Data Protection · Privacy Rights · Secure Processing
ceo bat Privacy
Policy & Data Rights
Your privacy matters to ceo bat. This Privacy Policy explains what personal data we collect when you use our platform, why we collect it, how it is stored and protected, who we may share it with, and what rights you have over your own information. We are committed to handling your data with transparency, care, and security.
Privacy at a Glance
Our Core Privacy Commitments
Before diving into the full policy detail, here is a summary of the six key principles that govern how ceo bat handles your personal data.
Data Minimisation
ceo bat collects only the personal data that is strictly necessary to operate your account, process transactions, verify your identity, and comply with applicable obligations. We do not collect data speculatively or beyond what is needed.
Security First
All data stored by ceo bat is protected using industry-standard 256-bit SSL encryption in transit and AES-256 encryption at rest. Our servers are access-controlled, monitored 24/7, and subject to regular independent security audits.
No Unauthorised Sale of Data
ceo bat does not sell, rent, or trade your personal data to third-party marketing organisations. Data shared with partners is limited to what is operationally necessary and governed by strict data processing agreements.
Purpose Limitation
Data collected for one purpose — such as account registration — is not repurposed for an unrelated activity without your explicit consent. Every data collection point on ceo bat has a clearly defined and documented purpose.
Your Rights Are Real
You have the right to access, correct, export, or request deletion of your personal data at any time. ceo bat provides a clear process for exercising these rights via 24/7 live chat or written request to our support email.
Transparency
This Privacy Policy is written in plain English and kept up to date. When we make material changes to how we handle your data, we will notify registered players by email or in-platform notification before the change takes effect.
Section 1
Information We Collect
When you use ceo bat, we collect several categories of personal data depending on how you interact with the platform. The following describes each category in detail, including the source of the data and whether its provision is mandatory or voluntary.
Account Registration Data
When you create a ceo bat account, you are required to provide: your full legal name, date of birth, email address, mobile phone number (used for SMS authentication and payment method verification), and your preferred payment method details (bKash or Nagad mobile number, or bank account reference). This data is mandatory for account creation — without it, we cannot open or maintain an account for you. You may also optionally provide your city of residence (e.g., Dhaka, Chittagong, Sylhet, Khulna, or other Bangladeshi cities) to help us personalise promotional offers relevant to your region.
Identity Verification (KYC) Data
As part of our Know Your Customer (KYC) process, we may request copies of identity documents to verify your age and identity. Accepted documents include your National Identity Card (NID), passport, or birth certificate. For address verification, we may request a recent utility bill or bank statement. KYC documents are processed securely and stored in an encrypted document management system with strict access controls. They are retained only for as long as legally required and are never shared with third parties except as required by law or regulatory instruction.
Transaction and Financial Data
We record all deposit and withdrawal transactions processed through your ceo bat account, including the amount, date and time (Bangladesh Standard Time, UTC+6), payment method used, and transaction reference numbers. We do not store full bank account numbers or complete mobile money PINs — only masked references sufficient to identify the payment source for reconciliation and fraud prevention purposes.
Gameplay and Betting Data
We collect data about your activity on the ceo bat platform, including the games you play, bet amounts and outcomes, session start and end times, and your betting history across casino and sports markets. This data is used for account management, dispute resolution, fraud detection, responsible gaming monitoring, and to improve our platform and product offering.
Device and Technical Data
When you access ceo bat, our systems automatically collect certain technical information about your device and connection, including your IP address, browser type and version, operating system, device type (mobile, tablet, desktop), screen resolution, and approximate geographic location derived from your IP address. This data is collected for security monitoring, fraud prevention, and platform optimisation purposes.
Communications Data
If you contact ceo bat's customer support team via live chat or email, we retain a record of that communication, including the content of messages exchanged and any attachments provided. This is used to resolve your query, improve our support quality, and maintain a record of dispute correspondence where relevant.
Clause 1.1 — Children's Data
ceo bat does not knowingly collect personal data from any person under the age of 18. If we become aware that an account has been registered by a person under 18, that account will be immediately closed and all associated data will be deleted, except where retention is required by law or for fraud investigation purposes.
Why We Need Your Data: ceo bat operates in a regulated environment where identity verification, fraud prevention, and responsible gaming monitoring are operational necessities, not optional extras. The data we collect is the minimum required to run a safe, compliant platform.
Mobile Number Required: Your bKash or Nagad mobile number is used both for payment processing and as a secondary authentication factor. Keeping this number accurate in your account settings ensures you can always recover access and receive payouts without delay.
KYC Documents Secured: Identity documents submitted for KYC verification are stored in an isolated, access-controlled encrypted vault. They are never visible to general customer service agents and are only accessed by authorised compliance personnel.
Section 2
How We Use Your Data
ceo bat uses the personal data we collect for specific, documented purposes. We do not use your data for any purpose that was not reasonably foreseeable at the time of collection, and we do not use it in ways that are incompatible with the purpose for which it was originally gathered.
Account Management and Service Delivery
The primary use of your data is to operate and maintain your ceo bat account: processing registrations, authenticating logins, managing deposits and withdrawals, crediting bonuses, settling bets, and providing customer support. Without this processing, we cannot deliver the ceo bat service to you.
Identity Verification and KYC Compliance
We use your registration data and KYC documents to verify that you are who you say you are, that you meet the 18+ age requirement, and that you are not a person who has been flagged or excluded from gambling services. This processing is a legal and operational requirement and cannot be opted out of.
Fraud Prevention and Security
Your transaction data, device data, and gameplay activity are analysed by ceo bat's automated fraud detection systems to identify patterns consistent with money laundering, bonus abuse, multi-accounting, identity fraud, and other prohibited activities. Suspicious activity may be flagged for manual review by our compliance team. Where fraud is confirmed, data may be shared with relevant law enforcement or financial crime authorities.
Responsible Gaming Monitoring
ceo bat uses your deposit frequency, bet volume, session length, and gameplay patterns to monitor for signs of problem gambling behaviour. Where our systems detect patterns that may indicate a player is experiencing difficulties — such as rapid escalation in deposit amounts, very long sessions, or unusual betting patterns following a significant loss — our responsible gaming team may reach out proactively. Visit our Responsible Gaming page for full details on the support tools available to you.
Marketing and Promotions
With your consent, ceo bat may use your contact details and preference data to send you information about promotions, bonuses, seasonal offers (such as Eid specials or BPL season promotions), and new game releases that we believe may be of interest to you. You may withdraw your marketing consent at any time from your Account Settings or by contacting our support team, without affecting the lawfulness of processing carried out before withdrawal.
Platform Analytics and Improvement
Aggregated and anonymised gameplay and navigation data is used to analyse how players use the ceo bat platform, identify popular features and games, troubleshoot technical issues, and make improvements to our user interface and product range. This processing uses anonymised data and does not allow us to identify individual players.
Clause 2.1 — No Automated Decision-Making with Legal Effect
ceo bat does not use fully automated decision-making processes that produce legal or similarly significant effects on individual players without human review. Automated flags (e.g., fraud alerts, bonus abuse flags) are reviewed by a human compliance officer before any account action is taken.
Clause 2.2 — Marketing Opt-Out
You may opt out of all marketing communications from ceo bat at any time by updating your communication preferences in Account Settings, or by requesting opt-out via 24/7 live chat. Opt-out requests are processed within 48 hours. Operational communications (e.g., account security alerts, withdrawal confirmations) are not affected by marketing opt-out.
Analytics Are Anonymised: When ceo bat analyses platform usage for improvement purposes, individual player identities are removed from the dataset. Aggregate statistics (e.g., "40% of players prefer cricket markets") cannot be used to identify any individual player.
Easy Marketing Opt-Out: Unwanted promotional emails or SMS messages? Log into your account, go to Account Settings > Communications, and toggle off the marketing channels you no longer want. Changes take effect within 48 hours.
Section 3
Legal Basis for Processing
ceo bat processes your personal data under one of the following legal bases. The applicable basis depends on the type of data and the purpose for which it is processed.
| Processing Activity | Legal Basis | Notes |
|---|---|---|
| Account registration and management | Contract performance | Necessary to deliver the ceo bat service under our Terms & Conditions |
| Identity verification (KYC) | Legal obligation | Required to meet age verification and anti-money-laundering obligations |
| Payment processing (bKash, Nagad, bank) | Contract performance | Necessary to process deposits and withdrawals as agreed at account opening |
| Fraud detection and security monitoring | Legitimate interests | Protecting ceo bat and its players from financial crime and platform abuse |
| Responsible gaming monitoring | Legitimate interests / Legal obligation | Player welfare monitoring and duty of care obligations |
| Marketing communications | Consent | Only where you have actively opted in; freely withdrawable at any time |
| Platform analytics (anonymised) | Legitimate interests | Improving platform quality using anonymised aggregate data |
| Customer support records | Legitimate interests / Contract performance | Resolving disputes and maintaining quality of service |
Section 5
Data Sharing & Third Parties
ceo bat does not sell or rent your personal data to any third party. We may share specific, limited data with trusted partners and service providers who assist us in operating the platform, as described below. All third parties with whom we share data are required to process it in accordance with this Privacy Policy and applicable data protection law, and are bound by written data processing agreements.
Payment Service Providers
To process your deposits and withdrawals, ceo bat shares the necessary transaction data with your chosen payment service provider — bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, BRAC Bank, City Bank, Islami Bank, or Sonali Bank. The data shared is limited to what is strictly necessary to initiate, process, and confirm the transaction. Each payment provider operates under its own privacy policy and is subject to its own regulatory obligations.
Game Studio Partners
Live casino and RNG game content on ceo bat is delivered by third-party game studios including Evolution Gaming, Ezugi, and Pragmatic Play. To provide a seamless gaming experience, your account session token and game-relevant metadata may be passed to the game studio's system when you launch a game. Game studios do not receive your full personal profile — only the session data required to identify you as an authenticated, eligible player for that game session.
Identity Verification Partners
ceo bat may use third-party KYC and identity verification service providers to assist with document verification processing. These providers process your submitted identity documents under strict confidentiality agreements and are prohibited from using your data for any purpose other than completing the verification task assigned by ceo bat.
Legal and Regulatory Disclosure
ceo bat may disclose your personal data to law enforcement agencies, financial intelligence units, regulatory bodies, or courts where required to do so by applicable law, court order, or legal process. In such cases, we will disclose only the minimum data required to comply with the legal obligation and will notify you of the disclosure to the extent permitted by law.
Clause 5.1 — No Cross-Border Data Transfers Without Safeguards
Where any of ceo bat's service providers process personal data outside of Bangladesh, ceo bat ensures that appropriate contractual safeguards are in place to protect your data to an equivalent standard as it would receive if processed domestically. We do not transfer data to jurisdictions that lack adequate data protection frameworks without first implementing compensating contractual measures.
Clause 5.2 — Business Transfers
In the event of a merger, acquisition, or sale of all or part of ceo bat's assets, your personal data may be transferred to the acquiring entity as part of the business transaction. You will be notified of any such transfer in advance, and the acquiring entity will be required to honour this Privacy Policy or provide you with a new privacy notice before any change in data processing occurs.
We Do Not Sell Your Data. ceo bat does not and will not sell, license, or rent your personal data to any third-party data brokers, advertisers, or marketing companies. Data sharing is strictly limited to operational necessity and legal obligation.
Game Studio Data: When you launch a live dealer or slot game, only a secure session token is passed to the game provider. Your name, email, phone number, and payment details are never shared with game studios. Studios receive only what is needed to authenticate your session.
Section 6
Data Retention
ceo bat retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, to comply with legal obligations, and to resolve any potential disputes. The following table sets out our standard data retention periods by category.
| Data Category | Retention Period | Reason for Retention |
|---|---|---|
| Account registration data | Duration of account + 5 years after closure | Legal obligation, dispute resolution, fraud prevention |
| KYC identity documents | 5 years from account closure | Anti-money-laundering legal requirement |
| Transaction and financial records | 7 years from transaction date | Financial record-keeping and tax compliance obligations |
| Gameplay and betting history | 3 years from last activity | Dispute resolution, responsible gaming monitoring |
| Customer support communications | 3 years from last interaction | Dispute resolution, quality assurance |
| Marketing consent records | Until consent withdrawn + 2 years | Evidence of consent basis for marketing processing |
| Analytics data (anonymised) | 26 months rolling window | Platform improvement; anonymised — no longer personal data |
| Device and IP log data | 12 months from collection | Security monitoring and fraud investigation |
When a retention period expires, ceo bat securely deletes or anonymises the relevant data so that it can no longer be linked to any individual. Deletion is carried out on a scheduled basis by our data management team and is logged for audit purposes.
Section 7
Your Privacy Rights
As a ceo bat player, you have the following rights over your personal data. To exercise any of these rights, contact our support team via 24/7 live chat or email at [email protected]. We will respond to all verified requests within 30 days.
Right of Access
You have the right to request a copy of all personal data ceo bat holds about you, along with information about how it is being used and shared.
Right to Rectification
If any of the personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected without undue delay.
Right to Erasure
You may request deletion of your personal data where we no longer have a lawful basis for holding it — subject to legal retention obligations that override this right.
Right to Restrict Processing
You may ask ceo bat to pause processing of your data in certain circumstances — for example, while the accuracy of your data is being contested or while an objection is being considered.
Right to Data Portability
Where processing is based on your consent or contract performance, you may request your personal data in a structured, machine-readable format so you can transfer it to another service provider.
Right to Object
You have the right to object to processing of your personal data carried out on the basis of legitimate interests, including profiling for marketing purposes. We will stop that processing unless we can demonstrate compelling legitimate grounds that override your interests.
How to Submit a Rights Request
To exercise any of the rights listed above, please contact ceo bat's Data Support team through one of the following channels:
- 24/7 Live Chat: The fastest way to submit a rights request. A support agent will verify your identity and log your request immediately.
- Email: Send a written request to [email protected] with the subject line "Privacy Rights Request" and your registered account username or email address. Please note this is a plain-text reference and not a clickable link.
We will acknowledge your request within 5 business days and provide a full response within 30 calendar days. In cases of particular complexity, we may extend this period by a further 30 days, in which case we will notify you of the extension and the reason for it before the initial deadline expires.
We may need to verify your identity before processing your request to ensure that personal data is not disclosed to or acted upon by an unauthorised person. Identity verification typically involves confirming your registered email address, mobile number, and answering a security question.
Clause 7.1 — No Fee for Rights Requests
ceo bat does not charge a fee for processing privacy rights requests. However, where requests are manifestly unfounded or excessive (particularly if repetitive), we reserve the right to either charge a reasonable administrative fee or refuse to act on the request, in which case we will notify you of the reason within 30 days.
Fastest Route: For data access, correction, or deletion requests, 24/7 live chat is the quickest option. Agents are trained on privacy rights procedures and can open a formal request ticket immediately during your chat session.
Section 8
Data Security
Protecting the personal data of ceo bat players is a fundamental operational priority. We implement a layered security architecture that combines technical, organisational, and procedural controls to guard against unauthorised access, accidental loss, destruction, or disclosure of personal data.
Technical Safeguards
All data transmitted between your device and ceo bat's servers is encrypted using TLS 1.3 with 256-bit AES cipher suites, providing the same level of protection used by major international financial institutions. Data at rest — including account records, KYC documents, and transaction logs — is encrypted using AES-256 encryption with keys managed through a dedicated hardware security module (HSM). Our platform is protected by a web application firewall (WAF), distributed denial-of-service (DDoS) mitigation, and real-time intrusion detection systems.
Organisational Controls
Access to personal data within ceo bat is restricted on a strict need-to-know basis. Staff members are granted access only to the specific categories of data required for their role. All staff with access to personal data are subject to confidentiality agreements and receive annual data protection training. Access privileges are reviewed quarterly and revoked immediately upon termination of employment or change of role.
Payment Security
ceo bat does not store full payment credentials — bKash or Nagad PINs, bank account numbers, or card details are never retained on our servers. Payment processing is handled directly by the respective payment provider through secure API integrations. Transaction references stored by ceo bat are masked and cannot be used to initiate unauthorised payments.
Incident Response
In the event of a personal data breach that poses a risk to the rights and freedoms of affected players, ceo bat will notify affected players within 72 hours of becoming aware of the breach, to the extent practicable. Notifications will be sent to your registered email address and will include: the nature of the breach, the categories of data affected, the likely consequences, and the steps we have taken or propose to take to address the breach and mitigate its effects.
Your Role in Security
While ceo bat implements robust server-side security, the security of your account also depends on the steps you take to protect your own credentials. We strongly recommend that you: use a strong, unique password for your ceo bat account; enable two-factor authentication (2FA) if available; never share your login credentials with any third party; log out of your account when using a shared or public device; and report any suspected unauthorised access to your account to our support team immediately via live chat.
Clause 8.1 — Security Audit Schedule
ceo bat's platform and data infrastructure undergoes an independent security audit conducted by a qualified third-party security firm at least once per calendar year. Findings from these audits are reviewed by senior management and remediation of identified issues is tracked to completion before the next audit cycle.
Clause 8.2 — Reporting a Security Concern
If you believe you have discovered a security vulnerability on the ceo bat platform, please report it responsibly to [email protected] with the subject line "Security Concern". We take all security reports seriously and will investigate and respond within 5 business days. Please note this email reference is plain text and not a clickable link.
TLS 1.3 Encryption: Every page on ceo bat is served over HTTPS with TLS 1.3. You can verify this by checking the padlock icon in your browser's address bar. Never enter your credentials on any site that does not show a valid SSL certificate for ceo-bat.net.
Watch Out for Phishing: ceo bat will never ask for your password via email, SMS, or live chat. If you receive a message claiming to be from ceo bat and asking for your login credentials or payment PIN, do not respond — contact our live chat support immediately to report it.
Two-Factor Authentication: For maximum account security, ceo bat strongly recommends enabling 2FA in your Account Settings. With 2FA active, logging in requires both your password and a one-time code sent to your registered mobile number — even if someone obtains your password, they cannot access your account without your phone.
Policy Updates
Changes to This Privacy Policy
ceo bat may update this Privacy Policy from time to time to reflect changes in our data processing practices, changes in applicable law, or improvements to our platform. When we make material changes — that is, changes that meaningfully affect how we collect, use, or share your personal data — we will notify you in advance by email to your registered address and by an in-platform notification visible when you next log in.
Minor changes (such as clarifications of existing practices, corrections of typographical errors, or updates to contact details) may be made without advance notice. The "effective date" at the top of this policy will always reflect the date on which the current version came into force. We encourage you to review this Privacy Policy periodically to stay informed about how ceo bat protects your data.
Your continued use of the ceo bat platform after a revised Privacy Policy has come into effect constitutes your acceptance of the updated terms. If you do not agree with any changes to this Privacy Policy, you should cease using the platform and contact our support team to request account closure and data deletion where applicable.
Material Change Notifications: When this Privacy Policy is updated in a way that meaningfully affects your data rights or our processing activities, ceo bat will send an email notification to your registered address at least 14 days before the change takes effect. You will always have the opportunity to review changes before they apply to your account.
Your Data Is Safe at ceo bat
Now that you understand how ceo bat protects and respects your personal data, explore everything our platform has to offer — from live cricket betting and 500+ casino tables to 1,000+ slots and instant BDT payouts via bKash and Nagad.
18+ only · Play Responsibly · Privacy Protected · SSL Encrypted