hey555 Privacy Policy
At hey555, your personal data is treated with the same care we apply to our games — responsibly, transparently, and securely. This Privacy Policy explains exactly what information we collect from players across Bangladesh, how we use it, who we share it with, and how you can exercise your data rights at any time.
The following cards summarise the six core principles that guide hey555's approach to data privacy. Each principle is elaborated in full in the relevant section below.
Purpose Limitation
hey555 collects personal data only for specific, legitimate purposes directly related to operating and improving the hey555 platform. Data collected for one purpose is never repurposed for an unrelated use without your explicit consent.
Data Minimisation
We collect the minimum amount of personal data required to deliver our services. We do not request information that is not necessary for account management, payment processing, identity verification, or responsible gaming compliance.
Security by Design
All data transmitted between your device and hey555 servers is protected by industry-standard TLS/SSL encryption. Sensitive data including payment information and identity documents is stored using additional encryption layers and strict access controls.
No Data Sales
hey555 does not sell, rent, or trade your personal data to any third party for commercial gain. The only disclosures we make are those strictly necessary to operate the platform, comply with legal obligations, or protect the safety of our users.
User Control
You retain meaningful control over your personal data at all times. You can request access to the data we hold about you, correct inaccuracies, request deletion of your account data, or withdraw marketing consent — all through a simple request to our support team.
Transparent Disclosure
This Privacy Policy is written in plain English and is kept up to date. We notify registered users of any material changes to our data practices at least 7 days in advance via email or on-site notification. No hidden data practices — what you see here is what we do.
Data We Collect
hey555 collects personal data from users of the hey555 platform through several channels: during account registration, during identity verification (KYC), during gameplay and betting activity, during deposit and withdrawal transactions, and through your use of the hey555 website and any associated mobile interface. The categories of data we collect are described below.
1.1 Account Registration Data
When you create a hey555 account, we collect:
- Full legal name;
- Date of birth (used to verify you are 18 years of age or older);
- Residential address ( including city and district within Bangladesh);
- Mobile phone number (registered in Bangladesh);
- Email address;
- Username and password (password is stored in hashed form — it is never stored or transmitted in plain text).
1.2 Identity Verification (KYC) Data
To comply with responsible gaming standards and anti-money-laundering best practices, hey555 may request the following identity documents before processing withdrawals or where account activity triggers a verification review:
- National ID card (NID) — front and back scan or photograph;
- Passport (bio-data page) or driver's licence as an alternative to NID;
- A recent utility bill, bank statement, or mobile financial service (bKash, Nagad) statement as proof of address;
- Proof of ownership of the payment method used for deposits — for example, a screenshot of your bKash or Nagad wallet registration confirming your name and number.
KYC documents are retained securely and used solely for the purpose of identity verification. They are never shared with advertisers or unaffiliated third parties.
1.3 Payment and Transaction Data
When you make a deposit or request a withdrawal, hey555 records transaction data including:
- Payment method used (bKash, Nagad, Rocket, Upay, bank transfer, Visa, Mastercard);
- Mobile wallet number or bank account reference (partially masked for display);
- Transaction amount in Bangladeshi Taka (BDT);
- Transaction date, time (Bangladesh Standard Time, UTC+6), and reference ID;
- Transaction status (pending, completed, failed, reversed).
hey555 does not store full card numbers, CVV codes, or bank account credentials. Card payments are processed via PCI DSS-compliant third-party processors who handle sensitive card data on our behalf.
1.4 Gaming and Betting Activity Data
hey555 records all gameplay and betting activity on your account, including:
- Games played, bets placed, wagers, and outcomes;
- Bonus usage, wagering progress, and promotion participation;
- Session duration and session frequency;
- Responsible gaming limit settings you have applied to your account.
This data is used to operate the gaming service accurately, to enforce bonus terms, to detect problem gambling patterns, and to comply with responsible gaming obligations.
1.5 Technical and Device Data
When you access the hey555 platform, our servers and analytics systems automatically collect certain technical data, including:
- IP address (used for geolocation, fraud detection, and security logging);
- Browser type and version;
- Operating system and device type (desktop, mobile, tablet);
- Referring URL (the page you visited before arriving at hey555);
- Pages visited on hey555 and time spent on each page;
- Session timestamps.
1.6 Communications Data
If you contact hey555 support via live chat, email, or WhatsApp, we retain records of those communications. This includes the content of your messages, the date and time of contact, and the outcome of any support interaction. Communications records are used to resolve disputes, improve service quality, and maintain a record of commitments made to users.
| Data Category | Examples | Primary Purpose |
|---|---|---|
| Registration Data | Name, DOB, address, mobile, email | Account creation, age verification, communications |
| KYC Documents | NID, passport, proof of address | Identity verification, withdrawal approval |
| Payment Data | bKash/Nagad number, transaction ID, amount | Deposit and withdrawal processing |
| Gaming Activity | Bets, outcomes, session duration | Service operation, responsible gaming monitoring |
| Technical Data | IP address, browser type, device | Security, fraud detection, analytics |
| Communications | Support chat logs, emails | Dispute resolution, service improvement |
How We Use Your Data
hey555 uses your personal data only for the purposes for which it was collected or for closely related purposes that you would reasonably expect. Below is a full account of every material use we make of your personal data.
2.1 Providing and Operating the Platform
The primary use of your personal data is to create and maintain your hey555 account, process deposits and withdrawals in Bangladeshi Taka via bKash, Nagad, Rocket, Upay, and bank channels, authenticate your identity when you log in, apply bonus credits to your account, and deliver game content from our licensed game providers including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi.
2.2 Identity and Age Verification
hey555 operates a strict 18+ age policy. KYC data is used exclusively to verify that you meet the minimum age requirement, that your identity matches the payment method registered on your account, and that you are not operating multiple accounts in violation of our one-account policy.
2.3 Fraud Prevention and Security
Technical data including IP addresses, device fingerprints, and session patterns are used to detect and prevent fraudulent account activity, unauthorised access attempts, bonus abuse, money laundering, and other prohibited conduct outlined in the hey555 Terms & Conditions. hey555 employs automated risk-scoring systems alongside manual review processes for this purpose.
2.4 Responsible Gaming Monitoring
hey555 uses your gaming activity data — including session duration, betting frequency, deposit patterns, and loss trajectories — to monitor for signs of problem gambling. Where our systems detect patterns consistent with harmful gambling behaviour, we may proactively contact you with information about responsible gaming tools, apply temporary cooling-off measures, or escalate to our responsible gaming team for a welfare review.
2.5 Customer Support
Communications data and account data are used by our support team to respond to your queries, resolve disputes, and deliver the 24/7 English-language support service that hey555 provides to players across Dhaka, Chittagong, Sylhet, Khulna, Rajshahi, and all regions of Bangladesh.
2.6 Legal and Regulatory Compliance
hey555 may be required by applicable law, court order, or regulatory instruction to retain, process, or disclose certain personal data. We comply with all such obligations and retain transaction and identity records for the minimum legally required period.
2.7 Platform Improvement and Analytics
Aggregated and anonymised technical data and gameplay data are used internally to analyse platform performance, identify popular games, improve page load times, and develop new features. This analysis is conducted at an aggregate level and does not involve making automated individual decisions about your account.
2.8 Marketing Communications
With your explicit consent, hey555 may send you promotional communications about new games, seasonal offers (such as Eid, Pohela Boishakh, or BPL cricket season promotions), and platform updates via email or SMS. You may withdraw your marketing consent at any time by updating your account communication preferences or contacting our support team. Withdrawal of marketing consent does not affect your ability to use the hey555 platform.
Data Sharing & Third Parties
hey555 does not sell your personal data. We do not share your personal data with advertisers, data brokers, or unaffiliated marketing partners. The limited circumstances in which your data may be shared with third parties are described in full below.
3.1 Payment Service Providers
To process deposits and withdrawals, hey555 shares the minimum necessary transaction data with our integrated payment partners — bKash, Nagad, Rocket (Dutch-Bangla Bank), Upay, and our banking partners including BRAC Bank, City Bank, Dutch-Bangla Bank, Islami Bank, and Sonali Bank. Card transactions are processed by PCI DSS-compliant card processors. Each payment partner operates under its own privacy policy and data handling obligations. hey555 does not share more data with payment providers than is strictly necessary to complete the requested transaction.
3.2 Game Content Providers
To deliver game content to your session, hey555 shares a session token and a non-identifiable player reference with our licensed game providers (Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, Ezugi, and others). This reference allows the game provider's system to record your bet and return the game outcome. Your full name, contact details, and KYC documents are never shared with game providers.
3.3 KYC and Identity Verification Services
hey555 uses specialist third-party identity verification services to assist with KYC document review. These services process identity documents on our behalf under strict data processing agreements. They are authorised to process your documents only for the purpose of identity verification and are prohibited from retaining your documents beyond the period necessary to complete the verification check.
3.4 Legal and Regulatory Disclosures
hey555 will disclose personal data to law enforcement agencies, regulatory bodies, or courts where we are legally required to do so by a valid order, warrant, or regulatory instruction. In such cases, hey555 will disclose only the data specifically requested and will notify the affected user where legally permitted to do so.
3.5 Business Transfers
In the event of a merger, acquisition, asset sale, or business restructuring involving hey555, your personal data may be transferred to the acquiring or successor entity as part of that transaction. hey555 will notify registered users of any such transfer via email or on-site notification at least 14 days in advance and will ensure that the receiving entity is bound by privacy obligations at least as protective as those in this Privacy Policy.
| Third Party Category | Data Shared | Purpose |
|---|---|---|
| Payment Providers (bKash, Nagad, banks) | Transaction amount, wallet/account reference | Deposit and withdrawal processing |
| Game Providers (Pragmatic Play, Evolution etc.) | Anonymous session token | Game content delivery and outcome recording |
| KYC Verification Services | Identity documents (NID, passport) | Age and identity verification |
| Legal / Regulatory Authorities | Data specified in legal order only | Legal compliance |
Data Security
hey555 implements a comprehensive set of technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, disclosure, alteration, or destruction.
5.1 Encryption in Transit
All data exchanged between your device and hey555 servers is encrypted using TLS 1.2 or higher (SSL). This applies to all platform interactions including account login, deposit and withdrawal requests, and KYC document uploads. The presence of the padlock icon in your browser address bar confirms that your connection to hey555 is encrypted.
5.2 Encryption at Rest
Sensitive data stored on hey555 servers — including identity documents, payment references, and account credentials — is encrypted at rest using AES-256 encryption. Passwords are stored exclusively as salted cryptographic hashes and are never accessible in plain text to any hey555 employee or system.
5.3 Access Controls
Access to personal data within hey555's internal systems is restricted on a strict need-to-know basis. Staff members are granted access only to the data categories necessary to perform their specific role. All internal data access is logged and subject to periodic review. hey555 conducts regular access control audits to identify and revoke unnecessary data access privileges.
5.4 Security Monitoring
hey555 operates continuous security monitoring across its platform infrastructure. This includes intrusion detection systems, automated anomaly alerts for unusual login patterns, and regular vulnerability assessments. Our security team responds to critical alerts around the clock, seven days a week.
5.5 Data Breach Procedures
In the event of a personal data breach that poses a risk to the rights and freedoms of affected users, hey555 will notify all affected users without undue delay and within 72 hours of becoming aware of the breach. The notification will describe the nature of the breach, the categories and approximate number of users affected, the likely consequences of the breach, and the measures hey555 has taken or proposes to take to address the breach and mitigate its effects.
Data Retention
hey555 retains personal data only for as long as necessary to fulfil the purpose for which it was collected, to comply with legal obligations, or to resolve disputes and enforce agreements. The specific retention periods for each category of data are set out below.
| Data Category | Retention Period | Reason |
|---|---|---|
| Account Registration Data | Duration of account + 5 years after closure | Legal obligation, dispute resolution |
| KYC Identity Documents | Duration of account + 5 years after closure | Anti-money-laundering compliance |
| Payment and Transaction Records | 7 years from transaction date | Financial record-keeping obligations |
| Gaming and Betting Activity | Duration of account + 3 years after closure | Responsible gaming monitoring, dispute resolution |
| Support Communications | 3 years from date of last interaction | Service quality, dispute resolution |
| Technical / Server Logs | 12 months from date of collection | Security monitoring, fraud detection |
| Marketing Consent Records | Until consent is withdrawn + 1 year | Proof of consent for marketing communications |
6.1 Deletion After Retention Period
When the applicable retention period expires, hey555 will securely delete or anonymise the relevant personal data so that it can no longer be attributed to an identifiable individual. Anonymised and aggregated data derived from your account activity (for example, statistical analysis of platform usage patterns) may be retained indefinitely as it no longer constitutes personal data.
6.2 Early Deletion Requests
You may request early deletion of your personal data by contacting [email protected]. hey555 will action deletion requests within 30 days subject to verifying your identity and confirming that no legal obligation requires retention of the data beyond your request date. Where a legal retention obligation applies, hey555 will inform you of the minimum retention period that must be observed before deletion can proceed.
Your Privacy Rights
As a hey555 user, you have a number of rights in relation to the personal data we hold about you. hey555 is committed to honouring these rights promptly and without unnecessary barriers. All rights requests should be submitted to [email protected] with the subject line "Privacy Rights Request" along with your registered mobile number and username so we can verify your identity before actioning the request.
7.1 Right of Access
You have the right to request a copy of all personal data that hey555 holds about you. We will provide this in a structured, commonly used, machine-readable format within 30 days of receiving a verified request.
7.2 Right to Rectification
If any personal data hey555 holds about you is inaccurate or incomplete, you have the right to request that it be corrected. Minor corrections (such as updating your email address or mobile number) can be made directly in your account settings. For corrections to identity or KYC data, please contact our support team.
7.3 Right to Erasure
You have the right to request that hey555 delete your personal data where it is no longer necessary for the purpose for which it was collected, where you have withdrawn consent and no other legal basis for processing applies, or where the data has been processed unlawfully. hey555 will action erasure requests within 30 days subject to legal retention obligations as described in Section 6.
7.4 Right to Restriction of Processing
You have the right to request that hey555 restrict processing of your personal data in certain circumstances — for example, while a data accuracy dispute is being resolved, or where you have objected to processing and a determination is pending. During a processing restriction, hey555 will continue to store your data but will not process it for any purpose other than storage and legal compliance.
7.5 Right to Data Portability
Where your data is processed on the basis of consent or on the basis of a contract with you, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to request that it be transferred to another service provider where technically feasible.
7.6 Right to Withdraw Marketing Consent
Where hey555 processes your personal data for marketing purposes on the basis of your consent, you have the right to withdraw that consent at any time. Withdrawal of marketing consent does not affect the lawfulness of processing carried out before the withdrawal and does not affect your ability to use the hey555 platform.
7.7 How to Exercise Your Rights
To exercise any of the rights described above, please contact the hey555 privacy team at [email protected] with the subject line "Privacy Rights Request". Include your registered username and the mobile number associated with your account so we can verify your identity. We will acknowledge your request within 5 Bangladesh Standard Time business days and provide a full response within 30 calendar days.
Policy Updates & Contact
hey555 reviews and updates this Privacy Policy periodically to reflect changes in our data practices, changes in applicable law, or improvements to the platform. The most current version of this Privacy Policy is always available at hey555.app/privacy-policy. The effective date at the top of this page indicates when the current version took effect.
8.1 Material Changes
For material changes — such as new categories of data being collected, new purposes for which existing data is used, or new third-party sharing arrangements — hey555 will notify all registered users via email and via an on-site notification at least 7 days before the change takes effect. Continued use of the hey555 platform after the effective date of a revised Privacy Policy constitutes acceptance of the revised terms.
8.2 Minor Corrections
Typographical corrections, clarifications that do not change the substance of our data practices, and updates to reflect changes in the names of integrated payment providers or game studios may be made without advance notice. Such updates will be reflected in the "Last Updated" date at the top of this page.
8.3 Contact the hey555 Privacy Team
For all privacy-related enquiries, rights requests, or complaints, please contact the hey555 privacy team using the details below. All communications must be in English. We respond to privacy enquiries within 5 Bangladesh Standard Time business days.
- Email: [email protected] (subject line: "Privacy Enquiry")
- Live Chat: Available 24/7 directly on the hey555 platform
- Support Hours: 24 hours a day, 7 days a week (Bangladesh Standard Time, UTC+6)
If you are not satisfied with hey555's response to your privacy concern, you have the right to escalate the matter through appropriate dispute resolution channels in your jurisdiction. hey555 is committed to resolving all privacy complaints fairly and transparently.
Ready to Play at hey555?
Now that you understand how we protect your data, explore our full range of games and betting options — all secured with SSL encryption and built for Bangladesh players.