Privacy Policy
At 35nd, we take the privacy and security of your personal data seriously. This Privacy Policy explains exactly what information we collect when you use our platform, how we use and store it, who we may share it with, and what rights you hold over your own data. We are committed to handling your information with transparency and care.
Privacy at a Glance
- We collect only the data necessary to operate your account and comply with legal obligations.
- We do not sell, rent, or trade your personal data to any third party for their own marketing purposes.
- Your data is protected by SSL encryption in transit and secured storage at rest.
- You have the right to access, correct, or request deletion of your personal data at any time.
- Cookies are used to personalise your experience and are explained fully in the Cookies section below.
- Data submitted during KYC verification is handled under strict confidentiality protocols.
- Any material changes to this policy will be communicated to registered players before taking effect.
Scope of This Policy: This Privacy Policy applies to all personal data processed by 35nd in connection with the operation of the platform at https://35nd.app, including data collected through account registration, gameplay activity, payment processing, customer support interactions, and marketing communications. By registering an account or continuing to use 35nd, you acknowledge that you have read and understood this Privacy Policy.
Information We Collect
The categories of personal data 35nd collects and the sources from which it is obtained
35nd collects personal data through several channels: directly from you when you register an account, use our services, or contact support; automatically through your interactions with our platform (such as gameplay logs, session data, and device information); and from third-party service providers such as payment processors and identity verification partners. We collect only the minimum data necessary for each identified purpose.
The following table summarises the main categories of personal data we collect and the primary reason for collecting each category:
| Data Category | Examples | Primary Purpose |
|---|---|---|
| Identity Data | Full legal name, date of birth, national ID number, passport number | Account registration, KYC verification, age verification (18+) |
| Contact Data | Email address, mobile phone number, residential address | Account communications, support, withdrawal notifications |
| Financial Data | bKash / Nagad / Rocket wallet numbers, bank account details, transaction history | Processing deposits and withdrawals, fraud prevention, AML compliance |
| Technical Data | IP address, device type, browser type, operating system, session tokens | Security monitoring, fraud detection, platform optimisation |
| Usage Data | Games played, wagers placed, betting history, login timestamps, session duration | Responsible gaming monitoring, account management, personalisation |
| Marketing Preferences | Opt-in/opt-out status, preferred communication channel, campaign interaction history | Sending promotional communications where consent is given |
| Support Data | Chat transcripts, email correspondence, complaint records | Resolving disputes, improving support quality, audit trail |
| KYC Documents | Scanned copies of NID, passport, utility bills, bank statements | Identity verification, age confirmation, source-of-funds checks |
We do not intentionally collect sensitive personal data beyond what is required for KYC and AML obligations. We do not collect data from individuals we know to be under the age of 18. If we become aware that data belonging to an underage individual has been submitted to 35nd, that data will be deleted promptly and the associated account closed. If you believe a minor has submitted personal data to 35nd, please contact us immediately at [email protected].
Identity & KYC Data
Collected to verify your identity and confirm you meet the 18+ age requirement. Documents are handled under strict confidentiality protocols and never shared for marketing purposes.
Payment Data
Financial data including bKash, Nagad, Rocket, and bank account details is collected solely to process transactions and comply with anti-money laundering requirements.
Usage & Gameplay Data
Gameplay history and session data help us monitor responsible gaming patterns, personalise your experience, and maintain platform integrity.
How We Use Your Data
The specific purposes for which 35nd processes your personal information
35nd processes your personal data only for clearly defined, lawful purposes. We do not use your data in ways that are incompatible with the purpose for which it was originally collected. The following sets out the primary purposes for which we use each category of data and the legal basis that justifies that processing.
- Account Registration and Management: We use your identity and contact data to create and maintain your 35nd account, verify your eligibility, enforce the one-account-per-person policy, and communicate important account-related notices to you.
- Payment Processing: Financial data is used to execute deposit and withdrawal transactions via your chosen payment method (bKash, Nagad, Rocket, Upay, or bank transfer), to reconcile accounts, and to detect fraudulent or suspicious transactions.
- Identity Verification (KYC/AML): We are required to verify the identity of players prior to processing significant withdrawals and on an ongoing basis where risk indicators are present. KYC document data is used solely for this verification purpose and for compliance with applicable anti-money laundering standards.
- Responsible Gaming: Usage and gameplay data is monitored to identify patterns that may indicate problem gambling behaviour. Where such patterns are detected, 35nd may take proactive steps including displaying responsible gaming notifications, imposing cooling-off periods, or contacting the player directly.
- Security and Fraud Prevention: Technical data including IP addresses, device fingerprints, and session tokens is used to detect unauthorised account access, identify multi-accounting, and protect the integrity of the platform and all players on it.
- Customer Support: Support data (chat transcripts, email records) is retained to manage your enquiries and complaints, to train support staff, and to maintain an audit trail for dispute resolution purposes.
- Marketing Communications: Where you have given explicit consent, we may use your contact data and marketing preferences to send you promotional offers, bonus announcements, and seasonal campaign communications relevant to your interests (e.g., BPL cricket promotions, Eid bonus offers). You may withdraw your marketing consent at any time by contacting [email protected].
- Platform Improvement: Aggregated and anonymised usage data is used to analyse platform performance, improve game offerings, and enhance the overall player experience. This data is not linked to any individual player.
- Legal Compliance: Where required by applicable law or a lawful authority, we may process and disclose your data to fulfil regulatory obligations, respond to lawful requests, or enforce our Terms & Conditions.
35nd does not use automated decision-making processes that produce legal or similarly significant effects on players without human review. Where automated tools flag an account for investigation (e.g., for suspected fraud or multi-accounting), a qualified member of the 35nd compliance team reviews the case before any enforcement action is taken.
Marketing Opt-Out: If you no longer wish to receive promotional communications from 35nd, you can withdraw your consent at any time by emailing [email protected] with the subject line "Marketing Opt-Out". We will process your request within 5 business days. Please note that opting out of marketing does not affect transactional communications (e.g., deposit confirmations, withdrawal notifications, account security alerts) — these are sent regardless of marketing preference as they are essential to the operation of your account.
Data Sharing & Third Parties
Who 35nd shares your data with and under what conditions
35nd does not sell, rent, or trade your personal data to any third party for their own commercial or marketing purposes. We share your data only where it is strictly necessary to deliver our services, fulfil a legal obligation, or protect the safety and integrity of the platform. The categories of third parties with whom we may share data are limited to the following:
- Payment Service Providers: bKash, Nagad, Rocket (Dutch-Bangla Bank), Upay, BRAC Bank, City Bank, Islami Bank, Sonali Bank, and card networks (Visa, Mastercard) receive the minimum financial data required to process your transactions. These providers operate under their own privacy policies and applicable financial regulations.
- Identity Verification Partners: Third-party KYC and AML screening services may receive identity document data and biographical information for the purpose of verifying your identity and screening against sanctions and watchlists. These partners are contractually bound to use your data only for the agreed verification purpose.
- Game Content Providers: Game studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi may receive a pseudonymous player identifier and session token to deliver game content. They do not receive your name, contact details, or financial information.
- IT Infrastructure and Cloud Service Providers: Data storage, hosting, and security services are provided by third-party infrastructure partners. These providers operate as data processors under binding data processing agreements that restrict them to processing your data solely on 35nd's instructions.
- Legal and Regulatory Authorities: Where required by applicable law, court order, or a lawful request from a competent regulatory or law enforcement authority, 35nd may disclose personal data. We will notify affected players of such disclosures where permitted to do so by law.
- Professional Advisers: Lawyers, auditors, and compliance consultants who assist 35nd in operating the business may have access to personal data under strict confidentiality obligations.
When 35nd engages any data processor, we ensure that appropriate contractual safeguards are in place to protect your data. We require all third-party processors to maintain security standards consistent with or exceeding those applied by 35nd, and to process your data only for the specific purpose for which it was shared.
No Data Selling
Your personal data is never sold, rented, or traded to any third party for their own commercial use — under any circumstances.
Payment Partners Only
Financial data is shared exclusively with your chosen payment provider (bKash, Nagad, Rocket, etc.) to execute your transaction — nothing more.
Processor Agreements
All third-party processors are bound by data processing agreements limiting how they may use your data. We audit compliance regularly.
Legal Disclosure Only
Data may be disclosed to authorities only under a lawful order or applicable regulatory obligation. We notify players where legally permitted.
Cookies & Tracking Technologies
How 35nd uses cookies, what types are deployed, and how you can manage them
35nd uses cookies and similar tracking technologies on the platform to deliver a functional, personalised, and secure user experience. A cookie is a small text file that is stored on your device when you visit a website. Cookies allow the platform to recognise your browser, remember your preferences, maintain your session, and collect anonymised analytics about how the platform is used.
The following categories of cookies are used on the 35nd platform:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Essential for the platform to function. These include session authentication tokens, CSRF protection, and load-balancing cookies. Cannot be disabled without breaking core platform functionality. | Session / Up to 24 hours |
| Functional | Remember your preferences such as language settings, previously viewed games, and responsible gaming tool configurations to improve your experience across sessions. | Up to 90 days |
| Analytics | Collect anonymised data on how players navigate the platform, which games are most popular, and where users encounter friction. Used exclusively to improve platform design and performance. | Up to 12 months |
| Security | Help detect fraud, identify suspicious login patterns, and flag multi-accounting behaviour by recording device characteristics and session metadata alongside your account activity. | Up to 30 days |
You may control cookies through your browser settings. Most modern browsers allow you to view, delete, and block cookies from specific websites. Please note that disabling strictly necessary cookies will impair your ability to log in and use core platform features. Disabling functional or analytics cookies will not prevent you from using 35nd but may result in a less personalised experience.
35nd does not use advertising or cross-site tracking cookies. We do not participate in behavioural advertising networks, and we do not share cookie data with advertising platforms or social media networks.
Data Security & Storage
The technical and organisational measures 35nd uses to protect your personal data
35nd implements a range of technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures are reviewed and updated on a regular basis to reflect evolving best practices in information security.
Key security measures applied to personal data on the 35nd platform include:
- SSL/TLS Encryption in Transit: All data exchanged between your browser and the 35nd platform is encrypted using industry-standard SSL/TLS protocols. This protects your login credentials, payment data, and personal information from interception during transmission.
- Encryption at Rest: Sensitive data fields — including identity document data, financial details, and authentication credentials — are encrypted at rest in our databases using AES-256 encryption or equivalent standards.
- Access Controls: Access to personal data within 35nd's systems is restricted on a need-to-know basis. Staff members are granted the minimum level of data access required to perform their role. Access to KYC and financial data is limited to authorised compliance and payments personnel.
- Two-Factor Authentication: 35nd offers two-factor authentication (2FA) to all players to protect against unauthorised account access. Internal staff accounts with access to player data require 2FA as a mandatory security control.
- Security Monitoring: Automated systems monitor the platform for unusual access patterns, login anomalies, and potential data breach indicators on a continuous basis. Security incidents are investigated and responded to promptly by the 35nd security team.
- Third-Party Security Audits: 35nd engages independent security professionals to conduct periodic assessments of our infrastructure, application code, and data handling practices to identify and remediate vulnerabilities.
Despite these measures, no online platform can guarantee absolute security. In the unlikely event of a data breach that poses a risk to your rights and freedoms, 35nd will notify affected players without undue delay and take all reasonable steps to contain and remediate the breach. If you discover a potential security vulnerability on the 35nd platform, please report it responsibly to [email protected] rather than exploiting it.
Protect Your Own Account: 35nd will never ask for your password via email, live chat, or any other channel. Do not share your login credentials with anyone. If you receive a message claiming to be from 35nd and asking for your password, treat it as fraudulent and report it to [email protected] immediately. Enable two-factor authentication from your account settings to add an extra layer of protection.
Your Privacy Rights
The rights you hold over your personal data and how to exercise them
35nd respects your right to control your own personal data. As a player on the 35nd platform, you hold the following rights in relation to the personal data we hold about you. To exercise any of these rights, contact our support team at [email protected] with the subject line "Privacy Rights Request". We will acknowledge your request within 5 business days and complete it within 30 calendar days unless an extension is required, in which case we will notify you.
Right of Access
You may request a copy of all personal data 35nd holds about you, including transaction history, gameplay records, and KYC documents submitted.
Right to Rectification
If any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct it without undue delay.
Right to Erasure
You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to our legal retention obligations.
Right to Restriction
You may request that we restrict processing of your data in certain circumstances — for example, while a rectification request is being evaluated.
Right to Portability
Where technically feasible, you may request that we provide your personal data in a structured, machine-readable format so you can transfer it elsewhere.
Right to Object
You may object to processing based on legitimate interests — in particular, you have an absolute right to object to direct marketing at any time.
Please note that certain rights — in particular the right to erasure — may be limited where 35nd is required to retain data to fulfil a legal obligation, such as transaction records for AML compliance or account history for dispute resolution. In such cases, we will explain the limitation clearly in our response to your request.
Data Retention Policy
How long 35nd keeps different categories of your personal data
35nd retains your personal data only for as long as it is necessary for the purpose for which it was collected, or as required by applicable law. The following retention periods apply to the main categories of data we hold:
| Data Category | Retention Period | Basis for Retention |
|---|---|---|
| Account Registration Data | Duration of account plus 5 years after closure | Legal and regulatory compliance, dispute resolution |
| KYC / Identity Documents | 5 years from the date of verification or account closure | Anti-money laundering compliance obligations |
| Financial Transaction Records | 5 years from the transaction date | Financial record-keeping and AML obligations |
| Gameplay and Betting History | 3 years from the date of each session | Responsible gaming monitoring, dispute resolution |
| Customer Support Records | 3 years from the date of the interaction | Dispute resolution, service quality audit |
| Marketing Preferences | Until consent is withdrawn, plus 1 year | Consent record maintenance |
| Technical / Security Logs | 12 months from collection | Security incident investigation, fraud detection |
When personal data reaches the end of its applicable retention period, it is securely deleted or anonymised so that it can no longer be attributed to any individual player. Anonymised, aggregated data (which cannot be used to identify any individual) may be retained indefinitely for statistical and analytical purposes.
If you request account closure, your real-money balance will be returned via your verified payment method and your active account access will be removed immediately. However, the underlying data records listed above will be retained for the periods specified in the table, as required by our legal and regulatory obligations. This is not optional — regulatory requirements mandate these minimum retention periods regardless of a player's preference.
Policy Updates & Contact
How we notify you of changes to this Privacy Policy and how to get in touch
35nd reviews this Privacy Policy periodically and may update it to reflect changes in how we process personal data, changes in applicable law, or improvements to our privacy practices. The date at the top of this document indicates when the current version was last updated.
Where a proposed change is material — meaning it significantly affects how we collect or use your personal data, or reduces your privacy rights in any way — we will notify all registered players via email at least 14 days before the change takes effect. For minor or clarificatory changes that do not materially affect your rights, we will update the policy and note the revision date without individual notification. The most current version of this Privacy Policy is always available at https://35nd.app/privacy-policy.
Continued use of the 35nd platform after any updated Privacy Policy takes effect constitutes your acknowledgment of the revised policy. If you do not agree with a material change, you may request account closure before the change takes effect by contacting [email protected].
Contact Us About Privacy
If you have any questions, concerns, or complaints about how 35nd handles your personal data — or if you wish to exercise any of the privacy rights described in this policy — please contact our support team. We are committed to addressing all privacy-related enquiries promptly and transparently.
Support Email: [email protected]
Support Hours: 24/7
Response Language: English
Time Zone: Bangladesh Standard Time (UTC+6)
Please use the subject line "Privacy Enquiry" or "Privacy Rights Request" so our team can route your message to the appropriate handler without delay. We aim to acknowledge all privacy-related contacts within 2 business days and to resolve them fully within 30 calendar days.
Governing Language: This Privacy Policy is published and maintained in English. In the event that any translation is made available for informational purposes, the English version is the authoritative and legally binding text. Any discrepancy between a translated version and the English original shall be resolved in favour of the English text.
Privacy Requests
Send all data access, rectification, erasure, and objection requests to [email protected]. We respond within 2 business days and resolve within 30 calendar days.
Change Notifications
Material updates to this Privacy Policy are emailed to all registered players at least 14 days in advance. Minor clarifications are noted in the revision date only.
Always Up to Date
The latest version of this Privacy Policy is always available at https://35nd.app/privacy-policy. Bookmark this page to stay informed of any updates.
Ready to Play at 35nd?
Now that you understand how 35nd protects your personal data, explore everything the platform has to offer — from live cricket betting on BPL and T20 fixtures to hundreds of slot titles from Pragmatic Play, NetEnt, and Microgaming. Deposits and withdrawals via bKash, Nagad, and Rocket are fast and secure. 18+ only.
Cricket Betting
BPL, T20, IPL and more — live odds updated in real time.
Slot Games
Hundreds of titles from the world's top studios.