Last Updated: January 2025

Legal

18aa Privacy Policy — How We Handle Your Personal Data

At 18aa, your privacy matters. This Privacy Policy explains exactly what personal data we collect when you use the 18aa platform, why we collect it, how we use it, and what rights you have over your own information. We keep things straightforward — no legal jargon, no hidden practices.

Our Privacy Commitments

  • We never sell your personal data
  • All data is encrypted in transit and at rest
  • You can request your data at any time
  • We only collect what we actually need
  • Third-party sharing is strictly limited
  • You can delete your account and data

Data Protection

Six Ways 18aa Protects Your Privacy

Privacy at 18aa isn't just a policy document — it's built into how the platform works. Here's what that looks like in practice.

SSL Encryption

Every connection between your device and 18aa is protected by industry-standard SSL encryption. Your login credentials, payment details, and personal information are never transmitted in plain text. What you send to 18aa stays between you and 18aa.

Secure Data Storage

Personal data stored by 18aa is held on secured servers with access controls, encryption at rest, and regular security audits. Payment information is never stored in full on 18aa servers — only tokenised references used for transaction matching.

No Data Selling

18aa does not sell, rent, or trade your personal data to any third party for marketing or commercial purposes. Your information is used only to operate your account, process payments, and comply with legal obligations — nothing else.

Minimal Data Collection

18aa only collects the personal data that is genuinely necessary to operate the platform and comply with legal requirements. We don't collect data speculatively or build profiles beyond what's needed to provide you with a safe and functional gaming experience.

Limited Third-Party Access

Where 18aa shares data with third parties — such as payment processors or identity verification providers — it is strictly limited to what those providers need to perform their specific function. All third-party providers are contractually bound to handle your data securely.

Your Rights, Always Active

You have the right to access, correct, or delete your personal data at any time. You can also request a copy of all data 18aa holds about you. These rights are always available — no waiting periods, no complicated processes. Just contact support.

Contents
1. Who We Are 2. Data We Collect 3. How We Use Your Data 4. Legal Basis for Processing 5. Data Sharing 6. Cookies & Tracking 7. Data Retention 8. Data Security 9. Your Rights 10. Children's Privacy 11. Changes to This Policy 12. Contact Us

1. Who We Are

This Privacy Policy applies to the 18aa online casino platform, accessible at 18aa.top. When this policy refers to "18aa", "we", "us", or "our", it means the operator of the 18aa platform and all associated services.

18aa is an online casino and gaming platform built specifically for players in Bangladesh. We offer a range of casino games including slots, table games, and card games, with payment support for bKash, Nagad, and Rocket. This Privacy Policy governs how we handle the personal data of all registered players and visitors to the 18aa platform.

If you have any questions about this Privacy Policy or about how 18aa handles your personal data, please contact our support team at [email protected] before using the platform.

2. Data We Collect

18aa collects personal data in two ways: information you provide directly when registering and using the platform, and information collected automatically through your use of the platform.

Information you provide directly:

  • Registration data: Your full name, date of birth, email address, and mobile number when you create an 18aa account.
  • Identity verification data: A copy of a government-issued ID and proof of address when requested for account verification or withdrawal processing.
  • Payment data: Your bKash, Nagad, or Rocket mobile wallet number used for deposits and withdrawals. Full payment credentials are never stored by 18aa.
  • Support communications: Any information you share with the 18aa support team via live chat or email, including account queries, complaints, and feedback.

Information collected automatically:

  • Device and browser data: Your IP address, device type, operating system, browser type, and screen resolution.
  • Usage data: Pages visited on 18aa, games played, session duration, deposit and withdrawal history, and bonus usage.
  • Cookie data: Information stored via cookies and similar tracking technologies as described in Section 6 of this policy.
Data Type Purpose Retention
Registration details Account creation and management Duration of account + 5 years
Identity documents KYC / AML compliance 5 years after account closure
Payment records Transaction processing and fraud prevention 5 years after transaction
Game history Dispute resolution and responsible gaming 3 years after last activity
Support communications Customer service and complaint handling 3 years after resolution
Device / IP data Security and fraud detection 12 months

3. How We Use Your Data

18aa uses your personal data only for the purposes described in this policy. We do not use your data for any purpose that is incompatible with the reason it was originally collected. The main ways we use your personal data are:

  • Account management: Creating and maintaining your 18aa account, processing your login, and keeping your account details up to date.
  • Payment processing: Handling deposits and withdrawals via bKash, Nagad, and Rocket, and maintaining accurate transaction records.
  • Identity verification: Verifying your identity and age as required by our anti-money-laundering and know-your-customer obligations.
  • Customer support: Responding to your queries, resolving disputes, and handling complaints efficiently.
  • Platform security: Detecting and preventing fraud, unauthorised account access, and other security threats.
  • Responsible gaming: Monitoring gaming patterns to identify signs of problem gambling and applying responsible gaming tools where appropriate.
  • Legal compliance: Meeting our obligations under applicable laws and regulations, including anti-money-laundering requirements.
  • Platform improvement: Analysing aggregated, anonymised usage data to improve the 18aa platform and user experience.

Note: 18aa does not use your personal data for automated decision-making that produces legal or similarly significant effects without human review. If you have concerns about any decision made regarding your account, you can request a manual review by contacting support.

4. Legal Basis for Processing

18aa processes your personal data on the following legal grounds:

  • Contractual necessity: Processing your registration data, payment information, and game history is necessary to provide the services you signed up for. Without this data, 18aa cannot operate your account.
  • Legal obligation: Identity verification, transaction records, and anti-money-laundering checks are required by law. 18aa must process this data to comply with applicable regulations.
  • Legitimate interests: Security monitoring, fraud detection, and platform analytics are carried out on the basis of 18aa's legitimate interest in operating a safe and functional platform. These interests are balanced against your privacy rights.
  • Consent: Where 18aa sends you promotional communications or uses non-essential cookies, this is done on the basis of your consent. You can withdraw consent at any time.

5. Data Sharing

18aa does not sell, rent, or trade your personal data. We share your data only in the following limited circumstances, and only to the extent necessary for the specific purpose:

  • Payment processors: Your mobile wallet number and transaction details are shared with bKash, Nagad, or Rocket as necessary to process your deposits and withdrawals.
  • Identity verification providers: Where required, your identity documents may be shared with a third-party KYC provider to complete verification checks.
  • Game providers: Your player ID and game session data may be shared with game providers such as PG Soft to facilitate gameplay and resolve technical disputes.
  • Legal authorities: 18aa may disclose your personal data to law enforcement or regulatory authorities where required by law or in response to a valid legal request.
  • Business transfers: In the event of a merger, acquisition, or sale of the 18aa business, your personal data may be transferred to the new operator. You will be notified of any such transfer in advance.

All third-party service providers who receive your personal data are contractually required to handle it securely, use it only for the specified purpose, and comply with applicable data protection standards.

6. Cookies & Tracking

18aa uses cookies and similar tracking technologies to operate the platform, remember your preferences, and analyse how the platform is used. Cookies are small text files stored on your device when you visit 18aa.

The types of cookies used by 18aa include:

  • Essential cookies: Required for the platform to function. These include session cookies that keep you logged in and security cookies that protect against cross-site request forgery. These cannot be disabled.
  • Functional cookies: Remember your preferences such as language settings and display options. These improve your experience but are not strictly necessary.
  • Analytics cookies: Collect anonymised data about how players use the 18aa platform — which pages are visited most, how long sessions last, and where users encounter issues. This data helps us improve the platform.

You can manage your cookie preferences through your browser settings. Disabling non-essential cookies will not prevent you from using 18aa, but some features may not work as intended. Note that essential cookies cannot be disabled as they are required for the platform to operate.

Cookie Tip: Most browsers allow you to view, manage, and delete cookies through the browser's settings or privacy menu. Clearing cookies will log you out of your 18aa session, so make sure you have your login details handy before doing so.

7. Data Retention

18aa retains your personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by law. The specific retention periods for each data type are set out in the table in Section 2 of this policy.

When your account is closed — whether by you or by 18aa — your personal data is not immediately deleted. Certain data must be retained for a period after account closure to comply with anti-money-laundering regulations, resolve any outstanding disputes, and respond to legal requests. After the applicable retention period has expired, your data is securely deleted or anonymised.

If you request deletion of your personal data before the end of the applicable retention period, 18aa will delete all data that is not subject to a legal retention obligation and will restrict processing of any data that must be retained.

8. Data Security

18aa takes the security of your personal data seriously. We implement a range of technical and organisational measures to protect your data against unauthorised access, loss, destruction, or alteration. These measures include:

  • SSL/TLS encryption for all data transmitted between your device and 18aa servers.
  • Encryption at rest for sensitive personal data stored on 18aa servers.
  • Access controls that limit which 18aa staff can access personal data, based on their role and need.
  • Regular security assessments and penetration testing of the 18aa platform.
  • Secure disposal of data that is no longer required.
  • Staff training on data protection and security best practices.

While 18aa takes every reasonable precaution to protect your data, no online platform can guarantee absolute security. If you suspect that your 18aa account has been compromised, please contact support immediately and change your password.

9. Your Rights

As a player at 18aa, you have the following rights in relation to your personal data. You can exercise any of these rights by contacting the 18aa support team.

Right of Access

Request a copy of all personal data 18aa holds about you. We will provide this within 30 days of your request.

Right to Rectification

Request correction of any inaccurate or incomplete personal data held by 18aa. We will update your records promptly.

Right to Erasure

Request deletion of your personal data where it is no longer necessary for the purpose it was collected, subject to legal retention obligations.

Right to Restrict Processing

Request that 18aa restricts the processing of your data in certain circumstances, such as while a dispute is being resolved.

Right to Data Portability

Request your personal data in a structured, machine-readable format so you can transfer it to another service if you choose.

Right to Object

Object to the processing of your personal data where 18aa relies on legitimate interests as the legal basis, including for analytics purposes.

How to exercise your rights: Contact the 18aa support team via live chat or email at [email protected]. We will respond to all data rights requests within 30 days. In complex cases, this may be extended by a further 30 days, and we will notify you if that is the case.

10. Children's Privacy

The 18aa platform is strictly for adults aged 18 and over. 18aa does not knowingly collect personal data from anyone under the age of 18. If you are a parent or guardian and believe that a minor has registered an account at 18aa, please contact us immediately at [email protected].

Upon receiving a verified report of a minor's account, 18aa will close the account immediately, delete all associated personal data, and return any deposited funds to the payment method used. 18aa uses age verification checks during registration and at the withdrawal stage to minimise the risk of underage access.

11. Changes to This Policy

18aa may update this Privacy Policy from time to time to reflect changes in our data practices, legal requirements, or platform features. When we make changes, the updated policy will be published on this page with a revised "Last Updated" date at the top.

For significant changes that affect how we use your personal data, 18aa will notify registered players via their registered email address or through an in-platform notification before the changes take effect. Your continued use of the 18aa platform after any update to this policy constitutes your acceptance of the revised terms.

We recommend checking this page periodically to stay informed about how 18aa protects your privacy. If you disagree with any changes to this policy, you have the right to close your account and request deletion of your personal data.

12. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or to how 18aa handles your personal data, please get in touch with our support team. We take all privacy enquiries seriously and will respond as quickly as possible.

You can reach us via live chat on the 18aa platform, available 24 hours a day, 7 days a week. Alternatively, you can email us at [email protected]. We aim to respond to all email enquiries within 24 hours.

Support is available 24/7. Whether you want to access your data, correct an error, or simply understand how your information is used — our team is here to help. You don't need to navigate this alone.

Play With Confidence

Your Data Is Safe at 18aa

Now you know exactly how 18aa handles your personal data. Create your free account and enjoy certified fair games, fast local payments, and a platform that genuinely respects your privacy.

Create Free Account Member Login

18+ only. Please play responsibly. Responsible Gaming