burger icon
Nagad 88 United Kingdom Default
Sign Up

Privacy Policy

This Privacy Policy explains how Nagad 88, as operated via the website naged88.com (referred to as "we", "us", or "our"), collects, uses, stores, and protects personal data of players and website visitors. It applies to all users who access or use naged88.com, create an account, participate in gaming activities, or otherwise interact with our services. This Privacy Policy is effective from 1 January 2026 and is designed to comply with applicable UK data protection laws, including the UK General Data Protection Regulation ("UK GDPR") and the Data Protection Act 2018.

Who We Are

OBSERVE: The casino profile does not specify an operator company, legal address, or registration details.

EXPAND: To avoid misleading statements and remain transparent under UK GDPR, we must clearly state that such details are currently not specified and will be updated once available, while still providing a contact channel.

REFLECT: We therefore describe the role of Nagad 88 and how users can contact us about privacy matters.

Nagad 88 is the internal project identifier for the Nagad 88 brand operated via the official website https://naged88.com. At the time of this Privacy Policy's latest update, the following information applies:

  • Operator / Data Controller: The specific legal entity operating Nagad 88 and acting as data controller has not been formally published yet ("Operator"). When these details are confirmed, this Policy will be updated to include the full company name, registration number, and legal address.
  • Registered office / legal address: Not specified. Once available, the full postal address of the Operator will be added here.
  • Country of focus: United Kingdom (UK).

Data Protection Contact (DPO / privacy contact):

  • Email: [email protected] (designated privacy contact for all data protection queries).
  • Postal contact: Until a specific legal address is confirmed, please direct privacy-related correspondence via email. A physical contact address will be added to this Policy as soon as it is available.

The Operator is responsible for determining the purposes and means of processing your personal data when you use naged88.com.

What Personal Data We Collect

OBSERVE: Users expect clarity about what is collected: identification, technical, financial, behavioural, and tracking data.

EXPAND: Under UK GDPR, we must categorize data types and explain whether provision is mandatory or optional.

REFLECT: We provide a structured overview to help users understand each category.

Identification and Contact Data

  • Full name, date of birth, and gender (where applicable).
  • Residential address, country of residence, and postcode.
  • Email address and telephone number(s).
  • Username, account ID, and other identifiers linked to your Nagad 88 account on naged88.com.
  • Identity verification data (e.g., copies of ID documents, proof of address, selfies or live video verification, where required by KYC/AML procedures).

Technical and Usage Data

  • IP address, device identifiers, browser type and version, operating system, language settings, time zone, and device characteristics.
  • Log data such as access dates and times, pages viewed, referral URLs, clickstream data, session duration, and error logs.
  • Information collected via cookies and similar technologies (see "Cookies & Tracking Technologies" below).

Payment and Financial Data

  • Deposit and withdrawal details (amounts, currencies, payment method used).
  • Payment instrument information (e.g., masked card numbers, e-wallet identifiers, bank account details) as required to process payments via our payment partners.
  • Transaction history, including timestamps, transaction IDs, and associated account details.
  • Verification information used to meet anti-money laundering (AML) and counter-terrorist financing requirements.

Behavioural and Gaming Data

  • Betting and gaming history, including games played, stakes, outcomes, wins and losses.
  • Bonuses and promotions used, wagering progress, and promotion eligibility.
  • Interaction data such as clicks, navigation paths, in-game behaviour, and time spent on particular games or pages.
  • Responsible gambling indicators (e.g., self-exclusion status, deposit limits, reality checks, and similar tools you use).

Communications Data

  • Records of communications with us, including emails, in-site messages, live chat transcripts, and call logs if customer support calls are recorded.
  • Marketing preferences, consent records, and opt-out records.
  • Responses to surveys, feedback forms, or complaints submitted through naged88.com (where available).

Cookies and Similar Technologies

  • Session cookies and persistent cookies that identify your session, remember your preferences, and enhance site functionality.
  • Analytics cookies used to understand usage trends and performance of naged88.com.
  • Advertising or tracking cookies deployed (with your consent where required) by us or third-party partners to personalize offers and measure the effectiveness of campaigns.
  • Similar technologies such as web beacons, pixels, device fingerprinting, and SDKs (where applicable) to support security, analytics, or marketing.

Where we request personal data that is necessary to comply with legal obligations or to provide our services (e.g., identity details for KYC), failure to provide such information may mean we cannot open or maintain your account or process your transactions.

Legal Basis for Processing

OBSERVE: UK GDPR requires us to identify a lawful basis for each main processing activity.

EXPAND: For an online gambling service, common bases are contract, legal obligation, legitimate interests, and consent.

REFLECT: We link each basis to clear examples so users can see how their data is lawfully processed.

Performance of a Contract

We process your personal data where it is necessary to enter into and perform the contract between you and the Operator relating to your use of Nagad 88 on naged88.com. This includes:

  • Creating, operating, and managing your player account.
  • Providing access to games and related services.
  • Processing deposits, wagers, and withdrawals.
  • Providing customer support and handling routine service communications.

Compliance with Legal Obligations

We process personal data where necessary to comply with applicable law, including:

  • Know Your Customer (KYC) and customer due diligence checks.
  • Anti-money laundering (AML) and counter-terrorist financing obligations.
  • Age verification and responsible gambling requirements under UK law.
  • Record-keeping, audit, tax, and regulatory reporting duties.
  • Responding to lawful requests from competent authorities and regulators.

Legitimate Interests

We may process personal data on the basis of our legitimate interests, provided your interests and fundamental rights do not override those interests. Our legitimate interests include:

  • Ensuring the security and integrity of our website, systems, and accounts (e.g., detection and prevention of fraud, abuse, and cheating).
  • Improving and optimizing our services, user experience, and product offerings.
  • Conducting internal analytics and statistics (on an aggregated or pseudonymised basis where possible).
  • Defending, exercising, or establishing legal claims.
  • Operating an affiliation and marketing program, including limited profiling to present relevant content, subject to applicable consent requirements for cookies and direct marketing.

Consent

In certain cases, we rely on your explicit consent, which you may withdraw at any time without affecting the lawfulness of processing based on consent before its withdrawal. This includes:

  • Sending you electronic marketing communications (email, SMS, push notifications) where consent is required.
  • Using non-essential cookies or similar technologies for targeted advertising or advanced analytics on naged88.com.
  • Processing particular categories of data not strictly necessary for service provision, where we clearly ask for your consent.

Purpose of Processing

OBSERVE: Data is used for service delivery, legal compliance, improvement, marketing, and risk management.

EXPAND: Articulating purposes in detail helps meet transparency obligations and informs user choices.

REFLECT: We group purposes to avoid ambiguity and tie them back to legal bases where appropriate.

Service Provision and Account Management

  • Setting up and managing your account on naged88.com.
  • Providing access to games, tournaments, bonuses, and promotions.
  • Processing deposits, wagers, and withdrawals, and managing your balance.
  • Providing technical support and responding to your requests or inquiries.

Legal and Regulatory Compliance

  • Conducting identity verification, age checks, and ongoing monitoring as required by KYC/AML rules.
  • Monitoring gaming behaviour for responsible gambling and social responsibility purposes, including detecting signs of problematic gambling and applying protective measures.
  • Maintaining records necessary for audits, tax purposes, and potential investigations.

Security, Fraud Prevention, and Risk Management

  • Protecting our users, services, and infrastructure against fraud, money laundering, abuse, collusion, and other prohibited behaviour.
  • Ensuring network and information security, including preventing unauthorized access and cyber attacks.
  • Investigating suspicious activities and enforcing our terms and conditions.

Service Improvement and Analytics

  • Analysing how users interact with games and pages to improve functionality, user experience, and content relevance.
  • Developing new features, games, and promotional offerings based on aggregated or pseudonymised statistics.
  • Testing, troubleshooting, and optimizing technical performance.

Marketing, Personalisation, and Promotions

  • Sending you news, offers, bonuses, and tailored promotions about Nagad 88, subject to your marketing preferences and applicable consent requirements.
  • Performing segmentation and limited profiling (e.g., based on playing patterns, preferences, or geography) to present relevant content and offers.
  • Measuring the performance of campaigns and affiliate activities associated with naged88.com.

Disclosure & Sharing

OBSERVE: Personal data may be shared with a range of third parties to deliver services and comply with law.

EXPAND: UK GDPR requires detail about categories of recipients and safeguards.

REFLECT: We set out clear recipient categories and typical circumstances of disclosure.

Service Providers and Technical Partners

  • IT infrastructure, hosting, and cloud service providers that store or process data on our behalf.
  • Software providers supplying gaming platforms, security tools, analytics services, anti-fraud systems, and customer support solutions.
  • Communication providers enabling email, SMS, push notifications, or live chat.

Payment Partners and Financial Institutions

  • Banks, card schemes, payment processors, e-wallet providers, and other financial institutions used to process deposits, bets, and withdrawals.
  • Third parties engaged in payment verification, chargeback management, and fraud prevention related to financial transactions.

Regulators, Authorities, and Law Enforcement

  • Regulatory bodies and supervisory authorities competent over gambling, AML/CTF, data protection, or consumer protection, where applicable.
  • Tax authorities and other governmental bodies when required by law.
  • Courts, law enforcement agencies, legal advisors, and external consultants where needed to establish, exercise, or defend legal claims, or to investigate suspected unlawful activities.

Affiliates and Marketing Partners

  • Affiliates and marketing networks that refer players to naged88.com or promote Nagad 88, for the purposes of tracking referrals, calculating commissions, and assessing campaign performance.
  • Advertising networks and social media platforms (with your consent where required) to deliver targeted advertising and personalized content, and to measure their effectiveness.

Corporate Transactions

  • In the event of a reorganization, merger, acquisition, sale of assets, or similar transaction involving the Operator, your data may be shared with involved parties and their advisers, subject to appropriate confidentiality obligations.

Whenever we share personal data with third parties, we require them to use the data only for the specified purposes and in accordance with written data processing agreements and applicable data protection laws.

International Transfers

OBSERVE: Some providers may be located outside the UK, implying cross-border transfers.

EXPAND: UK GDPR requires appropriate safeguards for transfers to third countries.

REFLECT: We outline typical destinations and safeguards while acknowledging that exact locations may vary by provider.

Your personal data may be transferred to and processed in countries outside the United Kingdom, including but not limited to:

  • Countries within the European Economic Area (EEA).
  • Other jurisdictions where our group companies, hosting providers, payment processors, or technical partners are located (for example, data centres in the EEA, or service providers in other regions).

Where personal data is transferred outside the UK, we ensure that one of the following safeguards is in place:

  • A UK "adequacy regulation" is in force for the destination country, confirming that it provides an adequate level of data protection; or
  • We have implemented appropriate safeguards, such as the UK-approved International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, together with supplementary technical and organizational measures where necessary; or
  • Another lawful derogation under UK GDPR applies (for example, the transfer is necessary for the performance of a contract with you, or for the establishment, exercise, or defence of legal claims).

Upon request, we can provide further information about the specific safeguards used for international transfers, subject to redacting commercially sensitive details.

Data Retention

OBSERVE: Gambling operators must retain data for legal and regulatory periods, but not longer than necessary.

EXPAND: We must distinguish categories and state criteria for retention and deletion.

REFLECT: We specify standard retention periods, subject to local legal requirements and ongoing disputes.

General Principles

We keep your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements, resolving disputes, and enforcing our terms and conditions.

Indicative Retention Periods

  • Account and identification data: Typically retained for the duration of your active account and for up to 5 - 7 years after account closure, to comply with KYC, AML, tax, and regulatory obligations, and to defend potential legal claims.
  • Gaming and transaction history: Generally retained for the life of the account and at least 5 years after the end of the business relationship or the date of the last transaction, in line with AML and financial record-keeping requirements.
  • Communications and support records: Retained for up to 5 years from the date of the communication, or longer where necessary in the context of complaints, disputes, or regulatory inquiries.
  • Marketing data and preferences: Retained while you maintain an account and/or until you withdraw consent or object to processing for marketing purposes, after which we may retain limited records to honour your opt-out.
  • Technical logs and security data: Retained for a shorter period, typically between 6 months and 3 years, depending on the nature of the logs and associated security or legal needs.

Deletion and Anonymisation

  • When data is no longer needed for its original purposes and no legal obligation requires its retention, we will securely delete or anonymise it.
  • In some cases we may anonymise your data (so that it can no longer be linked to you) for statistical or analytical purposes, in which case we may use this information indefinitely without further notice to you.
  • Your right to erasure (see "Your Rights" below) may be limited where we are legally required to retain certain records.

Your Rights

OBSERVE: Users within the UK are entitled to the full set of UK GDPR rights.

EXPAND: Although the prompt refers to Mexican law, Nagad 88 is UK-focused; we therefore align our practices primarily with UK GDPR while noting that our approach is broadly compatible with strong international data protection standards.

REFLECT: We explain each right, how to exercise it, our timelines, and any limitations.

Summary of Your Rights

Subject to the conditions and exemptions set out in UK GDPR and the Data Protection Act 2018, you have the following rights regarding your personal data:

  • Right of access: To obtain confirmation as to whether we process your personal data and, if so, to receive a copy and certain information about the processing.
  • Right to rectification: To request that we correct inaccurate or incomplete personal data about you.
  • Right to erasure: To request deletion of your personal data in certain circumstances (e.g., where data is no longer necessary for the purposes for which it was collected, or you withdraw consent and there is no other legal ground for processing), subject to legal retention obligations.
  • Right to restriction of processing: To request that we restrict processing in certain circumstances, for example while we verify the accuracy of data or the grounds for processing.
  • Right to object: To object at any time, on grounds relating to your particular situation, to processing based on our legitimate interests, and to object at any time to processing for direct marketing.
  • Right to data portability: To receive certain personal data you have provided to us in a structured, commonly used, and machine-readable format, and to have that data transmitted to another controller where technically feasible.
  • Right to withdraw consent: Where processing is based on your consent, you may withdraw that consent at any time; this will not affect the lawfulness of processing before withdrawal.

How to Exercise Your Rights

  1. Submit your request: You can exercise your rights by contacting our privacy contact at [email protected] with:
    • Your full name and account ID (if applicable).
    • A clear description of the right you wish to exercise and the scope of your request.
    • Any information that may help us locate your data more quickly (e.g., approximate dates, type of interaction).
  2. Identity verification: To protect your data, we may need to verify your identity before acting on your request. This may involve asking you to log into your account or provide additional identification information.
  3. Response time: We aim to respond to all valid requests without undue delay and, in any event, within one month (30 days) of receipt. If your request is particularly complex or we receive numerous requests, we may extend this period by up to two further months, in which case we will inform you of the extension and reasons for the delay.
  4. Fees: We handle rights requests free of charge. However, where a request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act on the request, in which case we will justify our decision.
  5. Limitations: Certain rights may be subject to restrictions under applicable law, especially where processing is required to comply with our legal or regulatory obligations, or where disclosure would adversely affect the rights and freedoms of others.

Our data protection practices are designed to meet the standards of UK GDPR and are generally aligned with robust international privacy frameworks.

Cookies & Tracking Technologies

OBSERVE: Cookies are essential for functionality and also used for analytics and marketing.

EXPAND: UK rules (including PECR) require transparency and consent for non-essential cookies.

REFLECT: We classify cookie types, explain purposes, and describe user controls.

Types of Cookies We Use

  • Strictly necessary (session) cookies: These cookies are essential for the operation of naged88.com and enable basic functions such as page navigation, maintaining your logged-in session, and securing form submissions. The website cannot function properly without these cookies.
  • Functional (persistent) cookies: These remember your preferences (e.g., language, region, display settings) and improve your experience on subsequent visits.
  • Analytics cookies: These collect aggregated information about how visitors use naged88.com (e.g., pages visited, time spent, error messages). We use this data to improve performance and usability.
  • Advertising and tracking cookies (third-party): These may be set by us or our advertising partners to build a profile of your interests, show you relevant adverts on other sites, and measure the effectiveness of campaigns. They may track your browsing across different websites, subject to your consent where required.

Managing and Disabling Cookies

  • Cookie banner / settings: On your first visit, and periodically thereafter, we may display a cookie banner where you can accept or manage non-essential cookies. You can adjust your preferences at any time via the cookie settings panel (where available) on naged88.com.
  • Browser settings: Most web browsers allow you to refuse, accept, or delete cookies via their settings. Please refer to your browser's help section for instructions. Note that blocking certain cookies may affect the functionality and performance of the site.
  • Do Not Track: At present, industry standards for responding to "Do Not Track" signals are not uniform. We will review and adapt our practices as standards evolve.

Data Security

OBSERVE: Security is critical for gambling platforms handling financial and identity data.

EXPAND: UK GDPR requires appropriate technical and organisational measures, proportionate to risk.

REFLECT: We describe layered protections without overstating certifications that are not confirmed.

Technical Measures

  • Encryption in transit: Data transmitted between your browser and naged88.com is protected using industry-standard TLS (Transport Layer Security) 1.2 or higher, helping prevent interception or tampering.
  • Encryption at rest: Where feasible and appropriate, sensitive data (such as certain financial and authentication data) is encrypted or otherwise protected when stored on our systems.
  • Access controls: Access to personal data is restricted to authorized personnel and service providers who need it to perform their duties, based on role-based access controls and the principle of least privilege.
  • Authentication: We implement robust authentication mechanisms, and may offer or require multi-factor authentication (MFA) for certain operations, such as account access or sensitive changes.

Organisational Measures

  • Policies and training: Staff with access to personal data receive training on data protection, security, and confidentiality obligations, and must comply with internal policies and procedures.
  • Vendor due diligence: We conduct appropriate checks on key service providers handling personal data on our behalf and ensure that contractual safeguards are in place.
  • Security monitoring and testing: We implement logging, monitoring, and, where appropriate, periodic testing or vulnerability assessments to identify and address potential weaknesses.
  • Incident response: We maintain incident response procedures to detect, investigate, and mitigate suspected personal data breaches. Where required by law, we will notify the relevant supervisory authority and affected users without undue delay.

While we take reasonable steps to protect your personal data, no system can be guaranteed as completely secure. You are responsible for keeping your login credentials confidential and for using appropriate security measures on your own devices.

Complaints & Contacts

OBSERVE: Users need clear channels to raise concerns or complaints.

EXPAND: UK GDPR requires information about the right to lodge a complaint with a supervisory authority.

REFLECT: We provide an internal escalation path and details of the primary UK authority.

Contacting Us

Until a specific postal address is confirmed for the Operator, please contact us primarily via email regarding privacy or data protection matters.

Internal Complaint Procedure

  1. Submit your complaint: Send a detailed description of your concern to [email protected], including:
    • Your name and account ID (if applicable).
    • The nature of your complaint, relevant dates, and any supporting documents.
  2. Acknowledgment: We will acknowledge receipt of your complaint as soon as reasonably possible, usually within 5 working days.
  3. Investigation: We will review your complaint, consult relevant internal teams, and gather additional information where necessary.
  4. Response: We aim to provide a substantive response within 30 days of receiving your complaint. If we require more time due to complexity, we will inform you of the delay and provide an updated timeline.
  5. Further steps: If you are not satisfied with our response, you may escalate the matter to the relevant supervisory authority.

Supervisory Authority

If you are located in the United Kingdom or the processing of your data is otherwise subject to UK law, you have the right to lodge a complaint with the UK supervisory authority:

  • Information Commissioner's Office (ICO)
  • Website: https://www.ico.org.uk
  • Telephone (UK): 0303 123 1113
  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom

You may also contact your local data protection authority if you reside outside the UK and believe that your rights have been infringed.

Updates

OBSERVE: Policies evolve as services and laws change.

EXPAND: Transparency requires informing users of changes and, for material changes, providing appropriate notice.

REFLECT: We implement version control, communication channels, and user options.

Changes to This Privacy Policy

We may update or modify this Privacy Policy from time to time, for example to reflect changes in our services, legal requirements, or data processing practices.

  • Notification methods: For non-material updates, we will post the revised Privacy Policy on naged88.com with an updated "Last updated" date. For material changes (e.g., new purposes of processing, significant changes in data recipients or user rights), we will provide more prominent notice, which may include:
    • Email notifications to registered users (where contact details are available and permitted).
    • Website banners or pop-up notices.
    • Notifications via your account dashboard, where available.
  • Advance notice: Where reasonably practicable and where changes are material, we will provide at least 30 days' advance notice before the new terms take effect.
  • User options: If you do not agree with the updated Privacy Policy, you may choose to stop using our services and, if you hold an account with Nagad 88 on naged88.com, you may request account closure in accordance with our general terms and conditions.

Last updated: January 2026

Any previous versions of this Privacy Policy may be made available upon request, indicating the period during which each version was in force, and summarising any material changes.