cv7 Privacy Policy
At cv7, protecting the personal data of our players is a responsibility we take seriously. This Privacy Policy explains what information we collect when you use the cv7 platform, how we use and store that information, who we may share it with, and what rights you have over your own data. By registering an account or using any cv7 service, you confirm that you have read and understood this policy.
Privacy at a Glance
These summary cards capture the core principles guiding how cv7 handles your personal data. The full legal text in the numbered sections below governs in all cases — these cards are orientation aids only.
Minimal Data Collection
cv7 collects only the personal data that is strictly necessary to operate your account, process transactions via bKash, Nagad, and Rocket, and comply with identity verification obligations. We do not harvest data beyond what is needed for these purposes.
No Unauthorised Selling
cv7 does not sell, rent, or trade your personal data to third-party marketers. Data shared with our certified game providers and payment processors is shared strictly to deliver the services you have requested, under binding confidentiality obligations.
SSL Encryption
All data transmitted between your device and the cv7 platform is protected by industry-standard SSL/TLS encryption. Sensitive fields such as payment method details and identity documents are stored using additional encryption layers at rest.
Your Rights, Your Control
Registered cv7 users have the right to access, correct, and request deletion of their personal data, subject to legal retention requirements. You can exercise these rights at any time by contacting the cv7 support team from your account dashboard.
Transparent Cookie Use
cv7 uses cookies and similar tracking technologies solely to maintain your session, remember your preferences, and gather anonymised analytics that help us improve platform performance. No third-party advertising cookies are placed on your device without your knowledge.
Defined Retention Periods
cv7 retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable law. Account data is retained for a minimum of five years following account closure to meet anti-money-laundering record-keeping obligations.
Information We Collect
When you interact with the cv7 platform — whether by registering an account, making a deposit, placing a bet, contacting our support team, or simply browsing the site — certain categories of personal and technical data are collected. The table below summarises the main categories of data cv7 collects and the primary reason for collecting each category.
| Data Category | Examples | Primary Purpose |
|---|---|---|
| Identity Data | Full name, date of birth, National Identity Card (NID) number, passport number | Account registration, age verification, KYC compliance |
| Contact Data | Mobile phone number, email address, district / city (e.g., Dhaka, Chittagong, Sylhet) | Account notifications, support communications, transaction alerts |
| Financial Data | bKash wallet number, Nagad number, Rocket number, bank account details (BRAC Bank, City Bank, Dutch-Bangla Bank, etc.), transaction history in BDT | Deposit and withdrawal processing, fraud prevention |
| Gaming Activity Data | Bets placed, game sessions, cricket markets traded, slots and fishing game activity, win/loss history | Account management, responsible gaming monitoring, dispute resolution |
| Technical Data | IP address, device type, browser type and version, operating system, session timestamps | Platform security, fraud detection, performance optimisation |
| Communications Data | Live chat transcripts, email correspondence with cv7 support | Support quality assurance, dispute evidence, compliance records |
Where cv7 requests that you provide personal data as a condition of using a particular service — such as submitting identity documents to unlock withdrawals — we will make this clear at the point of collection. Failure to supply required data may mean that cv7 is unable to provide the relevant service or process a pending transaction.
How We Use Your Data
cv7 processes your personal data only where a lawful basis exists for doing so. The primary lawful bases on which cv7 relies are: performance of a contract (processing your account and transactions), compliance with a legal obligation (identity verification and anti-money-laundering requirements), and legitimate interests (platform security, fraud prevention, and service improvement). Where we rely on your consent — for example, to send promotional communications — you may withdraw that consent at any time.
The specific purposes for which cv7 uses your personal data include the following:
- Creating, maintaining, and administering your cv7 player account, including processing deposits and withdrawals via bKash, Nagad, Rocket, Upay, and approved Bangladeshi banks.
- Verifying your identity and age (18+ requirement) in accordance with our account verification procedures, including reviewing National Identity Card copies and other submitted documents.
- Processing your bets and game transactions, settling outcomes, and crediting winnings to your cv7 BDT wallet in real time.
- Monitoring gaming activity to identify patterns consistent with problem gambling and to proactively offer responsible gaming tools where appropriate.
- Detecting, investigating, and preventing fraudulent activity, money laundering, and other prohibited conduct as described in our Terms & Conditions.
- Sending transactional communications such as deposit confirmations, withdrawal status updates, and account security alerts via SMS or email.
- Sending promotional communications about cv7 offers, bonuses, and BPL / IPL betting markets — but only where you have opted in to receive such communications.
- Improving the cv7 platform through analysis of anonymised, aggregated usage data, including identifying popular game categories, peak usage periods (e.g., BPL match days), and performance bottlenecks.
- Responding to enquiries, complaints, and support requests submitted via the cv7 live chat or email channel.
- Complying with applicable legal and regulatory obligations, including responding to lawful requests from competent authorities.
Data Sharing and Disclosure
cv7 does not sell your personal data to any third party. We may, however, share your data with a limited set of trusted third parties where it is necessary to deliver the services you have requested, to fulfil a legal obligation, or to protect the legitimate interests of cv7 and its users. All third parties with whom cv7 shares personal data are required to handle that data securely and only for the specific purposes described below.
- Game Providers. To deliver live casino, slots, and fishing games, cv7 transmits certain session and account identifiers to certified third-party game providers including Pragmatic Play, Evolution Gaming, Microgaming, NetEnt, Ezugi, and Spribe. These providers receive only the minimum data required to initialise your game session and record your stake and payout. They do not receive your full identity or payment details.
- Payment Processors. To process your deposits and withdrawals, cv7 shares the necessary transaction data with your nominated payment provider — bKash, Nagad, Rocket, Upay, or your designated Bangladeshi bank. This data sharing is strictly limited to what is required to execute the specific transaction and is governed by the payment provider's own privacy policy.
- Identity Verification Services. cv7 may use third-party identity verification services to cross-reference submitted identity documents against authoritative databases. These services process your identity data solely for verification purposes and are bound by strict confidentiality obligations.
- Legal and Regulatory Authorities. cv7 may disclose your personal data to competent legal or regulatory authorities where required to do so by applicable law, court order, or lawful government request. cv7 will, where legally permitted, notify affected users of such disclosure requests.
- Fraud Prevention and Security Partners. To protect the cv7 platform and its users against fraud, account takeover, and money laundering, cv7 may share flagged account data with specialist fraud prevention partners. Any such sharing is subject to appropriate data processing agreements.
Data Retention and Storage
cv7 retains your personal data for as long as is necessary to fulfil the purposes described in this Privacy Policy, or for as long as required by applicable law. We do not retain data beyond these periods without a specific lawful justification. The following retention periods apply to the main categories of data we hold:
- Active account data — retained for the full duration of your account being open and active on the cv7 platform.
- Closed account data (identity and financial records) — retained for a minimum of five years following account closure, in compliance with anti-money-laundering record-keeping obligations applicable to online gaming operators.
- Transaction records — retained for a minimum of five years from the date of each transaction, consistent with financial record-keeping requirements.
- Support and communication records — retained for three years from the date of each interaction, to support quality assurance and dispute resolution processes.
- Marketing consent records — retained for as long as you hold an active account, and for three years following account closure or opt-out, to demonstrate compliance with consent obligations.
- Anonymised analytics data — retained indefinitely in aggregated, non-identifiable form for platform improvement purposes.
All personal data held by cv7 is stored on secure servers. Data relating to Bangladeshi users, including transaction records in BDT processed via bKash, Nagad, Rocket, and Bangladeshi banking channels, is stored with data security measures appropriate to the sensitivity of the information. cv7 applies access controls to ensure that personal data is accessible only to staff and systems that have a legitimate operational need for it.
Your Privacy Rights
As a registered cv7 user, you have the following rights in relation to the personal data we hold about you. These rights may be exercised at any time by contacting the cv7 support team via live chat from your account dashboard, or by emailing [email protected] (plain text address — not a clickable link). cv7 will respond to all data rights requests within 30 days of receipt.
- Right of Access. You have the right to request a copy of the personal data cv7 holds about you. We will provide this in a clear, readable format, subject to verification of your identity.
- Right to Rectification. If any personal data cv7 holds about you is inaccurate or incomplete, you have the right to request that we correct it. For most contact details, you can update information directly via your account settings.
- Right to Erasure. You may request that cv7 delete your personal data where it is no longer necessary for the purposes for which it was collected, subject to any overriding legal retention obligations.
- Right to Restrict Processing. In certain circumstances, you may request that cv7 restrict the processing of your data — for example, while a dispute about its accuracy is being resolved.
- Right to Data Portability. Where cv7 processes your data on the basis of your consent or contract performance, and that processing is carried out by automated means, you may request a machine-readable copy of your data for transfer to another service.
- Right to Object. You have the right to object to the processing of your personal data for marketing purposes at any time, with immediate effect. You may also object to processing carried out on the basis of cv7's legitimate interests, though cv7 may be able to demonstrate overriding legitimate grounds in certain cases.
- Right to Withdraw Consent. Where cv7 relies on your consent as the lawful basis for processing, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
Data Security Measures
cv7 implements a range of technical and organisational security measures designed to protect your personal data against unauthorised access, accidental loss, destruction, or alteration. While no online platform can guarantee absolute security, cv7 maintains a security framework consistent with industry best practices for online gaming and financial services platforms serving the Bangladeshi market.
- SSL/TLS Encryption. All data in transit between your browser or mobile device and the cv7 platform is protected using industry-standard Transport Layer Security (TLS) encryption, ensuring that your login credentials, payment details, and personal information cannot be intercepted in transit.
- Encrypted Data Storage. Sensitive data fields — including payment method identifiers and identity document images — are encrypted at rest using strong symmetric encryption algorithms. Database access requires authenticated, role-based authorisation.
- Access Controls. Access to systems holding personal data is restricted to cv7 staff and contractors with a legitimate operational need. Access is granted on a least-privilege basis and is subject to regular access review.
- Fraud and Intrusion Detection. cv7 operates automated systems to detect suspicious login activity, unusual transaction patterns, and potential account takeover attempts. Alerts trigger immediate security review procedures.
- Regular Security Assessments. cv7 conducts periodic security assessments of its platform infrastructure. Critical vulnerabilities identified through these assessments are prioritised for remediation on an accelerated timeline.
- Incident Response. In the event of a data security incident that is likely to result in a risk to affected users, cv7 will notify affected users promptly and take immediate steps to contain and remediate the incident.
Users also have an important role to play in the security of their own data. cv7 strongly recommends that all users choose a strong, unique password for their cv7 account, enable any available login notification features, and contact the cv7 support team immediately if they suspect that their account credentials have been compromised.
Changes to This Policy
cv7 reserves the right to update this Privacy Policy at any time to reflect changes in our data practices, applicable law, or the services we offer. When we make material changes to this policy, we will publish the updated version on this page with a revised effective date. For significant changes that materially affect how we use your personal data, cv7 will provide advance notice via your registered account dashboard notification or email.
Your continued use of the cv7 platform after a revised Privacy Policy has been published constitutes your acceptance of the updated policy. If you do not agree with the revised policy, you should cease using the platform and contact the cv7 support team to arrange closure of your account and processing of any outstanding balance.
Ready to Explore cv7?
Now that you understand how cv7 handles your data, you can use the platform with confidence. Log in to your account, browse our cricket markets, or check out the FAQ for any remaining questions.