At mistcash, protecting your personal information is a responsibility we take seriously. This Privacy Policy explains precisely what data we collect, how we use it, who we share it with, and what rights you hold over your information as a player on our Bangladesh platform.
All data transmitted between your device and mistcash servers is protected using industry-standard SSL/TLS encryption. Your financial and personal information is never sent over unprotected channels.
mistcash does not sell, rent, or trade your personal data to third-party marketers. Your information is used solely for operating, improving, and securing the platform as described in this policy.
We use cookies and similar technologies to improve your experience on mistcash. You retain meaningful control over non-essential cookies through your browser or device settings at any time.
Identity documents collected during KYC verification are stored securely, accessed only by authorised compliance personnel, and never used for any purpose beyond verifying your identity and preventing fraud.
You may request a complete copy of the personal data mistcash holds about you at any time. Verified requests will be fulfilled within 30 days of receipt. Contact our support team to initiate a data access request.
Subject to our legal obligations and retention requirements, you have the right to request deletion of your personal data. Requests are assessed on a case-by-case basis and processed promptly by our privacy team.
Section 1
mistcash collects personal data from players through several channels: directly from you when you register, through your use of the platform, and automatically via technical means as you interact with our website. The categories of information we collect are described below.
1.1 Registration and Account Data
When you create a mistcash account, we collect the information you provide during the registration process. This includes your full legal name, date of birth, email address, mobile phone number, and residential address. This data is necessary to establish and maintain your account, verify your identity, and comply with our legal obligations.
1.2 Identity Verification (KYC) Data
To comply with anti-money-laundering (AML) requirements and to confirm that players meet the minimum age requirement of 18 years, we may request the following documents:
1.3 Financial Transaction Data
We record all deposits and withdrawals made through your mistcash account, including transaction amounts (in BDT), timestamps, payment method identifiers (such as the last four digits of a card, or a bKash or Nagad account reference), and transaction status. This information is required for processing your payments, resolving disputes, and maintaining accurate financial records as required by applicable regulations.
1.4 Gaming and Betting Activity Data
We collect records of your gaming and betting activity on the mistcash platform. This includes the games played, wagers placed, outcomes, session durations, bonus usage history, and any in-platform interactions. This data is used to personalise your experience, administer bonuses fairly, monitor for responsible gaming indicators, and detect fraudulent or irregular patterns of play.
1.5 Technical and Device Data
When you access mistcash, our systems automatically collect certain technical information, including your IP address, browser type and version, operating system, device type and model, screen resolution, referral URL, and session timestamps. This information is used for security monitoring, platform optimisation, and fraud prevention purposes.
1.6 Communications Data
If you contact mistcash via email, live chat, or any other support channel, we retain records of that communication, including the content of messages, timestamps, and any attachments. This data allows us to resolve your queries effectively and maintain a history of your support interactions.
| Data Category | Examples | Collection Method |
|---|---|---|
| Account Data | Name, email, phone, date of birth, address | Provided by you at registration |
| KYC Documents | National ID, passport, address proof | Uploaded by you on request |
| Financial Data | Deposit/withdrawal amounts, payment references | Generated by platform transactions |
| Gaming Activity | Game history, bet amounts, session durations | Automatically recorded during platform use |
| Technical Data | IP address, device type, browser, OS | Automatically collected on site access |
| Communications | Support chat logs, email correspondence | Provided by you when contacting support |
Section 2
mistcash processes your personal data only for specific, legitimate purposes. We do not use your data for any purpose that is incompatible with the purposes for which it was collected. The primary purposes for which we process your personal data are as follows.
2.1 Account Management and Platform Operation
Your registration and account data is used to create, maintain, and secure your mistcash account. This includes authenticating your identity at login, processing deposits and withdrawals, crediting bonus funds, administering your account settings, and providing access to all platform features available to registered players in Bangladesh.
2.2 Identity Verification and Regulatory Compliance
KYC data and financial transaction records are processed to fulfil our obligations under applicable anti-money-laundering regulations, to verify that players are at least 18 years of age, to confirm ownership of payment methods, and to conduct source-of-funds checks where required. This processing is necessary for legal compliance and cannot be waived.
2.3 Fraud Prevention and Security
Technical and device data, combined with gaming activity records, is analysed to detect and prevent fraud, identity theft, account takeover, bonus abuse, collusion, and other forms of platform manipulation. Automated systems and human review teams both contribute to this monitoring. Where suspicious activity is detected, mistcash may suspend or restrict your account pending investigation.
2.4 Personalisation and Player Experience
Gaming activity data and account preferences are used to tailor your experience on the mistcash platform. This may include surfacing games or sports markets that match your historical interests, presenting relevant bonus offers, and adapting the platform interface based on your usage patterns. Personalisation processing is based on your consent, which you may withdraw at any time.
2.5 Responsible Gaming Monitoring
We analyse gaming session data, deposit frequency, wagering patterns, and self-reported preferences to identify potential indicators of problem gambling. Where such indicators are detected, mistcash may proactively reach out to offer responsible gaming tools or, in serious cases, impose temporary account restrictions in your interest. This processing is based on our legitimate interest in player welfare.
2.6 Marketing Communications
With your explicit consent, we may use your email address and phone number to send you promotional communications about new games, seasonal offers tied to Bangladeshi events (such as Eid, BPL season, or T20 tournaments), and exclusive VIP rewards. You may withdraw your marketing consent at any time by updating your account preferences or by contacting support at [email protected]. Withdrawal of marketing consent does not affect the lawfulness of processing that occurred prior to withdrawal.
2.7 Customer Support
Communications data from your support interactions is used to resolve your queries, document complaint history, and improve the quality of our support services. Support records are retained for a minimum of two years following the closure of a query.
Section 3
mistcash does not sell, rent, or otherwise commercially transfer your personal data to third parties. However, in order to operate the platform effectively and comply with our legal obligations, we may share your data with certain categories of trusted recipients in the circumstances described below.
3.1 Game Technology Providers
To deliver casino games and live dealer experiences, mistcash integrates the platforms of third-party game studios including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. These providers may process limited player data (such as anonymised player identifiers, session tokens, and bet history) to deliver their services and maintain game integrity. All such providers are contractually bound to process player data only for the agreed purposes and to maintain appropriate security standards.
3.2 Payment Processors
To facilitate deposits and withdrawals, mistcash shares transaction-related data with payment service providers including bKash, Nagad, Rocket, Upay, Visa, and Mastercard, as well as our partner banks (including Dutch-Bangla Bank, City Bank, BRAC Bank, and others). This data sharing is limited to the information strictly necessary to process the transaction and comply with payment network rules. Payment providers operate under their own privacy policies.
3.3 Identity Verification Services
We may engage third-party KYC and identity verification service providers to assist with document authentication and age verification. These providers process your identity documents and personal data solely for verification purposes and are contractually prohibited from using your data for any other purpose.
3.4 Legal and Regulatory Authorities
mistcash may be required to disclose your personal data to law enforcement agencies, regulatory authorities, courts, or other governmental bodies where we are legally compelled to do so, or where disclosure is necessary to protect the rights, property, or safety of mistcash, our players, or the public. We will notify you of such disclosures where legally permitted to do so.
3.5 Business Transfers
In the event of a merger, acquisition, restructuring, or sale of all or part of mistcash's business, your personal data may be transferred to the acquiring entity as part of that transaction. You will be notified of any such transfer and of any material change to this Privacy Policy that results from it, with reasonable advance notice.
Section 4
mistcash uses cookies and similar tracking technologies to operate and improve the platform, analyse usage patterns, and deliver a personalised experience. This section explains what cookies we use, why we use them, and how you can control them.
4.1 What Are Cookies?
Cookies are small text files placed on your device by a website when you visit it. They allow the website to recognise your device, remember your preferences across sessions, and collect information about how you interact with the site. Similar technologies include web beacons, pixel tags, and local storage objects, all of which function in analogous ways.
4.2 Categories of Cookies We Use
4.3 Managing Your Cookie Preferences
You can control which non-essential cookies are active by adjusting your browser settings at any time. Most modern browsers allow you to block or delete cookies through their privacy or security settings menus. Note that disabling strictly necessary cookies will impair your ability to log in and use core platform features. Disabling analytics or functional cookies will not prevent you from accessing games or making transactions, but may reduce the quality of your personalised experience on mistcash.
Section 5
mistcash retains your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable legal, regulatory, or contractual obligations. Retention periods vary by data category and are outlined below.
5.1 Account and Transaction Data
Account registration data and financial transaction records are retained for a minimum of five years from the date of the last transaction or from account closure, whichever is later. This retention period reflects our obligations under AML regulations and financial record-keeping requirements. After this period, data is securely deleted or anonymised.
5.2 KYC Documents
Identity verification documents are retained for a minimum of five years following the closure of your account. In some cases, where a legal investigation or regulatory audit is ongoing at the time of account closure, retention may be extended until the matter is fully resolved. Documents are stored in encrypted form with restricted access.
5.3 Gaming Activity Records
Records of individual gaming sessions and wager history are retained for a minimum of three years. This data supports dispute resolution, responsible gaming monitoring, and audit trails. After the applicable retention period, gaming records are anonymised rather than deleted, allowing aggregate analysis without retaining personally identifiable information.
5.4 Support Communications
Customer support communications are retained for a minimum of two years from the date of the final message in a support thread. Extended retention may apply where a communication forms part of an ongoing complaint, dispute, or legal matter.
5.5 Marketing Consent Records
Records of your marketing consent (including the date, time, and method by which consent was given or withdrawn) are retained for the duration of your account and for a minimum of two years following account closure. These records serve as evidence of lawful processing and are required for compliance purposes.
5.6 Data Storage Location
mistcash stores player data on secure servers. We take reasonable technical and organisational measures to ensure that data processed in connection with the mistcash platform is protected to a standard consistent with the nature of the data and the risks involved. Where data is processed by third-party service providers located outside Bangladesh, we ensure that appropriate safeguards are in place to protect your data to an equivalent standard.
Section 6
As a mistcash player, you hold a number of rights in relation to the personal data we hold about you. mistcash is committed to honouring these rights promptly and transparently. The following rights are available to you.
6.1 Right of Access
You have the right to request a copy of all personal data that mistcash holds about you. Upon receiving a verified access request, mistcash will provide a structured summary of your data within 30 days. The first access request in any 12-month period is fulfilled free of charge. Subsequent requests within the same period may be subject to a reasonable administrative fee.
6.2 Right to Rectification
If any personal data held by mistcash is inaccurate or incomplete, you have the right to request that it be corrected. Many account details — such as your email address, phone number, and preferred payment method — can be updated directly through your account settings. For changes to core identity data (name, date of birth), a formal request to support is required along with supporting documentation.
6.3 Right to Erasure
You may request that mistcash delete your personal data. This right is not absolute — we are permitted to retain data where necessary to comply with legal obligations, resolve disputes, or maintain records required for AML and regulatory purposes. Where erasure is possible, it will be carried out within 30 days of a verified request. Where full erasure is not possible, we will explain which data must be retained and the legal basis for retaining it.
6.4 Right to Restriction of Processing
You have the right to request that mistcash restrict the processing of your personal data in certain circumstances — for example, while you dispute the accuracy of data we hold, or while a complaint is under investigation. During a restriction period, mistcash will retain your data but will not actively process it beyond what is necessary for the specific legal or administrative matter at hand.
6.5 Right to Data Portability
Where your data has been provided by you and is processed on the basis of your consent or a contract, you have the right to receive that data in a structured, machine-readable format (such as CSV or JSON) for the purpose of transferring it to another service provider. Portability requests are fulfilled within 30 days.
6.6 Right to Object to Processing
You have the right to object to processing of your personal data where that processing is based on our legitimate interests. If you object, mistcash will assess whether its legitimate interests in continuing the processing override your interests and rights. You also have an unconditional right to object to direct marketing processing at any time.
6.7 Rights Related to Automated Decision-Making
Where mistcash uses automated systems to make decisions that significantly affect you — such as automated fraud detection or automated account suspension — you have the right to request human review of that decision, to express your point of view, and to contest the outcome. Contact our support team at [email protected] to exercise this right.
Section 7
mistcash implements a comprehensive set of technical and organisational security measures designed to protect your personal data against unauthorised access, loss, destruction, or alteration. While no online platform can guarantee absolute security, we apply the following controls as standard.
7.1 Encryption
All data in transit between your device and mistcash servers is encrypted using TLS 1.2 or higher. Sensitive data at rest — including KYC documents, payment references, and authentication credentials — is encrypted using AES-256 or an equivalent industry-standard algorithm. Passwords are stored as salted cryptographic hashes and are never stored in plaintext.
7.2 Access Controls
Access to player data within the mistcash organisation is strictly controlled on a need-to-know basis. Staff members are granted only the minimum level of access required to perform their role. Access rights are reviewed periodically and revoked promptly when no longer required. All staff who handle personal data complete mandatory data protection training.
7.3 Infrastructure Security
The mistcash platform is hosted on enterprise-grade infrastructure protected by firewalls, intrusion detection systems, and continuous security monitoring. Regular vulnerability assessments and penetration testing are conducted to identify and remediate security weaknesses before they can be exploited.
7.4 Data Breach Response
In the event of a personal data breach that poses a risk to your rights and freedoms, mistcash will notify affected players without undue delay, providing details of what data was affected, the likely consequences of the breach, and the measures taken to address it. Where required by applicable regulations, relevant authorities will also be notified within the prescribed timeframe.
7.5 Your Role in Security
You play an important role in the security of your mistcash account. You are responsible for keeping your login credentials confidential, using a strong and unique password, logging out of the platform when using shared or public devices, and promptly notifying mistcash if you suspect unauthorised access to your account. mistcash will never ask for your password via email, live chat, phone, or any other channel. Any such request should be treated as a phishing attempt and reported to our support team immediately.
Section 8
8.1 Changes to This Privacy Policy
mistcash may update this Privacy Policy from time to time to reflect changes in our data practices, legal obligations, or the services we offer. When material changes are made — meaning changes that significantly affect how we collect, use, or share your personal data — we will notify you by displaying a prominent notice on the mistcash platform or by sending a notification to your registered email address before the changes take effect.
Your continued use of the mistcash platform after the effective date of an updated Privacy Policy constitutes your acceptance of the revised terms. If you do not accept the updated policy, you should cease using the platform and may request account closure in accordance with the Terms & Conditions.
8.2 Minor Updates
For non-material updates — such as corrections of typographical errors, clarification of existing practices without substantive change, or updates to contact information — mistcash may revise this policy without prior notice. The "Last Updated" date at the top of this page will always reflect the most recent revision, and we encourage you to review the policy periodically.
8.3 Contacting Our Privacy Team
If you have any questions about this Privacy Policy, wish to exercise any of your data rights, or have a concern about how your personal data has been handled by mistcash, please contact us at: [email protected]. Please include "Privacy Request" in the subject line of your email so that your query is routed to the appropriate team. We aim to respond to all privacy-related enquiries within 5 business days (Bangladesh Standard Time, UTC+6).
8.4 Governing Language
This Privacy Policy is written in English and shall be interpreted according to its English-language text. In the event of any ambiguity or dispute regarding the interpretation of this policy, the English version shall prevail.
Our support team is here to help with any data-related queries. You can also explore our full legal documentation, responsible gaming resources, or head straight to the casino lobby.