Privacy Policy — ticket 999
At ticket 999, protecting the privacy of our players is a core responsibility. This Privacy Policy explains precisely what personal data we collect when you use our platform, why we collect it, how we store and secure it, and the rights you hold over your own information. We are committed to handling all personal data with transparency, integrity, and care.
1. Introduction and Scope
This Privacy Policy ("Policy") describes how ticket 999 ("we", "us", "our") collects, uses, stores, shares, and protects the personal information of individuals ("you", "the player", "the user") who access or use the ticket 999 Platform, including its website, mobile-optimised interface, and any associated services.
This Policy applies to all personal data collected through your interactions with ticket 999 — including account registration, identity verification, deposit and withdrawal transactions, gameplay, customer support communications, and marketing preferences. By registering an account or using the ticket 999 Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the data practices described herein.
ticket 999 is committed to handling personal data in a manner consistent with internationally recognised data protection principles, including the principles of law fulness, fairness, and transparency; purpose limitation; data minimisation; accuracy; storage limitation; integrity and confidentiality; and accountability.
This Policy should be read alongside the ticket 999 Terms & Conditions and Responsible Gaming Policy, which together form the complete framework governing your relationship with ticket 999. In the event of any conflict between this Policy and the Terms & Conditions on a matter relating to personal data, this Policy shall prevail.
If you do not agree with the data practices described in this Policy, you must not create an account or continue to use the ticket 999 Platform. You may contact our support team at any time to exercise your data rights or to raise a concern about how your information is being handled.
2. Data We Collect
ticket 999 collects personal data through several channels: directly from you during registration and account use, automatically through your interaction with the Platform, and from trusted third-party sources such as identity verification providers and payment processors. The categories of personal data we collect are set out in the table below.
| Category | Examples of Data Collected | Collection Method |
|---|---|---|
| Identity Data | Full legal name, date of birth, gender, Bangladesh National ID (NID) number or passport number | Registration form, KYC verification |
| Contact Data | Email address, mobile phone number registered in Bangladesh, district or division of residence | Registration form, account settings |
| Financial Data | bKash/Nagad/Rocket/Upay wallet number, bank account details (if applicable), transaction history, deposit and withdrawal records | Payment processor, account transaction logs |
| Technical Data | IP address, device type and operating system, browser type and version, screen resolution, session timestamps, approximate geolocation (city/district level) | Automatic collection via server logs and cookies |
| Gameplay Data | Game history, bet amounts, win/loss records, bonus usage, RNG session logs, sports betting market selections | Platform game engine and betting system |
| Communication Data | Support chat transcripts, email correspondence with our team, feedback submissions | Support system, email platform |
| Marketing Preferences | Email and SMS opt-in/opt-out status, promotion redemption history, preferred game categories | Account settings, promotional system |
Data You Choose Not to Provide: Where the collection of certain personal data is optional, declining to provide it may limit your ability to use specific features of the Platform. For example, failure to complete KYC verification will restrict your ability to withdraw funds. We will always indicate at the point of collection whether providing a particular piece of information is mandatory or voluntary.
Sensitive Data: ticket 999 does not intentionally collect sensitive personal data such as racial or ethnic origin, religious beliefs, biometric data, or health information. If you voluntarily disclose such information in a support communication, it will be handled with the highest standard of care and will not be used for any purpose beyond resolving your enquiry.
3. How We Use Your Data
ticket 999 uses the personal data it collects for specific, legitimate purposes. We do not use your data in ways that are incompatible with those purposes, and we do not use your data to make fully automated decisions that produce legal or similarly significant effects without human oversight.
- Account management: To create, maintain, and administer your ticket 999 account, verify your identity, and ensure the security of your login credentials.
- Payment processing: To process deposits via bKash, Nagad, Rocket, Upay, and bank transfers, and to process withdrawal requests to your verified payment method.
- Legal compliance and AML: To fulfil our obligations under applicable anti-money laundering (AML) and Know Your Customer (KYC) requirements, including verifying the source of funds where required and reporting suspicious activity to the appropriate authorities.
- Responsible gaming: To monitor gameplay patterns for indicators of problem gambling, to administer self-exclusion requests, and to enforce deposit limits and session controls set by the player.
- Customer support: To respond to enquiries, resolve disputes, investigate complaints, and maintain a record of support interactions for quality assurance purposes.
- Platform improvement: To analyse aggregated and anonymised usage data in order to improve the performance, reliability, and user experience of the ticket 999 Platform.
- Personalised promotions: Where you have opted in to marketing communications, to send you relevant promotional offers, bonus notifications, and news about new games or features on ticket 999. You may opt out at any time via your account settings.
- Fraud prevention and security: To detect and prevent fraudulent activity, bonus abuse, multi-account creation, and other conduct that violates our Terms & Conditions.
- Age verification: To verify that all account holders are aged 18 or above before any deposit or wagering activity is permitted.
ticket 999 processes personal data on the following legal bases: performance of a contract (account operation and payment processing); legal obligation (AML and KYC compliance); legitimate interests (fraud prevention, platform security, responsible gaming monitoring); and consent (marketing communications and optional analytics).
4. Data Sharing and Disclosure
ticket 999 does not sell, rent, or trade your personal data to any third party for their own marketing or commercial purposes. We share personal data only in the limited circumstances described below, and only to the extent necessary for the stated purpose.
Game Providers: Certified game providers including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi may receive limited technical data (such as a pseudonymised player identifier and session token) necessary to deliver their games and maintain RNG audit records. These providers operate under strict data processing agreements and are prohibited from using player data for any purpose beyond game delivery and regulatory compliance.
Payment Processors: Payment service providers including bKash, Nagad, Rocket (Dutch-Bangla Bank), Upay, BRAC Bank, City Bank, Islami Bank, and Dutch-Bangla Bank receive only the financial data necessary to process your specific transaction. ticket 999 does not store full payment credentials on its own servers.
Identity Verification Partners: Third-party KYC providers may receive copies of identity documents you submit in order to verify their authenticity. These partners are contractually bound to process documents solely for the purpose of identity verification and to delete them once the verification process is concluded.
Legal and Regulatory Authorities: ticket 999 may disclose personal data to law enforcement agencies, financial intelligence units, or other regulatory authorities where required to do so by law, court order, or in response to a lawful request in connection with the investigation of fraud, money laundering, or other criminal activity.
Business Transfers: In the event that ticket 999 is involved in a merger, acquisition, or sale of assets, personal data held on registered players may be transferred to the acquiring entity. Players will be notified of any such transfer and of any resulting changes to this Privacy Policy before the transfer takes effect.
5. Cookies and Tracking Technologies
ticket 999 uses cookies and similar tracking technologies to operate the Platform, maintain your session, personalise your experience, and gather aggregated analytics data. A cookie is a small text file stored on your device by your browser when you visit a website. Cookies do not contain executable code and cannot access other files on your device.
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Session management, login authentication, security tokens, fraud prevention | Session / up to 24 hours |
| Functional | Language preference, display settings, responsible gaming tool states (e.g., deposit limit values) | Up to 12 months |
| Analytics | Aggregated page view counts, feature usage patterns, error logging — all data is anonymised before analysis | Up to 13 months |
| Marketing | Tracking which promotions you have viewed or redeemed, in order to avoid showing you irrelevant offers (only active if you have opted into marketing) | Up to 30 days |
Managing Cookies: You may configure your browser to refuse all cookies, accept only first-party cookies, or delete existing cookies at any time. Please note that disabling strictly necessary cookies will prevent you from logging in to your ticket 999 account and will cause the Platform to malfunction. Instructions for managing cookies are available in the help documentation of all major browsers (Chrome, Firefox, Safari, Edge, Samsung Internet).
ticket 999 does not use cross-site tracking pixels or third-party advertising networks that track your activity across other websites. Any analytics data collected through the Platform is processed in aggregate, anonymised form and is not linked back to your individual account.
6. Data Retention
ticket 999 retains personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. The retention periods below reflect both our operational needs and our legal obligations under anti-money laundering and financial record-keeping regulations.
- Account and identity data: Retained for the duration of your active account, and for a minimum of 5 years following account closure, in compliance with AML record-keeping obligations.
- Transaction and financial data: Retained for a minimum of 5 years from the date of each transaction, as required by applicable financial regulations.
- KYC documents: Retained for 5 years from the date of verification or account closure, whichever is later. Documents are stored in encrypted form and access is restricted to compliance personnel only.
- Gameplay records: Retained for 3 years from the date of each gaming session for dispute resolution, RNG audit, and responsible gaming monitoring purposes.
- Support communications: Retained for 2 years from the date of the last interaction in a support ticket, for quality assurance and dispute resolution purposes.
- Marketing preferences and opt-out records: Retained indefinitely to ensure we respect your communication preferences even if you later close your account.
- Technical and server log data: Retained for 90 days, after which it is automatically purged unless specific data is required for an ongoing security investigation.
When personal data is no longer required and no legal retention obligation applies, ticket 999 will securely delete or irreversibly anonymise it. Anonymised data — from which no individual can be identified — may be retained indefinitely for aggregated statistical analysis and platform improvement purposes.
7. Your Data Rights
ticket 999 respects your rights over your own personal data. You may exercise any of the following rights at any time by contacting our support team at [email protected]. We will respond to all verified data rights requests within 30 days of receipt.
- Right of Access: You have the right to request a copy of all personal data ticket 999 holds about you, along with information about how that data is being processed.
- Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected or updated without undue delay.
- Right to Erasure: You may request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you have withdrawn consent, or where the data has been unlawfully processed. Please note that this right is subject to overriding legal retention obligations — for example, AML regulations require us to retain certain financial records regardless of an erasure request.
- Right to Restriction: You may request that the processing of your personal data be restricted in certain circumstances, such as where you contest the accuracy of the data or where processing is unlawful but you prefer restriction to deletion.
- Right to Data Portability: Where personal data is processed on the basis of consent or contract and the processing is carried out by automated means, you may request a copy of your data in a structured, machine-readable format.
- Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes at any time. You may also object to processing carried out on the basis of legitimate interests, though such objections may be overridden where compelling grounds exist.
- Right to Withdraw Consent: Where processing is based on your consent (for example, marketing communications), you may withdraw that consent at any time via your account settings or by contacting support. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
8. Data Security
The security of your personal data is a technical and organisational priority at ticket 999. We have implemented a comprehensive set of safeguards designed to protect against unauthorised access, accidental loss, destruction, or disclosure of personal data.
Encryption in Transit: All data transmitted between your device and the ticket 999 Platform is protected by 256-bit SSL/TLS encryption. This applies to account login, game sessions, payment transactions, and all API communications. Our SSL certificate is maintained and renewed on a rolling basis to ensure continuous protection.
Encryption at Rest: Sensitive personal data stored in our databases — including identity documents, financial records, and password hashes — is encrypted at rest using AES-256 encryption. Plain-text passwords are never stored; passwords are hashed using a modern cryptographic algorithm with per-user salting.
Access Controls: Access to personal data within ticket 999's internal systems is governed by a strict role-based access control (RBAC) framework. Only personnel with a legitimate operational need may access specific categories of personal data. All internal data access events are logged and reviewed regularly by our security team.
Network Security: The ticket 999 Platform is hosted on infrastructure protected by enterprise-grade firewalls, intrusion detection systems (IDS), and distributed denial-of-service (DDoS) mitigation. Regular vulnerability scanning and penetration testing are conducted to identify and remediate security weaknesses before they can be exploited.
Data Breach Response: In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of affected individuals, ticket 999 will notify the affected players without undue delay once the breach has been confirmed, contained, and assessed. Notifications will be sent to the registered email address on file and will include a description of the breach, the categories of data affected, the likely consequences, and the measures ticket 999 has taken or proposes to take to address the breach.
9. Minors and Age Verification
The ticket 999 Platform is strictly for adults. We do not knowingly collect personal data from individuals under the age of 18. All account registrations require confirmation that the applicant is at least 18 years of age, and this declaration is verified through our mandatory KYC process before any deposit or wagering activity is permitted. 18+
If ticket 999 becomes aware — through its own verification processes, a report from a parent or guardian, or any other means — that an account has been registered by a person under the age of 18, the following actions will be taken immediately:
- The account will be permanently suspended without prior notice.
- All personal data associated with the account will be securely deleted, subject to any overriding legal retention obligation.
- Any deposits made by the minor will be returned to the registered payment method where possible; any wagers placed will be voided and any associated winnings forfeited.
- The matter may be referred to the appropriate authorities where the circumstances suggest that a third party facilitated the minor's access.
Parents and guardians who are concerned that a minor in their household may have accessed or registered on the ticket 999 Platform are encouraged to contact our support team at [email protected] immediately. We treat all such reports with the highest urgency and complete confidentiality.
ticket 999 also recommends the use of parental control software to prevent minors from accessing online gambling platforms. Several reputable parental control solutions are available that can block access to gambling-related websites at the device or network level.
10. Policy Updates and Contact
Updates to This Policy: ticket 999 reserves the right to update this Privacy Policy from time to time to reflect changes in our data practices, the services we offer, or applicable legal requirements. Where changes are material — for example, a change in the categories of data we collect, the purposes for which we use it, or the third parties with whom we share it — we will notify registered players via their registered email address at least 14 days before the changes take effect.
For non-material changes (such as typographical corrections or clarifications that do not alter the substance of any provision), the updated Policy will be published on this page without prior notice. The "Last Updated" date at the top of this page will always reflect the date of the most recent revision. We encourage you to review this Policy periodically to stay informed about how ticket 999 protects your personal data.
Continued Use: Your continued use of the ticket 999 Platform after the effective date of any updated Policy constitutes your acceptance of the revised terms. If you do not agree with the changes, you must stop using the Platform and may request the closure of your account as described in the Terms & Conditions.
Contact and Data Enquiries: All questions, concerns, or requests relating to this Privacy Policy — including data rights requests, consent withdrawal, or notifications of suspected data breaches — should be directed to our support team. Our agents are available 24 hours a day, 7 days a week, including all Bangladeshi public holidays.
Email: [email protected]. All correspondence is handled in English. Response times are typically within 24 hours for general enquiries and within 72 hours for formal data rights requests. All times are Bangladesh Standard Time (BST, UTC+6).
How ticket 999 Protects Your Privacy
256-bit SSL Encryption
Every byte of data exchanged between your device and ticket 999 is protected by 256-bit SSL/TLS encryption — the same standard used by Bangladeshi banks for online transactions.
Strict KYC Verification
Our mandatory Know Your Customer process ensures that every account is linked to a verified real identity, protecting all players from fraud, identity theft, and unauthorised access.
Zero Data Sales
ticket 999 has never sold player data and never will. Your personal information is used solely to operate your account, process payments, and improve our platform — nothing else.
Full Data Control
Access, correct, export, or delete your personal data at any time. ticket 999 supports all standard data rights and responds to verified requests within 30 days, without exception.
No Cross-Site Tracking
We do not use third-party advertising networks or cross-site tracking pixels. Analytics data is anonymised and aggregated before analysis — your browsing history is your own business.
Defined Retention Limits
Data is kept only as long as legally required or operationally necessary. When the retention period ends, data is securely deleted or irreversibly anonymised — no indefinite storage.
Questions About Your Data?
Our support team is available around the clock to help with any privacy concerns, data rights requests, or general questions about your ticket 999 account. You can also visit our FAQ for quick answers.