Data Protection
ct222 Privacy Policy
Your privacy matters at ct222. This Privacy Policy explains in clear, honest terms exactly what personal data we collect when you use our platform, why we collect it, how it is stored and protected, and what rights you hold over your own information. We are committed to transparency and to handling all player data with the highest level of care.
Our Privacy Commitments
How ct222 Protects Your Data
ct222 operates with a privacy-first mindset. The six commitments below reflect how we approach data handling across every part of the platform.
Minimal Data Collection
ct222 collects only the data that is genuinely necessary to operate your account, process payments, and comply with anti-money-laundering obligations. We do not harvest data for its own sake.
SSL Encryption
All data transmitted between your device and the ct222 platform is protected by TLS/SSL encryption. Sensitive fields such as payment details are additionally encrypted at the database layer.
No Unauthorised Selling
ct222 does not sell, rent, or trade your personal data to marketing companies or unaffiliated third parties. Data is shared only with verified partners required to operate the platform.
Your Data, Your Rights
Every ct222 account holder has the right to access, correct, or request deletion of their personal data. These rights can be exercised at any time by contacting our support team.
Clear Retention Limits
ct222 does not retain personal data indefinitely. Retention periods are set according to the purpose for which the data was collected and applicable legal obligations, after which data is securely deleted.
Transparent Cookie Use
ct222 uses cookies strictly for session management, analytics, and fraud prevention. We do not use tracking cookies to build advertising profiles. You can manage cookie preferences from your browser settings.
Section 1
Data We Collect
When you interact with the ct222 platform — whether by registering an account, making a deposit, placing a wager, or contacting our support team — ct222 collects certain categories of personal data. The nature of the data collected depends on the type of interaction and the service you are accessing. Below is a comprehensive account of every category of personal data that ct222 may collect from you.
Registration Data
When you create a ct222 account, you are required to provide the following information: your full legal name, date of birth, residential address (including city, district, and postal code), email address, and mobile phone number. This information is used to create and administer your account, to verify your identity, and to communicate with you regarding your account activity.
Identity Verification Data (KYC)
As part of ct222's Know Your Customer (KYC) programme, you may be asked to submit copies of the following documents: a government-issued national identity card (NID), a valid passport, a driving licence, a recent utility bill or bank statement confirming your residential address, and in certain cases a source-of-funds declaration. These documents are processed by the ct222 compliance team and, where applicable, by a third-party identity verification provider. KYC documents are stored securely and are not shared with any party except as required by law or as necessary to complete the verification process.
Financial Data
ct222 collects information related to the payment methods you use to deposit funds and receive withdrawals. This includes your bKash, Nagad, Rocket, or Upay mobile wallet number, bank account details where bank transfer is used, and the last four digits of any card used. ct222 does not store full card numbers; card transactions are processed by a PCI-DSS-compliant payment processor, and full card details are held only by that processor.
Transaction & Gaming Data
ct222 automatically records all financial transactions on your account (deposits, withdrawals, bonus credits, and adjustments) as well as all gaming activity (games played, wagers placed, outcomes, session duration, and bet history). This data is retained for financial reconciliation, responsible gaming monitoring, and the investigation of any disputes or fraud reports.
Technical & Device Data
When you visit the ct222 website, our servers automatically collect certain technical information, including your IP address, browser type and version, operating system, device type (mobile, tablet, or desktop), referring URL, and the pages you view during each session. This data is used for security monitoring, fraud detection, and platform performance analysis.
Communications Data
If you contact ct222 via email or live chat, we retain a record of that communication, including the content of the messages exchanged, the date and time of contact, and the resolution outcome. This data is used to maintain the quality of our customer support and to resolve any future disputes related to the same matter.
Data Categories at a Glance
- Registration & identity details
- KYC / identity verification documents
- Payment method & transaction data
- Gaming activity & bet history
- Device, browser & IP data
- Support communications
Note: ct222 never collects sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, or health data — except where health information is voluntarily disclosed in the context of a responsible gaming request (e.g., a self-exclusion based on a gambling disorder).
Section 2
How We Use Your Data
ct222 uses the personal data it collects only for legitimate, clearly defined purposes. Every use of your data is grounded in one of the following legal bases: the performance of a contract (operating your ct222 account), compliance with a legal obligation (KYC, AML, tax reporting), a legitimate interest of ct222 (fraud prevention, platform security, responsible gaming monitoring), or your explicit consent (where consent is separately sought and documented).
Account Operation & Service Delivery
The primary purpose for which ct222 collects and uses your data is to operate your account and deliver the services you have signed up for. This includes processing deposits and withdrawals, settling wagers, crediting and managing bonuses, delivering customer support, and sending transactional communications such as deposit confirmations, withdrawal notifications, and account security alerts.
Identity Verification & Fraud Prevention
ct222 uses your registration data, KYC documents, and technical data to verify your identity, detect and prevent fraudulent activity, identify duplicate accounts, and protect the integrity of the platform. Fraud prevention is a legitimate interest of ct222 and is also required by applicable anti-money-laundering obligations.
Responsible Gaming Monitoring
ct222 uses your gaming activity data — including session duration, deposit frequency, wager size, and loss patterns — to monitor for signs of problem gambling behaviour. Where such indicators are identified, ct222 may contact you with information about responsible gaming tools, apply account-level interventions (such as temporary deposit limits), or flag the account for review by the ct222 responsible gaming team. This processing is carried out in the legitimate interests of player welfare and in compliance with responsible gaming standards.
Legal & Regulatory Compliance
ct222 is required by applicable law to retain certain records of player identity, financial transactions, and gaming activity for specified periods. Your data may be disclosed to regulatory authorities, law-enforcement agencies, or financial intelligence units where ct222 is legally required or permitted to do so. ct222 will not disclose your data to authorities beyond what is required or permitted by law.
Platform Analytics & Improvement
ct222 uses aggregated, anonymised technical data to analyse platform performance, identify areas for improvement, and make informed decisions about feature development and game library curation. Individual player data is not used for this purpose in identifiable form.
Marketing Communications
If you have opted in to marketing communications during registration or through your ct222 account settings, ct222 may send you promotional emails, SMS messages, or in-platform notifications about bonus offers, new game launches, and seasonal promotions. You may withdraw your consent to marketing communications at any time by updating your preferences in the ct222 account settings or by contacting [email protected]. Withdrawal of marketing consent does not affect the delivery of transactional communications related to your account.
Purpose & Legal Basis
| Purpose | Legal Basis |
|---|---|
| Account operation | Contract performance |
| KYC / identity check | Legal obligation |
| Fraud prevention | Legitimate interest |
| Responsible gaming | Legitimate interest |
| Legal reporting | Legal obligation |
| Marketing | Consent |
| Analytics | Legitimate interest |
Marketing opt-out: You can unsubscribe from ct222 promotional messages at any time from your account settings or by emailing [email protected]. Transactional messages (deposits, withdrawals, security alerts) cannot be disabled as they are essential to account operation.
Section 3
Data Sharing & Third Parties
ct222 does not sell or rent your personal data to any third party. However, in order to operate the platform and comply with legal obligations, ct222 shares certain categories of personal data with a limited set of trusted third-party service providers and authorities. The categories of recipients and the basis for sharing are described below.
Payment Processing Partners
In order to process deposits and withdrawals via bKash, Nagad, Rocket, Upay, and partner banks, ct222 shares the minimum necessary financial and identity information with those payment providers. Each payment partner operates under its own privacy policy and data-protection standards. ct222 selects payment partners that maintain industry-standard security practices.
Identity Verification Providers
ct222 may use a third-party identity verification service to assist in the processing of KYC documents. Such providers receive copies of the documents you submit and return a verification result to ct222. These providers are contractually bound to use your data solely for the purpose of performing the identity check and to delete the data upon completion of the check, subject to their own legal retention requirements.
Game Software Providers
Games on ct222 are supplied by third-party studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, Ezugi, Play'n GO, and Red Tiger. These providers may receive limited session data (such as player session tokens and wager amounts) for the purpose of delivering the game experience and reconciling game results. They do not receive your full personal profile. Each provider operates under its own data-protection framework and is contractually restricted from using your data for any purpose beyond game delivery and result reconciliation.
Analytics & Security Providers
ct222 may use third-party analytics and cybersecurity tools to monitor platform performance, detect fraudulent activity, and prevent unauthorised access. These providers process technical data (IP addresses, device fingerprints, session logs) in anonymised or pseudonymised form where possible. They do not receive personally identifiable registration data.
Legal & Regulatory Authorities
ct222 may disclose personal data to law-enforcement agencies, financial intelligence units, or other regulatory authorities in Bangladesh or internationally where required by applicable law, pursuant to a valid court order, or where disclosure is necessary to protect the rights or safety of ct222 or its players. ct222 will notify affected players of such disclosures where legally permitted to do so.
Corporate Transfers
In the event of a merger, acquisition, restructuring, or sale of assets involving ct222, your personal data may be transferred to the successor entity as part of that transaction. In such circumstances, ct222 will notify affected players and ensure that the successor entity is bound by terms that provide a level of data protection at least equivalent to this Privacy Policy.
Who Receives Your Data
- Payment processors (bKash, Nagad, banks)
- KYC identity verification services
- Game software providers (session data only)
- Analytics & security tools (anonymised)
- Legal / regulatory authorities (when required)
Never sold: ct222 does not sell, rent, or trade your personal data to advertisers, data brokers, or any unaffiliated commercial third party — under any circumstances.
Section 5
Data Retention
ct222 retains personal data only for as long as necessary to fulfil the purpose for which it was collected, or as required by applicable law. The specific retention periods applied to each category of data are described below. Upon the expiry of the applicable retention period, data is securely deleted or anonymised in a manner that prevents re-identification.
Account Data
Personal data collected during account registration — including your name, date of birth, address, email, and phone number — is retained for the duration of your active account and for a period of five (5) years following the permanent closure of your account. This retention period reflects ct222's obligations under applicable anti-money-laundering regulations and the potential need to respond to disputes or legal claims arising after account closure.
KYC Documents
Identity documents submitted for KYC verification are retained for a minimum of five (5) years from the date of submission, in line with anti-money-laundering record-keeping requirements. After this period, documents are securely deleted unless an ongoing investigation or regulatory enquiry requires their continued retention.
Financial Transaction Records
Records of all deposits, withdrawals, bonus transactions, and adjustments are retained for a minimum of seven (7) years from the date of the transaction. This period reflects standard financial record-keeping requirements and the potential for late tax or regulatory enquiries.
Gaming Activity Records
Detailed bet history and gaming session records are retained for a period of two (2) years from the date of the relevant gaming session. Aggregated, anonymised gaming statistics that cannot be linked back to an individual player may be retained indefinitely for platform analytics purposes.
Support Communications
Records of customer support interactions — including email threads and live chat transcripts — are retained for two (2) years from the date of the interaction. Where a support interaction is linked to an ongoing dispute or investigation, the record is retained until the matter is fully resolved.
Technical & Device Data
Server logs, IP address records, and device fingerprint data are retained for a period of ninety (90) days for standard security monitoring purposes. Where a specific security incident is identified, the relevant logs may be preserved for a longer period pending investigation.
Retention Periods at a Glance
Secure deletion: When a retention period expires, ct222 permanently deletes or irreversibly anonymises the relevant data. Deleted data cannot be recovered or re-linked to any individual player profile.
Section 6
Data Security
ct222 implements a layered set of technical and organisational security measures to protect personal data against unauthorised access, accidental loss, destruction, or disclosure. While no online platform can guarantee absolute security, ct222 maintains the following controls as a baseline across all systems that process personal data.
Encryption in Transit
All data transmitted between your browser or mobile device and the ct222 platform is encrypted using TLS 1.2 or higher. This ensures that your login credentials, payment details, and personal information cannot be intercepted by third parties during transmission. The ct222 website enforces HTTPS on all pages and does not support legacy HTTP connections for authenticated sessions.
Encryption at Rest
Sensitive personal data stored in ct222's databases — including KYC documents, payment method details, and account credentials — is encrypted at rest using AES-256 encryption. Database access is restricted to authorised system processes and a limited number of vetted personnel operating on a need-to-know basis.
Access Controls
Access to systems that hold personal data is controlled through role-based access management. Employees and contractors are granted access only to the specific data required for their assigned responsibilities. All access to production systems is logged, and logs are reviewed regularly for anomalous activity. Staff with access to personal data are subject to confidentiality obligations and receive periodic data-protection training.
Password Security
ct222 stores account passwords in hashed, salted form using a cryptographically secure hashing algorithm. Plain-text passwords are never stored or logged. Players are encouraged to use a unique, strong password for their ct222 account and to enable two-factor authentication (2FA) where available. ct222 will never ask you to disclose your password via email, live chat, or any other communication channel.
Incident Response
ct222 maintains a documented data-breach response procedure. In the event of a confirmed security incident that is likely to result in a risk to the rights or freedoms of affected players, ct222 will notify affected players without undue delay, describing the nature of the incident, the categories of data involved, the likely consequences, and the steps ct222 has taken or plans to take to address it.
Third-Party Security Standards
ct222 requires all third-party service providers that process personal data on its behalf to maintain security standards at least equivalent to those described in this section. Payment processors used by ct222 are required to be PCI-DSS compliant. Identity verification providers are required to hold recognised information-security certifications. ct222 conducts periodic due-diligence reviews of its key third-party providers.
Security Measures
- TLS 1.2+ encryption in transit
- AES-256 encryption at rest
- Role-based access controls
- Hashed & salted passwords
- Documented breach response plan
- PCI-DSS compliant payment partners
Report a security concern: If you believe your ct222 account has been compromised, or if you have identified a potential security vulnerability on the platform, please contact [email protected] immediately. Do not share account credentials with anyone claiming to be from ct222 support.
Section 7
Your Privacy Rights
As a ct222 account holder, you hold a set of privacy rights in relation to your personal data. ct222 is committed to honouring these rights promptly and without unnecessary obstruction. The rights available to you, and the process for exercising them, are described below.
Right of Access
You have the right to request a copy of the personal data that ct222 holds about you. This is commonly referred to as a Subject Access Request (SAR). Upon receiving a valid SAR, ct222 will provide you with a structured summary of your personal data within thirty (30) calendar days. There is no fee for a standard SAR. If your request is complex or involves a large volume of data, ct222 may extend this period by a further thirty (30) days and will notify you of the extension.
Right to Rectification
If any personal data that ct222 holds about you is inaccurate or incomplete, you have the right to request that it be corrected. Minor corrections (such as updating a phone number or email address) can be made directly from your ct222 account settings. For corrections to registered name, date of birth, or address, you will be required to submit supporting documentation as part of the KYC process.
Right to Erasure
You have the right to request the deletion of your personal data — sometimes called the "right to be forgotten" — where the data is no longer necessary for the purpose for which it was collected, or where you withdraw consent and no other legal basis applies. Please note that ct222 may be unable to fully comply with an erasure request where retention of the data is required by law (for example, anti-money-laundering record-keeping obligations). In such cases, ct222 will inform you of the specific legal basis for retaining the data and will delete all data that is not subject to a legal retention requirement.
Right to Restrict Processing
In certain circumstances — for example, while the accuracy of data is being contested, or while an objection to processing is being assessed — you have the right to request that ct222 restrict the processing of your personal data. During a restriction period, ct222 will continue to store the data but will not process it for any other purpose without your consent or a valid legal basis.
Right to Data Portability
Where ct222 processes your personal data on the basis of your consent or in order to perform a contract, you have the right to receive a copy of that data in a structured, commonly used, machine-readable format (such as CSV or JSON). This right applies to data that you have actively provided to ct222, such as your registration details and account preferences.
Right to Object
You have the right to object to the processing of your personal data where that processing is based on ct222's legitimate interests. Upon receiving an objection, ct222 will cease processing the data unless it can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms. You may object to marketing processing at any time, without needing to provide a reason, and ct222 will cease marketing communications immediately upon receiving your objection.
How to Exercise Your Rights
To exercise any of the rights described above, please contact the ct222 data protection contact at [email protected] with the subject line "Privacy Rights Request". Please include your full registered name and the email address associated with your ct222 account so that we can verify your identity before processing your request. ct222 will respond to all privacy rights requests within thirty (30) calendar days of receiving a valid, verified request.
Your Rights Summary
Response time: ct222 responds to all verified privacy rights requests within 30 calendar days. Complex requests may be extended by a further 30 days with prior notice.
Section 8
Policy Updates & Contact
Changes to This Privacy Policy
ct222 reserves the right to update or amend this Privacy Policy at any time to reflect changes in applicable law, regulatory guidance, or the way in which ct222 processes personal data. When material changes are made to this Policy, ct222 will notify registered players via email and will display a prominent notice on the ct222 platform for a period of no less than fourteen (14) days following the change. The "Effective Date" shown at the top of this Policy reflects the date on which the current version came into force.
Your continued use of the ct222 platform following notification of a change to this Privacy Policy constitutes your acceptance of the updated Policy. If you do not agree with the changes, you have the right to close your ct222 account by contacting [email protected] before the updated Policy takes effect. Closing your account does not affect ct222's right to retain data that is subject to a legal retention requirement.
Previous Versions
Previous versions of this Privacy Policy are available on request by contacting [email protected]. ct222 maintains an internal archive of all previous versions of this Policy, including the dates on which each version was active.
Contact & Data Enquiries
If you have any questions about this Privacy Policy, wish to exercise any of your privacy rights, or wish to raise a concern about the way ct222 handles your personal data, please contact the ct222 support and data team at:
ct222 Data & Privacy
Email: [email protected]
Response time: within 30 calendar days for formal privacy rights requests
Support hours: 24/7, Bangladesh Standard Time (UTC+6)
Complaints
If you are not satisfied with ct222's response to a privacy concern, you have the right to escalate your complaint through applicable legal channels in Bangladesh. ct222 takes all privacy complaints seriously and will cooperate fully with any formal investigation into its data-handling practices.
Policy Details
- Effective Date 1 Jan 2026
- Version v2.0
- Language English
- Jurisdiction Bangladesh
- Contact [email protected]
Stay informed: Whenever this Privacy Policy is updated, registered ct222 players will receive an email notification at the address associated with their account. Always check the Effective Date at the top of this page to confirm you are reading the current version.
Questions or Privacy Concerns?
Our support team is available 24/7 in Bangladesh Standard Time. Explore our FAQ for quick answers, review our Responsible Gaming commitments, or start playing at ct222 Casino.
18+ ct222 is strictly for players aged 18 and above. Please gamble responsibly.