Privacy Policy — kriya 11
At kriya 11, the privacy and security of every player's personal data is a fundamental obligation, not an afterthought. This Privacy Policy explains exactly what information we collect when you use our platform, why we collect it, how we store and protect it, and the rights you have over your own data. We are committed to being transparent about our data practices and to handling your information with the highest standards of care.
How kriya 11 Protects Your Privacy
These six principles underpin every data decision we make at kriya 11. They are not aspirational statements — they are operational commitments backed by the technical and procedural controls described in this policy.
1. Information We Collect
When you interact with the kriya 11 platform — whether by registering an account, making a deposit, placing a bet, or simply browsing — we collect certain categories of personal and technical information. The following table provides a comprehensive overview of what we collect and the lawful basis for doing so.
1.1 Information You Provide Directly
| Data Category | Specific Items | Collected At |
|---|---|---|
| Registration Data | Mobile phone number, date of birth, chosen username, password (stored as a salted hash — never in plain text) | Account registration |
| Identity Verification (KYC) | Full legal name, national ID number, passport number, date of birth, residential address, photograph | KYC verification request |
| Financial Data | bKash / Nagad / Rocket wallet numbers, Visa / Mastercard last-4 digits and expiry, bank account identifiers for Dutch-Bangla Bank / BRAC Bank transfers | First deposit and each subsequent transaction |
| Communications | Live chat transcripts, support email content, dispute correspondence, feedback submissions | Any support interaction |
| Preferences | Responsible gaming limit settings, notification preferences, self-exclusion requests | Account Settings updates |
1.2 Information Collected Automatically
When you access kriya 11 through a web browser or mobile device, our servers and analytics systems automatically record the following technical data:
- Device Information: Device type, operating system, browser type and version, screen resolution, and device language settings.
- Network Information: IP address, approximate geolocation derived from IP (city/region level — we do not use GPS), mobile network operator, and connection type.
- Usage Data: Pages visited, time spent on each page, game sessions initiated, bets placed, buttons clicked, and navigation paths through the platform.
- Session Data: Login timestamps, session duration, logout events, and failed login attempts.
- Performance Data: Page load times, error reports, and crash logs — used exclusively to diagnose and improve platform stability.
1.3 Information from Third Parties
In limited circumstances, kriya 11 may receive personal data about you from third-party sources, including:
- Payment Processors: When you initiate a deposit via bKash, Nagad, Rocket, Upay, Visa, or Mastercard, the payment processor confirms transaction status, amount, and payer identity to our financial system. We receive only the minimum data necessary to credit your account and verify payment ownership.
- Identity Verification Providers: Where we use a third-party KYC service to verify government-issued identity documents, that provider returns a verification result and a redacted identity summary. The full document image is processed by the KYC provider and is not stored on kriya 11 servers beyond what is required for audit purposes.
- Fraud Detection Services: Our third-party fraud detection partner may share risk signals (such as a flagged IP address or a device previously associated with fraudulent activity) to assist our compliance team in protecting the platform and legitimate players.
2. How We Use Your Data
kriya 11 processes personal data only for clearly defined, legitimate purposes. We do not use your data for any purpose that is incompatible with the purpose for which it was originally collected. The following outlines how each category of data is used and the legal basis on which we rely.
2.1 Service Delivery
The primary purpose for which we process your data is to provide and operate the kriya 11 platform. This includes:
- Creating and maintaining your account, including processing your registration details and mobile number verification.
- Accepting deposits, processing withdrawals, and maintaining accurate records of your account balance in Bangladeshi Taka (BDT).
- Processing your bets and game stakes, settling results, and crediting winnings to your account.
- Providing 24/7 customer support via live chat, including routing your query to the correct team and maintaining chat history for continuity.
- Enforcing our Responsible Gaming commitments, including applying deposit limits, loss limits, time-out periods, and self-exclusion restrictions that you have set for your account.
2.2 Legal & Compliance Obligations
Certain processing activities are required by law or are necessary to protect the platform against financial crime:
- Age Verification: We are legally and ethically obligated to verify that all players are at least 18 years of age. Registration data and KYC documents are processed specifically to fulfil this obligation.
- Anti-Money Laundering (AML): We monitor transaction patterns and account activity to detect and report suspicious financial behaviour in accordance with applicable financial crime prevention obligations.
- Fraud Prevention: We process device data, IP addresses, and betting patterns to identify and prevent fraudulent activity, collusion, and unauthorised access.
- Record Keeping: Financial transaction records, KYC documents, and bet history are retained for audit and legal compliance purposes for a minimum of 5 years following account closure.
2.3 Platform Improvement
Aggregated and anonymised usage data helps us improve the kriya 11 experience for all players. This includes analysing which games are most popular among Bangladeshi players, identifying navigation friction points, optimising page load performance on mobile networks common in Dhaka, Chittagong, and Sylhet, and testing new features before a full release. This processing is carried out on anonymised datasets where individual players cannot be identified.
2.4 Communications & Promotions
With your consent, we may send you promotional communications about new games, BPL cricket betting markets, Eid and Pohela Boishakh bonus offers, and other platform news via SMS or in-platform notifications. You can withdraw this consent at any time through your Account Settings or by contacting support. Withdrawal of consent for marketing communications does not affect our ability to send you transactional messages (e.g., deposit confirmations, withdrawal processing updates, security alerts) which are sent as a necessary part of service delivery.
3. Data Sharing & Third Parties
kriya 11 does not sell, rent, or trade your personal data. We share your information only in the limited circumstances described below, and only with parties who are contractually obligated to protect it to the same standard as kriya 11.
3.1 Service Providers
We work with a small number of carefully selected third-party service providers who process data on our behalf in order to operate the platform. These include:
- Payment Processors: bKash, Nagad, Rocket, Upay, Visa, Mastercard, Dutch-Bangla Bank, and BRAC Bank receive the transaction data necessary to process deposits and withdrawals. Each provider operates under its own privacy policy and regulatory framework.
- KYC & Identity Verification: Our KYC partner receives your submitted identity documents to perform automated and manual verification checks. This partner is bound by strict data processing agreements and may not use your documents for any other purpose.
- Game Studios: Game content providers such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Ezugi, and Spribe receive anonymised session identifiers necessary to operate their game engines within the kriya 11 platform. These providers do not receive your full name, mobile number, or financial details.
- Cloud Infrastructure: kriya 11 uses cloud hosting services to run its platform. Servers process and store player data in secure data centre environments. Our hosting providers are contractually prohibited from accessing or using player data for their own purposes.
- Fraud Detection: Our fraud detection partner receives device fingerprints, IP addresses, and behavioural signals to identify suspicious activity. No financial account details are shared with this partner.
3.2 Legal Disclosures
kriya 11 may disclose personal data to law enforcement agencies, regulatory bodies, or courts where required to do so by applicable law, valid legal process, or a binding government order. In such cases, we will disclose the minimum information necessary to comply with the legal obligation. Where legally permitted, we will notify the affected player before disclosure.
3.3 Business Transfers
In the event of a merger, acquisition, or sale of all or a substantial portion of kriya 11's assets, player data may be transferred to the acquiring entity as part of the transaction. In such an event, kriya 11 will notify registered players via the platform notification system at least 30 days before any such transfer and will ensure the acquiring entity commits to honouring the terms of this Privacy Policy or providing equivalent protection.
5. Data Security & Storage
kriya 11 implements a layered security architecture designed to protect your personal data against unauthorised access, disclosure, alteration, and destruction. Our security measures are reviewed and updated on a regular basis to address emerging threats.
5.1 Technical Security Measures
- Encryption in Transit: All data exchanged between your device and our servers is encrypted using TLS 1.2 or higher (256-bit encryption). This applies to account login, deposits, withdrawals, and all in-platform activity.
- Encryption at Rest: Sensitive personal data fields — including identity document references, payment account identifiers, and KYC results — are encrypted within our database using AES-256 encryption.
- Password Storage: Passwords are never stored in plain text. They are hashed using a strong, industry-standard cryptographic algorithm with per-user salt values so that even a database breach cannot expose your actual password.
- Two-Factor Authentication (2FA): Players are strongly encouraged to enable 2FA on their accounts. When 2FA is active, logging in requires both your password and a one-time code sent to your registered mobile number, significantly reducing the risk of unauthorised access.
- Intrusion Detection: Our servers are monitored 24/7 by automated intrusion detection systems that flag and alert our security team to anomalous access patterns in real time.
- Penetration Testing: kriya 11 engages independent security researchers to conduct periodic penetration testing of the platform. Findings are remediated according to severity priority within defined SLA timeframes.
5.2 Organisational Security Measures
- Access to systems containing personal data is restricted on a strict need-to-know basis. Staff are granted the minimum permissions necessary for their role.
- All staff with access to personal data undergo background checks and regular data protection awareness training.
- Data access events are logged and audited regularly. Unauthorised access attempts are treated as a serious disciplinary and potentially legal matter.
5.3 Data Breach Response
In the unlikely event of a data breach that poses a risk to your rights and freedoms, kriya 11 will notify affected players without undue delay via the platform notification system and, where applicable, by SMS to the registered mobile number. The notification will describe the nature of the breach, the categories of data affected, and the steps we are taking to address it. We will also take immediate remedial action to contain the breach and prevent recurrence.
6. Data Retention Policy
kriya 11 retains personal data only for as long as is necessary to fulfil the purposes for which it was collected, to comply with applicable legal and regulatory obligations, and to resolve disputes or enforce our agreements. The following retention periods apply:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account & Registration Data | Duration of account + 5 years after closure | Legal audit obligations, dispute resolution |
| KYC / Identity Documents | Duration of account + 5 years after closure | AML regulatory requirements |
| Financial Transaction Records | 7 years from transaction date | Financial record-keeping obligations |
| Bet & Game History | 5 years from date of event | Dispute resolution, RTP audit |
| Support Chat Transcripts | 3 years from conversation date | Service quality, dispute evidence |
| Marketing Preferences | Until consent withdrawn + 1 year | Proof of consent record |
| Technical / Usage Logs | 13 months from collection | Platform performance, fraud analysis |
When a retention period expires, personal data is securely deleted or anonymised in a manner that prevents reconstruction of the original information. Anonymised data may be retained indefinitely for statistical and research purposes where no individual can be identified from it.
7. Your Privacy Rights
As a kriya 11 player, you have the following rights in respect of the personal data we hold about you. These rights can be exercised free of charge by contacting our Privacy Team using the details in Section 8.
7.1 Right of Access
You have the right to request a copy of all personal data that kriya 11 holds about you, along with information about how it is being used. We will respond to verified access requests within 30 days. The response will include a structured summary of your data in a commonly used, machine-readable format.
7.2 Right to Rectification
If any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct it. For most account details (such as your registered name or address), you can make corrections directly through Account Settings. For data held in compliance records (such as KYC documents), corrections must be requested via the Privacy Team and will be subject to re-verification.
7.3 Right to Erasure
You may request that kriya 11 delete your personal data where it is no longer necessary for the purposes for which it was collected, where you withdraw consent (and there is no other lawful basis for processing), or where the data has been processed unlawfully. Please note that the right to erasure is not absolute — we may be required to retain certain data to comply with legal obligations (such as AML record-keeping requirements) even after you close your account.
7.4 Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, machine-readable format (such as JSON or CSV) so that you can transfer it to another service provider. This right applies to data you have provided directly to kriya 11 and which is processed on the basis of your consent or for the performance of a contract.
7.5 Right to Object & Restrict Processing
You have the right to object to processing of your personal data for direct marketing purposes — this objection is absolute and we will stop processing your data for marketing immediately upon receipt of a valid objection. You also have the right to request restriction of processing in certain circumstances, such as while a dispute about the accuracy of your data is being resolved.
8. Privacy Contact & Complaints
8.1 Privacy Team Contact
For all privacy-related enquiries, data rights requests, or concerns about how kriya 11 handles your personal data, please contact our Privacy Team:
- Email: [email protected] (subject line: "Privacy Enquiry" or "Privacy Rights Request — [Account ID]")
- Live Chat: Available 24/7 on the kriya 11 platform. For privacy matters, ask to be connected to the Privacy or Compliance Team.
- Response Time: Privacy enquiries are acknowledged within 48 hours. Full responses to data rights requests are provided within 30 days of identity verification.
8.2 How to Raise a Privacy Complaint
If you believe that kriya 11 has processed your personal data in a manner that is inconsistent with this Privacy Policy, we encourage you to contact us directly in the first instance so that we can resolve the matter quickly and informally. Submit a formal complaint to [email protected] with the subject line "Formal Privacy Complaint — [Your Account ID]". We will acknowledge the complaint within 48 hours and provide a written response within 14 business days.
8.3 Policy Updates
kriya 11 reserves the right to update this Privacy Policy at any time to reflect changes in our data practices, legal obligations, or platform features. Where changes are material — meaning they affect your rights or the way we use your data in a significant way — we will notify registered players via the platform notification system at least 14 days before the updated policy takes effect. Continued use of the kriya 11 platform after the effective date of an updated policy constitutes acceptance of the revised terms. We recommend reviewing this page periodically. The "Last Updated" date at the top of this policy reflects when the most recent revision was made.
8.4 Children's Privacy
The kriya 11 platform is strictly for adults aged 18 and above. We do not knowingly collect personal data from anyone under the age of 18. If we discover that a minor has registered an account or provided personal data, we will close the account immediately and securely delete all associated personal data. If you believe a minor has accessed the platform, please notify us immediately via live chat so that we can take prompt action. We take underage access seriously and cooperate fully with parents, guardians, and relevant authorities in investigating such cases.
Your Data is Safe. Now Let's Play.
You have read how kriya 11 protects your privacy. Now explore the platform — from BPL cricket betting to 300+ slots and live casino tables, all in BDT via bKash and Nagad. 18+ only. Please gamble responsibly.