hibabee Privacy
Policy
Your privacy matters to hibabee. This Privacy Policy explains exactly what personal data we collect from players across Bangladesh, how that data is used, who it may be shared with, and the rights you hold over your own information. We encourage you to read this document carefully.
SSL-Encrypted Data Storage
All personal data stored by hibabee is protected using 256-bit SSL encryption. Our servers are secured against unauthorised access, and data is stored in a segregated environment that isolates player records from operational systems.
No Sale of Personal Data
hibabee does not sell, rent, or trade your personal data to any third party for commercial purposes. Data is shared only with essential service providers and only to the extent necessary to operate the platform and fulfil our legal obligations.
You Control Your Data
You have the right to access, correct, or request deletion of the personal data hibabee holds about you. Simply contact [email protected] with your registered account details and a description of your request. We will respond within 30 days.
Minimal Data Collection
hibabee collects only the data that is genuinely necessary to operate the platform, verify player identity, process payments, and meet our compliance obligations. We do not collect data speculatively or for undisclosed purposes.
No Marketing Without Consent
hibabee will only send you promotional messages, bonus notifications, and marketing emails if you have explicitly opted in. You can withdraw your marketing consent at any time through your account settings or by contacting our support team.
Clear Retention Periods
hibabee retains your personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable law. Once retention periods expire, data is securely deleted or anonymised.
Section 1
Introduction & Scope
This Privacy Policy is published by hibabee ("hibabee", "we", "us", "our"), the operator of the online casino and sports betting platform accessible at hibabee.app. This Policy applies to all personal data that hibabee collects, processes, stores, and shares in connection with the operation of the hibabee platform and its related services, including sports betting, casino games, slot titles, live casino tables, Teen Patti 20-20, and all financial and customer support interactions.
This Privacy Policy applies to all players and registered account holders who access the hibabee platform from Bangladesh and any other jurisdiction in which hibabee operates. It applies regardless of the device used to access the platform — desktop browser, mobile browser, or any other interface — and covers all interactions with the platform from the moment you first visit hibabee.app, whether or not you have registered an account.
This Privacy Policy should be read together with hibabee's Terms & Conditions and Responsible Gaming Policy, both of which are incorporated by reference. Where there is a conflict between this Privacy Policy and any other hibabee document, this Privacy Policy governs with respect to matters of personal data and privacy.
hibabee is committed to handling your personal data with transparency, fairness, and integrity. We collect the minimum data necessary to provide a safe, compliant, and enjoyable gambling experience. We do not collect data for undisclosed purposes and we do not engage in practices that we would not be comfortable disclosing to you directly.
If you have any questions about this Privacy Policy or about how hibabee handles your personal data, please contact our privacy team at [email protected]. All privacy-related enquiries will receive a response within 30 calendar days of receipt.
Section 2
Data We Collect
hibabee collects personal data from you directly (data you provide during registration and use of the platform), automatically (data generated by your use of the platform and collected via cookies and similar technologies), and from third parties (payment providers, identity verification services, and fraud prevention partners).
Data you provide directly:
- Registration data: Full legal name, date of birth, email address, mobile phone number (Bangladesh-registered), and a self-chosen username and password.
- Identity verification (KYC) documents: National Identity Card (NID) number, passport copy, date of birth, residential address, and in some cases a selfie photograph holding your identity document.
- Financial data: Your bKash, Nagad, Rocket, or Upay mobile wallet number; bank account details (account number, bank name, branch, routing number) for direct bank transfer withdrawals. hibabee does not store full card numbers for Visa or Mastercard payments; card data is handled exclusively by the relevant payment gateway provider.
- Communication data: Messages and attachments you send to our customer support team via email, live chat, or any other communication channel.
- Preferences and settings: Responsible gaming limits you set (deposit limits, loss limits, session time limits, self-exclusion elections), marketing communication preferences, and language preferences.
Data collected automatically:
- Device and technical data: IP address, device type, operating system, browser type and version, screen resolution, and unique device identifiers.
- Usage and behavioural data: Pages visited, games played, bets placed, wager amounts, session start and end times, click paths, search queries made within the platform, and the referring URL if you arrived via a link.
- Location data: Approximate geographic location derived from your IP address. hibabee does not access precise GPS location data.
- Transaction data: A full record of all deposits, withdrawals, bonus claims, wagers, wins, and losses associated with your hibabee account.
Data received from third parties:
- Payment providers: Confirmation of payment transactions from bKash, Nagad, Rocket, Upay, BRAC Bank, City Bank, Dutch-Bangla Bank, Islami Bank, and Sonali Bank, including transaction reference numbers and timestamps.
- Identity verification partners: Verification status results (pass/fail) and, where applicable, data matched against national identity records to confirm the accuracy of the information you provided during KYC.
- Fraud and risk partners: Risk scores, device fingerprint data, and flagging information from third-party fraud prevention services used to protect the integrity of the hibabee platform.
Section 3
How We Use Your Data
hibabee uses your personal data only for the specific purposes set out in this section. We do not use your data for any purpose that is incompatible with the purposes disclosed here without first obtaining your consent or as permitted by applicable law.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account creation and management | Registration data, device data | Contract performance |
| Identity verification (KYC) | KYC documents, NID data, address | Legal obligation |
| Processing deposits and withdrawals | Financial data, transaction data | Contract performance |
| Fraud prevention and security | IP address, device data, usage data, risk scores | Legitimate interests |
| Responsible gaming monitoring | Transaction data, usage data, behavioural data | Legal obligation + legitimate interests |
| Customer support | Communication data, account data | Contract performance |
| Marketing communications (opted-in only) | Email, mobile number, preferences | Consent |
| Platform analytics and improvement | Usage data, behavioural data, device data | Legitimate interests |
| Legal compliance and record-keeping | All categories as required | Legal obligation |
Automated decision-making: hibabee uses automated systems to assess certain account activities, including fraud detection, responsible gaming intervention triggers, and bonus eligibility checks. Where an automated decision has a significant effect on your account (for example, a temporary suspension triggered by a fraud risk score), you have the right to request human review of that decision by contacting [email protected].
Profiling: hibabee may analyse your gambling patterns to identify signs of problem gambling behaviour and to tailor responsible gaming interventions. This profiling is carried out in your interest and in fulfilment of our duty of care obligations. It does not result in discriminatory treatment.
Section 4
Data Sharing & Third Parties
hibabee does not sell or rent your personal data to any third party. We share your data only in the limited circumstances described below, and only with parties who are contractually required to handle your data securely and in accordance with this Privacy Policy.
Payment processors: To process your deposits and withdrawals, hibabee shares the minimum necessary financial identifiers with bKash, Nagad, Rocket (Dutch-Bangla Bank), Upay, BRAC Bank, City Bank, Islami Bank, and Sonali Bank. These providers receive only the data required to execute the specific transaction and are bound by their own data protection obligations under applicable financial regulations.
Identity verification providers: To fulfil our KYC obligations, hibabee shares identity document data with licensed identity verification service providers who verify the accuracy of the information against official records. These providers are contractually prohibited from using your data for any purpose other than identity verification on hibabee's behalf.
Game studio providers: When you play a game powered by a third-party studio — such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Ezugi, or Spribe — certain technical session data (session token, wager amount, game result) is shared with that studio's platform to facilitate the game round. These studios do not receive your personally identifiable registration data such as your full name, NID, or payment details.
Fraud prevention and security services: hibabee uses third-party fraud detection platforms to monitor for suspicious activity. These platforms may receive your IP address, device fingerprint data, and anonymised behavioural signals. They do not receive your full name, NID, or payment method details.
Legal and regulatory authorities: hibabee may disclose your personal data to competent authorities, law enforcement agencies, or regulatory bodies where required to do so by applicable law, court order, or regulatory direction. hibabee will notify you of such disclosures where legally permitted to do so.
Business transfers: In the event that hibabee or its business is acquired, merged with, or transferred to another entity, your personal data may be transferred as part of that transaction. You will be notified in advance of any such transfer and of any material changes to the privacy terms that apply to your data.
All third-party data processors engaged by hibabee are required to sign data processing agreements that impose obligations consistent with this Privacy Policy and applicable data protection law. hibabee conducts periodic reviews of its processor relationships to ensure ongoing compliance.
Section 5
Cookies & Tracking Technologies
hibabee uses cookies and similar tracking technologies to operate the platform, remember your preferences, analyse usage patterns, and (where you have consented) deliver relevant promotional content. Cookies are small text files placed on your device by your web browser when you visit hibabee.app.
Types of cookies used by hibabee:
| Cookie Type | Purpose | Can Be Disabled? |
|---|---|---|
| Strictly Necessary | Session management, login authentication, security tokens, fraud prevention flags. These cookies are essential for the platform to function and cannot be disabled without breaking core functionality. | No — essential |
| Functional | Remembering your language preference, display settings, responsible gaming limits you have set, and other personalisation choices. | Yes (with reduced functionality) |
| Analytical / Performance | Collecting anonymised data on how players navigate the platform — which pages are visited most, where users drop off, and overall session performance metrics. Used to improve the platform experience. | Yes |
| Marketing / Targeting | Tracking your interaction with hibabee promotional content so that we can deliver more relevant bonus offers and game recommendations based on your activity history. Activated only with your explicit consent. | Yes — consent required |
Managing cookies: You can control and manage cookies through your browser settings. Most modern browsers allow you to block all cookies, accept only first-party cookies, or delete existing cookies. Note that disabling strictly necessary cookies will prevent you from logging in and using core platform features. For guidance on managing cookies in your specific browser, refer to your browser's help documentation.
Local Storage and Session Storage: In addition to cookies, hibabee may use your browser's local storage and session storage to retain temporary data such as your current game session state and UI preferences. This data is stored on your device and is not transmitted to hibabee's servers except as part of normal platform operation.
Section 6
Data Retention
hibabee retains your personal data for as long as is necessary to fulfil the purposes for which it was collected, to maintain your active account relationship with us, and to comply with our legal and regulatory obligations. The retention periods below reflect our standard practice.
| Data Category | Retention Period | Reason |
|---|---|---|
| Account registration data | Duration of account + 5 years post-closure | Regulatory compliance, fraud prevention, dispute resolution |
| KYC identity documents | Duration of account + 5 years post-closure | Anti-money laundering (AML) legal obligation |
| Transaction records | Duration of account + 7 years post-closure | Financial record-keeping legal obligation |
| Betting and gaming history | Duration of account + 5 years post-closure | Dispute resolution, responsible gaming analysis |
| Customer support communications | 3 years from date of communication | Quality assurance, dispute resolution |
| Marketing preference records | Until consent is withdrawn + 3 years | Proof of consent compliance |
| Analytical / usage data | 26 months from collection | Platform improvement cycles |
Upon expiry of the applicable retention period, personal data is securely deleted from hibabee's active systems and any backup repositories according to a scheduled data purge cycle. Where complete deletion is not technically feasible (for example, in the case of encrypted backup archives), the data will be rendered permanently inaccessible until the relevant backup is overwritten or deleted in the ordinary course of our data management processes.
In certain circumstances, hibabee may be required to retain your data beyond the standard periods described above — for example, where your account is subject to an open investigation, a legal hold, or a dispute that has not been finally resolved. In such cases, the data will be retained until the matter is closed.
Section 7
Data Security
hibabee implements a comprehensive set of technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, destruction, alteration, or disclosure. Our security programme includes the following controls:
- Transport encryption: All data transmitted between your browser or device and hibabee's servers is encrypted using 256-bit SSL/TLS encryption. hibabee.app enforces HTTPS on all pages; connections to unencrypted HTTP are automatically redirected.
- At-rest encryption: Sensitive data fields — including identity document data, payment method identifiers, and password hashes — are encrypted at rest using industry-standard encryption algorithms. Passwords are stored as salted cryptographic hashes; hibabee staff cannot retrieve your plain-text password.
- Access controls: Access to systems containing personal data is restricted to hibabee personnel who require access for their specific job function. Access rights are reviewed periodically and revoked promptly when no longer required.
- Multi-factor authentication: Administrative access to hibabee's internal systems requires multi-factor authentication. Players are encouraged to use strong, unique passwords for their hibabee accounts.
- Penetration testing and vulnerability management: hibabee conducts periodic security assessments and penetration tests to identify and remediate vulnerabilities in the platform before they can be exploited.
- Incident response: hibabee maintains a data breach response procedure. In the event of a personal data breach that poses a risk to affected individuals, we will notify affected players without undue delay and take all reasonable steps to contain and remediate the breach.
While hibabee takes data security seriously and implements robust controls, no online platform can guarantee absolute security. You play an important role in keeping your data safe: please choose a strong, unique password for your hibabee account, do not share your credentials with any other person, and contact [email protected] immediately if you suspect unauthorised access to your account.
Section 8
Your Privacy Rights
As a hibabee player, you hold a number of rights in respect of the personal data we hold about you. hibabee is committed to honouring these rights promptly and without undue friction. To exercise any of the rights described below, contact [email protected], clearly stating your registered username, the right you wish to exercise, and any relevant details. We will respond within 30 calendar days of receiving your request.
Right of Access: You have the right to request a copy of the personal data that hibabee holds about you, together with information about how it is being used, who it has been shared with, and how long it will be retained.
Right to Rectification: If any of the personal data hibabee holds about you is inaccurate or incomplete, you have the right to request that it be corrected. You can update basic account information (such as your email address and mobile number) directly from within your account settings; for more sensitive corrections (such as corrections to KYC identity data), please contact the support team.
Right to Erasure ("Right to Be Forgotten"): You have the right to request that hibabee delete your personal data where it is no longer necessary for the purposes for which it was collected, where you have withdrawn consent (where consent was the legal basis), or where you object to processing and there are no overriding legitimate grounds. Please note that hibabee may be required by law to retain certain categories of data (particularly financial records and KYC documents) for defined periods even after an erasure request, as described in Section 6.
Right to Restrict Processing: You have the right to request that hibabee restricts the processing of your data in certain circumstances — for example, while you are contesting the accuracy of data we hold, or while an objection to processing is being considered.
Right to Data Portability: Where hibabee processes your data on the basis of your consent or in performance of a contract, you have the right to receive a copy of that data in a structured, commonly used, machine-readable format so that you can transfer it to another service provider.
Right to Object: You have the right to object to processing of your personal data where that processing is based on hibabee's legitimate interests. hibabee will cease processing unless it can demonstrate compelling legitimate grounds that override your interests. You have an absolute right to object to processing of your data for direct marketing purposes at any time.
Right to Withdraw Consent: Where hibabee processes your data on the basis of your consent (for example, marketing communications), you may withdraw that consent at any time by updating your preferences in your account settings or contacting [email protected]. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
Section 9
Children's Privacy
hibabee is strictly an 18+ platform. We do not knowingly collect, process, or store personal data belonging to any person under the age of 18. The hibabee platform is designed for and marketed exclusively to adults aged 18 and above.
If hibabee becomes aware that personal data has been collected from a person under 18 years of age — whether through our own detection, a report from a parent or guardian, or any other means — we will immediately suspend the relevant account, void all wagers and transactions associated with the account, and securely delete all personal data belonging to that individual from our systems as quickly as technically feasible.
If you are a parent or guardian and you believe that a person under 18 in your care has registered for a hibabee account or otherwise provided personal data to hibabee, please contact us immediately at [email protected]. We will investigate and take action promptly. Please include as much identifying information as possible (such as the username, email address, or mobile number used to register) to assist with our investigation.
hibabee strongly supports the use of parental controls and child-protection filtering software to prevent minors from accessing online gambling platforms. If you share a device with a minor, we recommend enabling device-level parental controls and never saving your hibabee login credentials in a shared browser profile.
Section 10
Policy Updates & Contact
Updates to this Policy: hibabee reviews and updates this Privacy Policy periodically to reflect changes in our data processing practices, changes in applicable law, and feedback from our player community. The effective date at the top of this page indicates when the current version was last revised.
Where changes to this Privacy Policy are material — for example, changes to the categories of data we collect, new third-party data sharing arrangements, or significant changes to your rights — hibabee will notify you via the email address registered to your account at least 14 days before the revised Policy takes effect. For minor or administrative changes (such as corrections of typographical errors or clarifications that do not change the substance of the Policy), the updated Policy will be published on this page without advance notice.
Continued use of the hibabee platform after the effective date of any revised Privacy Policy constitutes your acknowledgement of, and agreement to, the revised terms. If you do not agree with any revised terms, you should stop using the platform and contact [email protected] to request account closure.
Contact Information: For all privacy-related enquiries, data subject rights requests, questions about this Privacy Policy, or concerns about hibabee's data handling practices, please contact us at:
- Email: [email protected] (plain text — not a clickable link)
- Subject line: "Privacy Enquiry" or "Privacy Rights Request"
- Response time: Within 30 calendar days of receipt
All privacy correspondence should clearly state your registered hibabee username and a detailed description of your enquiry or request so that we can direct it to the correct team and respond efficiently.
Your Data, Your Control
Privacy Sorted — Now Enjoy the Platform
You now understand exactly how hibabee handles your personal data. Ready to explore everything the platform has to offer? From live cricket betting to premium slots and a full live casino experience — it's all waiting for you.