goo11 Privacy Policy — How We Collect, Use, and Protect Your Data
At goo11, your privacy is treated with the same institutional seriousness we apply to platform security. This Privacy Policy explains in plain, formal English what personal data we collect from Bangladesh players, how it is used, who it may be shared with, and what rights you hold over your information.
Privacy Principles at a Glance
The following cards outline our core data protection commitments. For the full legal detail of each commitment, please read the complete sections below.
SSL Encryption on Every Connection
Every connection to goo11 — including your goo11 login session, all game play, and all payment transactions — is encrypted using industry-standard TLS/SSL technology. Your data in transit is protected against interception at all times.
Data Minimisation Principle
goo11 collects only the personal data that is strictly necessary to operate your account, process your transactions, verify your identity, and comply with applicable legal and financial regulations. We do not collect data for its own sake.
No Sale of Personal Data
goo11 does not sell, lease, or trade your personal information to third-party advertisers, data brokers, or marketing companies. Your data is shared only with operational partners who require it to deliver the specific services you use on goo11, as described in Section 3 of this policy.
Transparent Purpose Limitation
Every category of data goo11 collects is tied to a specific, documented purpose. We do not repurpose your data for uses that are incompatible with the original reason for collection without first seeking your explicit consent.
Your Rights Are Respected
Bangladesh players hold clearly defined rights over their personal data held by goo11, including the right to access, rectify, restrict processing of, and request deletion of their information, subject to applicable legal retention obligations.
Defined Retention Periods
goo11 retains personal data only for as long as it is needed to fulfil the purposes for which it was collected, or as required by applicable financial, anti-money-laundering, and legal record-keeping regulations. Data is securely deleted when no longer required.
Data We Collect
When you register for, access, or use the goo11 platform, we collect personal data in the following categories. All data collection is purposeful and limited to what is necessary for the functioning of the platform and the fulfilment of our legal obligations to players across Bangladesh.
| Data Category | Specific Data Points Collected | Basis for Collection |
|---|---|---|
| Identity Data | Legal full name, date of birth, National ID Card number, passport number, or driving licence number; photograph as submitted in KYC documents. | KYC/AML compliance; contractual necessity for account registration. |
| Contact Data | Registered email address, mobile phone number (including bKash/Nagad-registered number), residential address in Bangladesh. | Account communications, two-factor authentication, withdrawal processing. |
| Financial Data | Mobile wallet identifiers (bKash, Nagad, Rocket, Upay account numbers), bank account details where bank transfer is used (Dutch-Bangla Bank, City Bank, BRAC Bank), deposit and withdrawal transaction records denominated in BDT (৳). | Payment processing; anti-money-laundering compliance; fraud prevention. |
| Gaming Activity Data | Game sessions played, bet amounts, win/loss records, bonus activations, wagering progress, sports bet selections, game provider identifiers (Pragmatic Play, Evolution Gaming, Spribe, etc.). | Platform operation; responsible gaming monitoring; dispute resolution. |
| Technical Data | IP address, device type, operating system, browser type and version, session timestamps, cookies and similar tracking identifiers, referral URL. | Security monitoring; fraud detection; platform performance analytics. |
| Communications Data | Records of support communications sent to [email protected], live chat transcripts, email correspondence, complaint and appeal submissions. | Customer service delivery; legal record-keeping; dispute evidence. |
| Preference Data | Marketing consent preferences, promotional opt-in/opt-out status, notification settings, language preferences. | Consent-based direct marketing; personalisation of platform experience. |
Sensitive Data: goo11 does not intentionally collect special-category sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, biometric data beyond photographic ID for KYC purposes, or medical information. If you voluntarily disclose sensitive information in a support communication, it will be used solely to address your query and will not be stored or processed beyond that purpose.
How We Use Your Data
goo11 processes personal data collected from Bangladesh players for the following specific, documented purposes. Where our processing relies on your consent, you retain the right to withdraw that consent at any time without affecting the lawfulness of processing that occurred prior to withdrawal.
- Account Registration and Management: We use your identity and contact data to create, verify, and maintain your goo11 account. This includes processing your goo11 login credentials, verifying your age (18+), managing your BDT wallet balance, and enabling you to access all platform features.
- KYC and Identity Verification: We use identity documents submitted during the KYC process to verify that you meet all eligibility requirements under Section 2 of our Terms & Conditions, including the 18+ age requirement. KYC data is processed under legal obligation and cannot be waived.
- Payment Processing: We use your financial data to process BDT deposits via bKash, Nagad, Rocket, Upay, and partner banks, and to process withdrawal requests back to your verified payment method. Transaction data is retained for anti-money-laundering compliance purposes.
- Platform Security and Fraud Prevention: Technical data including IP addresses, device fingerprints, and session logs are analysed by our security systems to detect and prevent unauthorised account access, multi-accounting, bonus abuse, and other fraudulent behaviour that could harm the platform or individual players.
- Responsible Gaming Monitoring: Gaming activity data is monitored to identify patterns consistent with problematic gambling behaviour, enabling our responsible gaming team to reach out proactively to players who may benefit from support tools such as deposit limits, cooling-off periods, or self-exclusion.
- Customer Support: Communications data — including support emails, chat transcripts, and appeal submissions — is used to investigate and resolve queries, disputes, and complaints raised by registered goo11 players. Support records are retained as part of our legal dispute resolution process.
- Promotional Communications: With your explicit consent, we may use your contact data to send you promotional communications about goo11 bonuses, seasonal offers (including BPL cricket season, Eid, Pohela Boishakh promotions), and platform updates. You may opt out of marketing communications at any time by contacting [email protected].
- Legal and Regulatory Compliance: goo11 may process and retain your personal data as required by applicable financial regulations, anti-money-laundering obligations, and any lawful request by a competent authority in Bangladesh or any jurisdiction with legal authority over the platform's operations.
- Platform Analytics and Improvement: Aggregated and anonymised technical and gaming activity data may be used to analyse platform performance, optimise game offerings, and improve the overall user experience. Anonymised analytics data cannot be used to identify individual players.
Automated Decision-Making: goo11 employs automated systems for fraud detection, bonus abuse prevention, and responsible gaming monitoring. These systems may result in account flags or temporary restrictions pending human review. You have the right to request human review of any automated decision that materially affects your account. Submit such requests to [email protected].
Data Sharing and Disclosure
goo11 does not sell your personal data. We share personal data with third parties only in the specific circumstances described below, and only to the minimum extent necessary for the stated purpose. All third-party data processors engaged by goo11 are contractually bound to process your data solely in accordance with our instructions and to maintain appropriate security standards.
- Payment Processors: Your financial data — including mobile wallet identifiers for bKash, Nagad, Rocket, and Upay, and bank account details for Dutch-Bangla Bank, City Bank, and BRAC Bank transfers — is shared with the relevant payment processing services exclusively to execute your deposit and withdrawal transactions. Payment processors are not permitted to retain or use your data for any other purpose.
- Game Providers: Certain technical and account identifiers (such as a pseudonymous player ID and session token) are shared with licensed game providers including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi to enable the delivery of their game content within the goo11 platform. Game providers do not receive your full identity data or financial account details.
- KYC and Identity Verification Partners: Where we engage a third-party identity verification service to assist with the KYC process, your identity documents and personal details will be shared with that service provider under a strict data processing agreement. The verification provider acts as a data processor under goo11's instruction.
- Anti-Money-Laundering (AML) Compliance: goo11 may be required by applicable law to report certain financial transactions and associated player information to relevant competent authorities in Bangladesh. Such disclosures are made under legal compulsion and are not voluntary data sharing arrangements.
- Analytics Service Providers: Aggregated, anonymised platform usage data may be shared with analytics partners to assist in platform performance analysis and improvement. No personally identifiable information is included in analytics data shared with third parties.
- Law Enforcement and Legal Process: goo11 will disclose personal data to law enforcement agencies, courts, or regulatory bodies where we are legally required to do so by a valid court order, regulatory request, or other lawful authority. We will notify you of such disclosures where we are legally permitted to do so.
- Corporate Transactions: In the event of a merger, acquisition, or transfer of all or a substantial part of goo11's business assets, your personal data may be transferred to the successor entity as part of that transaction. You will be notified of any such transfer by email to your registered address prior to the transfer taking effect.
No Third-Country Transfers: goo11 endeavours to process and store all Bangladesh player data within data centres that maintain adequate security standards. Where any data transfer outside Bangladesh is operationally necessary, we ensure that appropriate contractual safeguards are in place with the receiving entity to maintain a standard of data protection equivalent to that described in this Privacy Policy.
Data Retention
goo11 retains personal data for no longer than is necessary for the purposes for which it was collected, or as required by applicable law. The following retention schedules apply to data categories collected from Bangladesh players:
| Data Category | Retention Period | Reason for Retention |
|---|---|---|
| Identity and KYC Data | 5 years following account closure | Anti-money-laundering legal obligation; regulatory audit trail. |
| Financial Transaction Records | 5 years following each transaction | Financial record-keeping requirements; AML compliance; dispute resolution. |
| Gaming Activity Logs | 3 years following account closure | Responsible gaming monitoring; dispute and complaint resolution evidence. |
| Support Communications | 3 years from date of communication | Complaint and legal dispute records; customer service quality management. |
| Technical / Session Logs | 12 months from date of generation | Security incident investigation; fraud detection analysis. |
| Marketing Preference Records | Until consent is withdrawn plus 12 months | Evidence of consent basis; regulatory compliance for direct marketing. |
Upon expiry of the applicable retention period, personal data is securely deleted from goo11 systems or irreversibly anonymised so that it can no longer be associated with any identifiable individual. Where data is anonymised rather than deleted, the resulting anonymised data may be retained indefinitely for aggregate analytics purposes, as it no longer constitutes personal data under applicable privacy frameworks.
Self-Excluded Players: Where a player has requested self-exclusion through goo11's responsible gaming tools, identity and account data is retained for the full self-exclusion period plus the standard post-closure retention period, to prevent the player from re-registering in violation of their own exclusion request. This retention serves the player's own welfare and goo11's legal duty of care.
Data Security Measures
goo11 implements a comprehensive set of technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. Our security framework is reviewed and updated on a regular basis in response to emerging threats.
TLS/SSL Encryption
All data transmitted between your device and the goo11 platform — including goo11 login credentials, payment details, and game activity — is encrypted using Transport Layer Security (TLS 1.2 or higher). Our SSL certificate is maintained and regularly renewed.
Encrypted Data Storage
Sensitive personal data fields — including identity document references, financial identifiers, and authentication credentials — are encrypted at rest within goo11's database infrastructure. Encryption keys are stored separately from the encrypted data.
Access Control and Authentication
Access to player personal data within goo11's internal systems is restricted to authorised personnel on a strict need-to-know basis. Internal access is governed by role-based access controls and multi-factor authentication requirements for all staff.
Intrusion Detection and Monitoring
goo11's infrastructure is monitored continuously by automated intrusion detection systems that flag anomalous access patterns, unusual data queries, and potential breach indicators for immediate review by our security operations team.
Regular Security Audits
The goo11 platform undergoes regular independent security assessments, including vulnerability scanning and penetration testing. Findings from these assessments are addressed under a structured remediation programme with defined timelines.
Breach Notification Procedure
In the event of a confirmed personal data breach that poses a risk to affected players, goo11 will notify impacted players by email to their registered address within a reasonable timeframe following our discovery of the breach, describing the nature of the incident and the steps taken to address it.
Your Role in Security: goo11's security measures protect data on our side of the connection. You are responsible for maintaining the security of your goo11 login credentials, including your password and any two-factor authentication device. Never share your login details with any other person. If you believe your account has been compromised, contact [email protected] immediately so that we can suspend the account and investigate.
Your Privacy Rights
As a player on the goo11 platform, you hold the following rights in respect of your personal data. To exercise any of these rights, submit a written request to [email protected] with the subject line "Privacy Rights Request — [Your Account Username]". We will acknowledge your request within 5 business days and aim to fulfil it within 30 calendar days of receipt.
- Right of Access: You have the right to request a copy of all personal data that goo11 holds about you, including the categories of data collected, the purposes for which it is processed, and any third parties with whom it has been shared. We will provide this information in a clear, structured format.
- Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected. Identity data corrections may require submission of updated KYC documents. Contact data such as your registered mobile number or email address can be updated via your goo11 account settings after completing goo11 login.
- Right to Erasure: You may request that goo11 delete your personal data. This right is subject to our legal retention obligations — data that must be retained for AML, KYC, or financial record-keeping compliance cannot be deleted before the applicable retention period expires, even following account closure. Data not subject to legal hold will be deleted promptly upon a valid erasure request.
- Right to Restriction of Processing: You may request that goo11 restrict the processing of your personal data in circumstances where you contest its accuracy, where processing is unlawful but you prefer restriction over deletion, or where you have objected to processing pending verification of our legitimate grounds.
- Right to Data Portability: For data processed on the basis of your consent or contractual necessity, you have the right to receive a machine-readable copy of your personal data in a structured, commonly used format (such as JSON or CSV), and to request that this data be transmitted directly to another data controller where technically feasible.
- Right to Object: You have the right to object to processing of your personal data where that processing is based on goo11's legitimate interests, including direct marketing communications. Upon receipt of a valid objection to marketing, we will cease sending you promotional communications within 5 business days.
- Right to Withdraw Consent: Where goo11 processes your data on the basis of consent (such as marketing communications or non-essential cookies), you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing that occurred before the withdrawal.
Identity Verification for Rights Requests: To protect your privacy, goo11 will verify your identity before processing any privacy rights request. This verification may involve confirming details associated with your registered account. We will not fulfil a rights request from an unverified third party purporting to act on a player's behalf without appropriate written authorisation from the account holder.
Contact and Complaints
If you have any questions about this Privacy Policy, wish to exercise a privacy right, or have a concern about how goo11 is handling your personal data, please contact our dedicated privacy support team using the details below. All privacy queries and requests are handled in English.
Privacy Support Contact
Send all privacy queries, rights requests, and data-related complaints to our support team at [email protected]. Please use the subject line "Privacy Query" or "Privacy Rights Request — [Username]" so your message is routed to the appropriate team. Response time: within 2 business hours during Bangladesh Standard Time (BST, UTC+6) operating hours.
Response Timelines
General privacy queries are acknowledged within 2 business hours and fully resolved within 5 business days. Formal privacy rights requests (access, erasure, portability, rectification) are fulfilled within 30 calendar days of receipt of a verified request. Complex requests may be extended by a further 60 days with prior notice.
If you are dissatisfied with goo11's response to a privacy complaint, you have the right to escalate your concern to the relevant data protection or consumer rights authority in Bangladesh. goo11 will cooperate fully with any lawful investigation by a competent regulatory authority.
Policy Updates: goo11 reserves the right to update this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or platform functionality. Where changes are material, registered players will be notified by email to their registered address prior to the changes taking effect. The effective date at the top of this page will be updated accordingly. Your continued use of goo11 following notification of any changes constitutes your acceptance of the updated Privacy Policy. We recommend reviewing this page periodically.
For all other platform queries unrelated to privacy — including account issues, payment queries, and game disputes — please refer to our FAQ page or contact [email protected] directly.
Ready to Experience Bangladesh's Most Trusted Casino Platform?
Your data is protected. Your privacy is respected. Now explore everything goo11 has to offer — from live cricket betting and premium slots to Wild Bandito and Color Game.