pojak Privacy Policy
At pojak, protecting the personal data of our players across Bangladesh is a fundamental responsibility. This Privacy Policy explains exactly what information we collect when you use our platform, how that data is processed and stored, who it may be shared with, and what rights you hold over your own information.
1. Data We Collect
1.1 Information You Provide Directly
When you create a pojak account or interact with our platform, we collect personal information that you provide voluntarily. This includes the details necessary to register, verify your identity, and facilitate transactions. The categories of data we collect directly from you are:
- Identity data: Full legal name, date of birth, gender, and nationality
- Contact data: Registered mobile number, email address, and residential address in Bangladesh
- Identity verification documents: National Identity Card number, passport details, or driving licence information submitted during KYC verification
- Financial data: Mobile financial service account identifiers (bKash, Nagad, Rocket, Upay), bank account details (Dutch-Bangla Bank, City Bank, BRAC Bank, etc.), and Visa/Mastercard details where applicable
- Account credentials: Username and hashed password (passwords are never stored in plain text)
- Communications: Messages sent to pojak support via live chat or email, including support tickets and dispute correspondence
1.2 Information Collected Automatically
When you access pojak.net or use the pojak platform, certain technical data is collected automatically by our systems and third-party analytics providers. This data helps pojak maintain platform security, detect fraud, improve user experience, and comply with regulatory obligations.
| Data Type | Examples | Purpose |
|---|---|---|
| Device data | Device type, OS version, browser, screen resolution | Platform optimisation, fraud detection |
| Network data | IP address, ISP, mobile carrier (Grameenphone, Robi, etc.) | Geo-verification, security monitoring |
| Usage data | Pages visited, time on page, bet history, game sessions | Personalisation, responsible gaming monitoring |
| Transaction data | Deposit amounts, withdrawal requests, bonus usage | Financial reconciliation, AML compliance |
| Log data | Login timestamps, session duration, failed login attempts | Account security, audit trail |
1.3 Information from Third Parties
pojak may receive personal data about you from trusted third-party sources in limited circumstances. These include identity verification agencies used during KYC checks, payment processors confirming transaction status, and fraud-prevention services that flag high-risk account patterns. We only request the minimum data necessary from third parties and handle all such information in accordance with this Privacy Policy.
2. How We Use Your Data
2.1 Core Platform Operations
The primary reason pojak collects personal data is to operate the platform and deliver the services you have signed up for. Specifically, your data is used to:
- Create, maintain, and secure your pojak account
- Process deposits and withdrawals via bKash, Nagad, Rocket, Upay, Visa, and Mastercard
- Settle sports bets, casino game outcomes, and bonus credits accurately
- Verify your identity and age (18+) in compliance with our responsible gaming obligations
- Provide 24/7 customer support via live chat and email at [email protected]
- Send transactional communications including deposit confirmations, withdrawal receipts, and security alerts
2.2 Safety, Security, and Fraud Prevention
pojak uses your data to protect both you and the platform from fraudulent, abusive, and criminal activity. This includes detecting and investigating suspicious betting patterns, monitoring for signs of account takeover, identifying duplicate account registrations, and screening transactions against anti-money laundering (AML) indicators. Where fraud or abuse is confirmed, pojak may share relevant data with law enforcement authorities in Bangladesh.
2.3 Regulatory and Legal Compliance
pojak is required to retain certain categories of personal and financial data to meet its legal obligations. Your transaction history, KYC documentation, and account activity logs may be retained and disclosed to authorised regulatory bodies, courts, or law enforcement agencies where pojak receives a valid legal request. pojak will always seek to notify you of such requests where legally permitted to do so.
2.4 Platform Improvement and Analytics
Aggregated and anonymised usage data helps pojak understand how players interact with the platform — which sports markets attract the most interest, which game categories are most popular among Bangladeshi players, and where the user experience can be improved. This analysis does not identify individual players and is used solely to improve pojak's products and services.
2.5 Responsible Gaming Monitoring
pojak uses betting behaviour data, session length records, and deposit frequency patterns to identify players who may be experiencing gambling-related harm. Where our responsible gaming systems flag a concern, pojak's support team may reach out to offer assistance, impose temporary limits, or recommend self-exclusion. This monitoring is a core part of pojak's commitment to player welfare and is never used for commercial profiling.
2.6 Marketing Communications
With your explicit consent at registration, pojak may send you promotional communications about new games, seasonal offers (such as BPL cricket promotions, Eid deposit bonuses, and T20 World Cup enhanced odds), and platform updates. You may withdraw your marketing consent at any time by updating your communication preferences in the account dashboard or by emailing [email protected]. Withdrawing marketing consent does not affect your ability to use the pojak platform.
3. Data Sharing & Disclosure
3.1 Service Providers
pojak engages carefully selected third-party service providers who process personal data on our behalf under strict data processing agreements. These providers are permitted to use your data only for the specific purpose for which it was shared. Current categories of service provider include:
- Payment processors: bKash, Nagad, Rocket, Upay, Visa, and Mastercard networks for transaction processing
- Identity verification: KYC and age-verification service providers
- Game providers: Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi receive session data necessary to run their games within the pojak environment
- IT infrastructure: Cloud hosting and database providers who store encrypted platform data
- Fraud prevention: Specialist anti-fraud and AML screening services
- Customer support: Live chat platform providers who facilitate player-support interactions
3.2 Legal and Regulatory Disclosure
pojak may disclose your personal data to government bodies, law enforcement agencies, courts, or regulators in Bangladesh where required to do so by law, court order, or valid regulatory demand. pojak will only disclose the minimum information required to satisfy the legal obligation and will maintain a record of all such disclosures.
3.3 Business Transfers
In the event that pojak undergoes a merger, acquisition, asset sale, or restructuring, your personal data may be transferred to the successor entity as part of the transaction. pojak will notify affected players in advance of any such transfer and ensure that the receiving entity agrees to honour the terms of this Privacy Policy with respect to existing player data.
3.4 What We Will Never Do
pojak will never sell your personal data to advertisers, data brokers, or marketing agencies. pojak will never share your financial data with any unauthorised third party. pojak will never disclose your data to other players on the platform. pojak will never use your data for automated decision-making that produces legal or similarly significant effects without human review and your right to contest the outcome.
4. Cookies & Tracking
4.1 What Are Cookies
Cookies are small text files placed on your device when you visit pojak.net. They allow the platform to remember your preferences, keep you logged in securely between sessions, and understand how you navigate the site. pojak uses both first-party cookies (set directly by pojak.net) and third-party cookies (set by our analytics and payment partners).
4.2 Categories of Cookies Used
- Essential cookies: Required for core platform functionality — session management, login authentication, and transaction security. These cannot be disabled without breaking the platform.
- Analytics cookies: Used to measure page performance, identify popular features, and diagnose technical issues. Data collected is aggregated and anonymised.
- Preference cookies: Store your platform settings such as language preference, odds format, and notification choices between sessions.
- Security cookies: Help detect fraudulent login attempts, unusual session behaviour, and potential account compromise.
4.3 Managing Cookies
You can manage or disable non-essential cookies through your browser settings at any time. Please note that disabling certain cookies may affect your experience on pojak.net — for example, you may be required to log in again each session, or your platform preferences may not be saved between visits. Essential security and session cookies cannot be disabled as they are required for the platform to function correctly.
5. Data Security
5.1 Technical Safeguards
pojak implements industry-standard technical security measures to protect your personal data against unauthorised access, disclosure, alteration, and destruction. These measures include:
- SSL/TLS encryption: All data transmitted between your device and pojak.net is encrypted using 256-bit SSL technology
- Password hashing: Account passwords are stored using strong one-way cryptographic hashing — pojak staff cannot view your password
- Two-factor authentication (2FA): Available to all players via their registered mobile number for additional account security
- Database encryption: Sensitive personal and financial data is encrypted at rest within pojak's database infrastructure
- Access controls: Internal access to player data is restricted on a strict need-to-know basis; all internal access is logged and audited
- Penetration testing: pojak's platform undergoes regular security assessments to identify and remediate vulnerabilities
5.2 Organisational Safeguards
Beyond technical measures, pojak enforces strict internal policies governing how staff handle player data. All personnel with access to personal data receive mandatory data protection training. pojak's data handling procedures are reviewed regularly and updated in line with evolving best practices. Any staff member found to have violated pojak's data protection policies is subject to disciplinary action up to and including termination.
5.3 Security Breach Response
In the event of a data security breach that poses a risk to affected players, pojak will act promptly to contain the breach, assess its scope, and notify affected players via their registered email address. Notification will include a description of what data was involved, the likely consequences of the breach, and the steps pojak is taking in response. pojak will also notify relevant authorities where required by applicable law.
6. Data Retention
6.1 Retention Periods
pojak retains personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by applicable legal and regulatory obligations. The following general retention schedule applies:
- Active account data: Retained for the lifetime of your pojak account plus 5 years following account closure
- Transaction and financial records: Retained for a minimum of 7 years from the date of the transaction for AML and financial compliance purposes
- KYC and identity documents: Retained for 5 years following the end of the customer relationship
- Support communications: Retained for 3 years from the date of the interaction
- Marketing consent records: Retained for the duration of your account plus 2 years to demonstrate compliance with consent obligations
- Security and access logs: Retained for 12 months on a rolling basis
6.2 Deletion and Anonymisation
When personal data is no longer required and its retention period has expired, pojak securely deletes or irreversibly anonymises the data. Anonymised data (which can no longer be linked to any individual) may be retained indefinitely for statistical and analytical purposes. pojak does not retain personal data in identifiable form beyond the periods set out above except where a specific legal obligation requires extended retention.
7. Your Privacy Rights
7.1 Rights Available to You
As a pojak player, you have the following rights in relation to your personal data held by pojak. To exercise any of these rights, contact pojak's support team via live chat or email at [email protected]:
- Right of access: You may request a copy of all personal data pojak holds about you. pojak will respond to access requests within 30 days.
- Right to rectification: If any personal data pojak holds about you is inaccurate or incomplete, you have the right to request correction. Standard account details can be updated directly in the account dashboard.
- Right to erasure: In certain circumstances, you may request that pojak delete your personal data. Note that pojak may be required to retain certain data for legal or regulatory reasons even following an erasure request.
- Right to restrict processing: You may request that pojak limit the processing of your personal data in specific circumstances, for example while a dispute is being investigated.
- Right to data portability: You may request that pojak provide your personal data in a structured, machine-readable format for transfer to another service provider.
- Right to withdraw consent: Where pojak processes your data based on consent (such as for marketing communications), you may withdraw that consent at any time without affecting the lawfulness of prior processing.
- Right to object: You may object to pojak's processing of your personal data where that processing is based on legitimate interests, including profiling for responsible gaming purposes.
7.2 How to Submit a Privacy Request
Privacy requests should be submitted in writing to [email protected] with the subject line "Privacy Request — [Your Registered Email]". pojak may need to verify your identity before processing any request that involves accessing, amending, or deleting personal data. pojak will acknowledge all privacy requests within 5 business days and provide a full response within 30 calendar days. Where a request is complex or involves multiple data categories, pojak may extend this period by an additional 30 days with prior notification.
8. Changes to This Policy
8.1 How We Notify You of Changes
pojak reviews this Privacy Policy regularly and may update it to reflect changes in our data practices, platform features, or applicable legal requirements. When material changes are made to this policy, pojak will notify all registered players via their registered email address at least 14 days before the changes take effect. The "Last Updated" date at the top of this page will also be revised to reflect the date of the most recent update.
8.2 Continued Use as Acceptance
Your continued use of the pojak platform following notification of any material change to this Privacy Policy constitutes your acceptance of the revised policy. If you do not agree with the revised terms, you should cease using the pojak platform and request account closure by contacting [email protected]. pojak will process any balance remaining in your account in accordance with the withdrawal procedures set out in the Terms & Conditions.
8.3 Archive of Previous Versions
pojak maintains an internal archive of all previous versions of this Privacy Policy. Players who wish to review a prior version of this policy may request a copy by contacting pojak support. Previous versions are available dating back to pojak's launch and are retained as part of pojak's compliance documentation.
How pojak Protects Your Data
These six principles guide every data-handling decision made by the pojak team, from how we store your mobile wallet details to how we respond to a security incident.
Every byte of data exchanged between your device and pojak.net travels over an encrypted connection. Your financial details, login credentials, and personal information are protected at all times against interception or tampering.
pojak does not sell, rent, or trade your personal data to advertisers, data brokers, or any third party for commercial gain. Your data is used solely to operate the pojak platform and fulfil our legal obligations — full stop.
pojak gives you direct control over your personal data. Update your details in the account dashboard, withdraw marketing consent at any time, or submit a formal erasure or portability request to our support team — all requests are handled within 30 days.
Betting behaviour data is monitored by pojak's responsible gaming systems to identify players who may need support. This monitoring exists to protect you — it is never used for commercial profiling or targeted advertising of gambling products.
Internal access to player data at pojak is restricted to staff who need it to perform their role. All access is logged and audited. Any member of the pojak team found mishandling player data faces immediate disciplinary action.
In the unlikely event of a data security incident, pojak commits to notifying affected players promptly via their registered email address — explaining what data was involved, the potential impact, and the concrete steps pojak is taking to resolve the situation.
Your Data Is Safe at pojak
Now that you understand how pojak protects your privacy, explore what the platform has to offer — from live cricket betting and BPL markets to hundreds of slots and live casino tables. 18+ only. Play responsibly.