joy7 Privacy Policy
At joy7, your personal data is handled with the same care and precision we apply to every aspect of our platform. This Privacy Policy explains exactly what information we collect, why we collect it, and how we keep it safe — in plain, honest English.
1 Information We Collect
joy7 collects personal information from you in three primary ways: information you provide directly when registering or using the platform, information generated automatically through your use of our services, and information received from trusted third-party partners where permitted by law. Below is a breakdown of the specific categories of data we process.
joy7 does not knowingly collect sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, health data, or biometric data, except where a specific KYC document incidentally contains such information — in which case the document is reviewed solely for identity verification purposes and is not processed for any other use.
Minors: joy7 is strictly an 18+ platform. We do not knowingly collect or store any personal data relating to individuals under the age of 18. If we become aware that an account was registered by someone under 18, the account will be closed immediately, the data securely deleted, and any funds returned in line with our Terms & Conditions.
2 How We Use Your Data
joy7 uses the personal data we collect for specific, documented purposes. We do not use your data in ways that are incompatible with the purpose for which it was originally collected. The primary purposes for which your data is processed are as follows:
Account Registration & Verification
Processing Deposits & Withdrawals
Delivering Betting & Casino Services
Fraud Prevention & Security
Platform Improvement & Analytics
Service Delivery: Your identity, contact, and financial data are used to register your account, verify your identity, process deposits and withdrawals via bKash, Nagad, Rocket, and Upay, and settle bets and casino game rounds accurately in Bangladeshi Taka.
Regulatory Compliance: joy7 is required to maintain records of financial transactions, player identity, and betting activity to comply with applicable anti-money laundering (AML) and Know Your Customer (KYC) obligations. This data is retained for the legally required minimum periods even if you close your account.
Platform Communications: We may use your contact data to send you transactional messages such as deposit confirmations, withdrawal receipts, bet settlement notifications, and account security alerts. With your separate opt-in consent, we may also send you promotional communications about bonuses, cricket match offers, and seasonal promotions. You may withdraw marketing consent at any time by contacting [email protected].
Responsible Gaming Monitoring: joy7 uses usage data and betting pattern analysis to identify players who may be exhibiting signs of problem gambling behaviour, in line with our commitment to responsible gaming. This is a protective measure, not a profiling exercise for commercial gain.
Analytics & Improvement: Aggregated, anonymised technical and usage data is used internally to improve platform performance, identify bugs, optimise the user experience for Bangladeshi players, and develop new features. Anonymised data cannot be used to identify you.
3 Legal Basis for Processing
Every processing activity carried out by joy7 is grounded in one or more recognised legal bases. We rely on the following legal bases when processing your personal data:
- Contractual Necessity: The majority of your personal data is processed because it is necessary to perform our contract with you — that is, to provide the joy7 betting and casino services you have registered for, and to process your financial transactions.
- Legal Obligation: Certain data, particularly KYC documents and transaction records, must be retained because joy7 is subject to legal obligations relating to financial crime prevention, anti-money laundering, and responsible gaming compliance.
- Legitimate Interests: joy7 processes technical and usage data on the basis of our legitimate interests in preventing fraud, maintaining platform security, investigating disputes, and improving the quality of our services. We have conducted balancing tests to confirm that our legitimate interests are not overridden by your privacy rights.
- Consent: Where we send marketing communications or deploy non-essential cookies, we do so only on the basis of your freely given, specific, informed, and unambiguous consent. You may withdraw your consent at any time without affecting the lawfulness of processing based on consent before withdrawal.
If you would like more information about the specific legal basis applied to a particular processing activity, please contact us at [email protected] and we will respond within five business days.
4 Cookies & Tracking Technologies
joy7 uses cookies and similar tracking technologies to operate the platform, remember your preferences, and analyse site usage. A cookie is a small text file stored on your device by your browser when you visit a website. The following categories of cookies are used on the joy7 platform:
- Strictly Necessary Cookies: These cookies are essential for the platform to function. They include session authentication tokens, CSRF protection tokens, and load-balancing identifiers. These cookies cannot be disabled without breaking core platform functionality.
- Functional Cookies: These cookies remember your preferences such as language settings, selected payment method, and responsible gaming tool configurations. Disabling them may reduce your personalised experience but will not prevent access to the platform.
- Analytical Cookies: joy7 uses first-party analytics to understand how players navigate the platform — which pages are most visited, where users exit, and how long sessions last. This data is aggregated and anonymised. We do not use third-party analytics vendors that would share your browsing behaviour with external networks.
- Security Cookies: Short-lived cookies are used as part of our fraud detection and bot-prevention mechanisms. These help distinguish genuine player activity from automated scripts or suspicious access patterns.
Managing Cookies: You can control non-essential cookies through your browser settings. Most modern browsers allow you to view, block, or delete cookies. Please note that blocking strictly necessary cookies will prevent you from logging into your joy7 account. For detailed instructions on managing cookies in your specific browser, please refer to your browser's help documentation.
No Third-Party Advertising Cookies: joy7 does not deploy third-party advertising cookies or tracking pixels that would allow external advertisers to build a profile of your browsing habits across the internet. Our tracking is limited to first-party analytics for internal platform improvement purposes only.
5 Data Sharing & Disclosure
joy7 shares your personal data only in limited, controlled circumstances. We do not share data more broadly than is strictly necessary. The categories of recipients who may receive your personal data are described below.
Payment Partners: When you initiate a deposit or withdrawal, your mobile wallet identifier and transaction amount are transmitted to the relevant payment provider — bKash, Nagad, Rocket, or Upay — to process the payment. These providers process your data under their own privacy policies and are subject to Bangladesh Bank's regulatory oversight.
Game Technology Providers: Live casino and slot game providers such as Evolution Gaming, Ezugi, Pragmatic Play, NetEnt, Microgaming, and Spribe receive a player session token and stake amount when you launch a game. These providers do not receive your full name, national ID, or contact details — only a pseudonymous session identifier is shared.
Identity Verification Services: During the KYC process, identity documents may be reviewed by a third-party verification service under a data processing agreement with joy7. This service processes your documents solely for the purpose of verifying your identity and is not permitted to use the data for any other purpose.
Regulatory and Law Enforcement Authorities: joy7 will disclose personal data to competent authorities if required to do so by applicable law, a court order, or a regulatory directive. We will not disclose more data than is legally required and, where permitted, will notify you of such a disclosure.
Corporate Transactions: In the event of a merger, acquisition, or corporate restructuring involving joy7, your personal data may be transferred to the acquiring entity as part of the business assets. In such an event, we will notify affected players and ensure that the receiving entity maintains the same standard of data protection as set out in this Privacy Policy.
No Third-Party Marketing: Under no circumstances does joy7 share, sell, or provide access to your personal data to third-party marketing companies, data brokers, social media platforms, or advertising networks.
6 Data Security
joy7 implements a layered, defence-in-depth security architecture to protect your personal data against unauthorised access, disclosure, alteration, and destruction. Our technical and organisational security measures include the following:
- Transport Encryption: All data transmitted between your device and the joy7 platform is encrypted using TLS 1.3 with 256-bit SSL certificates. This applies to account login, game sessions, deposit flows, and live chat communications.
- Data Encryption at Rest: Sensitive personal data — including KYC documents, payment identifiers, and account credentials — is encrypted at rest using AES-256 encryption within our secure data infrastructure.
- Access Controls: Access to personal data within joy7's internal systems is restricted on a strict need-to-know basis. Staff are granted minimum necessary permissions, and all access events are logged and regularly audited.
- Two-Factor Authentication (2FA): Players are strongly encouraged to enable 2FA on their joy7 accounts for an additional layer of login security. joy7 staff accounts with access to player data are required to use 2FA without exception.
- Penetration Testing: joy7 conducts periodic security assessments and penetration tests to identify and remediate vulnerabilities before they can be exploited.
- Incident Response: In the unlikely event of a data breach that poses a risk to your rights and freedoms, joy7 has a documented incident response plan. Affected players will be notified promptly in accordance with applicable data protection obligations.
While we apply industry-leading security measures, no internet-based platform can guarantee absolute security. We encourage players to use a strong, unique password for their joy7 account and to contact support immediately if they suspect any unauthorised access to their account.
7 Your Privacy Rights
As a user of the joy7 platform, you hold meaningful rights over your personal data. joy7 respects and facilitates these rights in a timely and transparent manner. The rights available to you are summarised below.
To exercise any of these rights, please contact our privacy team at [email protected] with the subject line "Privacy Rights Request" and a description of your request. We will acknowledge your request within two business days and respond fully within 30 calendar days. In complex cases we may extend this by a further 60 days, and we will notify you if an extension is required.
8 Data Retention
joy7 retains your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable legal and regulatory obligations. The following general retention periods apply:
- Active Account Data: All personal data associated with an active joy7 account is retained for the full duration of the account relationship and for a period of five (5) years following permanent account closure.
- KYC and Identity Documents: Identity verification documents are retained for a minimum of five (5) years from the date of submission, in line with anti-money laundering record-keeping requirements.
- Financial Transaction Records: Deposit, withdrawal, and bet settlement records are retained for a minimum of seven (7) years following the date of the transaction, as required for financial audit and regulatory compliance purposes.
- Communications Data: Live chat transcripts and email correspondence with the support team are retained for three (3) years from the date of the last communication, to support dispute resolution and service quality assurance.
- Technical and Usage Logs: Server logs, IP address records, and session logs are retained for twelve (12) months and then permanently deleted or anonymised.
- Marketing Consent Records: Records of your marketing opt-in or opt-out are retained indefinitely to demonstrate compliance with your stated preferences, even if the underlying account is closed.
After the applicable retention period expires, data is either permanently deleted using secure deletion methods or irreversibly anonymised so that it can no longer be linked to you as an individual. Anonymised data may be retained indefinitely for statistical and analytical purposes.
Dormant Accounts: If your joy7 account becomes dormant (no login activity for 12 consecutive months), we will send a retention notice to your registered email address. If no response is received and the account remains inactive for a further 24 months, personal data not subject to legal retention obligations will be deleted from active databases and archived in a restricted environment subject to the timelines above.
Changes to This Policy: joy7 may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make a material change, we will update the "Last updated" date at the top of this page. For significant changes that affect how we use your data, we will endeavour to send a notification to your registered email address prior to the change taking effect. Continued use of the joy7 platform after any amendment constitutes your acceptance of the revised Privacy Policy.
Why Your Privacy Is Safe With joy7
Six pillars that define how joy7 approaches data protection for every player in Bangladesh.
End-to-End Encryption
Every byte of data exchanged between your device and joy7 is protected by TLS 1.3 with 256-bit SSL. Your personal and financial details are never transmitted in plain text.
Zero Data Sales Policy
joy7 has a strict zero-tolerance policy on selling or renting player data. Your information is used solely to operate and improve the joy7 platform — nothing more.
Full KYC Transparency
We explain exactly why we collect identity documents, who reviews them, and how long they are stored. KYC protects both you and the platform from fraud and financial crime.
Eight Actionable Rights
From access to erasure to portability, joy7 supports the full spectrum of privacy rights. Submit a rights request to [email protected] and receive a response within 30 days.
Minimal, Honest Cookie Use
joy7 uses only the cookies required to operate the platform and improve your experience. No third-party advertising cookies, no cross-site tracking, no data shared with ad networks.
Clear Retention Schedules
We publish our exact data retention timelines so you always know how long your information is kept. When retention periods expire, data is securely deleted or irreversibly anonymised.
Ready to Play on a Platform You Can Trust?
joy7 combines world-class cricket betting, premium casino games, and fast bKash & Nagad payments — all backed by the privacy standards described in this policy. Join thousands of players across Bangladesh who choose joy7 for a safe, transparent betting experience.
Start Playing at joy7 Read Our FAQ