Privacy Policy — ld44 Data Protection
At ld44, safeguarding your personal information is a foundational commitment — not an afterthought. This Privacy Policy explains precisely what data we collect, why we collect it, how it is stored and protected, and the rights you hold as a data subject. We encourage every player to read this document before creating an account.
Six Privacy Principles That Guide ld44
These six principles shape every data-handling decision we make at ld44. They are a plain-English summary; the full binding policy is set out in the sections below.
Purpose Limitation
ld44 only collects personal data for specified, explicit, and legitimate purposes. We do not repurpose your data for uses that are incompatible with the reason it was originally collected. Every data category we hold maps to a defined business or compliance function.
Data Minimisation
We collect only what is strictly necessary. Where a task can be completed with less personal information, we choose the minimal-data approach. For example, we do not store full card numbers — only masked identifiers sufficient for transaction matching.
Security by Design
All data at ld44 is protected using 256-bit SSL/TLS encryption in transit and AES-256 encryption at rest. Access to personal data within our systems is restricted to authorised personnel on a strict need-to-know basis, with full access-log auditing.
Accuracy & Transparency
We maintain procedures to keep your personal data accurate and up to date. You can review and correct your profile details at any time via your account settings or by contacting [email protected]. We are transparent about what data we hold and why — this policy is the primary mechanism for that transparency.
Defined Retention Periods
ld44 does not retain personal data indefinitely. Each data category has a defined retention schedule aligned with regulatory obligations and business necessity. Once the retention period expires, data is securely deleted or anonymised in accordance with our internal data lifecycle policy.
Your Rights Are Real
You hold meaningful rights over your personal data: the right to access, correct, delete, and restrict processing. We honour these rights within clearly defined response windows. Requests can be submitted at any time to [email protected] and will be acknowledged within 72 hours.
1. Data We Collect
ld44 ("we", "us", "our", "the Platform") collects personal data from you in three principal ways: information you provide directly during registration and account activity; information we collect automatically as you use the Platform; and information we receive from trusted third-party partners for compliance verification purposes. The specific categories of data collected are set out below.
1.1 Data You Provide Directly
When you register an account, make a deposit or withdrawal, contact customer support, or participate in a promotion, you may provide some or all of the following:
- Identity data: Full legal name, date of birth, gender, nationality.
- Contact data: Email address, mobile phone number, residential address (street, city, district, postal code).
- Account credentials: Username, hashed password (we never store plaintext passwords), security question responses.
- Financial data: Masked payment identifiers for bKash, Nagad, Rocket, Upay, or bank accounts used for deposits and withdrawals. We do not store full card numbers or mobile banking PINs.
- KYC documents: Copies or photographs of government-issued identity documents (National ID, passport, driver's licence), proof-of-address documents, and source-of-funds statements where required by our compliance team.
- Communications data: Content of emails, live chat transcripts, and support ticket exchanges between you and the ld44 support team.
1.2 Data Collected Automatically
When you access ld44, our systems automatically collect certain technical and behavioural data:
- Device & technical data: IP address, device type, operating system, browser type and version, screen resolution, device language settings.
- Usage data: Pages visited, games played, bet amounts, session duration, click paths, search queries made within the Platform.
- Geolocation data: Country and approximate region derived from IP address. We do not use GPS-level precise location tracking.
- Cookies and similar technologies: Session cookies, persistent preference cookies, analytics cookies, and fraud-detection fingerprinting tokens. See Section 4 for full detail.
- Transaction logs: Timestamped records of every deposit, withdrawal, bonus credit, game round, and bet placed on the Platform, stored for audit and dispute-resolution purposes.
1.3 Data Received From Third Parties
ld44 works with trusted third-party service providers who may supply us with supplementary data about you:
- Identity verification partners: KYC and AML (anti-money-laundering) screening providers who confirm your identity, age, and sanctions-list status.
- Payment processors: bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, BRAC Bank, and card network processors may share transaction status and fraud-flag signals with us.
- Analytics providers: Aggregated, anonymised behavioural data from analytics partners used to improve Platform performance and personalise your experience.
- Fraud prevention services: Third-party risk-scoring systems that flag unusual account activity or login attempts consistent with account takeover patterns.
Special Category Data: ld44 does not intentionally collect sensitive personal data categories such as racial or ethnic origin, political opinions, religious beliefs, health data, or biometric data. If you voluntarily disclose such information in a support communication, it will be used solely to address your query and will not be retained beyond the resolution of that query.
2. How We Use Your Data
ld44 processes your personal data only where a lawful basis exists for doing so. The primary lawful bases we rely on are: performance of a contract (providing the gaming services you have signed up for); legal obligation (KYC, AML, age verification); legitimate interests (fraud prevention, Platform security, service improvement); and, where required, your explicit consent (marketing communications).
| Purpose | Data Categories Used | Lawful Basis |
|---|---|---|
| Account registration & management | Identity, contact, credentials | Contract performance |
| Age verification & KYC compliance | Identity, KYC documents, financial | Legal obligation |
| Processing deposits & withdrawals | Financial, identity, transaction logs | Contract performance |
| Fraud detection & prevention | Device/technical, usage, financial | Legitimate interests |
| Customer support | Identity, contact, communications | Contract performance |
| Responsible gaming monitoring | Usage, transaction logs, communications | Legal obligation / Legitimate interests |
| Personalised promotions & bonuses | Usage, transaction logs, preferences | Consent / Legitimate interests |
| Platform analytics & improvement | Usage, device/technical (anonymised) | Legitimate interests |
| Legal & regulatory reporting | Identity, financial, transaction logs | Legal obligation |
ld44 does not use your personal data for automated decision-making that produces legal or similarly significant effects without human review. Where automated systems flag your account for fraud or responsible gaming concerns, the final action (suspension, restriction, outreach) is reviewed by a qualified member of our compliance or player-protection team.
Marketing Communications: ld44 will only send you promotional emails or SMS messages if you have opted in to marketing communications at registration or through your account settings. You may withdraw your consent at any time by updating your notification preferences in your account dashboard or by emailing [email protected] with the subject line "Unsubscribe". Withdrawal of marketing consent does not affect your ability to use the Platform.
3. Third-Party Data Sharing
ld44 does not sell, rent, or trade your personal data to any third party for their own marketing purposes. We share your data only in the following strictly defined circumstances:
3.1 Service Providers (Data Processors)
We engage carefully selected third-party companies to process data on our behalf in order to deliver our services. These processors are contractually bound to process your data only on our documented instructions and to maintain security standards equivalent to or greater than our own. Categories of processor include:
- KYC and identity verification providers
- Payment gateway and mobile financial service operators (bKash, Nagad, Rocket, Upay, bank partners)
- Cloud infrastructure and hosting providers
- Fraud detection and cybersecurity platforms
- Email delivery and SMS notification services
- Customer support software providers
- Analytics platforms (using anonymised or pseudonymised data only)
3.2 Game Studio Providers
ld44 distributes games supplied by third-party studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. These studios may receive a pseudonymised player identifier and session token in order to deliver the game experience. They do not receive your full name, contact details, or financial information. Their own privacy policies govern any data they process independently on their own platforms.
3.3 Legal & Regulatory Disclosure
ld44 may disclose your personal data to law enforcement agencies, regulatory bodies, or courts when required to do so by applicable law, a lawful court order, or in connection with the prevention, detection, or prosecution of criminal offences including fraud and money laundering. Such disclosures are made on a case-by-case basis and only to the minimum extent required to satisfy the legal obligation.
3.4 Business Transfers
In the event of a merger, acquisition, or sale of all or substantially all of ld44's assets, your personal data may be transferred to the acquiring entity as part of that transaction. We will notify you via the email address associated with your account before your data becomes subject to a materially different privacy policy as a result of any such transfer.
No Cross-Border Transfers Without Safeguards: Where ld44 engages service providers located outside Bangladesh, we ensure that appropriate safeguards are in place before any personal data is transferred internationally — including contractual data protection clauses and security assessments. We do not transfer your data to jurisdictions that do not offer an adequate level of data protection without first implementing such safeguards.
4. Cookies & Tracking Technologies
ld44 uses cookies and similar tracking technologies (local storage objects, pixel tags, device fingerprinting tokens) to operate the Platform, recognise returning users, prevent fraud, and analyse usage patterns. The following table describes the principal cookie categories in use:
| Cookie Category | Purpose | Retention | Can Be Disabled? |
|---|---|---|---|
| Strictly Necessary | Session management, login authentication, security tokens, load balancing | Session / up to 24 hrs | No — Platform cannot function without these |
| Functional / Preference | Remembering language preference, game lobby layout, notification settings | Up to 12 months | Yes — some features will be less personalised |
| Analytics | Aggregated page-view counts, funnel analysis, error logging to improve Platform performance | Up to 13 months | Yes — analytics will be less precise |
| Fraud Detection | Device fingerprinting, unusual-login pattern detection, bot identification | Up to 6 months | No — required for account security |
| Marketing / Attribution | Tracking which affiliate or campaign channel referred you to ld44 (used for bonus attribution only) | Up to 30 days | Yes — bonus attribution may be affected |
You can manage non-essential cookie preferences through your browser settings. Most modern browsers allow you to block or delete cookies via the settings or preferences menu. Please note that disabling strictly necessary or fraud-detection cookies will impair your ability to log in and use the Platform securely. ld44 does not currently respond to browser "Do Not Track" signals as there is no universally accepted standard for how such signals should be interpreted.
5. Data Security
ld44 takes the security of your personal data seriously and maintains a comprehensive set of technical and organisational measures to protect it against unauthorised access, accidental loss, destruction, or disclosure.
5.1 Technical Safeguards
- Encryption in transit: All data transmitted between your browser or app and ld44's servers is encrypted using TLS 1.3 with 256-bit key strength. Our SSL certificate is monitored continuously for validity.
- Encryption at rest: Personal data and financial records stored on ld44's database servers are encrypted using AES-256. Encryption keys are managed separately from the data they protect.
- Access controls: Role-based access control (RBAC) limits internal access to personal data to only those staff members whose job functions require it. All access events are logged and auditable.
- Intrusion detection: Real-time monitoring systems alert our security team to anomalous access patterns, brute-force login attempts, and other indicators of compromise.
- Penetration testing: ld44 commissions independent penetration testing of its platform infrastructure at regular intervals to identify and remediate vulnerabilities proactively.
5.2 Organisational Safeguards
- All staff with access to personal data undergo data protection training as part of their onboarding and annually thereafter.
- Our data protection policies are reviewed and updated at minimum annually or when significant changes to processing activities occur.
- Contracts with all data processors include mandatory data security requirements and right-to-audit clauses.
- ld44 maintains an incident response plan that is tested periodically. In the event of a data breach affecting your personal data, we will notify affected players without undue delay.
Your Role in Security: While ld44 maintains robust technical protections, the security of your account also depends on you keeping your login credentials confidential. Never share your ld44 username or password with anyone — including anyone claiming to be ld44 staff. We will never ask you for your password via email or live chat. If you receive any such request, treat it as a phishing attempt and report it immediately to [email protected].
6. Your Privacy Rights
As a data subject whose personal information is processed by ld44, you hold the following rights. We are committed to honouring these rights promptly and without requiring you to justify your request beyond basic identity verification.
- Right of Access: You may request a copy of all personal data we hold about you. We will provide this in a structured, commonly used format within 30 days of a verified request.
- Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you may request that we correct it. Basic profile corrections (name spelling, address update) can be made directly via your account settings; document-level corrections require a support request.
- Right to Erasure ("Right to Be Forgotten"): You may request deletion of your personal data where it is no longer necessary for the purpose it was collected, where you withdraw consent (and no other lawful basis applies), or where we have processed it unlawfully. Note that we are unable to delete data we are legally required to retain — for example, transaction records required for AML compliance, which must be retained for a minimum of five years.
- Right to Restrict Processing: You may request that we restrict the processing of your personal data in certain circumstances — for example, while you contest the accuracy of data we hold, or where you object to our processing but prefer restriction over deletion.
- Right to Data Portability: Where processing is based on your consent or a contract with you, and is carried out by automated means, you may request a machine-readable copy of the personal data you have provided to us, suitable for transmission to another service provider.
- Right to Object: You may object at any time to processing of your personal data for direct marketing purposes. You may also object to processing carried out on the basis of legitimate interests, though we may continue such processing if we can demonstrate compelling legitimate grounds that override your interests.
- Right to Withdraw Consent: Where we process your data on the basis of consent, you may withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing carried out before the withdrawal.
To exercise any of the above rights, contact our data protection team at [email protected] with the subject line "Data Rights Request". We will verify your identity before processing the request and will respond within 30 days. If your request is complex or you have submitted multiple requests, we may extend this period by a further 30 days with prior notice to you.
7. Data Retention
ld44 retains your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting obligations. The following retention schedule outlines our standard approach:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account registration data | Duration of account + 5 years post-closure | AML / legal obligation |
| KYC documents | Duration of account + 5 years post-closure | Regulatory compliance |
| Transaction records | 7 years from transaction date | Financial record-keeping obligation |
| Customer support communications | 3 years from date of last interaction | Dispute resolution / audit trail |
| Marketing preferences & opt-in records | Duration of account + 3 years post-closure | Consent management audit |
| Session / technical logs | Up to 13 months | Security monitoring / fraud prevention |
| Self-exclusion records | Minimum 7 years | Responsible gaming obligation |
| Analytics data (anonymised) | Up to 26 months | Platform performance analysis |
Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised so that it can no longer be linked to any identifiable individual. ld44 conducts periodic data audits to ensure retention schedules are being applied consistently across all storage systems.
8. Policy Updates & Contact Information
ld44 reviews this Privacy Policy at least annually and whenever significant changes to our data processing activities occur. When we make material changes — for example, adding a new category of data collection, introducing a new third-party processor, or altering our retention schedules — we will notify you by posting a prominent notice on the Platform homepage and, where the change significantly affects your rights, by sending a direct email to your registered address at least 14 days before the change takes effect.
The "Effective" date at the top of this policy indicates when the current version came into force. We recommend bookmarking this page and reviewing it periodically. Continued use of the ld44 Platform after any updated policy comes into effect constitutes your acceptance of the revised terms.
If you have any questions about this Privacy Policy, wish to exercise your data rights, or want to report a privacy concern, please contact us using the details below. We are committed to responding to all privacy-related enquiries promptly and transparently.
Data Protection Contact: Email us at [email protected] with the subject line "Privacy Enquiry". Our data protection team will acknowledge your message within 72 hours (Bangladesh Standard Time, UTC+6) and provide a substantive response within 30 days. For urgent security concerns such as suspected data breaches or account compromise, please mark your email as "URGENT — Security" for prioritised handling.
This Privacy Policy was last reviewed and updated on 1 January 2026. If you have any questions, contact us at [email protected].
Quick Reference
- Effective: 1 Jan 2026
- 256-bit SSL Encryption
- Market: Bangladesh
- Min Age: 18+
- Response: 72 hours
- [email protected]
🛡️ Your Data Rights
To access, correct, or delete your personal data, contact our team at any time.
[email protected]📖 Related Policies
Your Privacy Is Protected. Now Enjoy the Platform.
With industry-grade encryption, strict data minimisation, and clear rights over your information, ld44 is built to be a platform you can trust. Explore our games, sports markets, and VIP casino experience — 18+ only, please play responsibly.