on our servers — only anonymised transaction references are retained for audit purposes.
KYC Document Security
Identity documents submitted for KYC verification — including National ID cards and passports — are encrypted at rest and stored in isolated secure storage. They are accessed only by authorised ae7 compliance staff and are never shared with advertising partners.
Your Data, Your Control
ae7 players have the right to access, correct, and request deletion of their personal data at any time. Submit a written request to [email protected] and our team will respond within 10 business days. You remain in control of the data you share with us.
Transparent Cookie Use
ae7 uses only essential and functional cookies to keep your session active and remember your preferences. We do not deploy third-party advertising cookies or cross-site tracking cookies. Section 4 of this policy details every cookie category we use and why.
Section 1
Data We Collect
ae7 collects personal data only to the extent necessary to operate a safe, compliant, and high-quality online gaming platform for players in Bangladesh. The following table outlines every category of data we collect, the specific data points within each category, and the reason for collection.
| Data Category | Specific Data Points | Purpose |
|---|---|---|
| Registration Data | Full name, date of birth, Bangladeshi mobile number, preferred payment method, account username | Account creation, age verification, identity management |
| KYC / Identity Data | National ID (NID) card image, passport photo page, birth registration certificate (where applicable) | Age and identity verification before withdrawal processing |
| Financial Data | Deposit amounts, withdrawal amounts, transaction timestamps, anonymised payment method references (e.g., masked bKash number) | Transaction processing, fraud prevention, financial audit trail |
| Gaming Activity Data | Game history, bet amounts, bet outcomes, session duration, game titles played, RNG outcomes | Account management, responsible gaming monitoring, dispute resolution |
| Technical / Device Data | IP address, device type, operating system, browser version, screen resolution, time zone (Bangladesh Standard Time, UTC+6) | Fraud detection, platform optimisation, security monitoring |
| Communication Data | Live chat transcripts, support email content, any attachments submitted to ae7 support | Customer support delivery, dispute resolution, quality assurance |
| Cookie / Session Data | Session token, preference cookies, analytics identifiers | Session continuity, platform personalisation, aggregate usage analytics |
ae7 does not collect sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, or health records. If you voluntarily disclose any such information in a support communication, it will be disregarded and not retained beyond the resolution of your query.
Minimum Data Principle: ae7 applies a minimum data principle — we collect only what is necessary for a specific, stated purpose. We do not collect data speculatively or for undefined future use. If you have questions about the specific data held on your account, contact [email protected] (plain text — not a clickable link).
Section 2
How We Use Your Data
ae7 uses the personal data it collects exclusively for the following legitimate purposes. We do not use your data for purposes beyond those stated in this policy without first obtaining your explicit consent.
2.1 Account Operations
- Account creation and authentication: Your registration data enables us to create and manage your ae7 account, authenticate your login sessions, and restore account access where credentials have been lost.
- Payment processing: Financial data is used to credit deposits to your ae7 wallet and process withdrawal requests to your registered bKash, Nagad, Rocket, Upay, or bank account in BDT.
- KYC verification: Identity documents are used solely to confirm that you meet the 18+ age requirement and that your identity matches your registered account details before withdrawals are approved.
- Customer support: Communication data allows our support team to respond accurately to your queries, resolve disputes, and process responsible gaming tool requests (such as self-exclusion and deposit limits).
2.2 Platform Safety and Compliance
- Fraud prevention: Technical and financial data is analysed to detect patterns consistent with fraudulent account activity, money laundering, bonus abuse, or multi-accounting. Suspicious activity may result in account suspension and data referral to relevant authorities.
- Responsible gaming monitoring: Gaming activity data is used to identify patterns that may indicate problem gambling behaviour, enabling ae7 to proactively offer responsible gaming tools to at-risk players.
- Age verification compliance: Date of birth data and KYC documents are used to enforce ae7's strict 18+ policy and ensure no underage individual is permitted to deposit or wager on the platform.
2.3 Platform Improvement
- Analytics: Aggregated and anonymised gaming activity and device data is used to understand how players interact with ae7, identify areas for improvement, and optimise the mobile experience for players across Dhaka, Chittagong, Sylhet, and other regions of Bangladesh.
- Technical performance: Device and session data helps our engineering team diagnose and resolve technical issues, including game disconnections, payment processing delays, and page load performance.
No Automated Profiling for Marketing: ae7 does not use your personal data to build marketing profiles or to sell targeted advertising. Any promotional communications sent by ae7 (e.g., bonus offers via SMS) are based only on your opt-in preferences, and you may opt out at any time by contacting support.
Section 3
Data Sharing & Third Parties
ae7 does not sell or commercially trade your personal data. We share data with third parties only in the limited circumstances described below, and only to the minimum extent required to fulfil the stated purpose.
3.1 Permitted Data Sharing
- Payment processors: Transaction data is shared with bKash, Nagad, Rocket, Upay, and partnered Bangladeshi banks (BRAC Bank, City Bank, Dutch-Bangla Bank, Islami Bank, Sonali Bank) solely to execute deposit and withdrawal instructions you initiate. Each payment provider operates under its own privacy framework and data security standards.
- Game providers: When you play a live casino game powered by Evolution Gaming or Ezugi, or a slot title from Pragmatic Play, NetEnt, Microgaming, or Spribe, your session data (bet amounts, game outcomes) is transmitted to that provider's game servers. This is technically necessary to deliver the game. No personally identifiable data beyond a pseudonymous session ID is shared with game providers.
- KYC verification services: In certain circumstances, ae7 may engage a third-party identity verification service to assist with document validation. Any such provider is contractually bound to process your documents solely for verification purposes and to delete them upon completion of the verification task.
- Legal and regulatory disclosures: ae7 will disclose personal data to law enforcement agencies, courts, or regulatory bodies when required to do so by a valid legal obligation, court order, or anti-money laundering (AML) investigation. ae7 will notify you of such disclosures where legally permitted to do so.
3.2 No Third-Party Marketing Sharing
ae7 does not share your contact details (mobile number, email address) with third-party advertisers, affiliate marketing networks, or data brokers for any commercial purpose. If you receive unsolicited communications purporting to be from ae7 offering promotions through channels you did not subscribe to, please report this to [email protected] immediately, as this may indicate a phishing attempt.
Phishing Warning: ae7 will never ask for your password, full PIN, or payment credentials via SMS, email, or live chat. If you receive any such request, do not respond and contact ae7 support immediately. ae7 support contact is displayed as plain text only throughout this site.
Section 5
Data Security & Storage
Protecting the personal data of ae7 players is a core operational commitment. ae7 employs a layered security architecture to safeguard data at rest, in transit, and during processing.
- Encryption in transit: All data transmitted between your browser or mobile device and ae7.bio is encrypted using TLS 1.3 with 256-bit AES cipher suites. Connections over older, insecure protocols are automatically rejected.
- Encryption at rest: Sensitive data fields — including KYC document files, NID images, passport scans, and financial transaction records — are encrypted at rest in ae7's database infrastructure using AES-256 encryption.
- Access controls: Access to personal data within ae7's internal systems is restricted on a strict need-to-know basis. Only compliance, finance, and senior support staff have access to KYC documents, and all access events are logged for audit purposes.
- Server infrastructure: ae7 servers are hosted in secure data centres with physical access controls, redundant power systems, and continuous uptime monitoring. Servers are not accessible from the public internet except through hardened, authenticated API endpoints.
- Penetration testing: ae7 conducts periodic security assessments of its platform infrastructure to identify and remediate vulnerabilities before they can be exploited.
- Incident response: In the event of a data security incident that affects player personal data, ae7 will notify affected players within 72 hours of becoming aware of the breach via the mobile number registered to the affected account.
Your Responsibility: ae7's security infrastructure protects data on our side of the connection. You are responsible for keeping your ae7 account password confidential and for logging out of your account when using shared or public devices. Enable your device's screen lock and avoid saving ae7 login credentials in shared browsers. If you suspect unauthorised access to your account, contact ae7 support immediately at [email protected] (plain text — not a clickable link).
Section 6
Data Retention
ae7 retains personal data only for as long as it is necessary to fulfil the purpose for which it was collected, or as required by applicable legal obligations. The following retention schedule applies to all data categories collected by ae7.
| Data Category | Retention Period | Reason for Retention |
|---|---|---|
| Registration & Account Data | Duration of account + 5 years after closure | Legal obligation; fraud prevention; dispute resolution window |
| KYC / Identity Documents | Duration of account + 5 years after closure | Anti-money laundering (AML) record-keeping obligations |
| Financial Transaction Records | 7 years from transaction date | Financial audit and AML compliance requirements |
| Gaming Activity Logs | 3 years from session date | Dispute resolution; responsible gaming monitoring; RNG audit |
| Support Communication Logs | 2 years from last interaction | Quality assurance; dispute evidence; fraud pattern analysis |
| Analytics / Cookie Data | 13 months from collection | Standard analytics retention cycle; aggregate trend analysis |
When data reaches the end of its retention period, ae7 securely deletes or permanently anonymises it so that it can no longer be associated with any individual player. Deletion requests submitted by players under the right to erasure (see Section 7) will be assessed against applicable legal retention obligations — data that must be retained for AML or financial audit purposes cannot be deleted early, but will be isolated from active processing and flagged for deletion at the earliest legally permissible date.
Section 7
Your Privacy Rights
As an ae7 player, you have the following rights in relation to the personal data we hold about you. To exercise any of these rights, submit a written request to ae7 support. We will acknowledge your request within 3 business days and respond in full within 10 business days.
- Right of access: You may request a full summary of the personal data ae7 holds on your account, including the categories of data, the purposes for which it is processed, and any third parties with whom it has been shared. ae7 will provide this summary free of charge.
- Right to rectification: If any personal data ae7 holds about you is inaccurate or incomplete, you may request that it be corrected. For example, if your registered name contains a spelling error, contact support with the corrected version and a copy of your ID confirming the correct spelling.
- Right to erasure: You may request that ae7 delete your personal data. ae7 will honour erasure requests where data is no longer necessary for its original purpose and where no legal retention obligation overrides the request. Data subject to AML, financial audit, or fraud investigation obligations cannot be deleted before the applicable retention period expires.
- Right to restrict processing: You may request that ae7 restrict the processing of your personal data to storage only, pending the resolution of a dispute about data accuracy or a pending erasure request.
- Right to data portability: You may request a machine-readable export of your personal data (registration details, transaction history, gaming activity logs) in CSV or JSON format, which you may then transfer to another service of your choosing.
- Right to object: You may object to ae7 using your data for purposes beyond core account operations — for example, if you wish to opt out of promotional SMS communications, contact support and we will update your communication preferences within 24 hours.
- Right to withdraw consent: Where ae7 has relied on your consent as the basis for processing (for example, for optional analytics cookies), you may withdraw that consent at any time without affecting the lawfulness of processing that occurred before withdrawal.
How to Submit a Privacy Request: Send all data access, rectification, erasure, and portability requests to ae7 support. Contact email (plain text only, not a clickable link): [email protected]. Include your registered mobile number and a brief description of your request. ae7 may need to verify your identity before processing the request to prevent unauthorised access to another player's data.
Section 8
Changes to This Policy
ae7 reserves the right to update or revise this Privacy Policy at any time. Changes may be made to reflect updates to our platform features, shifts in applicable data protection standards, or modifications to our third-party service provider relationships.
When material changes are made to this Privacy Policy — particularly changes that affect how we collect, use, or share your personal data — ae7 will notify registered players via an alert displayed upon next login, or via SMS to the mobile number registered to your ae7 account. The updated policy will be published at ae7.bio/privacy-policy with a revised effective date at the top of this page.
Continued use of ae7.bio following the notification of a Privacy Policy update constitutes your acceptance of the revised terms. If you do not agree with the changes, you should stop using ae7 and may request account closure and data deletion by contacting ae7 support.
Previous versions of this Privacy Policy are archived and available upon request. To obtain a copy of a prior version, contact ae7 support specifying the date range for which you require the historical policy.
18+ Reminder: ae7 is strictly for adults aged 18 and above. By using ae7.bio you confirm you meet this age requirement. All personal data collected by ae7 relates to adult players only. If ae7 discovers that data has been submitted by a person under 18, that data will be immediately deleted and the associated account permanently closed.
Your Privacy Is Protected
Ready to Play on ae7?
Now that you understand how ae7 handles your personal data, explore the platform with confidence. From live casino tables and cricket betting to 700+ slots — all secured by 256-bit SSL and BDT-native payments. 18+ only. Play responsibly.