jiobat Privacy Policy — Your Data, Protected
At jiobat, protecting the personal data of our Bangladesh players is a core commitment — not an afterthought. This Privacy Policy explains exactly what information we collect, why we collect it, how it is used, and the controls you have over your own data.
Six Privacy Principles We Live By
Every data decision at jiobat is guided by these six core principles. They form the foundation of how we approach player privacy across all products and markets, including Bangladesh.
Purpose Limitation
We collect personal data only for the specific, clearly stated purposes described in this policy. We do not repurpose your data for unrelated activities, and we do not sell your personal information to third parties for advertising.
Data Minimisation
jiobat collects only the minimum amount of personal data necessary to deliver our services, verify your identity, process transactions, and comply with applicable legal obligations. We do not collect data speculatively.
Security by Design
All personal data transmitted to and from jiobat is protected using industry-standard TLS/SSL encryption. Sensitive data at rest — including identity documents, payment details, and account credentials — is stored using strong encryption protocols.
No Data Selling
jiobat will never sell, rent, or lease your personal data to any third-party organisation for commercial gain. Your information is used exclusively to operate your account and improve your jiobat experience.
Player Control
You have the right to access, correct, export, restrict, and — where applicable — request deletion of your personal data. These rights can be exercised at any time by contacting our support team at [email protected].
Full Transparency
We maintain a clear and honest record of what data we hold, why we hold it, and how long we retain it. This policy is written in plain, accessible English so that every jiobat player in Bangladesh can understand their privacy rights without legal expertise.
01 Information We Collect
jiobat collects personal data through several channels: directly from you when you register or use the platform, automatically through your interactions with our website and apps, and in limited cases from third-party service providers who assist us in delivering our services. The categories of data we collect are set out below.
Data You Provide Directly
When you create a jiobat account and use our platform, you provide us with information that is necessary to operate your account and comply with our legal obligations. This includes:
- Identity data: Full legal name, date of birth, gender, and nationality as provided during registration or identity verification.
- Contact data: Mobile phone number, email address, and residential address (required for account verification).
- Identity verification documents: Copies of your National Identity Card (NID), passport, or other government-issued documents submitted to verify your age and identity under our Know Your Customer (KYC) obligations.
- Financial data: Payment method identifiers (e.g., bKash account number, Nagad account number, Rocket number, card details). Note: jiobat does not store full card numbers — card data is handled directly by our PCI-DSS compliant payment processors.
- Account credentials: Your chosen username and encrypted password hash. jiobat never stores passwords in plain text.
- Communications: Content of messages sent to jiobat support via live chat or email, including the nature of your query and any supporting documentation you attach.
Data Collected Automatically
When you visit jiobat.net or use our platform, certain technical and behavioural data is collected automatically to ensure the platform functions correctly, to protect against fraud, and to improve your experience:
- Device and technical data: IP address, device type, operating system, browser type and version, screen resolution, and device identifiers.
- Usage data: Pages visited, time spent on each page, game sessions initiated and completed, bets placed, click-stream data, and navigation paths through the platform.
- Location data: General geographic location derived from your IP address (country and city level). jiobat does not collect precise GPS location data.
- Session data: Login timestamps, session duration, and logout events, used for security monitoring and responsible gaming features.
Data from Third Parties
In limited circumstances, jiobat may receive personal data about you from trusted third-party sources, including identity verification service providers (used to confirm the authenticity of KYC documents), payment processors (transaction confirmation and fraud signals), and fraud prevention databases where we are legally permitted to cross-reference reported fraudulent actors.
KYC Requirement: jiobat is obligated to verify the identity of all players prior to processing withdrawals above certain thresholds. This is a standard anti-money laundering (AML) requirement. Your identity documents are handled with the highest level of confidentiality and are never shared with unauthorised parties.
Summary of Data Categories
| Data Category | Examples | Collection Method |
|---|---|---|
| Identity | Full name, date of birth, NID number | Registration form & KYC submission |
| Contact | Email address, mobile number, postal address | Registration form |
| Financial | bKash / Nagad / Rocket identifiers, transaction records | Deposit & withdrawal requests |
| Technical | IP address, device type, browser version | Automatic (cookies & server logs) |
| Usage | Pages visited, games played, bets placed | Automatic (platform analytics) |
| Communications | Support chat transcripts, email correspondence | Direct submission via support channels |
02 How We Use Your Information
jiobat uses the personal data it collects only for lawful, specific, and clearly defined purposes. We will never use your data in ways that are incompatible with the purposes disclosed to you at the time of collection. The primary purposes for which jiobat processes personal data are as follows:
Account Management & Service Delivery
Your identity, contact, and financial data are used to create and manage your player account, verify your eligibility to use the platform (including age verification — jiobat is an 18+ service), process deposits and withdrawals in BDT, and deliver the betting, casino, and gaming products you have chosen to use. Without this data, jiobat cannot operate your account.
Legal & Regulatory Compliance
jiobat is required to process certain personal data to comply with applicable anti-money laundering (AML) regulations, Know Your Customer (KYC) obligations, responsible gaming requirements, and record-keeping obligations. This includes verifying your identity before processing withdrawals, monitoring account activity for signs of problem gambling, and maintaining transaction records for the legally required retention periods.
Fraud Prevention & Security
Technical and usage data — including IP addresses, device identifiers, and session logs — is used to detect and prevent fraudulent activity, unauthorised account access, multi-accounting, bonus abuse, and money laundering. This processing is necessary for the protection of jiobat and its player community, including you.
Customer Support
Communications data (support chat transcripts and email correspondence) is used exclusively to resolve your queries, investigate complaints, and improve the quality of jiobat's customer support service. Support interactions are retained for a defined period as described in the Data Retention section below.
Service Improvement & Analytics
Anonymised and aggregated usage data is analysed to understand how players interact with the jiobat platform, identify areas for improvement, optimise game performance and page load speeds, and develop new features. This analysis does not identify you personally — it works at the aggregate level only.
Responsible Gaming Monitoring
Session data and betting behaviour patterns are monitored to identify players who may be at risk of problem gambling. Where indicators are detected, jiobat may proactively reach out with responsible gaming information or apply account-level controls. This processing reflects jiobat's commitment to player welfare and is carried out in your legitimate interest.
No Automated Decision-Making: jiobat does not use fully automated decision-making processes that produce legal or similarly significant effects on individual players without the possibility of human review. Where automated systems flag an account for review, a member of the jiobat compliance or support team will conduct a manual assessment before any consequential action is taken.
03 Data Sharing & Third Parties
jiobat does not sell, rent, or trade your personal data to any third party for commercial purposes. We share data only in the limited circumstances described below, and only to the minimum extent necessary for the specified purpose.
Payment Service Providers
To process your deposits and withdrawals, jiobat must share relevant financial identifiers (such as your bKash, Nagad, or Rocket account number and transaction amounts) with the payment service providers that facilitate these transactions. These providers operate under their own privacy policies and are contractually obligated to handle your data securely and only for the purpose of processing your transaction.
Identity Verification Providers
jiobat uses third-party identity verification services to authenticate KYC documents submitted by players. These providers process your identity document data on our behalf under strict data processing agreements and are not permitted to retain or use your data for any purpose beyond identity verification.
Game Content Providers
Third-party game studios and software providers (such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi) may receive limited technical data — such as a session token and anonymised player identifier — necessary to deliver their game content through the jiobat platform. These providers do not receive your name, contact details, financial data, or identity documents.
Legal Disclosure
jiobat may be required to disclose personal data to law enforcement agencies, regulatory authorities, or courts of competent jurisdiction where we are legally compelled to do so. We will always seek to minimise the scope of any such disclosure and, where legally permissible, will notify the affected player of any such request.
Business Transfers
In the event of a merger, acquisition, restructuring, or sale of all or part of jiobat's business, player data may be transferred to the acquiring entity as part of that transaction. Any such transfer will be subject to the same privacy protections described in this policy, and affected players will be notified in advance where practicable.
No Third-Party Marketing: jiobat does not share your personal data with third-party advertisers, marketing agencies, data brokers, or social media platforms for profiling or targeted advertising purposes. Any promotional communications you receive will come directly from jiobat and only if you have opted in to marketing communications.
04 Cookies & Tracking Technologies
jiobat uses cookies and similar tracking technologies on its website and platform to ensure functionality, improve performance, maintain security, and — with your consent — to understand how you use the platform. The following describes the types of cookies we use and the purpose of each.
Strictly Necessary Cookies
These cookies are essential for the jiobat platform to function and cannot be disabled. They are set in response to actions you take, such as logging in, maintaining your session, and remembering your language preference. Without these cookies, services like account access and bet placement would not work correctly.
Performance & Analytics Cookies
These cookies collect anonymous, aggregated information about how visitors use jiobat — for example, which pages are visited most frequently and whether users encounter error messages. This data helps us improve the platform experience for all players. The information collected by these cookies does not identify you personally.
Functional Cookies
Functional cookies allow the jiobat platform to remember preferences and choices you have made — such as your preferred game category, table limits, or responsible gaming settings — to provide a more personalised and consistent experience across sessions.
Security Cookies
jiobat sets security cookies to help detect and prevent fraudulent activity, protect against cross-site request forgery (CSRF), and authenticate your session. These cookies are strictly necessary and cannot be opted out of while using the platform.
Managing Your Cookie Preferences
You may control non-essential cookies through your browser's cookie settings. Most modern browsers allow you to block, delete, or restrict specific categories of cookies. Please be aware that disabling certain cookies may affect the functionality of the jiobat platform. For detailed instructions on managing cookies in your specific browser, consult your browser's help documentation.
No Third-Party Ad Tracking: jiobat does not deploy third-party advertising cookies or cross-site tracking pixels on its platform. We do not participate in behavioural advertising networks or allow third-party trackers to build profiles based on your jiobat activity.
05 Data Security & Storage
jiobat implements a comprehensive set of technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures are reviewed and updated regularly in line with evolving security standards and threats.
Technical Security Measures
- TLS/SSL Encryption in Transit: All data transmitted between your browser or device and jiobat servers is encrypted using TLS 1.2 or higher. The connection is verified using a valid SSL certificate issued by a trusted certificate authority.
- Encryption at Rest: Sensitive personal data stored in jiobat databases — including identity document references, financial identifiers, and account credentials — is encrypted at rest using AES-256 or equivalent industry-standard encryption.
- Password Hashing: Account passwords are never stored in plain text. jiobat uses a strong, salted hashing algorithm (bcrypt or equivalent) so that even in the unlikely event of a data breach, plain-text passwords are not exposed.
- Access Controls: Access to personal data is restricted on a strict need-to-know basis. Internal jiobat staff can only access the data necessary to perform their specific role. Access is logged and audited.
- Two-Factor Authentication: jiobat supports OTP-based two-factor authentication for player accounts and enforces multi-factor authentication internally for all staff who access production systems.
Data Storage Locations
jiobat stores player data on servers located in secure, certified data centre facilities. Data is backed up regularly to protect against accidental loss. Backup data is subject to the same encryption and access control standards as primary data.
Security Breach Response
In the event of a personal data breach that poses a risk to your rights and freedoms, jiobat will assess the breach promptly, take immediate containment steps, and notify affected players without undue delay. Notifications will be sent to the email address registered to your account and will describe the nature of the breach, the data affected, the steps jiobat has taken, and any recommended actions you should take to protect yourself.
Your Role in Security: While jiobat takes extensive technical measures to protect your data, you also play an important role. Use a strong, unique password for your jiobat account, enable two-factor authentication, and never share your login credentials. If you suspect your account has been compromised, contact [email protected] immediately.
06 Your Privacy Rights
As a jiobat player, you have meaningful rights over your personal data. These rights can be exercised at any time by contacting our support team at [email protected]. jiobat will respond to all valid data rights requests within 30 days of receipt. In complex cases, we may extend this period by a further 30 days, in which case we will notify you of the extension and the reason for it.
Right of Access
You have the right to request a copy of the personal data that jiobat holds about you, along with information about how it is being used. This is sometimes referred to as a Subject Access Request (SAR). We will provide this information in a structured, commonly used, machine-readable format where technically feasible.
Right to Rectification
If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected. Many data fields (such as contact email and mobile number) can be updated directly through your account settings. For identity data requiring KYC re-verification, please contact our support team.
Right to Erasure
You may request that jiobat delete your personal data where it is no longer necessary for the purposes for which it was collected, where you withdraw consent (where processing was consent-based), or where you object to processing and there is no overriding legitimate interest. Please note that jiobat is legally required to retain certain transaction and identity records for defined periods (see Data Retention below), which may limit the scope of erasure requests for active or recently closed accounts.
Right to Restriction
You have the right to request that jiobat restrict the processing of your personal data in certain circumstances — for example, while the accuracy of data you have contested is being verified, or where you have objected to processing and a determination is pending.
Right to Data Portability
Where personal data is processed on the basis of your consent or for the performance of a contract, you have the right to receive that data in a structured, commonly used, machine-readable format, and to transmit it to another service provider where technically feasible.
Right to Object
You have the right to object to the processing of your personal data for purposes based on jiobat's legitimate interests, including processing for responsible gaming monitoring or platform analytics. Where a valid objection is raised, jiobat will cease the relevant processing unless it can demonstrate compelling legitimate grounds that override your interests.
How to Exercise Your Rights: To submit any data rights request, send an email to [email protected] with the subject line "Data Rights Request" and a description of the right you wish to exercise. We may need to verify your identity before processing the request to ensure that data is not disclosed to the wrong person.
07 Data Retention Policy
jiobat retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable law. The following retention periods apply to the principal categories of player data:
| Data Category | Retention Period | Basis for Retention |
|---|---|---|
| Account & Identity Data | Duration of account + 5 years after closure | AML / KYC legal obligation |
| Financial Transaction Records | 7 years from transaction date | Financial record-keeping legal obligation |
| Identity Verification Documents | 5 years after account closure | AML regulatory requirement |
| Betting & Gaming History | 5 years from the date of each transaction | Regulatory compliance & dispute resolution |
| Support Communications | 3 years from date of communication | Dispute resolution & service improvement |
| Technical / Log Data | 13 months from collection | Security monitoring & fraud prevention |
| Marketing Preferences | Until opt-out + 1 year | Consent record-keeping |
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised such that it can no longer be attributed to an individual player. Anonymised aggregate data (which cannot identify you) may be retained indefinitely for statistical and business analysis purposes.
08 Changes to This Policy
jiobat may update this Privacy Policy periodically to reflect changes in our data processing practices, to comply with new legal or regulatory requirements, or to incorporate improvements to our data governance framework. The date of the most recent revision is always displayed at the top of this document.
Where changes are material — that is, where they significantly affect how we process your personal data, reduce your rights, or introduce new data sharing arrangements — jiobat will provide at least 14 days' advance notice by sending an email to your registered address and displaying a prominent notice on the jiobat platform. Your continued use of jiobat following the effective date of a revised policy constitutes your acceptance of the revised terms.
We encourage you to review this Privacy Policy periodically. If you have questions about this policy or about how jiobat handles your personal data, please contact our support team at [email protected]. Our team is available 24/7 via live chat and responds to email queries within 1 hour during Bangladesh Standard Time (BST, UTC+6) peak hours.
Contact for Privacy Queries: For any question, concern, or complaint relating to this Privacy Policy or to jiobat's handling of your personal data, please write to [email protected] with the subject line "Privacy Enquiry". We are committed to resolving all privacy-related concerns promptly, fairly, and transparently.
Questions About Your Data? We Are Here to Help
Our support team is available around the clock. Explore our FAQ for quick answers, or log in to your jiobat account to review your privacy and communication preferences directly. 18+ only. Please gamble responsibly.