Privacy Policy — How mccw Collects, Uses, and Protects Your Data
Your privacy matters to mccw. This Privacy Policy explains what personal information we collect when you use our platform, how we use and store it, who we may share it with, and the rights you hold over your own data. We handle all personal information with care, transparency, and strict security controls.
Privacy Principles We Live By
mccw processes your personal data in accordance with six core privacy principles that guide every decision we make about data collection, storage, and use.
Minimum Data Collection
We only collect personal data that is strictly necessary to provide you with a safe, verified, and functional gaming experience. We do not collect data for its own sake or beyond what is required for a clear, stated purpose.
Transparent Use
We clearly explain every category of data we collect and every purpose for which it is used. There are no hidden data practices at mccw. This Privacy Policy is written in plain English so you understand exactly what happens with your information.
Strong Security Controls
All personal data held by mccw is protected using 256-bit SSL encryption in transit and AES-256 encryption at rest. Access to personal data is restricted on a strict need-to-know basis among mccw staff.
Lawful Processing
Every processing activity carried out by mccw rests on a valid legal basis — whether that is the performance of your contract with us, compliance with a legal obligation, our legitimate business interests, or your explicit consent.
Your Rights, Respected
You have the right to access, correct, and request deletion of your personal data held by mccw. You also have the right to object to certain processing activities and to lodge a complaint with a supervisory authority.
Limited Retention
We retain your personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable law. When data is no longer needed, it is securely deleted or anonymised.
1 Information We Collect
Registration and Identity Data
When you create a mccw account, we collect the following personal details which you provide directly:
- Full legal name (as it appears on your government-issued identification document)
- Date of birth (for age verification purposes)
- Residential address in Bangladesh
- Mobile phone number registered to your bKash, Nagad, Rocket, or Upay account
- Email address
- Username and hashed password (passwords are never stored in plain text)
KYC and Identity Verification Documents
As part of our Know Your Customer (KYC) process — which is required before your first withdrawal can be processed — we collect copies of the following documents:
- Bangladesh National Identity Card (NID) or valid passport
- Proof of residential address (utility bill, bank statement, or official correspondence)
- Proof of payment method ownership (screenshot of your registered mobile banking account displaying your name and number)
Financial and Transaction Data
We collect records of all financial transactions conducted through your mccw account, including deposit amounts, withdrawal requests, wagering activity, bonus credits and redemptions, and associated payment method identifiers (such as your registered mobile number for bKash or Nagad). We do not store full debit or credit card numbers.
Device and Technical Data
When you access mccw, our servers and analytics systems may automatically collect certain technical data, including your IP address, browser type and version, operating system, device type, referring URL, pages viewed, session duration, and approximate geographic location derived from your IP address. This data is collected for security monitoring, fraud prevention, and platform optimisation purposes.
Communications Data
If you contact mccw's customer support team via email or live chat, we retain records of those communications, including the content of your messages, the date and time of contact, and any attachments you provide. This data is retained to track complaint resolution and to improve our support quality.
Responsible Gaming Data
If you use mccw's responsible gaming tools — such as deposit limits, session time alerts, cooling-off periods, or self-exclusion requests — we collect and retain data about these preferences and the dates on which they were applied. This data is handled with particular sensitivity and is never used for marketing purposes.
2 How We Use Your Data
mccw uses the personal data we collect for the following clearly defined purposes. We do not use your data for any purpose that is incompatible with the reason for which it was originally collected.
| Purpose of Use | Data Categories Involved |
|---|---|
| Creating and managing your mccw account | Registration data, identity data |
| Processing deposits, withdrawals, and game wagers | Financial data, transaction data, payment method identifiers |
| Verifying your identity and age (KYC compliance) | Identity documents, date of birth, address proof |
| Detecting and preventing fraud, money laundering, and abuse | Device data, IP address, transaction data, session data |
| Providing customer support and resolving disputes | Communications data, account data, transaction data |
| Sending transactional notifications (deposit confirmations, withdrawal updates) | Email address, mobile number, transaction data |
| Sending promotional offers and bonus communications (with your consent) | Email address, mobile number, gaming preferences |
| Applying and monitoring responsible gaming limits | Responsible gaming data, session data, wagering history |
| Improving platform performance and user experience | Device data, usage data, session analytics |
| Complying with legal and regulatory obligations | All categories as required by applicable law |
Marketing Communications
If you have provided your consent, mccw may send you promotional emails or SMS messages about bonuses, seasonal offers (such as Eid promotions or BPL cricket specials), and new game launches. You may withdraw your consent and unsubscribe from marketing communications at any time by contacting [email protected] or updating your communication preferences in your account settings. Withdrawal of consent for marketing does not affect the lawfulness of processing carried out before the withdrawal.
3 Legal Basis for Processing
Every processing activity carried out by mccw rests on one of the following recognised legal bases. We identify the applicable basis for each major processing activity below:
- Performance of a Contract: Processing your registration details, managing your account, executing deposits and withdrawals, and delivering the games and services you have requested are all necessary to fulfil the contract between you and mccw.
- Legal Obligation: Age verification (KYC), anti-money laundering checks, fraud screening, and the retention of transaction records are required by applicable law and regulations. mccw has no discretion to avoid these processing activities.
- Legitimate Interests: mccw has a legitimate interest in detecting fraud, preventing abuse of the platform, improving service quality through analytics, and maintaining the security of the platform and its players. We only rely on legitimate interests where we have balanced them against your rights and determined they do not override those rights.
- Consent: Where we send marketing communications via email or SMS, we rely on your freely given, specific, and informed consent. You may withdraw this consent at any time without penalty.
4 Data Sharing and Third Parties
mccw may share your personal data with the following categories of recipients in the circumstances described:
Payment Service Providers
To process your deposits and withdrawals, mccw shares the minimum necessary data with your chosen payment service provider — such as bKash, Nagad, Rocket, Upay, BRAC Bank, City Bank, Dutch-Bangla Bank, Islami Bank, or Sonali Bank. The data shared is limited to transaction amounts, timestamps, and your registered mobile number or account identifier. Each payment provider operates under its own privacy policy and applicable financial services regulations.
Game Software Providers
Live casino and RNG game content on mccw is powered by regulated third-party studios including Evolution Gaming, Pragmatic Play, Ezugi, NetEnt, Microgaming, and Spribe. These providers may receive technical session identifiers and anonymised gameplay data necessary to deliver and maintain game functionality. They do not receive your full personal identity details.
Identity Verification Services
To perform KYC checks, mccw may work with trusted third-party identity verification service providers. These providers process your identity documents solely for the purpose of verifying your identity and age on mccw's behalf, and are contractually bound to maintain the confidentiality of your data.
Legal and Regulatory Authorities
mccw may be required by applicable law, court order, or regulatory instruction to disclose personal data to law enforcement agencies, financial intelligence units, or other competent authorities. In such cases, mccw will disclose only the data that is specifically requested and will, where permitted by law, notify the relevant player of the disclosure.
Professional Advisers
mccw's legal counsel, auditors, and compliance consultants may have access to personal data where strictly necessary for the provision of their professional services. All such advisers are subject to confidentiality obligations.
5 Cookies and Tracking Technologies
mccw uses cookies and similar tracking technologies on its website to ensure core functionality, maintain your session, analyse usage patterns, and improve the overall platform experience. By continuing to use the mccw platform, you acknowledge our use of cookies as described in this section.
Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Maintain your login session, remember your language settings, enable core platform functionality, and prevent cross-site request forgery (CSRF). These cannot be disabled without breaking site functionality. | Session / up to 24 hours |
| Analytics | Collect anonymised data about pages visited, session durations, error rates, and navigation paths to help us identify and fix issues and improve the user experience. | Up to 12 months |
| Functional | Remember your preferences such as last-used payment method, game category filters, and notification settings so you do not have to re-enter them on each visit. | Up to 6 months |
| Security | Detect unusual login behaviour, flag potential account takeover attempts, and support our fraud prevention systems. | Session / up to 30 days |
Managing Cookies
You may control and manage cookies through your browser settings. Most modern browsers allow you to view, delete, and block cookies from specific websites. Please note that disabling strictly necessary cookies will impair your ability to log in and use the mccw platform. Disabling analytics or functional cookies will not affect your ability to play games or make transactions but may result in a less personalised experience.
mccw does not use third-party advertising cookies or cross-site tracking cookies that share your data with advertising networks.
6 Data Retention
mccw retains personal data for the minimum period necessary to fulfil the purpose for which it was collected, taking into account our legal obligations and any applicable limitation periods for legal claims. The following retention schedule applies:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account registration data | Duration of account + 5 years after closure | Legal obligation, dispute resolution |
| KYC identity documents | Duration of account + 5 years after closure | Anti-money laundering regulations |
| Financial transaction records | 7 years from transaction date | Financial record-keeping obligations |
| Customer support communications | 3 years from date of communication | Dispute resolution, quality assurance |
| Session and device logs | 12 months from collection date | Security monitoring, fraud detection |
| Responsible gaming records | Duration of account + 5 years after closure | Regulatory compliance, player protection |
| Marketing consent records | Until consent is withdrawn + 2 years | Proof of consent for compliance purposes |
Upon expiry of the applicable retention period, personal data is securely deleted from mccw's systems or irreversibly anonymised so that it can no longer be associated with any identifiable individual. Data that has been anonymised may be retained for statistical analysis purposes without any retention limit.
7 Your Privacy Rights
Right of Access
You have the right to request a copy of the personal data mccw holds about you. Upon a verified request, we will provide you with a summary of your data categories, the purposes for which they are processed, any third parties with whom your data has been shared, and the applicable retention periods. We will respond to access requests within 30 calendar days.
Right to Rectification
If any personal data held by mccw is inaccurate or incomplete, you have the right to request that it be corrected. You may update certain details (such as your email address and contact number) directly from your account settings panel. For corrections to identity documents or other formally held data, please contact [email protected].
Right to Erasure
You may request that mccw delete your personal data where it is no longer necessary for the purpose for which it was collected, where you have withdrawn your consent (and there is no other legal basis for processing), or where you believe the data has been processed unlawfully. Please note that this right is not absolute — mccw may be required to retain certain data to comply with legal obligations (such as financial record-keeping regulations) even after receiving an erasure request.
Right to Restrict Processing
You may request that mccw restrict the processing of your data in certain circumstances — for example, while you contest the accuracy of data we hold, or while mccw is assessing an objection you have raised. During a restriction period, mccw will store your data but will not actively process it beyond what is strictly necessary.
Right to Object
You have the right to object to mccw processing your personal data where the legal basis for that processing is our legitimate interests. If you object, mccw will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, or the processing is necessary for the establishment, exercise, or defence of legal claims. You may also object to the use of your data for direct marketing at any time without providing a reason — we will honour such objections immediately.
Right to Data Portability
Where processing is based on your consent or the performance of a contract, and is carried out by automated means, you may request that mccw provide you with your personal data in a structured, commonly used, machine-readable format (such as CSV or JSON) so that you may transfer it to another service provider.
Exercising Your Rights
To exercise any of the above rights, submit a written request to [email protected] from the email address registered to your mccw account. We may ask you to verify your identity before processing the request in order to protect your data from unauthorised access. We will acknowledge your request within 5 business days and aim to resolve all rights requests within 30 calendar days.
8 Data Security Measures
mccw employs a comprehensive set of technical and organisational security measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction. Our key security controls include:
- 256-bit SSL/TLS Encryption in Transit: All data transmitted between your browser and the mccw platform is encrypted using industry-standard TLS 1.2 or higher. This protects your login credentials, payment information, and account data from interception.
- AES-256 Encryption at Rest: Sensitive personal data stored in mccw's databases — including KYC documents and payment identifiers — is encrypted at rest using AES-256 encryption.
- Password Hashing: Player passwords are never stored in plain text. We use bcrypt with an appropriate cost factor to hash all passwords, making them computationally infeasible to reverse even in the unlikely event of a data breach.
- Access Controls: Access to personal data within mccw's systems is restricted on a role-based, need-to-know basis. Staff members who do not require access to a data category for their job function cannot access it.
- Two-Factor Authentication: mccw's administrative systems require multi-factor authentication for all staff access, reducing the risk of insider threats and compromised credentials.
- Regular Security Audits: mccw conducts periodic security assessments of its platform infrastructure, including vulnerability scanning and penetration testing, to identify and remediate potential security weaknesses before they can be exploited.
- Incident Response: In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, mccw will notify affected players and take immediate remediation steps without undue delay.
9 International Data Transfers
mccw's primary data infrastructure is located in facilities that serve the Bangladesh market. However, some of our third-party service providers — including certain game software studios, identity verification vendors, and cloud infrastructure providers — may process data on servers located outside Bangladesh.
Where your personal data is transferred to, or accessed from, a country outside Bangladesh, mccw takes steps to ensure that an equivalent level of data protection applies. These steps include entering into data processing agreements with our service providers that incorporate standard contractual clauses or equivalent safeguards, and conducting due diligence on the data protection standards maintained by each provider.
By creating and using a mccw account, you acknowledge that your personal data may be processed in jurisdictions outside Bangladesh in connection with the services described in this Privacy Policy. mccw does not transfer your data to any country for the purpose of circumventing applicable data protection requirements.
10 Contact and Data Officer
If you have any questions, concerns, or requests relating to this Privacy Policy or to the way mccw processes your personal data, please contact our data support team using the details below. We are committed to handling all privacy enquiries promptly and with care.
How to Reach Us
Email: [email protected]
Please include "Privacy Request" in your subject line and provide your registered mccw username or email address so we can locate your account record efficiently.
Response Timelines
- General privacy enquiries: acknowledged within 2 business days, resolved within 10 business days.
- Formal rights requests (access, erasure, portability, etc.): acknowledged within 5 business days, resolved within 30 calendar days.
- Data breach notifications: communicated to affected players without undue delay after discovery and assessment.
Updates to This Policy
mccw reviews and updates this Privacy Policy periodically to reflect changes in our data practices, applicable law, or the services we provide. When material changes are made, registered players will be notified via the email address associated with their account. The date at the top of this page will always reflect when the most recent update was made. Your continued use of the mccw platform after a policy update constitutes acceptance of the revised Privacy Policy.
Your Data Is Safe. Now Let's Play.
Now that you know how mccw protects your personal information, explore our full range of games and services. From live cricket betting and slot games to our live casino tables — everything is built with your security and enjoyment in mind.