Your Privacy Matters at goot11
At goot11, we are committed to protecting the personal data of every player on our platform. This Privacy Policy explains in plain English exactly what information we collect, how we use it, who we share it with, and the rights you hold over your own data.
1. Information We Collect
When you register, access, or interact with the goot11 platform, we collect a range of personal information necessary to operate a safe, compliant, and high-quality online gaming service. The categories of personal data we collect are set out below.
Information you provide directly:
- Registration data: Full legal name, date of birth, gender, email address, mobile phone number, and residential address (city and district within Bangladesh).
- Identity verification (KYC) documents: Copies of your National Identity Card (NID), passport, or driving licence, and proof of address such as a utility bill or bank statement.
- Payment information: Your bKash or Nagad mobile number, Rocket account number, Upay credentials, or Visa/Mastercard details. Note: goot11 does not store full card numbers; payment data is processed through our secure payment partners.
- Communications: Any messages, complaints, or enquiries you submit through our customer support channels, including email correspondence sent to [email protected].
- Responsible gaming declarations: Deposit limit preferences, self-exclusion requests, and any voluntary information you provide through our Responsible Gaming tools.
Information collected automatically:
- Device and technical data: IP address, device type (mobile, desktop, tablet), operating system, browser type and version, screen resolution, and language settings.
- Usage and behavioural data: Pages visited, games played, betting history, session duration, click patterns, search queries entered on the Platform, and features accessed.
- Location data: Approximate geographic location derived from your IP address (country and city level). We do not collect precise GPS coordinates.
- Cookies and tracking technologies: Session cookies, persistent cookies, analytics pixels, and similar technologies as described in Section 4 of this Policy.
Minimum Data Principle: goot11 collects only the personal data that is necessary and proportionate to the purposes described in this Policy. We do not collect sensitive personal data (such as racial or ethnic origin, religious beliefs, or medical records) unless you voluntarily disclose such information in a support communication.
2. How We Use Your Data
goot11 processes your personal data for clearly defined, lawful purposes. We do not use your data for any purpose that is incompatible with the original reason it was collected. The table below summarises the primary purposes for which we process personal data, together with the legal basis for that processing.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Creating and managing your account | Registration data, KYC documents | Contractual necessity |
| Processing deposits and withdrawals | Payment details, identity data | Contractual necessity |
| Identity verification and fraud prevention | KYC documents, IP address, device data | Legal obligation / Legitimate interest |
| Anti-money laundering (AML) compliance | Transaction history, identity data | Legal obligation |
| Customer support and complaint resolution | Communications, account data | Contractual necessity |
| Responsible gaming monitoring | Betting patterns, self-exclusion records | Legal obligation / Legitimate interest |
| Platform analytics and improvement | Usage data, cookies | Legitimate interest |
| Promotional communications (opt-in only) | Email, phone number, preferences | Consent |
| Personalised game and offer recommendations | Betting history, usage data | Consent / Legitimate interest |
Where we rely on your consent as the legal basis for processing — particularly for marketing communications and personalised recommendations — you have the right to withdraw that consent at any time by updating your notification preferences in your account settings or by contacting our support team. Withdrawal of consent will not affect the lawfulness of processing carried out prior to that withdrawal.
No Selling of Personal Data: goot11 does not sell, rent, or trade your personal data to third parties for their own marketing purposes. Any sharing of data with third parties is strictly limited to the circumstances described in Section 3 of this Policy.
3. Data Sharing & Disclosure
goot11 treats your personal data with strict confidentiality. We do not share your information with third parties except in the limited circumstances described below. All third parties with whom we share data are contractually required to handle that data in accordance with applicable data protection standards and to use it only for the specific purpose for which it was shared.
- Payment processors and mobile wallet operators: We share necessary transaction data with bKash, Nagad, Rocket, Upay, and card-processing partners (Visa, Mastercard networks) solely to process your deposits and withdrawals in Bangladeshi Taka.
- Identity verification providers: We engage specialist KYC service providers to assist with document verification and identity checks. These providers process your submitted documents under strict confidentiality agreements and do not retain your data beyond the period necessary to complete the verification.
- Game software providers: When you play games powered by third-party studios such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, or Ezugi, certain anonymised game session data (such as bet amounts and round outcomes) is transmitted to those providers for game integrity and statistical purposes. Your full personal profile is not shared with game providers.
- Analytics and platform technology partners: We use analytics tools to understand how the Platform is used and to improve user experience. These tools receive aggregated or pseudonymised usage data only.
- Legal and regulatory authorities: We may disclose personal data to law enforcement agencies, financial intelligence units, or other regulatory bodies where we are required to do so by law, court order, or applicable regulation — including anti-money laundering obligations. We will not notify you of such disclosures where we are legally prohibited from doing so.
- Business transfers: In the event of a merger, acquisition, or sale of all or substantially all of goot11's assets, your personal data may be transferred to the successor entity. You will be notified of any such transfer via your registered email address.
Cross-Border Transfers: Some of goot11's technology and service partners may process data outside Bangladesh. Where such transfers occur, goot11 ensures that appropriate contractual safeguards are in place to maintain the protection of your personal data to a standard equivalent to that described in this Policy.
4. Cookies & Tracking Technologies
goot11 uses cookies and similar tracking technologies to operate the Platform effectively, remember your preferences, analyse site performance, and where you have consented, to deliver relevant content. A cookie is a small text file placed on your device when you visit a website. It does not contain executable code and cannot harm your device.
We use the following categories of cookies on the goot11 Platform:
| Cookie Type | Purpose | Required? |
|---|---|---|
| Strictly Necessary | Session management, login authentication, security tokens, fraud prevention. Without these cookies the Platform cannot function. | Yes — always active |
| Functional | Remembering your language preference, display settings, game history, and in-session preferences for a personalised experience. | Optional |
| Analytics | Collecting anonymised data on which pages are visited most, how long users spend on the Platform, and which games are most popular. Used to improve the Platform. | Optional |
| Marketing | Tracking whether users arrive via a particular promotional campaign, for measuring campaign effectiveness. No cross-site behavioural advertising is conducted. | Optional — consent required |
You can manage your cookie preferences at any time by adjusting your browser settings to block or delete cookies. Please note that blocking strictly necessary cookies will prevent you from logging into your goot11 account and using core Platform features. Most modern browsers (Chrome, Firefox, Edge, Safari) provide straightforward controls for managing cookies in their privacy or security settings menus.
No Third-Party Advertising Cookies: goot11 does not place third-party advertising or retargeting cookies on your device. We do not participate in cross-site tracking networks or sell cookie-derived audience data to advertisers.
5. Data Retention
goot11 retains your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. The retention periods below reflect our standard practices; in individual cases, data may be retained for longer periods where required by a specific legal obligation or where retention is necessary to defend a legal claim.
- Active account data: Retained for the full duration that your goot11 account remains open and active, plus a minimum period of 5 years following account closure to satisfy our AML and record-keeping obligations.
- KYC and identity documents: Retained for a minimum of 5 years following account closure or the last transaction on the account, in compliance with financial crime prevention requirements.
- Transaction and betting records: Retained for a minimum of 5 years from the date of each transaction, as required for financial audit and regulatory compliance purposes.
- Customer support communications: Retained for 3 years from the date of the last interaction, to enable accurate complaint handling and dispute resolution.
- Marketing preferences and consent records: Retained for 3 years from the date of your last interaction with a marketing communication, or until you withdraw consent, whichever is earlier.
- Website analytics data: Aggregated and anonymised analytics data is retained indefinitely for statistical and platform improvement purposes; pseudonymised data is retained for up to 2 years.
- Self-exclusion records: Retained for a minimum of 7 years from the date of the self-exclusion request to ensure the integrity and enforceability of the exclusion.
When your personal data is no longer required, goot11 securely deletes or anonymises it in accordance with our internal data disposal procedures. Physical documents (if any) are shredded; digital records are permanently purged from active systems and backups within defined deletion windows.
Dormant Account Notice: If your goot11 account has been inactive (no login) for 12 consecutive months, we will send a notification to your registered email address. If no response or activity is recorded within a further 30 days, your account may be classified as dormant and subject to the dormancy provisions set out in our Terms & Conditions.
6. Your Privacy Rights
As a user of the goot11 Platform, you have a number of rights in relation to the personal data we hold about you. These rights are summarised below. To exercise any of these rights, please contact our Data Protection team using the details in Section 8. We will respond to verified requests within 30 days. No fee is charged for standard rights requests.
Please note that certain rights are subject to limitations. For example, the right to erasure does not apply where we are required to retain data to comply with a legal obligation (such as AML record-keeping), to defend a legal claim, or to fulfil our contractual obligations to you. We will always explain clearly if a limitation applies to your specific request.
Withdrawing Marketing Consent: You can opt out of promotional emails and SMS notifications at any time by clicking the unsubscribe link in any marketing email, by updating your communication preferences in your account settings, or by emailing [email protected] with the subject line "Unsubscribe". Opting out of marketing communications will not affect your ability to use the Platform or receive transactional messages about your account.
7. Data Security Measures
goot11 takes the security of your personal data seriously and has implemented a range of technical and organisational measures designed to protect your data against unauthorised access, accidental loss, destruction, alteration, or disclosure. Our security programme includes the following safeguards:
- SSL/TLS encryption: All data transmitted between your device and goot11's servers is encrypted using 256-bit SSL/TLS technology. You can verify the secure connection by the padlock icon in your browser's address bar when visiting goot11.com.
- Data encryption at rest: Sensitive personal data stored on our servers — including identity documents and payment details — is encrypted using industry-standard algorithms.
- Access controls: Access to personal data within goot11's internal systems is governed by role-based access controls. Staff members access only the data necessary for their specific job functions, and all access is logged and audited.
- Two-factor authentication: We strongly encourage all users to enable two-factor authentication (2FA) on their goot11 accounts for an additional layer of protection. 2FA is available free of charge from your account security settings.
- Penetration testing and vulnerability assessments: goot11 conducts regular security assessments of its platform infrastructure to identify and remediate vulnerabilities before they can be exploited.
- Staff training: All goot11 employees who handle personal data undergo regular data protection and information security training. Access to production systems is restricted to authorised personnel only.
- Incident response: In the event of a data security incident that affects your personal data, goot11 has a documented incident response procedure. Affected users will be notified in accordance with our obligations and within a reasonable timeframe.
Despite these measures, no online system can be guaranteed to be 100% secure. We encourage you to take your own precautions — such as using a strong, unique password and not sharing your login credentials with anyone — to help protect your account.
Fair Play Certified: goot11 is committed to fair and transparent gaming. All random number generators (RNGs) used in our slot and table game products are independently tested to ensure fair outcomes. Game integrity and player data security are core pillars of how we operate.
256-bit SSL Encryption
Every connection to goot11 is protected by industry-standard TLS encryption, keeping your data safe in transit at all times.
Two-Factor Authentication
Protect your account with a second verification step. Enable 2FA in your security settings for an extra layer of protection beyond your password.
Role-Based Access Controls
Internal access to user data is strictly limited to staff who need it for their specific role. All access events are logged and regularly audited.
Regular Security Audits
Our platform undergoes scheduled penetration testing and vulnerability assessments to identify and fix security gaps proactively.
Incident Response Plan
A documented response procedure ensures that in the unlikely event of a breach, affected users are notified promptly and remediation is swift.
Staff Data Training
Every team member handling personal data completes regular training on data protection best practices and information security protocols.
8. Contact & Data Controller
goot11 is the data controller responsible for the personal data collected and processed through the goot11 Platform as described in this Privacy Policy. If you have any questions, concerns, or requests relating to this Privacy Policy or the way we handle your personal data, please contact our Data Protection team using the details below.
Our support and data protection team is available seven days a week and will respond to all privacy-related enquiries within 30 days of receipt. For urgent security concerns — such as suspected unauthorised access to your account — please mark your message as urgent and we will prioritise your request.
Data Protection Contact:
Email: [email protected]
Subject line for privacy requests: "Privacy Request — [Your Username]"
Response time: Within 30 days of receipt of your verified request.
When submitting a rights request (such as a Subject Access Request or erasure request), please include your registered username and the email address associated with your goot11 account so that we can verify your identity before processing the request. We may ask for additional verification information if the nature of the request requires it, in order to protect your data from unauthorised access by third parties.
goot11 reserves the right to update this Privacy Policy from time to time to reflect changes in our data practices, legal obligations, or platform features. Material changes will be communicated to registered users via their registered email address at least 14 days before the changes take effect. The current version of this Privacy Policy is always available at goot11.com/privacy-policy and is identified by the effective date shown at the top of this document. Continued use of the goot11 Platform following a notified update constitutes your acceptance of the revised Policy.
Policy Updates: We encourage you to review this Privacy Policy periodically to stay informed about how goot11 protects your personal information. If you disagree with any changes to this Policy, you should discontinue use of the Platform and may request account closure by contacting our support team.
Your Privacy Is Our Priority
Have a question about how goot11 handles your data? Browse our FAQ, review our Terms, or explore the Platform with confidence knowing your information is protected.