Data Protection & Privacy — Your Information, Handled With Care
hi7 Privacy Policy
hi7 is committed to protecting the privacy and personal data of every player who uses our platform. This Privacy Policy explains exactly what information we collect, why we collect it, how it is used, who it may be shared with, and what rights you hold over your own data. We encourage you to read this document in full before registering a hi7 account.
Privacy at a Glance
How hi7 Protects Your Data
The cards below summarise hi7's core privacy commitments. They are provided for convenience only and do not replace the full legal text in the sections that follow. In the event of any conflict between a summary card and the full policy text, the full text prevails.
No Data Sold
hi7 does not sell, rent, or auction your personal data to any third party for marketing or commercial purposes. Your data is used solely to deliver and improve hi7 services.
SSL Encryption
All data transmitted between your device and hi7 servers is protected by industry-standard SSL/TLS encryption. Payment transactions via bKash, Nagad, and Rocket are processed over fully encrypted channels.
You Control Your Data
Registered hi7 players have the right to access, correct, and request deletion of their personal data. Submit a data request at any time by emailing [email protected] from your registered address.
Minimal Data Collection
hi7 collects only the personal data that is strictly necessary to operate the platform, comply with KYC/AML obligations, and deliver a personalised player experience. We do not collect data we do not need.
Defined Retention Periods
Personal data is retained only for as long as necessary to fulf il its purpose or to meet legal obligations. Transaction records are retained for a minimum of 5 years in accordance with anti-money laundering regulations. After the applicable retention period, data is securely deleted.
Bangladesh-Aware Processing
hi7 operates with full awareness of the data protection expectations of Bangladeshi players. All support interactions are conducted in English, and data requests are handled within Bangladesh Standard Time (BST, UTC+6) business cycles.
Section 1
Data We Collect
1.1 Registration and Identity Data
When you create a hi7 account, we collect your full legal name, date of birth, residential address (including city, district, and postcode), email address, and mobile phone number. This data is mandatory — without it, we cannot create or verify your account. We collect date of birth specifically to confirm that you meet the minimum age requirement of 18 years before any real-money service is activated on your account.
1.2 Know Your Customer (KYC) and Verification Data
As part of our KYC obligations, hi7 may collect copies of government-issued identity documents, including your Bangladesh National Identity Card (NID), passport, driving licence, or birth certificate. We may also collect proof of address documents such as utility bills or bank statements, and proof of payment method ownership. These documents contain biographic data, photograph, and document reference numbers. KYC data is collected only when required by our compliance programme and is handled with the highest level of data security.
1.3 Financial and Transaction Data
hi7 collects records of all financial transactions associated with your account. This includes deposit amounts and timestamps, withdrawal requests and processing status, payment method identifiers (such as the registered mobile number on your bKash or Nagad account, or the last four digits of your Visa or Mastercard), and transaction reference numbers issued by the payment provider. hi7 does not store full card numbers or mobile banking PINs — these are handled exclusively by the respective payment processors under their own privacy and security frameworks.
1.4 Gameplay and Betting Activity Data
We collect records of your gameplay activity on hi7, including the games you play (slots, live casino tables, sports betting markets), bet amounts placed, game outcomes, session durations, and bonus utilisation history. This data is used for account management, responsible gaming monitoring, dispute resolution, and fraud detection. It is also used in aggregate, anonymised form to improve game offerings and platform performance.
1.5 Device and Technical Data
When you access hi7 through a browser or mobile device, we automatically collect certain technical data including your IP address, browser type and version, operating system, device type (mobile or desktop), screen resolution, and the referring URL (the page you visited before arriving at hi7). This data is collected to ensure platform compatibility, detect and prevent fraudulent access, and comply with geographic access controls.
1.6 Communications Data
If you contact hi7 support via email or live chat, we retain a record of the communication, including the content of your message, the date and time of contact, and any attachments or screenshots you provide. This data is used to handle your query, improve support quality, and maintain an audit trail of interactions for dispute resolution purposes.
1.7 Voluntary Profile Data
If you choose to add optional profile information — such as a display name or preferred language — this data is also collected and stored as part of your account record. Voluntary profile data is not mandatory and does not affect your ability to access hi7 services.
Data Categories Summary
| Category | Mandatory? |
|---|---|
| Registration & Identity | Yes |
| KYC Documents | When triggered |
| Financial & Transaction | Yes |
| Gameplay & Betting | Yes |
| Device & Technical | Automatic |
| Communications | If you contact us |
| Voluntary Profile | Optional |
Section 2
How We Use Your Data
hi7 uses the personal data collected from you for the following specific and lawful purposes. We do not use your data for any purpose not listed below without first obtaining your explicit consent or updating this Privacy Policy.
Account Creation and Management
Your registration data is used to create, maintain, and authenticate your hi7 account. This includes processing your login credentials, enforcing the one-account-per-player rule, managing account settings and preferences, and communicating with you about your account status, security alerts, and platform updates.
Age Verification and KYC Compliance
hi7 is legally and ethically obligated to verify that all players are at least 18 years of age before granting access to real-money services. Your date of birth and any identity documents you submit are used exclusively for this purpose and for ongoing compliance with our Know Your Customer (KYC) obligations under applicable anti-money laundering frameworks.
Payment Processing
Financial data is used to process your deposits and withdrawals via bKash, Nagad, Rocket, Upay, Visa, and Mastercard; to match incoming payments to your hi7 account; to process withdrawal requests to your nominated payment method; and to investigate any delayed, failed, or disputed transactions.
Responsible Gaming and Player Protection
hi7 uses gameplay and transaction data to monitor for signs of problem gambling behaviour, including rapid successive deposits, unusually large bet sizes relative to historical patterns, and requests to self-exclude. Where such indicators are detected, hi7 may proactively reach out to the player or apply protective account restrictions in accordance with our Responsible Gaming Policy. This use of data is in the player's best interest and forms part of hi7's commitment to player welfare.
Fraud Detection and Platform Security
Device data, IP addresses, and behavioural patterns are analysed to detect and prevent fraudulent activity, multi-accounting, bonus abuse, money laundering, and unauthorised account access. This processing is essential to protect the integrity of the hi7 platform and the security of all player accounts.
Customer Support
Communications data is used to resolve your support queries, investigate complaints, and maintain a record of interactions for quality assurance and dispute resolution.
Marketing and Promotional Communications
With your explicit consent — provided at registration or at a later stage via your account preferences — hi7 may use your email address and, where applicable, mobile number to send you information about new games, bonus offers, seasonal promotions (such as BPL or Eid specials), and platform news. You may withdraw this consent at any time by updating your communication preferences in your account settings or by emailing [email protected]. Withdrawal of marketing consent does not affect your ability to use hi7 services.
Platform Improvement and Analytics
Anonymised and aggregated data derived from gameplay activity, navigation patterns, and device usage is used to improve hi7's platform performance, optimise the game lobby, and inform product development decisions. This data cannot be traced back to any individual player.
Marketing Opt-Out
You can opt out of all hi7 marketing communications at any time. Update your preferences in your account settings, or email [email protected] with the subject line "Unsubscribe" from your registered email address. Opt-out requests are processed within 5 business days (BST).
Section 3
Legal Basis for Processing
hi7 processes your personal data only where a lawful basis exists for doing so. The following lawful bases apply to hi7's data processing activities:
Contractual Necessity
The majority of hi7's data processing is necessary for the performance of the contract between hi7 and the player — specifically, the Terms & Conditions accepted at registration. Without processing your registration data, financial data, and gameplay data, hi7 cannot provide the services you have requested. This basis covers account creation, payment processing, withdrawal handling, and account management.
Legal Obligation
Certain processing activities are required by law. These include age verification (to comply with underage gambling prohibitions), KYC and identity verification (to comply with anti-money laundering obligations), and the retention of transaction records for a minimum period specified by applicable financial regulation. hi7 cannot waive these legal obligations and will process the relevant data regardless of any opt-out request made by the player.
Legitimate Interests
hi7 processes some data on the basis of legitimate interests, where those interests are not overridden by the player's own privacy rights. This includes fraud detection and platform security (where hi7 has a legitimate interest in protecting the platform and all players), responsible gaming monitoring (where hi7 has a legitimate interest and ethical obligation to identify and support at-risk players), and anonymised analytics used to improve platform performance.
Consent
Where hi7 relies on consent as a legal basis — specifically for marketing and promotional communications — that consent is obtained explicitly at the point of registration or via a clear opt-in mechanism in account settings. Consent is freely given, specific, informed, and unambiguous. Players may withdraw consent at any time without consequence to their account status. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
Processing Basis Summary
| Processing Activity | Legal Basis |
|---|---|
| Account creation | Contract |
| Age verification | Legal obligation |
| KYC / AML checks | Legal obligation |
| Payment processing | Contract |
| Fraud detection | Legitimate interests |
| Responsible gaming | Legitimate interests |
| Marketing emails | Consent |
| Platform analytics | Legitimate interests |
Section 4
Data Sharing & Disclosure
hi7 does not sell, rent, or trade your personal data. We share personal data with third parties only in the limited circumstances described below, and only to the extent strictly necessary for the stated purpose.
Payment Processing Partners
To process your deposits and withdrawals, hi7 shares the minimum necessary payment information with our approved payment processors: bKash, Nagad, Rocket, Upay, Visa network processors, and Mastercard network processors. Each of these partners operates under its own privacy policy and data security framework. hi7 shares only transaction-specific data (amount, currency, account identifier) required to initiate or confirm a payment. No gameplay data, identity documents, or communications history is shared with payment partners.
Identity Verification and KYC Providers
hi7 may use third-party identity verification services to validate the authenticity of KYC documents submitted by players. These providers receive only the documents and data fields necessary to perform the verification check and are contractually prohibited from using that data for any other purpose.
Game Technology Providers
hi7's game content is supplied by third-party game studios including Pragmatic Play, NetEnt, Microgaming, Evolution Gaming, Ezugi, and Spribe. These providers may receive session tokens and anonymised gameplay identifiers to manage game state, calculate RTP, and prevent cheating. They do not receive your full name, financial details, or contact information. All game provider integrations are governed by data processing agreements that restrict the use of any shared data to game delivery purposes only.
Regulatory and Law Enforcement Disclosure
hi7 is obligated to disclose personal data to competent authorities — including financial intelligence units, law enforcement agencies, and courts — where required by a valid legal order, warrant, or applicable regulatory obligation. Such disclosures are made only to the extent required by the specific legal demand. Where permitted by law, hi7 will notify the affected player of any such disclosure.
Business Transfers
In the event of a merger, acquisition, sale of assets, or other corporate restructuring that affects the hi7 platform, personal data held by hi7 may be transferred to the acquiring or successor entity as part of that transaction. Any such transfer will be subject to the same data protection commitments outlined in this Privacy Policy. Affected players will be notified of any material change in data controllership resulting from a business transfer.
What We Never Do
- We do not sell your personal data to advertisers or data brokers.
- We do not share your contact details with unaffiliated marketing companies.
- We do not share your KYC documents with any party other than our contracted identity verification provider.
- We do not transfer your data to jurisdictions that lack adequate data protection standards without implementing appropriate safeguards.
Third-Party Categories
- Payment processors (transaction data only)
- KYC verification providers (identity documents)
- Game studios (anonymised session tokens)
- Legal/regulatory authorities (when legally required)
- Corporate successors (if platform is acquired)
Section 6
Data Retention
hi7 retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or to comply with applicable legal, regulatory, or contractual obligations. The following retention periods apply:
- Account registration data: Retained for the lifetime of the account plus a minimum of 5 years after account closure, to comply with anti-money laundering record-keeping requirements.
- KYC and identity documents: Retained for a minimum of 5 years from the date of submission, or from the date of account closure if later, in accordance with AML regulations.
- Financial and transaction records: Retained for a minimum of 5 years from the date of each transaction. This period may be extended where a transaction is subject to a dispute, investigation, or legal proceeding.
- Gameplay and betting records: Retained for a minimum of 3 years from the date of each session, for dispute resolution, responsible gaming monitoring, and regulatory compliance purposes.
- Customer support communications: Retained for 3 years from the date of the last communication, for audit and dispute resolution purposes.
- Marketing consent records: Retained for the duration of the account plus 2 years after the most recent consent update, to demonstrate compliance with consent obligations.
- Device and technical data (logs): Retained for a maximum of 12 months from collection, after which they are automatically deleted from active systems.
When personal data reaches the end of its applicable retention period and there is no overriding legal reason to retain it further, hi7 securely deletes or irreversibly anonymises that data. "Secure deletion" means that the data is overwritten or destroyed in a manner that prevents recovery. "Irreversible anonymisation" means that the data is processed to remove all identifying elements, after which the resulting anonymised data set no longer constitutes personal data and may be retained indefinitely for statistical purposes.
Retention Periods Summary
| Data Type | Retention |
|---|---|
| Registration data | 5 years post-closure |
| KYC documents | 5 years minimum |
| Transactions | 5 years minimum |
| Gameplay records | 3 years |
| Support comms | 3 years |
| Device / logs | 12 months |
| Marketing consent | Account + 2 years |
Section 7
Your Data Rights
As a hi7 player, you hold specific rights over your personal data. These rights are described below. To exercise any of these rights, submit a written request to [email protected] from the email address registered to your hi7 account. hi7 will respond to all data rights requests within 30 calendar days of receipt. Where a request is complex or involves a large volume of data, we may extend the response period by a further 30 days, with notification to the requester.
Email [email protected] from your registered email address. Use the subject line "Data Rights Request" and specify which right you wish to exercise. hi7 will acknowledge your request within 3 business days (BST) and complete it within 30 calendar days.
Response Timeframes
Section 8
Data Security
hi7 implements a layered set of technical and organisational security measures designed to protect your personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. The following measures are in place across the hi7 platform:
Transport Layer Security
All data transmitted between your browser or mobile device and hi7 servers is encrypted using TLS 1.2 or higher. This ensures that your login credentials, payment information, and personal data cannot be intercepted in transit by third parties. The hi7 website enforces HTTPS on all pages and redirects all unencrypted HTTP requests.
Data Storage Security
Personal data stored on hi7 servers is protected by access controls that limit visibility to authorised personnel only, on a strict need-to-know basis. Sensitive data fields — including passwords, KYC document files, and financial identifiers — are stored in encrypted form using industry-standard encryption algorithms. Passwords are hashed and salted and are never stored in plain text.
Access Control and Authentication
Internal access to hi7 systems containing player data is restricted by role-based access controls. Staff members are granted only the minimum level of access required to perform their job function. All internal access is logged and subject to periodic review. hi7 strongly recommends that players enable two-factor authentication (2FA) on their hi7 account to provide an additional layer of protection against unauthorised login.
Security Monitoring and Incident Response
hi7 operates continuous security monitoring to detect anomalous access patterns, potential data breaches, and other security incidents. In the event of a confirmed data breach that is likely to result in a risk to the rights and freedoms of affected players, hi7 will notify those players without undue delay, and in accordance with applicable notification requirements. Notifications will be sent to the registered email address on the affected account and will describe the nature of the breach, the data involved, and the steps hi7 is taking in response.
Player Responsibilities
While hi7 takes extensive measures to secure the platform, players also have a responsibility to protect their own account security. You should:
- Use a strong, unique password for your hi7 account that is not reused on other websites or apps.
- Never share your hi7 username, password, or 2FA codes with any other person.
- Log out of your hi7 account when using a shared or public device.
- Contact [email protected] immediately if you suspect that your account has been accessed without your authorisation.
- Keep the email address and mobile number registered to your hi7 account up to date, so that security alerts reach you promptly.
hi7 will never ask you for your password, PIN, or 2FA code via email, live chat, or any other channel. Any communication claiming to be from hi7 that requests this information should be treated as fraudulent and reported to [email protected] immediately.
Security Measures Summary
- TLS 1.2+ encryption in transit
- Encrypted storage for sensitive fields
- Hashed and salted password storage
- Role-based internal access controls
- Continuous security monitoring
- Breach notification procedures
- 2FA available for all player accounts
Section 9
Contact & Complaints
If you have any questions, concerns, or requests relating to this Privacy Policy or to hi7's handling of your personal data, please contact our support team using the details below.
Data Enquiries
For all data-related enquiries — including data access requests, rectification requests, erasure requests, objections to processing, and complaints about how your data has been handled — please email [email protected] from the email address registered to your hi7 account. Include "Privacy Enquiry" or "Data Rights Request" in the subject line so that your message is routed to the appropriate team member without delay.
General Support Contact
For general account support, payment queries, or platform assistance, the hi7 support team is available 24 hours a day, 7 days a week, via email at [email protected]. Support is delivered in English. Response times are typically within 24 hours Bangladesh Standard Time (BST, UTC+6), and within 48 hours during peak periods such as BPL season, Eid, or major T20 tournaments.
Complaints Process
If you believe that hi7 has not handled your personal data in accordance with this Privacy Policy or applicable data protection law, you have the right to lodge a formal complaint. The hi7 complaints process is as follows:
- Submit your complaint in writing to [email protected] with the subject line "Privacy Complaint". Describe the nature of your concern in as much detail as possible.
- hi7 will acknowledge your complaint within 5 business days (BST) and assign a reference number.
- hi7 will investigate the complaint and provide a substantive written response within 30 calendar days of receipt.
- If you are not satisfied with hi7's response, you may escalate your complaint to any competent data protection authority or supervisory body in your jurisdiction.
Policy Updates
hi7 reserves the right to update this Privacy Policy at any time. The date shown in the "Last Updated" field below reflects the most recent revision. Material changes to this policy — such as changes to data sharing practices or the introduction of new processing activities — will be communicated to registered players via email to the address on record. Continued use of hi7 following the publication of a revised Privacy Policy constitutes acceptance of the updated policy.
Last updated: 1 January 2026. This Privacy Policy applies to all hi7 accounts registered on or after this date, and to all existing accounts with effect from the date of publication.
Contact Details
For all privacy and data protection enquiries:
Available 24/7
Bangladesh Standard Time (BST, UTC+6)
Related Policies
Explore hi7
Continue Exploring hi7
Now that you have reviewed hi7's Privacy Policy, explore everything our platform has to offer — from live cricket betting on BPL and IPL markets, to 500+ certified slots from Pragmatic Play and NetEnt, to HD live casino tables streamed directly to your device. Deposits are instant via bKash, Nagad, and Rocket.
Ready to Play on hi7?
Join thousands of Bangladeshi players on hi7. Deposit instantly via bKash or Nagad. Fast withdrawals, certified fair games, SSL-secured data, and 24/7 English support. 18+ only — please gamble responsibly.