SapphireBet Privacy Policy

What SapphireBet may collect

• Identification data: full name, date of birth, nationality, NID/Passport details, address, verification documents and photos/selfies for KYC.
• Contact data: email, phone number, in-app or chat communications.
• Account data: username, settings, responsible gambling limits, self-exclusion status, security logs.
• Transaction and payment data: deposits, withdrawals, bank details, card tokens, mobile financial services (e.g., bKash, Nagad), billing records. Full card numbers are not stored; tokenization is used where available.
• Technical data: IP address, device identifiers, operating system, browser type, cookie IDs, usage logs, approximate location inferred from IP.
• Compliance and risk data: sanctions screening results, PEP status, fraud indicators, dispute records.
• Support and communications: chat transcripts, email threads, call recordings where permitted by law.

Why this information is collected:

• To provide and operate the services and manage the user account.
• To verify identity, prevent fraud, and meet AML/CFT requirements.
• To process payments and withdrawals securely.
• To support responsible gambling tools and user protections.
• To improve online performance, security, and user experience through analytics.

Protection measures:

• TLS encryption in transit and encryption at rest for personal data.
• Role-based access controls, MFA for staff, and least-privilege principles.
• Network segregation, firewalls, anti-fraud monitoring, and logging.
• Vendor due diligence and data processing agreements for suppliers.
• Secure development lifecycle, vulnerability testing, and periodic audits.
• Incident response plan and breach notification to users and authorities where required.
• Data minimisation, retention schedules, and structured deletion/anonymisation.

User rights:

• Access a copy of personal data.
• Request correction of inaccurate information.
• Request deletion, subject to legal retention duties.
• Object to or restrict certain processing.
• Withdraw consent where processing is based on consent.
• Request portability in a commonly used format, where applicable

SapphireBet uses personal data for lawful, fair, and transparent purposes:

• Account and service delivery. Create and manage user accounts, verify eligibility, and provide online services.
• Transactions. Process deposits and withdrawals, detect payment anomalies, and provide receipts.
• Security and compliance. Conduct KYC/AML checks, sanctions screening, fraud prevention, and risk scoring.
• Responsible gambling. Apply limits, self-exclusion, and affordability controls requested by the user.
• Support and operations. Provide customer support, resolve disputes, and maintain service integrity.
• Analytics and improvement. Analyse site performance and user interactions to improve functionality and reliability.
• Marketing communications. Send service updates and, where permitted by law and consent, marketing messages; users can opt out at any time.
• Legal obligations. Meet tax, accounting, and regulatory reporting duties.

How users can exercise rights

• Access: review personal data in Account/Profile where available or request a copy via privacy@sapphirebet.com.
• Update: edit profile details or submit a correction request; supporting documents may be required.
• Deletion: request account closure and deletion. Certain records may be retained for legal, tax, fraud-prevention, or AML reasons; remaining data will be anonymised or securely destroyed.

• The services are intended for persons aged 18 and over.
• SapphireBet cannot determine a user’s age without supporting documents. If it becomes aware that a minor has provided personal data, the account will be suspended and information removed as permitted by law.
• Parents or guardians may contact privacy@sapphirebet.com to request deletion of a minor’s information. Proof of relationship will be required.

• Personal data may be transferred to and processed in countries outside Bangladesh where SapphireBet or its partners, processors, or servers operate.
• Appropriate safeguards are applied, such as Standard Contractual Clauses, confidentiality obligations, encryption, and access controls.
• By using the services, the user consents to international transfer and processing for the purposes described in this policy.
• SapphireBet requires all partners to maintain confidentiality and protect information in line with this policy and applicable law.

• This section clarifies the scope and effect of the rules in this policy. It does not limit statutory rights that cannot be waived under applicable law.
• If any provision conflicts with mandatory law, the mandatory rule prevails, and the remaining policy remains effective.
• The policy applies when the user accepts it by signature (where applicable), online acceptance, or accession through account creation or continued use of the services.
• SapphireBet may update this policy to reflect legal or operational changes. The latest version governs the processing of personal information.

Cookies are small text files placed on a device by websites to store information and recognise the browser. Purposes:

• Statistics and analytics to understand site usage and performance.
• Behaviour analysis to detect fraud and improve security.
• Personalisation of settings and content relevant to the user.
• Site improvement through aggregated, non-identifying insights.

• Using SapphireBet indicates full acceptance of this Privacy Policy and any document referenced by it.
• The current online version prevails over any previous versions.
• If changes are material, SapphireBet will provide reasonable notice. Continued use after updates indicates acceptance of the revised policy.

Sharing scenarios:

• Legal and compliance: law enforcement, courts, regulators, tax authorities, and dispute resolution bodies when legally required or to establish, exercise, or defend legal claims.
• Payments: banks, card schemes, and mobile financial service providers (e.g., bKash, Nagad) to process transactions.
• KYC/AML and fraud prevention: identity verification vendors, sanctions screening, and risk-scoring providers.
• Technology and operations: hosting providers, cloud services, analytics platforms, customer support tools, communication providers, and security monitoring services.
• Group companies and authorised partners: for account management, support, and reporting under written agreements.

• The websites may include links to external websites and services that have their own privacy policies. SapphireBet is not responsible for how those sites collect, use, or disclose personal data.
• Users should review the privacy policy of any external site before submitting personal information. Use of external sites is at the user’s discretion and risk.