Privacy Policy — demojili
Your privacy matters to us. This Privacy Policy explains exactly what personal data demojili collects, why we collect it, how it is used and protected, and the rights you hold as a player registered on our platform in Bangladesh.
Your Privacy at demojili
A plain-English overview of how we handle your personal information on Bangladesh's trusted casino platform.
At demojili, we are committed to safeguarding the privacy and personal data of every player who registers on our platform. This Privacy Policy has been drafted to give you a clear, honest, and complete picture of how demojili collects, processes, stores, shares, and protects information about you — and to describe the rights you hold in relation to that information under applicable data-protection principles.
demojili operates as an online casino and sports betting platform serving players across Bangladesh, including Dhaka, Chittagong, Sylhet, Khulna, Rajshahi, Barisal, Rangpur, Mymensingh, and Cox's Bazar. Given the nature of our services — real-money gaming, financial transactions via bKash, Nagad, Rocket, and Upay, and identity verification — the collection of certain personal data is an unavoidable operational necessity. We process personal data only to the extent required to deliver our services safely, fairly, and responsibly.
By registering an account on demojili, you acknowledge that you have read this Privacy Policy in full and that you consent to the collection and use of your data as described herein. If you do not agree with any part of this policy, please do not register an account or continue using the platform.
This Privacy Policy should be read alongside our Terms & Conditions and our Responsible Gaming Policy, both of which form part of the overall legal framework governing your use of demojili.
Data Minimisation
We collect only the personal data that is strictly necessary for account creation, identity verification, financial transactions, and legal compliance. No superfluous data is gathered.
No Sale of Personal Data
demojili does not sell, rent, or trade your personal information to third-party marketers or data brokers — ever. Your data is used solely to operate and improve our platform.
SSL Encryption
All data transmitted between your browser and demojili is protected by industry-standard TLS/SSL encryption, ensuring that your personal and financial data cannot be intercepted in transit.
Your Rights, Respected
You have the right to access, correct, and request deletion of your personal data. Our support team is available 24/7 to handle all data-rights requests promptly and transparently.
Secure Data Storage
Your personal data is stored on secure, access-controlled servers. Strict internal access policies ensure that only authorised personnel can access player data on a need-to-know basis.
Defined Retention Periods
We retain personal data only for as long as necessary for the purposes it was collected or as required by applicable legal and regulatory obligations, after which it is securely deleted.
1. Data We Collect
The categories of personal data demojili collects and the circumstances in which each category is gathered.
demojili collects personal data through several channels: directly from you when you register, interact with, or transact on our platform; automatically through cookies and tracking technologies as you browse; and from trusted third-party sources used for identity verification and fraud prevention. The specific categories of data we collect are described below.
1.1 Registration and Account Data
When you create a player account on demojili, we collect the following information:
- Full legal name (as it appears on your government-issued identity document)
- Date of birth (for mandatory age-verification purposes)
- Residential address in Bangladesh
- Email address (used for account communications and verification)
- Mobile phone number (used for OTP-based two-factor authentication and SMS notifications)
- Username and encrypted password
- Preferred currency (Bangladeshi Taka, BDT)
- Preferred language (English or Bengali)
1.2 Identity Verification Data (KYC)
As part of our Know Your Customer (KYC) obligations and age-verification requirements, we may request and process copies of the following documents:
- National Identity Card (NID) issued by the Bangladesh Election Commission
- Valid passport (biographical data page)
- Bangladesh Driving Licence (front and back)
- Proof of residential address (utility bill, bank statement, or mobile financial service statement dated within 90 days)
- Proof of payment method ownership (screenshot or statement from bKash, Nagad, Rocket, Upay, or bank account)
- Source-of-funds documentation for high-value transactions where required by our anti-money-laundering (AML) policy
1.3 Financial Transaction Data
When you make a deposit or request a withdrawal, we collect and retain records of:
- Deposit and withdrawal amounts in BDT (৳)
- Payment method used (bKash, Nagad, Rocket, Upay, Visa, Mastercard, or bank transfer)
- Transaction timestamps and unique transaction reference numbers
- Partial payment-method identifiers (e.g., last four digits of a card, or the mobile number registered to your bKash/Nagad account)
- Running account balance history
1.4 Gaming Activity Data
- Games played, bet amounts, and game outcomes
- Session start and end times, session durations, and frequency of play
- Bonus claims, wagering progress, and loyalty points accumulated
- Sports betting selections, odds accepted, and bet settlement results
- Responsible gaming tool usage (deposit limits, session limits, self-exclusion requests)
1.5 Technical and Device Data
We automatically collect certain technical data when you access demojili:
- IP address and approximate geolocation (country and city level, derived from IP)
- Device type, operating system, and browser type and version
- Screen resolution and device language settings
- Referring URL (the page you navigated from to reach demojili)
- Pages visited, features accessed, and time spent on each section of the platform
- Cookie identifiers and session tokens (see Section 4 for full cookie details)
1.6 Communications Data
When you contact our support team via live chat, email, or any other channel, we retain records of the content and metadata of those communications for quality-assurance and dispute-resolution purposes. This includes the date and time of contact, the nature of the query or complaint, and any resolution reached.
Sensitive Data: demojili does not intentionally collect sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, health data (beyond responsible gaming self-assessments), or biometric data. If you voluntarily disclose sensitive information in a support conversation, it will be handled with the highest level of care and used only to resolve your query.
2. How We Use Your Data
The specific purposes for which demojili processes your personal data, and the legal basis for each.
demojili processes your personal data for clearly defined purposes. We do not use your data for any purpose that is incompatible with the reasons for which it was originally collected. The table below summarises our key processing activities, the data categories involved, and the legal basis on which we rely.
| Processing Purpose | Data Categories Used | Legal Basis |
|---|---|---|
| Account creation and management | Registration data, contact details | Contract performance |
| Age and identity verification (KYC) | KYC documents, date of birth | Legal obligation |
| Payment processing | Financial transaction data, payment method details | Contract performance |
| Anti-money-laundering (AML) compliance | Financial data, KYC documents, transaction history | Legal obligation |
| Fraud detection and prevention | Technical/device data, gaming activity, IP address | Legitimate interest |
| Delivering gaming services | Gaming activity data, account data | Contract performance |
| Responsible gaming monitoring | Gaming activity, session data, self-assessment data | Legal obligation / legitimate interest |
| Customer support and dispute resolution | Communications data, account data, transaction data | Contract performance / legitimate interest |
| Marketing communications | Contact details, gaming activity, preferences | Consent (opt-in only) |
| Platform analytics and improvement | Technical data, usage data (anonymised where possible) | Legitimate interest |
Marketing Communications
demojili will only send you promotional emails, SMS messages, or push notifications if you have actively opted in to receive marketing communications during the registration process or via your Account Settings. You may withdraw your consent and opt out of all marketing communications at any time by updating your notification preferences in Account Settings, or by contacting our support team via live chat. Opting out of marketing will not affect your ability to use the platform or receive essential transactional communications (such as deposit confirmations, withdrawal notifications, and security alerts).
Seasonal Promotions: During major Bangladeshi events — including Eid, Pohela Boishakh, BPL season, and ICC T20 tournaments — we may send targeted promotional offers to opted-in players. These communications are personalised based on your gaming activity and preferences, and you can opt out at any time.
3. Data Sharing and Disclosure
The limited circumstances in which demojili may share your personal data with third parties.
demojili does not sell, rent, or trade your personal data. We share personal data with third parties only where strictly necessary for the operation of our platform or where required by law. The categories of third parties with whom data may be shared are described below.
3.1 Payment Service Providers
To process deposits and withdrawals, we share the minimum necessary financial data with our payment partners, which include bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, BRAC Bank, Islami Bank, Sonali Bank, Visa, and Mastercard. These providers process your transaction data solely for the purpose of completing your payment instruction and are contractually prohibited from using your data for any other purpose.
3.2 Identity Verification and KYC Partners
We use trusted third-party identity verification services to assist with the processing of KYC documents and age verification. These partners act as data processors on our behalf and may only use the data shared with them for the specific verification task for which they have been engaged. All such partners are bound by strict data-processing agreements and are required to maintain equivalent standards of data security.
3.3 Game Software Providers
To deliver the games on our platform — including those supplied by Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi — limited technical session data (such as a pseudonymous player identifier and game-session token) is shared with the relevant game studio. This data enables the game to function correctly and to record bet and win outcomes for settlement purposes. Game providers do not receive your full name, NID details, or payment information.
3.4 Regulatory and Law-Enforcement Authorities
demojili may be required by law, court order, or regulatory direction to disclose personal data to competent authorities. Where such a requirement arises, we will disclose only the data specifically requested and will, where legally permissible, notify the affected player of the disclosure request. We will not disclose data to any authority that does not have a valid legal basis for requesting it.
3.5 Professional Advisors
In connection with corporate transactions, legal proceedings, or audits, demojili may share personal data with lawyers, accountants, auditors, and other professional advisors who are subject to binding confidentiality obligations. Data shared in this context is used solely for the professional services purpose for which it was provided.
No Cross-Border Transfers Without Safeguards: Any transfer of personal data outside Bangladesh will only be undertaken where adequate safeguards are in place — including contractual data-protection clauses equivalent to those required under applicable law — to ensure that your data receives the same level of protection regardless of where it is processed.
4. Cookies and Tracking Technologies
How demojili uses cookies and similar technologies, and how you can manage your preferences.
demojili uses cookies and similar tracking technologies (such as web beacons and local storage objects) to operate the platform, remember your preferences, maintain your login session, and gather analytics data that helps us improve the service. This section explains the types of cookies we use and the purpose of each.
| Cookie Category | Purpose | Duration | Can Be Disabled? |
|---|---|---|---|
| Strictly Necessary | Maintain your login session, store your basket/balance state, enable security features like CSRF protection | Session / up to 24 hrs | No — platform will not function without these |
| Functional / Preference | Remember your language preference, display settings, responsible gaming limits, and last-visited game category | Up to 12 months | Yes — disabling reduces personalisation |
| Analytics | Measure page views, feature usage, error rates, and user-flow patterns to improve the platform (data is anonymised or pseudonymised) | Up to 13 months | Yes — opt out via Cookie Settings |
| Marketing / Retargeting | Deliver relevant promotional offers based on your activity and interests (only if you have opted in to marketing communications) | Up to 30 days | Yes — opt out via Cookie Settings or Account Settings |
Managing Your Cookie Preferences
You can review and update your cookie preferences at any time by accessing the Cookie Settings panel available in your Account Settings. In addition, most modern browsers allow you to block or delete cookies through the browser's privacy settings. Please note that disabling strictly necessary cookies will prevent the platform from functioning correctly, and you may be unable to log in or complete transactions.
For players using mobile browsers in Bangladesh — including Chrome for Android, Samsung Internet, and Firefox Mobile — cookie management is available through the browser's site settings menu. Clearing your browser's cache and cookie storage will remove all first-party cookies set by demojili, but you will then need to log in again on your next visit.
5. Data Retention
How long demojili retains your personal data, and what happens to it when the retention period expires.
demojili retains personal data only for as long as is necessary for the purposes set out in this Privacy Policy, or as required to comply with applicable legal, regulatory, tax, or accounting obligations. The following retention schedules apply:
- Active account data: Retained for the full duration of your account's active status plus a minimum of 5 years after the date of account closure, to satisfy AML record-keeping requirements.
- KYC and identity verification documents: Retained for a minimum of 5 years following the completion of verification or account closure, in line with financial-crime compliance obligations.
- Financial transaction records: Retained for a minimum of 5 years from the date of each transaction, as required for audit and regulatory purposes.
- Gaming activity logs: Retained for a minimum of 3 years from the date of each gaming session, used for dispute resolution and responsible gaming monitoring.
- Customer support communications: Retained for 2 years from the date of the last communication in each support thread, for quality assurance and complaint-handling purposes.
- Marketing preferences and consent records: Retained for the duration of your account plus 3 years following account closure, as evidence of the consent basis on which communications were sent.
- Analytics and technical data: Retained in anonymised or aggregated form for up to 13 months, after which individual-level data is deleted or further anonymised.
Once the applicable retention period has expired, personal data is securely deleted or irreversibly anonymised. Anonymised data — from which it is not possible to identify an individual — may be retained indefinitely for statistical and research purposes without restriction.
Legal Hold: In the event of ongoing litigation, regulatory investigation, or law-enforcement inquiry involving your account, demojili may apply a legal hold to your data, suspending the scheduled deletion until the matter is resolved. You will be notified of any legal hold affecting your data where we are legally permitted to do so.
6. Data Security
The technical and organisational measures demojili uses to protect your personal data from unauthorised access or loss.
demojili takes the security of your personal data seriously and has implemented a range of technical and organisational security measures designed to protect your data against unauthorised access, disclosure, alteration, loss, or destruction. Our key security measures include:
- TLS/SSL Encryption in Transit: All data transmitted between your device and demojili's servers is encrypted using TLS 1.2 or higher, ensuring that your login credentials, payment details, and personal information cannot be intercepted during transmission.
- Encryption at Rest: Sensitive data stored on our servers — including identity documents and payment-method details — is encrypted at rest using AES-256 encryption.
- Password Hashing: Account passwords are never stored in plain text. We use industry-standard one-way hashing algorithms with salting to protect your password in the event of a data breach.
- Two-Factor Authentication (2FA): We strongly recommend that all players enable 2FA on their accounts. When enabled, a one-time password is sent to your registered mobile number each time you log in from a new device or location.
- Access Controls: Internal access to player data is restricted to authorised demojili personnel who have a legitimate need to access that data in the performance of their duties. Access is granted on a least-privilege basis and is subject to regular review.
- Fraud Monitoring: Our platform employs automated systems to detect and flag suspicious activity — including unusual login patterns, atypical transaction behaviour, and potential account-sharing — in real time.
- Penetration Testing: demojili conducts regular security assessments and penetration tests to identify and remediate vulnerabilities before they can be exploited.
Despite these measures, no online platform can guarantee absolute security. In the event of a data breach that is likely to result in a high risk to the rights and freedoms of players, demojili will notify affected players without undue delay and will take all reasonable steps to contain the breach and prevent further harm.
Your Responsibility: You also play an important role in keeping your account secure. Use a strong, unique password for your demojili account, do not share your login credentials with anyone, and contact our support team immediately if you suspect unauthorised access to your account. demojili will never ask for your password via email, live chat, or phone.
7. Your Rights
The rights you hold in relation to your personal data held by demojili, and how to exercise them.
As a player registered on demojili, you have a number of rights in relation to the personal data we hold about you. These rights are described below. To exercise any of these rights, please contact our Data Privacy team via live chat or by emailing with the subject line "Data Rights Request".
We will respond to all data-rights requests within 30 days of receipt. In complex cases, this period may be extended by a further 60 days, in which case we will notify you of the extension and the reason for it within the initial 30-day window. We will not charge a fee for handling data-rights requests unless they are manifestly unfounded or excessive.
Please note that certain rights are subject to exceptions. For example, the right to erasure does not apply where demojili is required by law to retain the data in question — such as the 5-year AML record-keeping obligation described in Section 5. Where an exception applies, we will explain the reason in our response.
8. Third-Party Services
How demojili interacts with third-party service providers and what this means for your privacy.
The demojili platform integrates with a number of carefully selected third-party service providers to deliver a complete gaming and betting experience. Each provider has been assessed for data-security compliance before integration, and all are bound by contractual data-processing obligations. The key third-party categories are described below.
8.1 Game Content Providers
demojili hosts games from leading studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. When you launch a game, your device communicates directly with that studio's game server. The studio receives a pseudonymous session token and the game-specific data required to run the session (bet size, selected game parameters, outcome data). Game studios do not receive your full personal profile, payment details, or KYC documents. Each studio maintains its own privacy practices, which are governed by their respective privacy policies.
8.2 Payment Processors
Payment transactions are processed through the APIs of our payment partners — bKash, Nagad, Rocket, Upay, and card-processing networks. When you initiate a payment, the transaction data is transmitted directly to the relevant payment processor over an encrypted connection. demojili does not store your full card numbers or mobile banking PINs. Payment processors are independently certified to applicable security standards and maintain their own privacy and security programmes.
8.3 Analytics Providers
demojili uses analytics tools to understand how players interact with the platform — which features are most used, where users encounter difficulty, and how the platform can be improved. Analytics data is collected in a pseudonymised or aggregated form. We do not permit analytics providers to use this data for their own commercial purposes or to share it with third parties outside the scope of their engagement with us.
8.4 Links to Third-Party Websites
This Privacy Policy applies solely to the demojili platform. Our platform does not contain links to third-party websites. Should you independently navigate to any external site, please review that site's own privacy policy, as demojili accepts no responsibility for the data practices of any third party outside our platform.
9. Children's Privacy
demojili is strictly an 18+ platform. We do not knowingly collect data from anyone under the age of 18.
18+ demojili is an adult-only gambling platform. Our services are strictly intended for individuals who are 18 years of age or older. We do not knowingly collect, process, or retain personal data from anyone under the age of 18.
As part of our mandatory age-verification process, all new players must confirm their date of birth during registration, and we require KYC documentation confirming that the account holder is aged 18 or above before any real-money gaming or financial transactions are permitted. Accounts for which age verification cannot be completed will be suspended pending receipt of valid documentation.
If demojili becomes aware that a person under the age of 18 has registered an account or provided personal data to us, we will immediately suspend that account, delete all associated personal data, and reverse any financial transactions made from that account where technically and legally possible. If you believe that a minor may have created an account on demojili, please contact us immediately at so that we can take prompt action.
We encourage parents and guardians to make use of parental control software to prevent minors from accessing online gambling platforms. For more information on responsible gambling tools available to players and their families, please visit our Responsible Gaming page.
Parental Controls: If you share a device with a minor, please ensure your demojili account is protected with a strong password and that you log out fully after each session. demojili accepts no liability for access by minors that results from a failure to secure account credentials on a shared device.
10. Policy Updates
How and when demojili may update this Privacy Policy, and how you will be informed of changes.
demojili reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data-processing practices, applicable law, or the services we offer. When we make material changes to this policy, we will notify registered players by email (sent to the address associated with your account) and by displaying a prominent notice on the demojili platform for a minimum of 30 days following the update.
The "Last updated" date at the top of this page will always reflect the date on which the current version of the Privacy Policy came into effect. Minor changes — such as corrections of typographical errors or clarifications that do not affect the substance of the policy — may be made without formal notice, and the updated date will be revised accordingly.
Your continued use of the demojili platform after the effective date of a revised Privacy Policy constitutes your acceptance of the updated terms. If you do not agree with the changes, you should stop using the platform and request account closure by contacting our support team. We will process any data-rights requests arising from account closure in accordance with the terms of this policy and applicable law.
We recommend that you review this Privacy Policy periodically to stay informed about how demojili is protecting your personal data. Previous versions of the Privacy Policy are available on request by contacting .
11. Contact Us
How to reach the demojili Data Privacy team for questions, requests, or complaints about your personal data.
If you have any questions about this Privacy Policy, wish to exercise any of your data-subject rights, or have a concern about the way in which demojili has handled your personal data, please contact us through any of the following channels:
- Email: (subject line: "Privacy / Data Rights Request")
- Live Chat: Available directly on the demojili platform, 24 hours a day, 7 days a week
- Response Time: Average first response within 2–5 minutes via live chat; email responses within 1–3 business days (Bangladesh Standard Time, UTC+6)
Our Data Privacy team is staffed by agents fluent in both English and Bengali, ensuring that all privacy-related queries from players across Bangladesh are handled clearly and effectively. We are committed to acknowledging all data-rights requests within 5 business days and providing a substantive response within the statutory 30-day window.
demojili takes all privacy complaints seriously. If you are dissatisfied with our handling of a privacy concern after raising it with our support team, you have the right to escalate the matter to the relevant data-protection authority in your jurisdiction.
Ready to Play at demojili?
Now that you know how we protect your data, explore everything demojili has to offer — from live cricket betting and premium slots to live dealer tables and exclusive VIP bonuses.