How poki Protects Your Privacy
The following six principles summarise poki's approach to data privacy. Full legal detail is provided in the policy sections below.
Minimal Data Collection
poki collects only the personal data that is strictly necessary to provide its Services, verify member identity, process payments, and comply with applicable legal obligations. We do not collect personal data speculatively or for undefined future uses.
No Sale of Personal Data
poki does not sell, rent, or trade your personal data to third-party advertisers, data brokers, or any unaffiliated commercial entities for marketing purposes. Your data is used solely to deliver, maintain, and improve the poki platform and its services.
Bank-Grade Encryption
All personal data transmitted between your device and the poki platform is protected by 256-bit SSL/TLS encryption. Data stored on poki's servers is protected by industry-standard encryption at rest, access controls, and regular security audits.
Member Control & Access Rights
poki Members have the right to access, correct, export, and request deletion of their personal data. These rights can be exercised at any time by contacting poki support at [email protected]. Requests are processed within 30 calendar days of receipt.
Defined Retention Periods
poki retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable law. Account data is retained for the duration of membership and for a defined period after account closure, after which it is securely deleted or anonymised.
Breach Notification
In the unlikely event of a personal data breach that poses a risk to affected Members, poki will notify impacted individuals promptly and take all reasonable steps to contain and remediate the breach. poki maintains an incident response plan reviewed on a regular basis.
Your Data Rights at a Glance
As a poki Member, you hold the following rights in respect of your personal data. Full details are provided in Section 9 of this Policy.
Right of Access
Request a copy of all personal data poki holds about you, including the purposes for which it is processed.
Right to Rectification
Request correction of any inaccurate or incomplete personal data held on your poki account.
Right to Erasure
Request deletion of your personal data where poki no longer has a lawful basis to retain it, subject to legal record-keeping obligations.
Right to Restriction
Request that poki restricts processing of your personal data while a dispute about its accuracy or lawfulness is being resolved.
Right to Portability
Request an export of your personal data in a structured, machine-readable format so you may transfer it to another service if you wish.
Right to Object
Object to processing of your personal data for direct marketing purposes or where processing is based on poki's legitimate interests.
Please read this Privacy Policy carefully. It describes how poki collects and handles your personal information. By registering an Account or otherwise using the poki Platform, you confirm that you have read and understood this Policy and consent to the processing of your personal data as described herein. This Policy should be read alongside our Terms & Conditions.
Contents
1. Introduction
poki ("we", "us", "our") operates the online casino and sports betting platform accessible at https://poki.vu (the "Platform"). In the course of providing its Services to Members and visitors, poki inevitably collects and processes certain personal data. This Privacy Policy sets out, in clear and accessible terms, exactly what data we collect, why we collect it, how we use it, with whom we share it, and how long we keep it.
poki is committed to data privacy as a core operational value — not merely a compliance obligation. We design our data practices around the principle of data minimisation: collecting only what we genuinely need, retaining it only for as long as is necessary, and protecting it with measures appropriate to its sensitivity and the risks associated with its processing.
This Privacy Policy applies to all personal data collected through the Platform, including data submitted during registration, data generated through your use of games and betting markets, data provided when contacting our support team, and technical data collected automatically through your device and browser. It applies to all Members and visitors regardless of the device or connection method used to access the Platform.
2. Personal Data We Collect
2.1 Registration & Identity Data
When you create a poki Account, we collect the information you provide in the registration form, which includes your full legal name, date of birth, residential address (including city, district, and postcode), mobile phone number, email address, and chosen username. You may also be asked to provide your National Identity Card (NID) number during the registration process.
2.2 Verification & KYC Documents
To comply with our Know Your Customer (KYC) obligations and to process withdrawal requests, poki may collect copies of identity documents including your National ID card, passport, driving licence, utility bills, bank statements, and biometric photographs. These documents are processed solely for the purposes of identity verification and fraud prevention.
2.3 Financial & Transaction Data
We collect details of all financial transactions conducted through your poki Account, including deposit amounts, withdrawal requests, payment method identifiers (such as your bKash or Nagad mobile number), transaction timestamps, and transaction reference numbers. We do not store full bank account credentials or card numbers on our servers; payment processing is handled by our certified payment partners.
2.4 Gaming & Betting Activity Data
poki records all gaming and betting activity associated with your Account. This includes game sessions played, wagers placed, outcomes, bet amounts, bonus activations, and responsible gaming tool usage. This data is used for account management, dispute resolution, bonus administration, and responsible gaming monitoring.
2.5 Technical & Device Data
When you access the Platform, our servers automatically collect certain technical data including your IP address, browser type and version, operating system, device type and identifiers, referral URL, pages visited, session duration, and clickstream data. This data is used for security monitoring, fraud detection, and Platform performance optimisation.
2.6 Communications Data
If you contact poki's customer support team — whether via live chat, email, or any other channel — we retain records of those communications, including the content of messages and the date and time of contact. This data is used to resolve your query, train support staff, and maintain a service history for your account.
2.7 Summary Table of Data Categories
| Data Category | Examples | Primary Purpose |
|---|---|---|
| Identity Data | Name, date of birth, NID number | Account registration, KYC verification |
| Contact Data | Mobile number, email, address | Account communications, support |
| Financial Data | Transaction history, payment method IDs | Payment processing, AML compliance |
| Gaming Activity Data | Wagers, game sessions, outcomes | Account management, responsible gaming |
| Technical Data | IP address, device type, browser | Security, fraud prevention, analytics |
| Communications Data | Support chat logs, email records | Customer service, dispute resolution |
| KYC Documents | NID copy, utility bill, photograph | Identity verification, withdrawal processing |
3. How We Use Your Personal Data
poki uses the personal data it collects for the following defined purposes:
- Account creation and management: Processing your registration, maintaining your Account, and providing access to poki Services.
- Identity verification: Conducting KYC checks to confirm your identity, age, and eligibility before processing withdrawals and in response to regulatory requirements.
- Payment processing: Facilitating deposits and withdrawals through supported Bangladeshi payment methods including bKash, Nagad, Rocket, Upay, and bank transfer channels.
- Service delivery: Making games, betting markets, bonuses, live casino content, and all other poki Services available to your Account.
- Responsible gaming: Monitoring gaming patterns to identify potential problem gambling indicators, administering deposit limits and self-exclusion tools, and fulfilling our duty of care to Members.
- Customer support: Responding to queries, resolving complaints, and providing technical assistance through our support channels.
- Fraud prevention and security: Detecting, investigating, and preventing fraudulent transactions, collusion, money laundering, and other prohibited conduct.
- Legal and regulatory compliance: Meeting our obligations under applicable laws and responding to lawful requests from regulatory and law enforcement authorities.
- Marketing communications: Sending promotional offers, bonus notifications, and platform updates to Members who have consented to receive such communications. You may opt out at any time.
- Platform improvement: Analysing aggregated, anonymised usage data to improve the Platform's performance, content, and user experience.
4. Legal Basis for Processing
poki processes personal data only where a valid legal basis exists for doing so. The legal bases on which we rely are as follows:
- Contractual necessity: Processing required to perform the contract between poki and the Member — including account management, payment processing, game provision, and customer support.
- Legal obligation: Processing required to comply with applicable laws and regulations, including KYC and AML obligations, tax reporting requirements, and responses to lawful regulatory orders.
- Legitimate interests: Processing carried out in pursuit of poki's legitimate business interests, including fraud prevention, security monitoring, and Platform analytics, where those interests are not overridden by Members' privacy rights.
- Consent: Processing based on your freely given, specific, and informed consent — primarily for marketing communications and the use of non-essential cookies. You may withdraw consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
5. Cookies & Tracking Technologies
5.1 What Are Cookies
Cookies are small text files placed on your device by websites you visit. poki uses cookies and similar tracking technologies (such as web beacons and local storage) to enable essential Platform functionality, remember your preferences, and understand how Members interact with the Platform.
5.2 Types of Cookies We Use
- Strictly necessary cookies: Required for the Platform to function correctly. These include session authentication cookies, security tokens, and load-balancing cookies. These cannot be disabled without impairing Platform functionality.
- Functional cookies: Remember your language preferences, display settings, and logged-in state across sessions to improve your experience.
- Analytics cookies: Collect anonymised data about how visitors interact with the Platform, including pages visited, session duration, and navigation paths. This data is used in aggregate form to improve Platform design and performance.
- Marketing cookies: Track your activity to help poki deliver relevant promotional content to you. These are only placed with your consent.
5.3 Managing Cookies
You may control cookie settings through your browser preferences. Most browsers allow you to block or delete cookies. Please note that disabling strictly necessary cookies may prevent you from accessing certain Platform features, including logging into your Account.
6. Data Sharing & Disclosure
poki does not sell your personal data. We share personal data with third parties only in the following defined circumstances:
- Payment service providers: We share necessary transaction data with our certified payment partners (including bKash, Nagad, Rocket, Upay, and bank partners) to process deposits and withdrawals. These partners process data only as required to execute transactions and are bound by strict data protection obligations.
- Identity verification providers: We engage specialist KYC and AML service providers to assist in verifying Member identities. These providers access only the data strictly necessary for verification and are contractually prohibited from using it for any other purpose.
- IT infrastructure and hosting providers: poki's Platform is hosted on secure server infrastructure. Hosting and infrastructure partners may process personal data as data processors acting solely on poki's instructions.
- Customer support tools: We use professional customer support software to manage live chat and email communications. Data processed through these tools is subject to the same protections described in this Policy.
- Regulatory and law enforcement authorities: poki will disclose personal data to competent authorities where required by applicable law, court order, or legitimate regulatory request. We will notify affected Members of such disclosure where legally permitted to do so.
- Business transfers: In the event of a merger, acquisition, or sale of all or part of poki's business, personal data held by poki may be transferred to the acquiring entity. Members will be notified of any such transfer and of any material change to the terms governing their data.
7. International Data Transfers
The poki Platform serves Members based in Bangladesh. Where personal data is transferred to, or processed by, service providers located outside Bangladesh, poki takes appropriate measures to ensure that such transfers comply with applicable data protection requirements and that your data receives an equivalent level of protection to that afforded under this Policy.
Such measures may include entering into data processing agreements with service providers that incorporate standard contractual clauses, or relying on adequacy decisions where applicable. If you have questions about the safeguards applied to international transfers of your personal data, please contact us at [email protected].
8. Data Retention
poki retains personal data for no longer than is necessary to fulfil the purposes for which it was collected, subject to any longer retention periods required by applicable law. The following indicative retention periods apply:
- Account and identity data: Retained for the duration of your active membership and for a period of five years following account closure, to comply with AML record-keeping requirements and to handle any post-closure disputes or regulatory inquiries.
- Transaction and financial data: Retained for a minimum of five years from the date of the transaction, in compliance with financial record-keeping obligations.
- KYC documents: Retained for the duration of membership and for five years after account closure, consistent with AML regulations.
- Gaming activity data: Retained for the duration of membership and for three years after account closure for dispute resolution and responsible gaming monitoring purposes.
- Communications data: Support communications are retained for two years from the date of the interaction.
- Technical and device data: Retained for a maximum of twelve months for security and fraud prevention purposes, then deleted or anonymised.
- Marketing consent records: Retained until you withdraw consent or close your Account, plus a further one year for compliance record purposes.
Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised in accordance with poki's data disposal procedures.
9. Your Privacy Rights
As a poki Member, you have the following rights in respect of your personal data. To exercise any of these rights, please submit a written request to [email protected] with the subject line "Privacy Rights Request — [right being exercised]". poki will acknowledge your request within 5 business days and provide a substantive response within 30 calendar days.
- Right of Access: You may request a copy of all personal data poki holds about you, including information about the purposes of processing, the categories of data held, the recipients with whom it has been shared, and the retention period applied.
- Right to Rectification: You may request correction of any inaccurate or incomplete personal data held in your poki Account. Where data is corrected, poki will notify relevant third parties who have received the incorrect data where practicable.
- Right to Erasure: You may request deletion of your personal data where poki no longer has a lawful basis to retain it. This right is subject to poki's legal obligations to retain certain data for defined periods as set out in Section 8.
- Right to Restriction: You may request that poki restricts its processing of your personal data in certain circumstances, for example while a dispute about data accuracy is being investigated.
- Right to Data Portability: Where processing is based on your consent or on contractual necessity, you may request an export of your personal data in a structured, commonly used, machine-readable format.
- Right to Object: You may object at any time to processing of your personal data for direct marketing purposes. You may also object to processing based on poki's legitimate interests, in which case poki must demonstrate compelling legitimate grounds to continue processing.
- Right to Withdraw Consent: Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal.
poki will not charge a fee for processing privacy rights requests unless a request is manifestly unfounded, repetitive, or excessive, in which case a reasonable administrative fee may be applied.
10. Children's Privacy
The poki Platform is strictly intended for adults aged 18 years and over. poki does not knowingly collect personal data from individuals under the age of 18. Age verification is conducted as part of the poki registration and KYC process.
If poki becomes aware that personal data has been collected from an individual under the age of 18, it will take immediate steps to delete that data and close the associated account. If you believe that a minor has registered an account on the Platform, please contact poki support immediately at [email protected].
11. Security Measures
poki implements a comprehensive set of technical and organisational security measures designed to protect personal data against unauthorised access, disclosure, alteration, and destruction. These measures include:
- 256-bit SSL/TLS encryption for all data in transit between your device and poki servers.
- Encryption at rest for sensitive data categories including identity documents, financial data, and authentication credentials.
- Role-based access controls ensuring that poki staff can only access personal data that is necessary for their specific job function.
- Multi-factor authentication requirements for poki staff accessing systems that process personal data.
- Regular security audits and penetration testing conducted by qualified independent security professionals.
- Intrusion detection and monitoring systems that alert the security team to anomalous access patterns in real time.
- Data breach response procedures that enable poki to identify, contain, and notify affected parties of any confirmed breach promptly.
Notwithstanding the above, no data transmission over the internet or storage system can be guaranteed as 100% secure. Members are encouraged to use strong, unique passwords for their poki accounts and to contact [email protected] immediately if they suspect any unauthorised access.
12. Third-Party Links
The poki Platform may contain references to third-party payment providers and game studios. This Privacy Policy applies solely to the poki Platform and the personal data processed directly by poki. poki is not responsible for the privacy practices of third-party providers whose services are integrated into the Platform. Members are encouraged to review the privacy policies of any third-party services they interact with.
13. Amendments to This Policy
poki reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data practices, applicable laws, or Platform features. When material changes are made, poki will notify Members by posting a prominent notice on the Platform or by sending a notification to the registered contact details associated with the Member's Account.
The revised Privacy Policy will be published with an updated effective date. Continued use of the Platform following notification of any amendment constitutes acceptance of the revised Policy. We encourage Members to review this Policy periodically to stay informed of how poki protects their personal data.
14. Contact Us
If you have any questions, concerns, or requests relating to this Privacy Policy or to the processing of your personal data by poki, please contact our Data Protection team using the details below:
- Email: [email protected] (plain text — not a clickable link)
- Subject Line for Privacy Requests: "Privacy Rights Request — [description]"
- Response Time: Acknowledgement within 5 business days; substantive response within 30 calendar days
- Support Hours: 24 hours a day, 7 days a week
- Platform: https://poki.vu
All formal privacy-related communications should be directed to [email protected] in writing. poki maintains records of all privacy rights requests and responses in accordance with its data retention policy.
Ready to Explore poki?
Now that you understand how poki handles your data, discover our games, review our FAQ, or sign in to your account. Our support team is always available at [email protected].