Privacy Policy — qc999
Your privacy is a fundamental right. This Privacy Policy explains exactly what personal data qc999 collects from players in Bangladesh and around the world, why we collect it, how we use it, who we share it with, and how you can exercise your rights over your own information.
How qc999 Handles Your Privacy
Six core commitments that define qc999's approach to protecting the personal data of every player on our platform.
Minimal Data Collection
qc999 collects only the personal data that is strictly necessary to operate the platform, verify your identity, process transactions, and comply with our obligations as a responsible gaming operator. We do not collect data for its own sake.
SSL Encryption
All data transmitted between your device and qc999.app is protected by 256-bit SSL encryption. Your personal and financial information is never sent or stored in plaintext form on our servers.
No Unauthorised Selling
qc999 does not sell, rent, or trade your personal data to third-party advertisers, data brokers, or marketing agencies. Your information is used solely to deliver and improve the qc999 platform experience.
KYC Confidentiality
Identity documents submitted for KYC verification — including NID cards, passports, and bank statements — are stored securely and accessed only by authorised personnel during the verification process.
Your Rights Respected
You have the right to access, correct, export, or request deletion of your personal data held by qc999 at any time. Submit a request to [email protected] and we will respond within 30 days.
Plain English Policy
This Privacy Policy is written in clear, plain English — not dense legalese — so that every qc999 player in Bangladesh and beyond can understand exactly what we do with their data and why.
Data We Collect
qc999 collects personal data from you in three ways: information you provide directly when you register or use the platform; information generated automatically by your use of the platform; and information received from trusted third parties such as payment processors and identity verification services. The categories of data we collect are described below.
Registration & Account Data
When you create a qc999 account, we collect the following information that you provide voluntarily:
- Full legal name (as it appears on your government-issued identity document)
- Date of birth (to verify you are 18 years of age or older)
- Email address (used for account communication, bonus notifications, and support)
- Mobile phone number (used for account verification and transaction confirmations)
- Residential address (required for full KYC verification prior to withdrawals)
- Username and encrypted password
- Preferred language (English by default on qc999)
KYC & Identity Verification Data
Before your first withdrawal, qc999 requires you to complete a Know Your Customer (KYC) verification process. During this process, we collect copies or photographs of government-issued identity documents, which may include:
- Bangladesh National Identity Card (NID)
- Passport (any nationality)
- Driver's licence (with photograph and date of birth clearly visible)
- Recent utility bill or bank statement for proof of residential address (dated within 90 days)
KYC documents are stored in an encrypted document management system accessible only to authorised qc999 compliance personnel. They are used solely for identity and age verification purposes and are not shared with third parties except where required to do so by law.
Financial & Transaction Data
When you make a deposit or request a withdrawal, qc999 collects transaction-related data including the payment method used (e.g., bKash, Nagad, Rocket, Upay, Visa, Mastercard), the transaction amount in BDT, the transaction timestamp, and the transaction reference number provided by your payment provider. qc999 does not store full card numbers or mobile banking PINs — these are handled exclusively by your payment provider's encrypted gateway.
Usage & Behavioural Data
As you use the qc999 platform, we automatically collect data about your activity, including:
- Games played, bet amounts, win/loss records, and session durations
- Sports betting markets accessed, odds viewed, and bets placed
- Pages visited on qc999.app, time spent on each page, and navigation paths
- Search queries entered within the platform
- Bonus offers viewed, claimed, and wagering progress
This behavioural data is used to personalise your experience, improve platform performance, detect problem gambling patterns for responsible gaming interventions, and identify unusual activity that may indicate fraud or bonus abuse.
Technical & Device Data
We automatically collect certain technical data when you access qc999.app, including your IP address, browser type and version, operating system, device type (desktop, mobile, tablet), screen resolution, referring URL, and session identifiers. This data is used for security monitoring, fraud prevention, and platform optimisation.
Communication Data
If you contact qc999 support via live chat, email, or any other channel, we retain records of your communications — including chat transcripts, email correspondence, and support ticket history — for quality assurance, dispute resolution, and regulatory compliance purposes.
Why We Need Your Data
The personal data qc999 collects is required to operate a safe, compliant gaming platform. Without registration data, we cannot create your account. Without KYC data, we cannot process withdrawals. Without transaction data, we cannot record your deposits or pay out winnings.
No Data Selling
qc999 does not sell your personal data — not your name, not your contact details, not your gaming history — to any third party for commercial or advertising purposes. Ever.
18+ Verified Only
Date of birth data is collected specifically to enforce the 18+ age restriction. No player under 18 years of age may hold a qc999 account. Age verification is a non-negotiable condition of registration.
How We Use Your Data
qc999 uses the personal data we collect for specific, legitimate purposes. We do not use your data in ways that are incompatible with the purposes described at the time of collection. The primary purposes for which qc999 processes your personal data are:
| Purpose | Details | Legal Basis |
|---|---|---|
| Account Creation | Creating and managing your qc999 player account, including storing your login credentials, preferences, and account history. | Contractual necessity |
| Age & Identity Verification | Confirming that you meet the 18+ age requirement and that your identity matches your registered account details before processing withdrawals. | Legal obligation |
| Payment Processing | Recording and processing deposits and withdrawals via bKash, Nagad, Rocket, Upay, Visa, and Mastercard in Bangladeshi Taka. | Contractual necessity |
| Fraud Prevention | Monitoring account activity, transaction patterns, and login behaviour to detect and prevent fraud, duplicate accounts, bonus abuse, and unauthorised access. | Legitimate interest |
| Responsible Gaming | Analysing gameplay and deposit behaviour to identify players who may be exhibiting signs of problem gambling, enabling timely intervention and support. | Legal obligation / Legitimate interest |
| Customer Support | Responding to support enquiries, resolving disputes, investigating complaints, and maintaining records of interactions for quality assurance purposes. | Contractual necessity |
| Platform Improvement | Analysing aggregated usage data to improve the qc999.app interface, game selection, load times, and overall user experience. | Legitimate interest |
| Marketing Communications | Sending promotional emails, bonus offers, and platform updates to players who have opted in to marketing communications. You may opt out at any time. | Consent |
| Legal Compliance | Retaining records, responding to lawful requests from regulatory or law enforcement authorities, and fulfilling any reporting obligations applicable to qc999's operations. | Legal obligation |
Automated Decision-Making
qc999 uses automated systems to make certain decisions that affect your account, including fraud detection flags, bonus eligibility checks, and responsible gaming intervention triggers. Where an automated decision has a significant effect on your account (such as an account suspension), you have the right to request human review of that decision by contacting [email protected].
Marketing Opt-Out
If you have opted in to marketing communications from qc999, you may withdraw your consent at any time by clicking the "Unsubscribe" link in any marketing email, or by contacting support. Withdrawal of marketing consent does not affect the lawfulness of processing carried out before your opt-out, and does not affect transactional communications (such as deposit confirmations and withdrawal notifications) which are sent regardless of marketing preference.
You Control Marketing
Marketing emails from qc999 are opt-in only. You can unsubscribe from all promotional communications at any time. Transactional messages related to your account and transactions cannot be opted out of, as they are required for platform operation.
Automated Systems
Some account decisions are made automatically. If you believe an automated decision affecting your qc999 account is incorrect, you have the right to request a manual review by a member of the qc999 compliance team.
Data Sharing & Disclosure
qc999 does not sell your personal data. We share your data only in the limited circumstances described below, and only with parties who are contractually obligated to protect it in accordance with standards equivalent to those in this Privacy Policy.
Payment Processors
When you make a deposit or request a withdrawal, qc999 shares the minimum necessary transaction data with your chosen payment provider — including bKash, Nagad, Rocket, Upay, Visa, and Mastercard — to process the transaction. These providers operate under their own privacy policies and are responsible for securing the payment credentials you provide directly to their gateways.
Identity Verification Partners
qc999 may use trusted third-party KYC verification service providers to assist in the identity and age verification process. These providers receive your identity document data solely for the purpose of verification and are not permitted to use it for any other purpose. All KYC partners are contractually bound to maintain confidentiality and data security standards consistent with this Privacy Policy.
Game Studios & Software Providers
Games available on qc999 are provided by third-party studios including Pragmatic Play, Evolution Gaming, PG Soft, JILI, Microgaming, NetEnt, Ezugi, and Spribe. These providers may receive a pseudonymous player identifier and session token to deliver game content, track game outcomes for integrity purposes, and support RNG certification audits. They do not receive your full name, contact details, or financial information.
Legal & Regulatory Disclosure
qc999 may disclose personal data to law enforcement agencies, regulatory bodies, or other government authorities where required to do so by applicable law, court order, or lawful regulatory request. Where permitted, qc999 will notify the affected account holder of such a request prior to disclosure.
Business Transfers
In the event of a merger, acquisition, or sale of all or part of qc999's business, your personal data may be transferred to the acquiring entity as part of the transaction. In such circumstances, qc999 will ensure that the receiving entity is bound by data protection obligations at least as protective as those in this Privacy Policy, and will notify affected players of any material change to data handling practices.
No Third-Party Advertising
qc999 does not share your personal data with advertising networks, social media platforms, or data brokers for the purpose of targeted advertising. Any marketing communications you receive from qc999 are sent by qc999 directly, based solely on your registered contact details and your opted-in marketing preferences.
No Data Sales — Ever
qc999 has never sold player data and does not intend to do so. Your personal information — including your name, email, phone number, and gaming history — is not a commercial asset that qc999 trades or monetises.
Regulated Disclosure Only
The only scenario in which qc999 shares your personal data without your explicit consent is in response to a lawful order from a competent authority — and even then, only the data specifically requested is disclosed.
Trusted payment partners:
Data Retention
qc999 retains your personal data for as long as is necessary to fulfil the purposes for which it was collected, to operate your account, and to comply with our legal and regulatory obligations. The retention periods for different categories of data are outlined below.
| Data Category | Retention Period |
|---|---|
| Account & Registration Data | For the lifetime of your active account, plus 5 years after account closure. |
| KYC & Identity Documents | For the lifetime of your active account, plus 5 years after account closure, in compliance with anti-money laundering record-keeping obligations. |
| Financial Transaction Records | 7 years from the date of each transaction, in compliance with financial record-keeping obligations. |
| Gameplay & Betting History | 5 years from the date of each gaming session or bet placement. |
| Support Communication Records | 3 years from the date of the last interaction, unless the record relates to an unresolved dispute, in which case records are retained until the dispute is fully resolved plus 2 years. |
| Marketing Preference Records | Retained for the lifetime of your account. Opt-out records are retained for 7 years to demonstrate compliance with marketing consent obligations. |
| Technical & Device Logs | 90 days for routine access logs; up to 2 years for logs associated with a fraud investigation or account security incident. |
At the end of each applicable retention period, personal data is securely deleted or anonymised in accordance with qc999's data lifecycle management procedures. Anonymised, aggregated data (which can no longer be linked to an individual) may be retained indefinitely for platform analytics and performance benchmarking.
Account Closure and Data Deletion Requests
If you close your qc999 account, or submit a formal data deletion request, qc999 will delete or anonymise all personal data that is not subject to a mandatory legal retention period. Data subject to financial, legal, or regulatory retention obligations cannot be deleted before the applicable retention period has expired, even upon request. qc999 will inform you of which data has been deleted and which data is subject to mandatory retention when processing your request.
7-Year Financial Records
Transaction data — including all deposits and withdrawals — is retained for a minimum of 7 years. This is a standard financial record-keeping obligation and cannot be waived by individual deletion requests.
Secure Deletion
When data reaches the end of its retention period, qc999 uses secure deletion methods to ensure it cannot be recovered or reconstructed. No residual copies are retained in backup systems beyond the defined retention window.
Data Security
qc999 takes the security of your personal data seriously. We implement a range of technical and organisational measures to protect your data against unauthorised access, disclosure, alteration, loss, or destruction. These measures are reviewed and updated regularly to reflect current best practices in data security.
Technical Security Measures
- TLS/SSL Encryption: All data in transit between your device and qc999.app is encrypted using Transport Layer Security (TLS 1.2 or higher), enforced via a 256-bit SSL certificate.
- Data at Rest Encryption: Sensitive personal data stored on qc999 servers — including identity documents, payment references, and account credentials — is encrypted at rest using AES-256 encryption.
- Password Hashing: Account passwords are never stored in plaintext. All passwords are hashed using a strong one-way cryptographic algorithm before storage.
- Access Controls: Access to systems containing personal data is restricted to authorised personnel only, protected by multi-factor authentication and role-based access controls.
- Intrusion Detection: qc999's infrastructure is monitored 24/7 by automated intrusion detection and prevention systems that flag and respond to anomalous access patterns in real time.
- Regular Security Audits: Our platform and data systems undergo regular security audits and penetration testing conducted by qualified independent security professionals.
Organisational Security Measures
- All qc999 personnel with access to personal data are subject to confidentiality obligations and receive regular data protection training.
- Third-party service providers who process personal data on qc999's behalf are subject to contractual data security requirements and regular compliance reviews.
- A documented incident response plan is in place to address any data security breach swiftly, minim ise harm, and notify affected players where required.
What You Can Do to Stay Secure
While qc999 implements strong security measures on our end, the security of your account also depends on the steps you take to protect your own credentials. We recommend the following:
- Use a strong, unique password for your qc999 account — do not reuse passwords from other websites.
- Never share your qc999 username or password with anyone, including qc999 support staff (we will never ask for your password).
- Log out of your qc999 account when using a shared or public device.
- Enable two-factor authentication (2FA) on your account if prompted or offered.
- Contact [email protected] immediately if you suspect your account has been accessed without your authorisation.
Data Breach Notification
In the event of a personal data breach that poses a risk to your rights and freedoms, qc999 will notify affected players without undue delay — and in any case within 72 hours of becoming aware of the breach — via your registered email address. The notification will describe the nature of the breach, the data affected, the steps qc999 has taken in response, and any recommended actions you should take to protect yourself.
256-Bit SSL Encryption
Every page of qc999.app — not just the login and payment pages — is served over HTTPS with 256-bit SSL encryption. Your browsing activity, account data, and transaction details are always encrypted in transit.
We Will Never Ask for Your Password
No qc999 employee, support agent, or official communication will ever ask for your account password. If you receive such a request, treat it as a phishing attempt and report it to [email protected] immediately.
72-Hour Breach Notification
If a data breach affects your personal information, qc999 is committed to notifying you within 72 hours of becoming aware of the incident, with full details of what occurred and what steps we are taking.
Your Privacy Rights
As a qc999 player, you have a set of rights over your personal data. These rights can be exercised at any time by contacting [email protected]. We aim to respond to all privacy rights requests within 30 calendar days.
Right of Access
You have the right to request a copy of all personal data qc999 holds about you. We will provide this in a structured, commonly used format within 30 days of receiving your verified request.
Right to Rectification
If any personal data qc999 holds about you is inaccurate or incomplete, you have the right to request that it be corrected. Contact support with the correct information and we will update your records promptly.
Right to Erasure
You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected. Certain data subject to legal retention periods cannot be erased before those periods expire.
Right to Restrict Processing
You have the right to request that qc999 restricts the processing of your personal data in certain circumstances — for example, while the accuracy of data is being contested, or while an objection to processing is being assessed.
Right to Data Portability
Where processing is based on your consent or contractual necessity and is carried out by automated means, you have the right to receive your personal data in a structured, machine-readable format and to transmit it to another service.
Right to Object
You have the right to object to qc999 processing your personal data for direct marketing purposes at any time. You may also object to processing based on legitimate interests, and qc999 will cease such processing unless compelling grounds are demonstrated.
How to Exercise Your Rights
To exercise any of the rights described above, send a written request to [email protected] with the subject line "Privacy Rights Request". To protect your privacy, qc999 will require you to verify your identity before processing any access, rectification, or erasure request. Verification is typically completed by confirming details that match your registered account.
qc999 will not charge a fee for processing privacy rights requests in standard circumstances. If a request is manifestly unfounded, excessively repetitive, or unreasonably complex, qc999 reserves the right to charge a reasonable administrative fee or decline to act, with written justification provided to the requestor.
We aim to respond to all privacy rights requests within 30 calendar days. Where a request is particularly complex or where a high volume of requests has been received, we may extend this period by a further 60 days, in which case we will notify you of the extension and the reasons for it within the initial 30-day window.
Changes to This Privacy Policy
qc999 reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data practices, platform features, applicable law, or regulatory requirements. The "Effective Date" at the top of this page will be updated to reflect the date of the most recent revision.
Where a change to this Privacy Policy materially affects how we collect, use, or share your personal data, qc999 will provide advance notice of the change via your registered email address or via a prominent notice on the qc999.app platform, typically no fewer than 7 calendar days before the change takes effect. Non-material changes — such as corrections to typographical errors, clarifications of existing practices, or formatting updates — may be made without advance notice.
Your continued use of qc999.app after the effective date of any updated Privacy Policy constitutes your acknowledgement of the revised policy. If you do not agree with the changes, you may request account closure and the deletion of any personal data not subject to mandatory retention by contacting [email protected] before the changes take effect.
We encourage you to review this Privacy Policy periodically to stay informed about how qc999 protects and uses your personal data. If you have any questions about this Privacy Policy, any proposed changes, or any aspect of qc999's data practices, our support team is available 24 hours a day, 7 days a week and will respond to all formal privacy enquiries within 24 hours.
Questions About This Policy
For any questions, concerns, or formal privacy rights requests relating to this Privacy Policy or qc999's data practices, contact our support team at [email protected]. We respond to all privacy enquiries within 24 hours.
Policy Version Control
Each version of this Privacy Policy is archived internally. If you need to review a previous version of the policy that was in effect during a specific period, contact support with your request and the relevant date range.
Your Privacy Is Protected — Now Let's Play
You've read how qc999 safeguards your personal data. Now explore Bangladesh's most trusted online casino platform — with fast bKash and Nagad payments, premium slots, live casino, and cricket betting.