Your Privacy Matters to gp222
At gp222 we take the privacy and security of your personal data seriously. This Privacy Policy explains what information we collect when you use our platform, how we use and protect it, who we may share it with, and what rights you hold over your own data. We encourage you to read this document in full before registering an account.
Minimal Data Collection
gp222 collects only the personal data that is strictly necessary to operate the platform, verify your identity, process transactions, and comply with applicable regulations.
SSL Encryption
All data transmitted between your device and the gp222 servers is protected by industry-standard SSL/TLS encryption, preventing unauthorised interception in transit.
You Control Your Data
You have the right to access, correct, and request deletion of your personal data at any time. Submit a request through your account portal or by contacting gp222 support.
No Data Selling
gp222 does not sell, rent, or trade your personal data to third parties for commercial marketing purposes. Your data is used only for the purposes described in this policy.
Transparent Cookie Use
We use cookies and similar tracking technologies to improve your experience, measure performance, and keep your session secure. You can manage cookie preferences at any time.
Regulatory Compliance
gp222 processes personal data in accordance with applicable data protection obligations, including anti-money laundering (AML) and know-your-customer (KYC) requirements.
1. Information We Collect
When you interact with gp222, we collect personal data in several ways — directly from you when you provide it, automatically as you use the platform, and from third parties who assist us in delivering our services. The categories of personal data we collect are described below.
1.1 Information You Provide Directly
This includes all information you submit when creating your gp222 account, updating your profile, making a deposit or withdrawal, or contacting our customer support team:
- Full legal name, date of birth, and gender
- Residential address, city (e.g., Dhaka, Chittagong, Sylhet, Khulna, Rajshahi), and country
- Mobile phone number and email address
- National Identity Card (NID) number and copies of government-issued identity documents submitted for KYC verification
- Payment details, including bKash, Nagad, Rocket, or Upay mobile wallet numbers, and Visa or Mastercard details as applicable
- Username and password (password stored in hashed form only — we never store your password in plain text)
- Any information you voluntarily provide when contacting customer support, including chat logs and email correspondence
1.2 Information Collected Automatically
When you use the gp222 platform, our servers and analytics tools automatically collect certain technical and behavioural data:
- IP address and approximate geographic location derived from IP
- Device type, operating system, browser type and version
- Session start and end times, pages visited, and features used within the platform
- Betting history, game history, wagering amounts, and transaction records
- Referral source (how you arrived at gp222, e.g., direct URL, search engine, partner link)
- Cookie identifiers and similar tracking data (see Section 4 for full details)
1.3 Information from Third Parties
gp222 may receive personal data about you from trusted third parties in limited circumstances, including:
- Payment processors such as bKash, Nagad, Rocket, Upay, Visa, and Mastercard — to confirm transaction status and detect fraudulent payment activity
- Identity verification service providers — to validate the authenticity of documents submitted during KYC review
- Fraud prevention and AML screening partners — to comply with applicable financial crime prevention obligations
- Analytics and attribution partners — to understand how users discover and navigate the gp222 platform (in aggregated or pseudonymised form where possible)
Where gp222 receives data from third parties, we use it only for the purpose for which it was shared and in accordance with this Privacy Policy.
2. How We Use Your Data
gp222 uses personal data for specific, legitimate purposes. We do not use your data for any purpose that is incompatible with the reason it was originally collected. The table below summarises our key processing activities and the legal basis for each.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account registration and management | Name, email, phone, password, address | Contract performance |
| Identity verification (KYC) | NID, date of birth, identity documents | Legal obligation |
| Processing deposits and withdrawals | Payment details, transaction history | Contract performance |
| Fraud prevention and AML compliance | IP address, device data, transaction patterns | Legal obligation / legitimate interest |
| Customer support communications | Name, email, support chat logs | Contract performance |
| Platform improvement and analytics | Aggregated / pseudonymised usage data | Legitimate interest |
| Responsible gaming monitoring | Betting history, session duration, deposit patterns | Legal obligation / legitimate interest |
| Marketing and promotional communications | Email, phone number, game preferences | Consent (opt-in only) |
gp222 will send marketing communications — including promotional offers, bonus announcements, and seasonal campaigns (such as those tied to BPL, Eid, or Pohela Boishakh) — only to users who have explicitly opted in to receive them. You may withdraw your consent to marketing communications at any time by updating your notification preferences in Account Settings or by contacting gp222 support.
Automated decision-making may be used in limited circumstances, such as fraud detection or responsible gaming risk flagging. Where an automated decision has a significant effect on your account, you have the right to request a manual review by a member of the gp222 team.
3. Data Sharing & Disclosure
We may share your personal data with the following categories of recipients in the circumstances described:
- Payment Processors: bKash, Nagad, Rocket, Upay, Visa, and Mastercard receive only the transaction data necessary to authorise and process your deposits and withdrawals. These partners process data under their own privacy policies and applicable payment industry standards.
- Identity Verification Partners: When you submit KYC documents, gp222 may engage a third-party verification service to authenticate those documents. These partners act under strict contractual data processing obligations and may not use your data for any other purpose.
- Game Technology Providers: To deliver casino games and sports betting markets, gp222 integrates with third-party game studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. These providers may process certain session and account data necessary to operate the games. They are bound by data processing agreements with gp222.
- Cloud Infrastructure and Hosting Providers: gp222 operates on secure cloud infrastructure. Our hosting and infrastructure partners process data solely to provide the technical environment in which the platform runs and are contractually prohibited from using that data for their own purposes.
- Legal and Regulatory Authorities: gp222 will disclose personal data to competent authorities, courts, or law enforcement bodies where required to do so by applicable law, court order, or regulatory directive, or where gp222 has a good-faith belief that disclosure is necessary to prevent financial crime, protect the safety of users, or enforce its Terms & Conditions.
- Business Transfers: In the event of a merger, acquisition, or transfer of all or part of gp222's business assets, your personal data may be transferred to the acquiring entity. gp222 will take reasonable steps to ensure that your data continues to be processed in accordance with this Privacy Policy following any such transfer.
gp222 does not transfer your personal data to recipients in jurisdictions that do not provide an adequate level of data protection without first implementing appropriate safeguards, such as contractual clauses that require the recipient to protect your data to the same standard as gp222.
4. Cookies & Tracking Technologies
gp222 uses cookies and similar technologies (such as local storage and session tokens) to make the platform function correctly, keep your session secure, understand how users interact with our services, and deliver relevant promotional content to users who have opted in to receive it.
The following categories of cookies are used on the gp222 platform:
- Strictly Necessary Cookies: These are essential for the platform to operate. They include session authentication cookies that keep you logged in, security tokens that protect your account from CSRF attacks, and cookies that remember your language and region preferences. These cookies cannot be disabled without preventing the platform from functioning.
- Analytics and Performance Cookies: These cookies help gp222 understand how users navigate the platform — which pages are visited most often, where users encounter difficulties, and how features are used. This data is collected in aggregated or pseudonymised form and is used exclusively to improve the platform. Analytics cookies are only placed with your consent where required.
- Functional Cookies: These cookies remember choices you have made — such as your preferred deposit method or responsible gaming settings — so that you do not need to re-enter them on each visit. Functional cookies are not used for marketing purposes.
- Marketing and Attribution Cookies: With your explicit consent, gp222 may use cookies to track which marketing campaigns or partner links led you to the platform, and to personalise promotional content (such as bonus offers related to BPL or T20 season). These cookies are only placed after you opt in to marketing communications.
You may manage your cookie preferences at any time through the Cookie Settings panel accessible from the footer of the gp222 platform. You can also control cookies through your browser settings; however, disabling strictly necessary cookies will impair your ability to use the platform.
gp222 does not use third-party advertising networks or ad-exchange cookies for the purpose of building cross-site advertising profiles about you.
5. Data Security Measures
gp222 implements a layered security architecture to protect your personal data from unauthorised access, disclosure, alteration, or destruction. Our key security measures include:
- Encryption in Transit: All data exchanged between your browser or mobile device and the gp222 servers is encrypted using TLS 1.2 or higher. This prevents your data from being intercepted on public or shared networks.
- Encryption at Rest: Sensitive personal data stored in gp222's databases — including identity document references and payment details — is encrypted at rest using industry-standard encryption algorithms.
- Password Hashing: Your account password is never stored in plain text. gp222 uses a modern adaptive hashing algorithm so that even in the unlikely event of a database compromise, your actual password cannot be recovered from the stored hash.
- Two-Factor Authentication: gp222 offers SMS OTP-based two-factor authentication for all account holders. Enabling 2FA is strongly recommended and can be activated at no charge from Account Settings.
- Access Controls: Access to personal data within gp222's internal systems is restricted on a need-to-know basis. Staff who handle personal data are trained in data protection obligations and are subject to confidentiality agreements.
- Vulnerability Management: gp222's platform undergoes regular security assessments and penetration testing. Known vulnerabilities are remediated according to a risk-prioritised patching schedule.
- Incident Response: gp222 maintains a data breach incident response plan. In the event of a security incident that poses a risk to your personal data, gp222 will notify affected users and, where required, the relevant authorities within the timeframes prescribed by applicable law.
If you suspect any unauthorised access to your gp222 account, please contact our support team immediately so that we can take swift action to secure your account and investigate the incident.
6. Data Retention
gp222 retains personal data only for as long as is necessary to fulfil the purposes for which it was collected, and in accordance with any legal obligations that require us to retain records for a defined period. The table below provides a summary of our standard retention periods by data category.
| Data Category | Standard Retention Period | Basis |
|---|---|---|
| Account registration data (name, email, phone) | Duration of account + 5 years after closure | Legal / AML obligation |
| KYC identity documents | Duration of account + 5 years after closure | Legal / AML obligation |
| Transaction and financial records | 7 years from the date of the transaction | Financial regulatory requirement |
| Betting and game history | Duration of account + 3 years after closure | Legitimate interest / dispute resolution |
| Customer support correspondence | 3 years from last interaction | Legitimate interest / dispute resolution |
| Marketing preference records | Until consent is withdrawn, then 2 years | Consent record keeping |
| Analytics data (aggregated / pseudonymised) | Up to 26 months on a rolling basis | Legitimate interest |
When personal data is no longer required and no legal retention obligation applies, gp222 will securely delete or anonymise it so that it can no longer be linked back to you. Where data is anonymised rather than deleted, the resulting information may be retained indefinitely for statistical or research purposes without further notice to you, since it can no longer be used to identify you.
Self-excluded users: where you have submitted a self-exclusion request, gp222 retains your identifying data for the duration of the exclusion period and for a reasonable period thereafter in order to honour the exclusion and prevent re-registration. Deletion requests submitted during an active self-exclusion period will be deferred until the exclusion expires.
7. Your Data Rights
As a user of the gp222 platform, you have the following rights in relation to your personal data. These rights may be subject to limitations where gp222 has an overriding legal obligation to retain or process the data in question.
Right of Access
Request a copy of the personal data gp222 holds about you, together with information about how it is used.
Right to Rectification
Request correction of any inaccurate or incomplete personal data held about you. Many details can be updated directly in Account Settings.
Right to Erasure
Request deletion of your personal data where there is no compelling legal reason for gp222 to continue processing it.
Right to Restrict Processing
Request that gp222 temporarily halts processing of your data while a dispute about accuracy or lawfulness is resolved.
Right to Data Portability
Receive a copy of your personal data in a structured, machine-readable format that can be transferred to another service provider.
Right to Object
Object to the processing of your personal data for direct marketing purposes or where processing is based on legitimate interest.
To exercise any of these rights, please submit a written request to gp222 support via your account portal. gp222 will acknowledge your request within a reasonable timeframe and respond substantively within 30 calendar days. For complex or multiple requests, this period may be extended by a further 30 days, and gp222 will notify you if an extension is required.
gp222 will not charge a fee for reasonable data rights requests. However, requests that are manifestly unfounded, repetitive, or excessive may be subject to a reasonable administrative fee or may be refused, in which case gp222 will explain its reasons.
gp222 will never discriminate against you for exercising your data rights. Submitting a data rights request will not affect the quality of service you receive on the platform.
8. Policy Updates & Contact
gp222 reviews and updates this Privacy Policy periodically to reflect changes in our data practices, applicable law, or the services we offer. When material changes are made, we will notify registered users via the email address or mobile number associated with their account, and will update the effective date shown at the top of this document. We encourage you to revisit this page regularly to stay informed about how gp222 protects your privacy.
Your continued use of the gp222 platform following the publication of a revised Privacy Policy constitutes your acceptance of the updated version. If you do not agree with any change, you should cease using the platform and contact support to arrange account closure.
If you have any questions about this Privacy Policy, wish to exercise a data right, or wish to raise a concern about how gp222 handles your personal data, please contact our Data Protection team. Our support team is available 24 hours a day, 7 days a week. You can reach us at: [email protected] — please note this address is for reference only and is not a clickable link.
gp222 is committed to resolving privacy concerns promptly and transparently. We will acknowledge all privacy-related enquiries within two business days and aim to provide a substantive response within 14 calendar days.
Questions About Your Privacy?
Our support team is available 24/7 to help with any data-related request. You can also review our Terms & Conditions, explore our Responsible Gaming tools, or head over to the FAQ for quick answers. 18+ only. Play responsibly.