crikia Privacy Policy — Your Data, Protected
crikia is committed to protecting the privacy and security of every player on our platform. This Privacy Policy explains what personal data we collect, why we collect it, how it is stored and processed, and the rights you hold as a user based in Bangladesh. Transparency is not optional for us — it is a core operating principle.
Data We Collect
When you register for a crikia account, interact with our platform, or contact our support team, we collect and process various categories of personal data. The specific data collected depends on the nature of your interaction with us. The categories of personal data we collect include:
Identity & Contact Data
This includes your full legal name, date of birth, Bangladesh mobile phone number, email address, and any additional identity documentation you provide during the account verification process, such as your National Identity Card (NID) or passport details. We use this information to verify your identity, confirm your age eligibility (18+), and communicate with you regarding your account.
Financial & Transaction Data
We record details of all financial transactions conducted through your crikia account, including the amount, date, time, payment method (bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, Visa/Mastercard), and transaction reference numbers. We do not store complete card numbers or mobile banking PINs. Payment credentials are processed directly through the relevant payment provider's encrypted infrastructure.
Technical & Usage Data
Whenever you access the crikia platform, our systems automatically collect technical information about your device and session. This includes your IP address, browser type and version, operating system, device type, screen resolution, referring URL, and timestamps of platform activity. We also collect gameplay data including bet history, game session duration, wagering patterns, and win/loss records associated with your account.
Communications Data
Any communications you send to the crikia support team — via email, live chat, or our contact form — are recorded and retained. This includes the content of your messages, the date and time of the communication, and any attachments or documents submitted as part of a support or verification request.
| Data Category | Examples |
|---|---|
| Identity | Full name, date of birth, NID number |
| Contact | Mobile number, email address |
| Financial | Transaction amounts, payment method references |
| Technical | IP address, browser, device type |
| Gameplay | Bet history, session duration, wager patterns |
| Communications | Support messages, verification documents |
| Location | IP-derived country/region (Bangladesh) |
How We Use Your Data
crikia processes your personal data only where we have a lawful basis to do so. The primary lawful bases we rely upon are: performance of a contract (providing you with our gaming and betting services), compliance with legal obligations (anti-money-laundering, age verification, fraud prevention), and our legitimate interests in maintaining a safe, secure, and commercially sustainable platform. We do not rely on your consent as the sole basis for processing data that is operationally necessary, but we will seek your specific consent for any optional communications or marketing activities.
Account Registration & Verification
Your identity and contact data are used to create and manage your crikia account, verify that you meet the 18+ age requirement, and confirm your eligibility to access our services from Bangladesh.
Payment Processing & Fraud Prevention
Transaction data is processed to execute deposits and withdrawals via bKash, Nagad, Rocket, Upay, and card providers, and to detect and prevent fraudulent or suspicious financial activity on the platform.
Platform Security & Integrity
Technical data including IP addresses and device fingerprints are used to identify and block unauthorised access attempts, prevent multi-accounting, and protect the integrity of our betting and casino systems.
Customer Support
Communications data is used to respond to your support enquiries, process account-related requests, and maintain a record of interactions for quality assurance and dispute resolution purposes.
Responsible Gaming Compliance
Gameplay and transaction data is monitored to identify patterns that may indicate problem gambling behaviour. Where such patterns are identified, crikia's responsible gaming team may make proactive contact to offer support resources.
Legal & Regulatory Compliance
We process and retain data as required by applicable anti-money-laundering obligations, court orders, and any other lawful regulatory or law enforcement requests that are directed to crikia.
Data Sharing & Third Parties
crikia does not sell, rent, or trade your personal data to third parties for commercial advertising or marketing purposes. However, in order to deliver our services effectively and meet our legal obligations, we do share certain categories of data with carefully selected third-party partners. All third-party data sharing arrangements are governed by data processing agreements that obligate the recipient to maintain appropriate security standards and use the data only for the specified purpose.
Game Technology Providers
Casino games on crikia are supplied by internationally certified studios including Evolution Gaming, Pragmatic Play, Microgaming, NetEnt, Spribe, and Ezugi. When you play a game provided by one of these studios, limited session data — including your account identifier and wager history for that session — is transmitted to the provider's system in order to run the game, generate outcomes, and calculate payouts. These providers operate under their own certified privacy frameworks and are contractually bound not to use your data beyond game delivery purposes.
Payment Processors
To execute deposits and withdrawals, crikia shares relevant transaction details with payment service providers including bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, and card network operators (Visa/Mastercard). The data shared is limited to the minimum required to process the specific transaction. crikia does not receive or store your full mobile banking credentials or complete card numbers at any point.
Identity Verification Partners
Where crikia engages third-party identity verification services to conduct KYC (Know Your Customer) checks, your identity documents and personal details may be transmitted to such a partner for automated or manual verification. Any such partner is contractually required to process your data solely for the purpose of completing the verification and to delete it upon completion of that process.
Law Enforcement & Regulatory Bodies
crikia will disclose personal data to law enforcement agencies, courts, or regulatory authorities when required to do so by a valid legal process, court order, or applicable law. We will take reasonable steps to notify affected users of such a disclosure request, except where we are legally prohibited from doing so or where urgent circumstances require immediate compliance.
Data Security & Storage
crikia implements a multi-layered security architecture to protect your personal data against unauthorised access, accidental loss, disclosure, alteration, or destruction. Our technical and organisational security measures are reviewed and updated on a regular basis in response to the evolving threat landscape.
Encryption in Transit
All data transmitted between your device and the crikia platform is encrypted using industry-standard TLS (Transport Layer Security) protocols. Our platform enforces HTTPS across all pages and API endpoints. Any attempt to access the platform over an unencrypted connection is automatically redirected to the secure HTTPS version.
Encryption at Rest
Sensitive personal data stored in crikia's databases — including identity documentation, payment method references, and account credentials — is encrypted at rest using AES-256 encryption. Database access is restricted to authenticated internal systems and personnel with a documented operational need.
Access Controls
Access to systems containing personal data is governed by a role-based access control (RBAC) framework. All staff with access to player data are subject to background screening, confidentiality obligations, and regular security awareness training. Access logs are maintained and reviewed as part of our routine security audit process.
Incident Response
In the event of a data security incident affecting your personal data, crikia will conduct an immediate investigation and take all reasonably practicable steps to contain and remediate the incident. Where the incident poses a material risk to affected users, crikia will notify those users as soon as reasonably practicable, including a description of the nature of the incident, the categories of data affected, and the steps being taken in response.
| Security Measure | Standard Applied |
|---|---|
| Data in Transit | TLS 1.2 / 1.3 encryption |
| Data at Rest | AES-256 encryption |
| Authentication | Hashed passwords (bcrypt) |
| Access Control | Role-based (RBAC) |
| Network Security | Firewall + DDoS mitigation |
| Monitoring | 24/7 anomaly detection |
| Audits | Periodic internal security review |
Your Privacy Rights
As a user of the crikia platform, you hold a number of rights in relation to the personal data we hold about you. crikia is committed to honouring these rights promptly and transparently. To exercise any of the rights listed below, please contact our support team at [email protected] with the subject line "Privacy Rights Request" and a description of the right you wish to exercise. We will acknowledge your request within 2 business days and provide a substantive response within 15 business days.
Right of Access
You have the right to request a copy of all personal data that crikia holds about you. We will provide this in a structured, readable format within the statutory timeframe following identity verification.
Right to Rectification
If any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct it. Certain data corrections may require identity re-verification before they can be applied.
Right to Erasure
You may request deletion of your personal data where it is no longer necessary for the purpose it was collected. Note: data subject to active legal hold, AML obligations, or open dispute proceedings cannot be deleted until those obligations are fulfilled.
Right to Restriction
You may request that we restrict active processing of your data while a rectification or objection request is being evaluated. Restricted data is retained but not actively used beyond legal compliance purposes.
Right to Portability
Where technically feasible, you may request an export of your personal data in a machine-readable format (e.g., JSON or CSV) so that you can transfer it to another service provider of your choice.
Right to Object
You may object to processing of your personal data that is based on our legitimate interests. We will cease that processing unless we can demonstrate compelling legitimate grounds that override your objection.
Data Retention Policy
crikia retains your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law. The following retention schedule sets out our standard data retention periods by category. After the applicable retention period expires, data is securely deleted or anonymised so that it can no longer be linked to any individual user.
| Data Category | Retention Period | Legal Basis for Retention |
|---|---|---|
| Account Registration Data | Duration of account + 5 years after closure | Legal obligation (AML / KYC compliance) |
| Transaction Records | 7 years from transaction date | Financial record-keeping requirements |
| Identity Verification Documents | 5 years after account closure | Legal obligation (AML regulations) |
| Gameplay & Bet History | 3 years from date of activity | Legitimate interests (dispute resolution) |
| Support Communications | 3 years from last communication | Legitimate interests (quality assurance) |
| Technical / Log Data | 12 months from collection | Legitimate interests (security monitoring) |
| Marketing Preferences | Until consent withdrawn or account closed | Consent |
Policy Updates & Contact
crikia reviews this Privacy Policy periodically and updates it to reflect changes in our data processing practices, applicable law, or platform functionality. The effective date displayed at the top of this page indicates when the current version was last revised. We will notify registered users of any material changes to this Privacy Policy via email to the address associated with their account at least 14 days before the changes take effect. Continued use of the crikia platform after the effective date of a revised Privacy Policy constitutes your acceptance of the updated terms.
If you have any questions, concerns, or requests in connection with this Privacy Policy or crikia's handling of your personal data, please contact our privacy team using the details below. We are committed to resolving all privacy-related queries promptly and transparently.
Contact Details
Privacy enquiries and data subject requests can be directed to the crikia support team:
- Email: [email protected] (subject line: "Privacy Rights Request")
- Response Time: Acknowledgement within 2 business days; substantive response within 15 business days
- Operating Hours: 24 hours a day, 7 days a week (Bangladesh Standard Time, UTC+6)
crikia takes all privacy complaints seriously. If you are not satisfied with our response to a privacy complaint, you retain the right to escalate the matter through appropriate legal channels available in Bangladesh.
Your Privacy Is Protected. Ready to Play?
Now that you understand how crikia protects your data, explore our cricket betting markets, slot games, or live casino — or visit our FAQ for quick answers about your account.