1 Information We Collect
krickya collects personal data through several channels: information you provide directly during registration and verification, data generated automatically through your use of the platform, and in limited cases, information received from trusted third-party partners. The following sets out the categories of data we collect and the context in which each category arises.
1.1 Account Registration Data
When you create an account on krickya, we collect the following information:
- Full legal name (as it appears on your government-issued ID)
- Date of birth (to verify that you are aged 18 or over)
- Email address (used for account communications and security alerts)
- Mobile phone number registered in Bangladesh (used for OTP verification and account recovery)
- Preferred payment method and associated mobile financial service number (e.g., bKash or Nagad number)
- Username and encrypted password
1.2 Identity Verification (KYC) Data
As part of our Know Your Customer (KYC) obligations and responsible gaming practices, we may collect:
- Copies of government-issued photo identification (National ID card, passport, or driving licence)
- Proof of address documents (utility bills or bank statements issued within the last three months)
- Proof of payment method ownership (e.g., a screenshot of your bKash or Nagad account displaying your registered mobile number)
- Selfie or live verification image where required for enhanced due diligence
1.3 Financial Transaction Data
We record all financial transactions processed through the krickya cashier. This includes:
- Deposit amounts, timestamps, and payment method reference numbers
- Withdrawal requests, amounts, processing status, and destination payment method
- Bonus credits, wagering activity, and associated balance adjustments
- Currency: all transactions are denominated in Bangladeshi Taka (BDT)
krickya does not store full payment card numbers on its own servers. Card transactions are processed via PCI-DSS-compliant payment gateways, which handle and tokenise card data independently.
1.4 Gameplay and Behavioural Data
The platform automatically collects data about how you interact with krickya, including:
- Games played, bet amounts, outcomes, session start and end times
- Sports markets viewed, odds accepted, and bet slips placed
- Navigation patterns, page visit frequency, and feature usage
- Device type, operating system, browser type, and screen resolution
- IP address and approximate geolocation (city-level)
This behavioural data is used to personalise your experience, detect fraud, enforce responsible gaming limits, and improve platform performance. It is not used to create advertising profiles for third-party marketers.
1.5 Communications Data
When you contact the krickya support team via email or live chat, we retain a record of the communication, including the content of messages and any attachments you share. This is used to manage your query, maintain support history, and improve service quality. Support communications are stored securely and are accessible only to authorised staff members.
2 How We Use Your Data
krickya processes your personal data only for specific, legitimate purposes. The following table summarises the primary purposes for which your data is used and the legal basis applicable to each:
| Purpose | Data Categories Used | Legal Basis |
|---|---|---|
| Account creation and management | Registration data, contact details | Contractual necessity |
| Identity and age verification (KYC) | KYC documents, date of birth | Legal obligation / contractual necessity |
| Processing deposits and withdrawals | Financial transaction data, payment method details | Contractual necessity |
| Fraud prevention and security monitoring | Device data, IP address, transaction data, behavioural data | Legitimate interest |
| Anti-money laundering (AML) compliance | Transaction data, KYC data, account activity | Legal obligation |
| Responsible gaming enforcement | Gameplay data, deposit limits, self-exclusion status | Legal obligation / legitimate interest |
| Customer support and dispute resolution | Communications data, account data | Contractual necessity / legitimate interest |
| Platform personalisation | Behavioural data, gameplay history | Legitimate interest / consent |
| Promotional communications (opt-in only) | Email address, mobile number, gameplay preferences | Consent |
2.1 Marketing Communications
krickya will only send you promotional emails or SMS messages if you have explicitly opted in to receive marketing communications during registration or through your account settings. You may withdraw your consent and unsubscribe from marketing communications at any time by updating your preferences in your account dashboard or by contacting . Withdrawal of marketing consent does not affect the legal processing of your data for account management or compliance purposes.
2.2 Automated Decision-Making
krickya uses automated systems to detect potentially fraudulent activity, identify patterns consistent with problem gambling behaviour, and enforce responsible gaming limits. These systems may result in automated actions such as flagging an account for review, triggering a mandatory verification check, or temporarily restricting a transaction. Where an automated decision has a significant impact on your account, you have the right to request human review of that decision by contacting our support team.
3 Data Sharing & Third Parties
krickya does not sell your personal data. We do not share your data with third parties for their own marketing purposes. However, to operate the platform effectively and meet our legal obligations, we share data with the following categories of trusted partners under strict contractual data protection agreements:
3.1 Payment Service Providers
To process your deposits and withdrawals in BDT, we share the minimum necessary financial and identity data with our payment partners including bKash, Nagad, Rocket, Upay, and our banking partners (Dutch-Bangla Bank, City Bank, BRAC Bank, Islami Bank, Sonali Bank). These partners are contractually required to process your data only for the purpose of completing the requested transaction and are not permitted to use your data for their own marketing.
3.2 Game Technology Providers
krickya's game library is powered by internationally certified studios including Pragmatic Play, Evolution Gaming, Ezugi, NetEnt, Microgaming, and Spribe. These providers may receive anonymised or pseudonymised session identifiers to deliver game content and record game outcomes. They do not receive your full personal identity details unless explicitly required for a specific game feature and disclosed to you at the time.
3.3 KYC and Fraud Prevention Partners
We work with specialist identity verification and fraud prevention services to validate the documents you submit during KYC verification. These partners process identity document data on our behalf under strict data processing agreements and are not permitted to retain or repurpose your documents beyond the scope of the verification task.
3.4 Legal and Regulatory Disclosure
krickya may disclose your personal data to law enforcement agencies, regulatory authorities, or other government bodies where required to do so by applicable law, a valid court order, or in connection with a lawful investigation into financial crime, money laundering, or other prohibited conduct. We will notify you of any such disclosure where we are legally permitted to do so.
4 Cookies & Tracking Technologies
krickya uses cookies and similar tracking technologies to ensure the platform functions correctly, to remember your preferences, and to analyse how the site is used so we can improve it. This section explains the types of cookies we use and how you can manage them.
4.1 What Are Cookies?
Cookies are small text files that are placed on your device by a website when you visit it. They are widely used to make websites work more efficiently, to remember user preferences between sessions, and to provide aggregate analytical data to site operators. Cookies do not contain executable code and cannot access other files on your device.
4.2 Types of Cookies Used by krickya
| Cookie Type | Purpose | Duration | Can Be Disabled? |
|---|---|---|---|
| Essential / Session | Maintain your logged-in session, enable cashier functions, enforce security tokens | Session (deleted on browser close) | No — required for platform operation |
| Functional / Preference | Remember your language, display preferences, and responsible gaming settings | Up to 12 months | Yes — disabling may affect user experience |
| Analytics | Collect aggregated, anonymised data on page visits, navigation paths, and feature usage to improve the platform | Up to 24 months | Yes — via browser settings |
| Security / Fraud Detection | Identify unusual login patterns, detect bot activity, and protect account integrity | Up to 30 days | No — required for platform security |
4.3 Managing Your Cookie Preferences
You can manage or delete cookies at any time through your browser settings. Most modern browsers allow you to block all cookies, accept only first-party cookies, or delete existing cookies on demand. Please note that disabling essential or security cookies may prevent you from logging into your krickya account or using the cashier. For instructions on managing cookies in your specific browser, refer to the browser's official help documentation.
4.4 Do Not Track Signals
Some browsers transmit a "Do Not Track" (DNT) signal to websites. At this time, krickya's platform does not alter its data collection practices in response to DNT signals, as no universally accepted standard for interpreting these signals has been established. We will revisit this position as industry standards develop.
5 Data Security & Storage
5.1 Security Measures
krickya implements a range of technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure. These include:
- TLS/SSL encryption for all data in transit between your device and our servers
- AES-256 encryption for sensitive data fields stored in our databases
- Hashed and salted password storage — krickya staff cannot retrieve your plain-text password
- Two-factor OTP authentication on new device logins
- Role-based access controls limiting staff access to personal data on a need-to-know basis
- Regular security audits and penetration testing of platform infrastructure
- Automated intrusion detection and real-time alerting systems
5.2 Data Storage Location
Your personal data is stored on secure servers. krickya applies equivalent data protection standards regardless of where data is processed, and all third-party partners who access your data are required to maintain security standards consistent with those described in this policy.
5.3 Data Breach Response
In the event of a personal data breach that poses a risk to your rights and freedoms, krickya will take immediate steps to contain the breach, assess its scope, and notify affected players via their registered email address within a reasonable timeframe. We will also notify the relevant authorities where required. You can help protect your account by using a strong, unique password and enabling OTP verification on your krickya account.
6 Your Privacy Rights
As a player on krickya, you hold a number of rights in relation to the personal data we hold about you. The following outlines these rights and how you can exercise them.
6.1 Right to Access
You have the right to request a copy of the personal data krickya holds about you. Upon receipt of a verified request, we will provide a summary of your personal data in a readable format within 30 days. To submit an access request, contact with the subject line "Data Access Request" and include your registered full name and email address so we can verify your identity before releasing any data.
6.2 Right to Rectification
If any of the personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct it. You may update basic account details (such as your email address or mobile number) directly through your account dashboard. For corrections to identity or KYC documents, please contact the support team.
6.3 Right to Erasure
You may request deletion of your personal data in certain circumstances — for example, if the data is no longer necessary for the purpose for which it was collected, or if you withdraw your consent and there is no other legal basis for processing. Please note that krickya is subject to legal obligations (including AML record-keeping requirements) that may require us to retain certain transaction and identity records for a specified period even after account closure. In such cases, we will inform you of the retention period that applies and will delete the data at the earliest permissible point.
6.4 Right to Restrict Processing
You may request that we restrict the processing of your personal data in certain circumstances, such as where you contest the accuracy of the data or where you have objected to processing and a determination is pending. During a restriction period, we will continue to store your data but will not process it further except for the purpose of storage or with your consent.
6.5 Right to Data Portability
Where processing is based on your consent or on a contractual basis and is carried out by automated means, you may request that krickya provide your personal data in a structured, commonly used, machine-readable format (e.g., CSV or JSON). This right applies to data you have actively provided to us, such as your registration details and transaction history.
6.6 Right to Object
You have the right to object to the processing of your personal data where that processing is based on our legitimate interests. If you object, krickya will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, or unless the processing is necessary for the establishment, exercise, or defence of a legal claim.
6.7 Exercising Your Rights
To exercise any of the rights listed above, please contact our privacy team at . We will respond to all verified requests within 30 days. We may ask you to verify your identity before fulfilling a request to ensure that we do not disclose or alter personal data in response to an unauthorised third party.
7 Data Retention Policy
krickya retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable legal and regulatory obligations. The following retention periods apply:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account registration data | Duration of account + 5 years post-closure | AML compliance and dispute resolution |
| KYC documents | Duration of account + 5 years post-closure | Legal obligation under AML frameworks |
| Financial transaction records | Duration of account + 7 years post-closure | Financial record-keeping requirements |
| Gameplay and behavioural data | Duration of account + 2 years post-closure | Responsible gaming monitoring; fraud prevention |
| Support communications | 3 years from date of communication | Dispute resolution and service quality |
| Marketing consent records | Until consent withdrawn + 1 year | Proof of consent for regulatory purposes |
| Analytics and log data | Up to 24 months on a rolling basis | Platform performance and fraud detection |
When a retention period expires and no legal hold applies, krickya will securely delete or anonymise the relevant personal data so that it can no longer be linked to any identifiable individual. Anonymised, aggregated data (which cannot identify you) may be retained indefinitely for statistical and business intelligence purposes.
8 Updates to This Policy
krickya reserves the right to update this Privacy Policy at any time. When we make changes, the revised policy will be published on this page with an updated effective date at the top of the document. For material changes that significantly alter how we process your personal data, we will make reasonable efforts to notify registered players via their registered email address prior to the change taking effect.
Your continued use of the krickya platform following publication of a revised Privacy Policy constitutes your acceptance of the updated terms. We encourage you to review this page periodically to stay informed about how we protect your data.
If you have any questions about this Privacy Policy, or if you wish to raise a concern about how krickya has handled your personal data, please contact our support team at . We are committed to resolving all privacy-related concerns promptly and transparently.
This Privacy Policy was last reviewed and updated on 1 January 2026. krickya reserves the right to amend this policy at any time. Continued use of the platform following any amendment constitutes your acceptance of the revised Privacy Policy.