Privacy Policy — gd555 Online Casino
At gd555, your privacy is not an afterthought — it is a core commitment. This Privacy Policy explains exactly what personal data we collect, why we collect it, how it is used, how long we keep it, and what rights you hold over your own information. We encourage every player to read this document carefully before using the gd555 platform.
Our Privacy Commitments at a Glance
Before diving into the full details, here is a summary of the six core privacy principles that govern how gd555 handles all personal data belonging to players registered in Bangladesh and beyond.
Secure by Design
All personal data submitted to gd555 is protected by 256-bit SSL/TLS encryption in transit and AES-256 encryption at rest. No unencrypted player records are stored on our infrastructure.
Minimal Data Collection
gd555 collects only the personal data that is strictly necessary for account registration, identity verification, payment processing, and regulatory compliance. We do not collect data speculatively.
Your Data, Your Rights
Every gd555 player has the right to access, correct, export, or request deletion of their personal data at any time by contacting our support team. We will respond to all verified requests within 30 days.
No Unsolicited Marketing
gd555 will never sell, rent, or trade your personal information to third-party marketers. Promotional communications are only sent to players who have explicitly opted in during registration or account settings.
Payment Data Protection
gd555 does not store full card numbers or bKash/Nagad PIN codes on its servers. Payment transactions are processed via certified third-party payment gateways that maintain their own independent security standards.
Defined Retention Periods
gd555 retains personal data only for as long as is required for its stated purpose or as mandated by applicable law. Once the retention period expires, data is securely deleted or anonymised.
1. Information We Collect
When you use the gd555 platform — whether by creating an account, making a deposit, placing a bet, contacting customer support, or simply browsing the website — we may collect and process several categories of personal data. The specific data collected depends on how you interact with our services.
1.1 Account Registration Data
When you register a gd555 account, we collect the following information directly from you:
- Full legal name as it appears on your government-issued identification document (NID, passport, or driver's licence).
- Date of birth, used to verify that you meet the minimum age requirement of 18 years.
- A valid email address to which you have sole and exclusive access.
- A valid Bangladeshi mobile phone number capable of receiving SMS verification messages.
- A username and password of your choosing (passwords are stored in hashed form and are never visible to gd555 staff).
- Your city or district of residence within Bangladesh (e.g., Dhaka, Chittagong, Sylhet, Rajshahi, Khulna).
1.2 Identity Verification (KYC) Data
To comply with anti-money-laundering (AML) obligations and to verify player age, gd555 may request and retain copies of the following documents:
- National Identity Card (NID) — front and back.
- Passport biographical data page.
- Driver's licence (if used as primary identification).
- Proof of address: utility bill, bank statement, or official correspondence dated within the last 90 days.
- Proof of payment method ownership (e.g., a screenshot of your bKash or Nagad registered mobile number matching your account).
1.3 Financial Transaction Data
Each time you deposit or withdraw funds through gd555, we record the following transaction-level data:
- Transaction amount in Bangladeshi Taka (৳).
- Payment method used (bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, Visa, Mastercard, etc.).
- Transaction reference numbers and timestamps (Bangladesh Standard Time, UTC+6).
- Partial masked account or card identifiers (e.g., last four digits of a card, or the last three digits of a bKash number).
gd555 does not store full unmasked payment card numbers, CVV codes, bKash PINs, Nagad PINs, or online banking passwords at any point during or after a transaction.
1.4 Gameplay & Betting Activity Data
gd555 logs the following data in connection with your gaming and betting sessions to ensure fair play, resolve disputes, and comply with our responsible gaming obligations:
- Games played, bet amounts, outcomes, and session durations.
- Sports betting markets accessed, odds accepted, bet selections, and settlement results.
- Bonus offers claimed and wagering progress toward fulfilment of rollover requirements.
- Any self-exclusion, deposit limit, or cooling-off settings you have applied to your account.
1.5 Technical & Device Data
When you access gd555 via a web browser or mobile device, our servers automatically collect certain technical information:
- IP address and approximate geographic location (country and city level only).
- Browser type and version, operating system, device type (desktop, mobile, tablet).
- Pages visited on gd555, time spent on each page, referral source, and exit page.
- Session identifiers, login timestamps, and logout timestamps.
1.6 Communications Data
If you contact our customer support team via email or live chat, we retain the content of your communications, including any attachments you submit. This data is used to resolve your query, improve our service, and maintain a record of support interactions for quality assurance purposes.
Sensitive Data Notice: gd555 does not intentionally collect sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, health information, or biometric data, unless explicitly required to satisfy a specific AML, age-verification, or responsible gaming obligation — in which case collection is limited to the minimum necessary and subject to heightened security controls.
2. How We Use Your Data
gd555 processes personal data only for defined, lawful purposes. The table below summarises our primary data-processing activities, the legal basis on which each activity rests, and the specific data categories involved.
| Processing Purpose | Data Categories Used | Legal Basis |
|---|---|---|
| Account registration and management | Registration data, device data | Contractual necessity |
| Age verification and KYC compliance | Identity documents, date of birth | Legal obligation (AML) |
| Processing deposits and withdrawals | Financial transaction data | Contractual necessity |
| Fraud prevention and AML monitoring | Transaction data, gameplay data, device data | Legitimate interest / Legal obligation |
| Responsible gaming monitoring | Gameplay data, self-exclusion records | Legal obligation / Legitimate interest |
| Customer support | Communications data, account data | Contractual necessity |
| Sending opted-in promotional communications | Email address, mobile number | Consent |
| Platform analytics and improvement | Technical data, gameplay data (anonymised) | Legitimate interest |
2.1 Marketing Communications
gd555 may send you emails or SMS messages relating to promotions, new game releases, seasonal bonuses (such as Eid, Pohela Boishakh, or BPL season offers), and platform updates — but only if you have explicitly opted in to receive such communications. You may withdraw your marketing consent at any time by updating your notification preferences in your account settings, or by contacting our support team at [email protected].
Withdrawal of marketing consent does not affect your ability to use the gd555 platform, nor does it affect the processing of data that is required for contractual or legal purposes.
2.2 Automated Decision-Making
gd555 uses automated systems to flag potentially fraudulent activity, bonus abuse, and multi-accounting. Where an automated process results in a restriction or suspension of your account, you have the right to request a manual human review of that decision by contacting our compliance team. We will complete such reviews within 10 business days.
3. Data Sharing & Third Parties
gd555 does not sell, rent, or trade your personal data to any third party for their own commercial purposes. We share personal data only in the limited circumstances described below, and only with parties who are contractually obligated to handle such data in accordance with applicable data protection standards.
3.1 Game Providers
To deliver casino and sports betting services, gd555 integrates with certified third-party game studios and data providers, including Pragmatic Play, Evolution Gaming, Spribe, Ezugi, Microgaming, and NetEnt. These providers may receive session identifiers and anonymised gameplay metadata necessary to operate their games within the gd555 platform environment. They do not receive full personal identification data such as your NID or passport number.
3.2 Payment Processors
When you initiate a deposit or withdrawal, gd555 shares the minimum necessary financial data with our authorised payment processors, including bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, Visa, and Mastercard. Each payment partner operates under its own privacy policy and is independently responsible for the security of your payment credentials during transaction processing.
3.3 Identity Verification Partners
To conduct KYC checks, gd555 may share copies of your submitted identity documents with trusted identity verification service providers. These partners are bound by strict data processing agreements and may not use your data for any purpose other than the specific verification task for which it was shared.
3.4 Legal and Regulatory Disclosures
gd555 may disclose personal data to law enforcement agencies, financial intelligence units, or other government bodies if required to do so by a valid legal process, court order, or regulatory directive. In such cases, gd555 will disclose only the minimum data required to satisfy the legal obligation and will notify the affected player where permitted to do so by law.
No Third-Party Selling: gd555 will never sell, auction, broker, or otherwise transfer your personal data to advertising networks, data brokers, or unaffiliated commercial entities for their own marketing or profiling purposes. If you believe your data has been misused by a third party claiming a relationship with gd555, contact us immediately at [email protected].
4. Cookies & Tracking Technologies
gd555 uses cookies and similar tracking technologies to operate the platform efficiently, maintain your login session, prevent fraud, and understand how players navigate our website. This section explains what types of cookies we use and how you can manage them.
4.1 What Are Cookies?
Cookies are small text files placed on your device when you visit a website. They allow the website to recognise your device across multiple pages and across multiple visits. Cookies do not contain executable code and cannot access other files stored on your device.
4.2 Types of Cookies Used by gd555
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Maintain your login session, prevent CSRF attacks, enable core platform functions | Session / up to 24 hours |
| Functional | Remember your language preference, display settings, and notification choices | Up to 12 months |
| Analytics | Anonymised page-view and session analytics to improve platform UX | Up to 24 months |
| Security / Fraud Detection | Device fingerprinting signals used to detect multi-accounting and suspicious login patterns | Up to 12 months |
4.3 Managing Your Cookie Preferences
You may disable non-essential cookies through your browser settings at any time. Please note that disabling strictly necessary cookies will impair core gd555 functionality, including login session persistence. Most modern browsers (Chrome, Firefox, Edge, Safari) provide granular cookie controls accessible via Settings → Privacy or Settings → Security.
gd555 does not use cookies to serve third-party advertising, retargeting campaigns, or social media tracking pixels on its platform.
5. Data Retention
gd555 retains personal data for the minimum period necessary to fulfil the purpose for which it was collected, or as required by applicable law. The following retention schedule applies to the main categories of personal data we hold:
| Data Category | Retention Period | Reason for Retention |
|---|---|---|
| Account registration data | Duration of account + 5 years post-closure | AML regulatory obligation |
| KYC identity documents | Duration of account + 5 years post-closure | AML / legal obligation |
| Financial transaction records | 7 years from transaction date | Financial record-keeping requirements |
| Gameplay and betting logs | 3 years from session date | Dispute resolution, responsible gaming |
| Customer support communications | 3 years from last interaction | Quality assurance, dispute resolution |
| Self-exclusion records | Minimum 5 years from exclusion date | Responsible gaming compliance |
| Analytics data (anonymised) | Up to 24 months | Platform improvement (no personal identifiers) |
Once the applicable retention period expires, gd555 will securely delete or irreversibly anonymise the relevant data. Anonymised data — from which no individual can be identified — may be retained indefinitely for statistical and analytical purposes.
Right to Erasure: You may request deletion of your personal data before the end of the scheduled retention period. However, gd555 is legally required to retain certain records (particularly KYC and financial transaction data) for the statutory periods above, even following an account closure request. We will inform you of any data we are legally required to retain at the time you make an erasure request.
6. Data Security
Protecting the personal data of our players is a top priority at gd555. We implement a layered, defence-in-depth security architecture to minimise the risk of unauthorised access, accidental loss, or unlawful destruction of the data we hold. The key security measures in place include:
- Transport Layer Security (TLS 1.3): All data transmitted between your browser or device and the gd555 servers is encrypted using TLS 1.3, the current industry standard for secure web communications.
- Data Encryption at Rest: All personal data stored in gd555 databases is encrypted using AES-256 encryption. Database encryption keys are rotated on a scheduled basis and are held in a separate secure key management system.
- Password Hashing: Player passwords are never stored in plaintext. All passwords are stored as salted cryptographic hashes using a modern, computationally intensive hashing algorithm (bcrypt). Even in the event of a database breach, plaintext passwords cannot be recovered.
- Access Controls: Access to production systems and player personal data is restricted to authorised gd555 personnel on a strict need-to-know basis. All internal access is logged and subject to periodic audit.
- Intrusion Detection: gd555 deploys automated intrusion detection and anomaly monitoring systems that alert our security team to unusual access patterns, brute-force login attempts, and other threat indicators in real time.
- Penetration Testing: Our platform undergoes periodic security assessments to identify and remediate vulnerabilities before they can be exploited.
- Incident Response: In the event of a confirmed personal data breach that poses a risk to players, gd555 will notify affected individuals without undue delay and take all reasonable steps to contain and remediate the incident.
While gd555 implements robust technical and organisational security measures, no system connected to the internet can be guaranteed to be completely impenetrable. We strongly encourage all players to use a strong, unique password for their gd555 account, to enable two-factor authentication where available, and to contact us immediately if they suspect unauthorised access to their account.
7. Your Rights & Choices
As a gd555 player, you hold a number of rights in relation to the personal data we hold about you. gd555 is committed to honouring these rights promptly and transparently. To exercise any of the rights described below, please contact our privacy team at [email protected] with the subject line "Privacy Rights Request" and a description of your request. We will acknowledge your request within 5 business days and complete our response within 30 days.
7.1 Right of Access
You have the right to request a copy of all personal data gd555 holds about you. We will provide this in a structured, commonly used, machine-readable format (CSV or JSON) within 30 days of a verified request.
7.2 Right to Rectification
If any personal data we hold about you is inaccurate, incomplete, or out of date, you have the right to request that we correct it. You may update certain details (such as your email address or phone number) directly within your gd555 account settings. For changes to core identity data (such as your legal name or date of birth), we will require supporting documentation before making the update.
7.3 Right to Erasure
You may request that gd555 delete your personal data. We will fulfil erasure requests where the data is no longer necessary for the purpose for which it was collected, where you have withdrawn consent (and no other legal basis exists for continued processing), or where the data has been unlawfully processed. As noted in Section 5, certain data categories must be retained for statutory periods regardless of an erasure request.
7.4 Right to Restrict Processing
In certain circumstances — such as when you contest the accuracy of data we hold, or when you have objected to our processing and we are assessing the grounds — you may request that we restrict the processing of your personal data to storage only, pending resolution of the matter.
7.5 Right to Data Portability
Where data is processed on the basis of your consent or contractual necessity, and is processed by automated means, you have the right to receive that data in a portable format and to request that we transmit it directly to another service provider where technically feasible.
7.6 Right to Object
You have the right to object to the processing of your personal data where gd555 relies on legitimate interests as its legal basis. You also have an unconditional right to object to the processing of your data for direct marketing purposes at any time — no justification is required for a marketing opt-out.
7.7 Right to Withdraw Consent
Where gd555 processes your data on the basis of your explicit consent (for example, for marketing communications), you have the right to withdraw that consent at any time without affecting the lawfulness of prior processing. Withdrawal of consent can be actioned via your account settings or by contacting our support team.
Identity Verification for Privacy Requests: To protect the security of your data, gd555 will verify your identity before processing any privacy rights request. We may ask you to confirm certain account details or to provide a copy of a government-issued ID. We will not fulfil a request that we cannot verify, in order to prevent unauthorised access to another person's data.
8. Contact & Complaints
If you have any questions, concerns, or complaints about how gd555 handles your personal data, or if you wish to exercise any of the rights described in Section 7, please contact our privacy team using the details below. All communications must be in English.
Email our privacy team directly:
Subject line: "Privacy Rights Request"
Response time: within 5 business days (BST, UTC+6)
Our privacy and compliance team is reachable:
Monday – Friday, 09:00 – 22:00 BST
Urgent security matters: 24 hours a day, 7 days a week.
All times Bangladesh Standard Time (UTC+6).
8.1 Complaints Process
If you are dissatisfied with our response to a privacy concern or believe that gd555 has processed your personal data in a manner inconsistent with this Privacy Policy, you have the right to escalate your complaint. We ask that you first contact our privacy team directly to give us the opportunity to resolve the matter promptly and informally. We will acknowledge all formal complaints within 5 business days and provide a substantive response within 30 days.
If you remain unsatisfied following our response, you may wish to seek guidance from a relevant consumer protection body or data protection authority in your jurisdiction. gd555 cooperates fully with any legitimate regulatory enquiry concerning the privacy rights of our players.
8.2 Updates to This Privacy Policy
gd555 reserves the right to amend this Privacy Policy at any time to reflect changes in our data-processing practices, applicable law, or platform features. When material changes are made, we will notify active players by email and display a prominent notice on the gd555 website for a minimum of 30 days following the update. The "Last Updated" date at the top of this page will be revised each time a new version is published. Continued use of the gd555 platform after the effective date of any amendment constitutes your acceptance of the updated Privacy Policy. If you do not agree with the changes, you must discontinue use of the platform and may request account closure by contacting our support team.
8.3 Governing Language
This Privacy Policy is written in English, which is the governing language for all contractual and legal purposes between you and gd555. In the event of any inconsistency between an English version of this policy and any translated summary or excerpt, the English version shall prevail.
18+ Reminder: gd555 is an adult-only platform. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has registered an account on gd555, please contact us immediately at [email protected] so that we can take appropriate action, including account closure and secure deletion of all associated personal data.
Explore gd555 With Confidence
Your privacy is protected every step of the way. Now that you understand how we safeguard your data, dive into everything gd555 has to offer — from live cricket betting and premium slots to our full casino experience.