Privacy Policy
ff9 — Your Data, Protected
At ff9, safeguarding your personal information is a core responsibility. This Privacy Policy explains exactly what data we collect from players in Bangladesh, how it is used, who it may be shared with, how long it is retained, and what rights you hold over your own information. We are committed to handling your data with transparency and care.
No Data Sold to Third Parties
ff9 does not sell, rent, or trade your personal information to any third party for marketing or commercial purposes. Your data belongs to you and is used only to operate and improve your ff9 experience.
SSL Encryption on All Data
All data transmitted between your device and the ff9 platform is protected by industry-standard SSL/TLS encryption. Sensitive fields such as passwords and payment details are encrypted at rest and in transit.
Player Rights Respected
You have the right to access, correct, and request deletion of your personal data held by ff9 at any time. Submit a data request via live chat or email and we will respond within the timeframe set out in this policy.
Payment Data Handled Safely
ff9 does not store full card numbers or full mobile wallet PINs on its servers. Payment processing is handled by regulated payment partners including bKash, Nagad, and Rocket, each operating under their own security standards.
Cookie Transparency
ff9 uses cookies strictly for session management, platform functionality, and anonymised analytics. We do not use cross-site tracking cookies or fingerprinting technologies to build advertising profiles on ff9 players.
Clear Retention Periods
Player data is retained only for as long as is necessary to fulfil the purposes described in this policy or as required by applicable guidelines. Account data is retained for a minimum of five years following account closure to satisfy anti-money laundering obligations.
1. Information We Collect
When you register for, access, or use the ff9 platform, we collect several categories of personal information. The type and extent of data collected depends on your level of interaction with the platform — for example, browsing the site without an account generates less data than a fully verified player account with active deposits.
Information You Provide Directly
When you register a player account with ff9, you provide personal information including your full legal name, date of birth, residential address in Bangladesh, email address, and a mobile phone number linked to a payment wallet such as bKash or Nagad. You may also provide a copy of your National ID Card (NID) or passport when completing identity verification (KYC). If you contact our support team, we retain a record of that correspondence including any attachments you submit.
Information Collected Automatically
When you visit the ff9 website or use the ff9 mobile application, certain technical data is collected automatically. This includes your IP address, browser type and version, device type and operating system, screen resolution, pages visited, session duration, referring URL, and the time and date of each request. This data is collected via server logs and first-party analytics tools and is used to maintain platform stability and improve user experience.
Transaction and Gaming Data
ff9 records all financial transactions associated with your account, including deposit amounts, withdrawal requests, payment method references (such as your bKash account number), bonus credits, and wager histories. Game activity data — including which games you played, stakes placed, outcomes, and session durations — is also retained as part of your account record. This data is essential for account management, dispute resolution, and responsible gaming monitoring.
Data Collected During KYC Verification
As part of our Know Your Customer process, we may collect copies of government-issued identity documents, utility bills or bank statements confirming your address, and in some cases a selfie or video verification for liveness checks. These documents are processed by our compliance team and, where applicable, by regulated third-party identity verification providers operating under their own data protection obligations.
Summary of Data Categories
| Data Category | Examples | Collection Method |
|---|---|---|
| Identity Data | Full name, date of birth, NID number | Registration form, KYC submission |
| Contact Data | Email address, mobile number, residential address | Registration form, account settings |
| Financial Data | bKash/Nagad number, deposit/withdrawal history | Payment processor, transaction records |
| Technical Data | IP address, device ID, browser type, session logs | Server logs, analytics tools |
| Gaming Data | Game history, bet amounts, session durations | Platform activity logs |
| Communications Data | Support chat logs, email correspondence | Live chat system, email records |
2. How We Use Your Data
ff9 processes your personal data only for clearly defined, legitimate purposes. We do not use your data for purposes that are incompatible with those for which it was originally collected. The primary purposes for which ff9 processes player data are as follows:
Account Management and Platform Access
Your identity and contact data are used to create and maintain your ff9 player account, authenticate your logins, communicate important account updates, and ensure that the correct account is credited when you make a deposit or request a withdrawal. Without this data, it is not possible to operate a player account on the ff9 platform.
Payment Processing and Financial Administration
Transaction data is processed to facilitate deposits from bKash, Nagad, Rocket, Upay, and bank channels, to execute withdrawal requests to your registered payment method, to calculate and credit bonuses, and to maintain accurate financial records for each player account. ff9 does not store full card numbers; card-present data is tokenised and held by the card payment processor.
Identity Verification and Fraud Prevention
ff9 uses identity data — including NID copies and address documents — to verify that players meet the 18+ age requirement, that they are who they claim to be, and that no duplicate accounts exist. We also use technical data such as IP addresses and device identifiers to detect and prevent fraudulent activity, money laundering, and multi-accounting. Automated fraud detection tools may flag accounts for manual review based on behavioural patterns.
Responsible Gaming and Player Protection
Gaming activity data, session duration records, and deposit frequency data are monitored to identify players who may be exhibiting signs of problem gambling. ff9 uses this information to apply responsible gaming tools where appropriate, to honour self-exclusion requests, and to comply with obligations around player protection. If you set deposit limits or time-out periods via your account dashboard, your gaming data is used to enforce those limits in real time.
Customer Support
When you contact ff9 support via live chat or email, we use your account data and the content of your communications to respond to your query, investigate complaints, and resolve disputes. Support interactions are logged and may be reviewed for quality assurance and training purposes.
Platform Improvement and Analytics
Anonymised and aggregated technical data is used by the ff9 team to understand how players navigate the platform, which features generate the most engagement, and where technical improvements can be made. This analysis does not identify individual players and is used solely to improve the ff9 product.
Marketing Communications
With your explicit consent at the point of registration, ff9 may send you promotional emails or SMS messages about bonuses, new games, seasonal promotions aligned with events such as Eid or the BPL cricket season, and other offers we believe may interest you. You may withdraw consent for marketing communications at any time by updating your preferences in your account dashboard or by contacting support. Withdrawing marketing consent does not affect your ability to use the ff9 platform.
3. Data Sharing & Disclosure
ff9 does not sell or rent your personal information to third parties. We share your data only in the limited circumstances described below, and only to the minimum extent necessary for each purpose.
Payment Service Providers
To process deposits and withdrawals, ff9 shares relevant transaction data with your chosen payment provider — for example, bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, BRAC Bank, or the card network handling a Visa or Mastercard transaction. Each of these providers operates under its own regulatory obligations and data protection framework. ff9 is not responsible for the data handling practices of third-party payment processors, and we encourage you to review the privacy policies of your chosen payment provider.
Game Software Providers
Games on the ff9 platform are supplied by third-party providers including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, Ezugi, and Vivo Gaming. When you launch a game, a session token and anonymised player identifier may be passed to the relevant provider to initialise your game session. Full personal details such as your name or NID are not shared with game providers. Game providers retain their own game-session logs in accordance with their internal data retention policies.
Identity Verification Services
Where ff9 uses a third-party KYC provider to assist with identity verification, your identity documents and verification data may be shared with that provider for the sole purpose of completing the verification check. Such providers are contractually bound to process your data only for the stated verification purpose and to delete it upon completion of the check.
Legal and Regulatory Disclosure
ff9 may disclose personal data to law enforcement agencies, regulatory authorities, or other government bodies in Bangladesh where we are legally required to do so, where we have a good-faith belief that disclosure is necessary to prevent or investigate fraud or criminal activity, or where such disclosure is required to protect the rights, safety, or property of ff9, its players, or the public.
Business Transfers
In the event that ff9 undergoes a business restructuring, merger, or acquisition, player data may form part of the assets transferred to the acquiring entity. In such circumstances, ff9 will notify affected players and ensure that the recipient entity agrees to honour this Privacy Policy or provides players with advance notice of any material changes.
4. Cookies & Tracking Technologies
The ff9 website uses cookies and similar technologies to ensure the platform functions correctly, to keep you logged in during your session, and to gather anonymised usage statistics that help us improve the platform. This section explains the categories of cookies ff9 uses and how you can manage them.
Essential Cookies
These cookies are strictly necessary for the ff9 platform to operate. They manage your login session, maintain your account authentication state, store your language and display preferences, and enable security features such as CSRF protection. Essential cookies cannot be disabled without preventing you from using core platform features. They do not collect any data that could be used to identify you outside of the ff9 platform.
Analytics Cookies
ff9 uses first-party analytics cookies to understand how players interact with the platform — for example, which pages are visited most frequently, how long sessions last, and where players tend to exit the site. This data is collected in aggregated, anonymised form and is never linked back to individual player identities. Analytics cookies help us prioritise platform improvements and resolve usability issues.
Functional Cookies
Functional cookies remember your platform preferences, such as your preferred game category, last-viewed sections, and whether you have acknowledged certain notices. These cookies improve the consistency and convenience of your ff9 experience across sessions but are not essential for core platform functionality.
Managing Cookies
Most modern browsers allow you to view, manage, and delete cookies stored on your device through the browser's settings or privacy panel. Blocking essential cookies will prevent you from logging in to your ff9 account. Blocking analytics or functional cookies will not affect your ability to deposit, withdraw, or play games but may reduce some personalisation features. For detailed instructions on managing cookies, please refer to your browser's help documentation.
5. Data Retention
ff9 retains your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law and best-practice guidelines governing online gaming operations. The retention periods below reflect the balance between operational necessity, responsible gaming obligations, and player privacy.
| Data Type | Retention Period | Reason |
|---|---|---|
| Account & Identity Data | 5 years after account closure | Anti-money laundering compliance, dispute resolution |
| Financial Transaction Records | 5 years after each transaction | Financial record-keeping, fraud investigation |
| KYC Documents | 5 years after account closure | Identity verification audit trail |
| Gaming Activity Logs | 3 years after account closure | Responsible gaming monitoring, dispute resolution |
| Support Communications | 3 years from date of interaction | Complaint handling, quality assurance |
| Analytics Data | 26 months (rolling) | Platform improvement analysis |
| Marketing Consent Records | Until consent withdrawn + 1 year | Consent audit trail |
Upon expiry of the applicable retention period, ff9 will securely delete or permanently anonymise the relevant data. Anonymised data — from which no individual player can be identified — may be retained indefinitely for statistical and research purposes.
6. Data Security
ff9 implements a multi-layered technical and organisational security framework to protect player data against unauthorised access, disclosure, alteration, or destruction. While no online platform can guarantee absolute security, ff9 maintains industry-standard controls appropriate to the sensitivity of the data we process.
Technical Safeguards
All data in transit between your device and the ff9 platform is encrypted using TLS 1.2 or higher. Sensitive data fields — including passwords, payment references, and KYC documents — are encrypted at rest using AES-256 encryption. Player passwords are stored as salted cryptographic hashes and are never retrievable in plain text, even by ff9 staff. Access to production databases is restricted to authorised personnel only, and all administrative access is logged and audited.
Organisational Safeguards
ff9 staff who handle personal data are bound by confidentiality obligations and receive training on data handling best practices. Access to player data is granted on a strict need-to-know basis, with role-based access controls ensuring that no individual has broader data access than their job function requires. Periodic security reviews are conducted to identify and address potential vulnerabilities in the platform's data handling processes.
Incident Response
In the event of a data security incident that poses a risk to the rights and freedoms of affected players, ff9 will take immediate steps to contain the incident, assess its scope and impact, and notify affected players without undue delay. Notifications will be sent to the email address registered on your ff9 account and will include a description of the incident, the data involved, the steps ff9 has taken in response, and any recommended actions for affected players.
Your Responsibility
While ff9 maintains strong server-side security, the security of your account also depends on steps you take on your own device. We strongly recommend using a strong, unique password for your ff9 account, enabling two-factor authentication via SMS OTP, never sharing your login credentials with any other person, and logging out of your account when using shared or public devices. If you believe your account has been compromised, contact ff9 support via live chat immediately.
7. Your Privacy Rights
As a player on the ff9 platform, you have a number of rights with respect to the personal data we hold about you. ff9 is committed to honouring these rights in a timely and transparent manner. To exercise any of the rights described in this section, please contact the ff9 support team via live chat or email at the address shown in the footer of this page. Requests will be responded to within 30 days of receipt. In complex cases, this period may be extended by a further 30 days, in which case you will be notified of the extension and the reason for it.
Right of Access
You have the right to request a copy of the personal data ff9 holds about you, including the categories of data held, the purposes for which it is processed, and details of any third parties with whom it has been shared. ff9 will provide this information free of charge in a structured, commonly used format.
Right to Rectification
If any personal data ff9 holds about you is inaccurate or incomplete, you have the right to request that it be corrected. For most account data — such as your email address or phone number — you can update this directly in your ff9 account settings. For identity data such as your name or date of birth, corrections require submission of supporting documentation to the support team.
Right to Erasure
You have the right to request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you have withdrawn consent (and no other legal basis applies), or where the data has been unlawfully processed. ff9 will honour erasure requests to the fullest extent possible, subject to mandatory retention obligations under applicable law — for example, AML records that must be retained for a minimum of five years cannot be deleted on request.
Right to Restriction of Processing
In certain circumstances — for example, while a dispute about the accuracy of your data is being resolved — you have the right to request that ff9 restricts its processing of your personal data. During a restriction period, ff9 may continue to store your data but will not actively process it for purposes beyond storage and the resolution of the underlying issue.
Right to Data Portability
Where ff9 processes your data on the basis of your consent or the performance of a contract, you have the right to receive a copy of your data in a structured, machine-readable format (such as JSON or CSV) that can be transferred to another service provider. This right applies to data you have actively provided — such as your account profile and transaction history — and does not extend to data generated through automated processing.
Right to Object to Marketing
You have the right to object to the processing of your personal data for direct marketing purposes at any time. You can exercise this right by updating your communication preferences in your ff9 account dashboard, by clicking the unsubscribe link in any marketing email we send you, or by contacting the support team directly. Once you object, ff9 will cease sending marketing communications within 5 business days.
8. Updates to This Policy
ff9 reserves the right to update this Privacy Policy at any time to reflect changes in the services we offer, the data we collect, the legal and regulatory environment, or our internal data handling practices. When material changes are made to this policy, we will update the "Last Reviewed" date displayed at the top of this page and, where the changes are significant, we will notify registered players via the email address associated with their account.
We encourage all ff9 players to review this Privacy Policy periodically to remain informed about how their data is being handled. Your continued use of the ff9 platform following the publication of an updated Privacy Policy constitutes your acceptance of the revised terms. If you disagree with any changes to this policy, you should discontinue use of the platform and may request account closure via the support team.
Contact for Privacy Queries
If you have any questions, concerns, or requests relating to this Privacy Policy or the way ff9 handles your personal data, please contact our support team via live chat — available 24 hours a day, 7 days a week in English, including public holidays in Bangladesh. You may also write to the email address displayed in the footer of this page. We aim to respond to all privacy-related queries within 5 business days (Bangladesh Standard Time, UTC+6).
ff9 takes data privacy seriously and we welcome feedback from players on how we can improve our data handling practices. All privacy-related correspondence is treated with strict confidentiality.
Questions About Your ff9 Privacy?
Our English-language support team is on hand 24/7 via live chat to answer any data or privacy query. You can also review our Terms & Conditions or visit our FAQ for quick answers to common questions.