Privacy Policy — crorwin
Your privacy matters to us. This Privacy Policy explains exactly what personal data crorwin collects, why we collect it, how it is used and stored, and what rights you hold as a player registered on our Bangladesh gaming platform. We are committed to handling your information with care and transparency.
Important Notice: This Privacy Policy ("Policy") describes how crorwin ("we", "us", "our") collects, processes, stores, and protects the personal data of individuals ("you", "your", "the Player") who access or use the crorwin platform, including its website, mobile interface, gaming products, sports betting markets, and payment services. By registering an account or continuing to use crorwin, you acknowledge that you have read and understood this Policy and consent to the processing of your personal data as described herein. This Policy was last reviewed and updated on 1 January 2026 and supersedes all prior versions.
256-bit SSL Encryption
All data transmitted between your device and crorwin is protected by industry-standard 256-bit SSL encryption, ensuring your personal and financial information is never exposed in transit.
No Data Sold to Third Parties
crorwin does not sell, rent, or trade your personal data to any third party for marketing purposes. Your information is used solely to operate, improve, and secure your account and gaming experience.
Your Data, Your Rights
You have the right to access, correct, or request deletion of your personal data at any time. Our dedicated support team processes all data rights requests promptly and without charge.
Transparent Cookie Use
We use cookies only for essential site functionality, security, and anonymous analytics. We do not use third-party advertising cookies or tracking pixels that follow you across unrelated websites.
Defined Retention Periods
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Policy, or as required by applicable law. Account data is deleted or anonymised within 5 years of permanent account closure.
Dedicated Privacy Support
For any privacy-related queries, data access requests, or concerns about how your information is handled, our support team is available 24/7 via live chat or by email at support@crorwin.
1 Data We Collect
crorwin collects personal data from you in a number of ways: directly when you register an account or interact with the platform, automatically as you browse and use the site, and occasionally from third-party sources such as payment processors and identity verification providers. We collect only the data that is necessary for the purposes described in this Policy.
1.1 Registration and Account Data
When you create a crorwin account, we collect the following information:
- Full legal name;
- Date of birth (for age verification — players must be 18 or older);
- Residential address (including city, district, and postcode);
- Mobile phone number (used for account verification and security alerts);
- Email address (used for account communications and important notifications);
- Username and encrypted password.
1.2 Identity Verification (KYC) Data
To comply with responsible gaming obligations and to verify your identity before processing withdrawals, we may request and collect:
- Copies of government-issued identity documents (National Identity Card, passport, or driving licence);
- Proof of address documents (utility bills, bank statements dated within 3 months);
- Selfie or photo verification images where required for liveness checks;
- Source of funds documentation in cases where large transactions require enhanced due diligence.
1.3 Financial Transaction Data
When you make deposits or withdrawals using supported payment methods (bKash, Nagad, Rocket, Upay, Visa, Mastercard), we collect transaction records including payment method identifiers, transaction amounts in BDT, transaction timestamps, and transaction reference numbers. We do not store full card numbers or mobile banking PINs — payment authentication is handled directly by your payment provider using their own secure infrastructure.
1.4 Gaming and Betting Activity Data
We maintain records of your activity on the crorwin platform, including:
- Games played, bets placed, and outcomes;
- Session duration, login timestamps, and device type;
- Bonus claims, wagering progress, and promotional interactions;
- Responsible gaming settings you have activated (deposit limits, self-exclusion periods, etc.).
1.5 Technical and Device Data
When you visit the crorwin website, our servers automatically collect certain technical data, including your IP address, browser type and version, operating system, referring URL, pages visited, and time spent on each page. This data is used for security monitoring, fraud detection, and improving platform performance. It is not used to personally identify you for marketing purposes.
Why We Collect This Data: Every category of personal data described above is collected for a specific, lawful purpose — account management, age verification, fraud prevention, transaction processing, or regulatory compliance. We do not collect personal data speculatively or without a defined purpose.
2 How We Use Your Data
crorwin processes your personal data on the basis of contractual necessity (to provide you with the services you have registered for), legal obligation (to comply with applicable laws and regulations), legitimate interest (to protect the security of the platform and all its users), and in some cases with your explicit consent (for optional communications). The table below summarises the principal purposes for which we use your data:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Account creation and management | Registration data, contact details | Contractual necessity |
| Age and identity verification (KYC) | Identity documents, date of birth | Legal obligation / Contractual necessity |
| Processing deposits and withdrawals | Financial transaction data, payment method identifiers | Contractual necessity |
| Fraud detection and prevention | Technical data, gaming activity, transaction data | Legitimate interest |
| Responsible gaming monitoring | Gaming activity, session data, self-exclusion settings | Legal obligation / Legitimate interest |
| Customer support and dispute resolution | Account data, communication records | Contractual necessity |
| Platform security and anti-abuse monitoring | Technical data, IP address, device identifiers | Legitimate interest |
| Promotional communications (opt-in only) | Email address, communication preferences | Consent |
| Platform analytics and improvement | Anonymised technical and usage data | Legitimate interest |
2.1 Marketing Communications
crorwin may send you promotional emails, SMS notifications, or in-app messages about bonuses, tournaments, seasonal promotions (such as Eid or BPL cricket season offers), and new game launches — but only where you have explicitly opted in to receive such communications during registration or subsequently through your account settings. You may withdraw your consent and unsubscribe from marketing communications at any time by updating your account preferences or by contacting our support team. Withdrawal of marketing consent does not affect the lawfulness of any processing carried out before the withdrawal.
2.2 Automated Decision-Making
crorwin uses automated systems to assist with fraud detection, bonus abuse identification, and responsible gaming monitoring. These systems may flag accounts for review or trigger automated protective actions (such as temporarily suspending a transaction). Where an automated decision has a significant impact on your account, you have the right to request human review of that decision by contacting our support team.
3 Cookies & Tracking
crorwin uses cookies and similar tracking technologies (such as local storage and session identifiers) to operate the platform, maintain your login session, remember your preferences, and gather anonymised analytics data. A cookie is a small text file placed on your device by the website when you visit. Cookies do not contain viruses and cannot access other files on your device.
3.1 Types of Cookies We Use
- Essential / Strictly Necessary Cookies: These are required for the platform to function. They maintain your login session, store your language and currency preferences, and protect against cross-site request forgery (CSRF). Without these cookies, the platform cannot operate correctly. These cookies cannot be disabled.
- Analytics Cookies: We use anonymised analytics tools to understand how players navigate the platform — which pages are most visited, where users drop off, and which features are most used. This data is aggregated and cannot identify individual players. Analytics cookies can be disabled without affecting core platform functionality.
- Security Cookies: These cookies help us detect suspicious activity, identify duplicate accounts, and prevent fraud. They store device fingerprint data and session integrity tokens.
3.2 Third-Party Cookies
crorwin does not deploy third-party advertising cookies, retargeting pixels, or social media tracking widgets on its platform. Our game providers (Pragmatic Play, Evolution Gaming, Spribe, Ezugi, NetEnt, Microgaming) may set their own functional cookies within their embedded game iframes to maintain game sessions and load game assets. These cookies are governed by the respective provider's own privacy policies and are limited to game-session functionality.
3.3 Managing Cookies
You can control non-essential cookies through your browser settings. Most modern browsers allow you to view, block, or delete cookies. Please note that disabling certain cookies may affect the performance of crorwin — for example, your session may not be maintained between pages if essential cookies are blocked. For instructions on managing cookies in your specific browser, refer to your browser's help documentation.
No Advertising Tracking: crorwin does not use cookies to build advertising profiles, retarget you with ads on other websites, or share your browsing behaviour with advertising networks. Our cookie use is limited to operating and securing the platform.
4 Data Sharing
crorwin does not sell, rent, or trade your personal data to third parties for commercial purposes. We may share your data with a limited set of trusted third parties only where strictly necessary to deliver our services, fulfil legal obligations, or protect the security of the platform. All third-party recipients of your data are contractually bound to process it only for the specified purpose and to maintain appropriate security standards.
4.1 Service Providers
We share personal data with the following categories of service providers to the extent required for them to perform their services:
- Payment Processors: bKash, Nagad, Rocket, Upay, Visa, and Mastercard receive transaction data necessary to process your deposits and withdrawals. These providers operate under their own privacy policies and security frameworks.
- Identity Verification Providers: We may use third-party KYC verification services to authenticate identity documents submitted by players. These providers process your identity data solely for verification purposes and are contractually prohibited from using it for any other purpose.
- Game Providers: Pragmatic Play, Evolution Gaming, Spribe, Ezugi, NetEnt, Microgaming, and other licensed game studios receive the minimum data necessary to load and operate their games within the crorwin platform (typically a session token and player identifier).
- Cloud Infrastructure and Hosting Providers: Our platform is hosted on secure cloud infrastructure. Server-side data is stored in encrypted form and access is restricted to authorised personnel only.
4.2 Legal and Regulatory Disclosure
crorwin may be required to disclose personal data to government authorities, law enforcement agencies, financial intelligence units, or regulatory bodies where required by applicable law or in response to a lawful order. We will notify affected players of any such disclosure to the extent permitted by law.
4.3 Business Transfers
In the event of a merger, acquisition, restructuring, or sale of assets involving crorwin, player personal data may be transferred to the acquiring entity as part of the transaction. We will notify affected players prior to any such transfer and will ensure that the receiving entity agrees to honour the terms of this Privacy Policy.
No Sale of Your Data: crorwin has never sold player personal data and will never do so. If you receive unsolicited communications claiming to be from crorwin that appear to originate from a third-party marketing company, please report it to us immediately at as it may indicate a phishing attempt.
5 Data Retention
crorwin retains your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law. The following retention periods apply to the main categories of personal data we hold:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account registration data | Duration of account + 5 years post-closure | Contractual obligation, dispute resolution |
| KYC identity documents | Duration of account + 5 years post-closure | Anti-money laundering compliance |
| Financial transaction records | 7 years from transaction date | Financial record-keeping obligations |
| Gaming and betting activity logs | 3 years from date of activity | Dispute resolution, responsible gaming audit |
| Customer support communications | 3 years from last interaction | Quality assurance, dispute resolution |
| Technical and device data (logs) | 12 months from collection | Security monitoring, fraud detection |
| Marketing consent records | Until consent is withdrawn + 1 year | Proof of consent for compliance |
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised so that it can no longer be associated with an individual player. Where deletion is not immediately technically feasible (for example, in backup archives), the data is isolated and protected from further active processing until it can be permanently deleted.
6 Your Rights
As a player whose personal data is processed by crorwin, you hold a number of important rights with respect to your information. crorwin is committed to facilitating the exercise of these rights promptly and without unnecessary delay or charge.
6.1 Right of Access
You have the right to request a copy of the personal data that crorwin holds about you. Upon receipt of a verified access request, we will provide you with a summary of your data within 30 days. Access requests can be submitted via live chat or by emailing with the subject line "Data Access Request".
6.2 Right to Rectification
If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected. You may update most account information directly through your account profile. For information that cannot be self-corrected (such as your registered name or date of birth), please contact our support team with documentary evidence of the correct information.
6.3 Right to Erasure
You may request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you have withdrawn consent (and no other legal basis applies), or where the data has been processed unlawfully. Please note that we may be unable to delete certain data where retention is required by law (for example, financial transaction records subject to regulatory retention requirements). In such cases, we will inform you of the data that cannot be deleted and the reason why.
6.4 Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances — for example, while you contest the accuracy of the data we hold, or while a complaint you have raised is under investigation.
6.5 Right to Data Portability
Where processing is based on your consent or on contractual necessity, and is carried out by automated means, you have the right to receive a copy of your personal data in a structured, commonly used, machine-readable format. You may also request that we transmit this data directly to another controller where technically feasible.
6.6 Right to Object
You have the right to object to the processing of your personal data where crorwin relies on legitimate interests as the legal basis for processing. You also have the unconditional right to object to the use of your data for direct marketing purposes at any time. Upon receipt of a valid objection to marketing, we will cease processing your data for that purpose immediately.
6.7 Rights Related to Automated Decision-Making
Where crorwin uses automated systems to make decisions that significantly affect your account (such as fraud flags or bonus eligibility determinations), you have the right to request human review of those decisions. Please contact our support team to exercise this right.
How to Exercise Your Rights: To submit any data rights request, contact our support team via live chat 24/7 or email with the subject line indicating your request type (e.g., "Data Access Request", "Erasure Request"). We will acknowledge your request within 72 hours and respond in full within 30 days.
7 Data Security
crorwin takes the security of your personal data seriously and implements a range of technical and organisational measures to protect it against unauthorised access, accidental loss, destruction, or disclosure. These measures are regularly reviewed and updated in line with evolving security best practices.
7.1 Technical Safeguards
- SSL/TLS Encryption: All data transmitted between your browser or device and crorwin is encrypted using 256-bit SSL/TLS encryption. Look for the padlock icon in your browser's address bar to confirm the secure connection.
- Data Encryption at Rest: Sensitive personal data (including identity documents and financial records) stored in our databases is encrypted at rest using AES-256 encryption.
- Password Hashing: Account passwords are never stored in plain text. They are hashed using a modern, salted cryptographic hashing algorithm before storage.
- Access Controls: Access to personal data is restricted on a strict need-to-know basis. Only authorised personnel with a legitimate business reason may access player data, and all access is logged and audited.
- Intrusion Detection: Our infrastructure is monitored 24/7 by automated intrusion detection systems that alert our security team to any anomalous activity.
7.2 Organisational Safeguards
All crorwin employees and contractors who handle personal data are required to complete data protection training and are bound by strict confidentiality obligations. We conduct periodic internal reviews of our data handling practices and maintain an incident response plan to address data breaches promptly should they occur.
7.3 Data Breach Response
In the unlikely event of a personal data breach that poses a risk to the rights and freedoms of affected players, crorwin will notify affected individuals without undue delay and will implement immediate remediation measures. We will provide clear information about the nature of the breach, the data affected, and the steps we are taking to address it.
7.4 Your Responsibilities
While crorwin implements robust security measures, the security of your account also depends on you. You are responsible for keeping your account password confidential, using a strong and unique password, enabling any two-factor authentication features offered on the platform, and logging out of your account when using shared or public devices. If you suspect your account has been compromised, contact our support team immediately.
Phishing Warning: crorwin will never ask you to provide your password, full payment card details, or mobile banking PIN via email, SMS, or live chat. If you receive any communication requesting this information and claiming to be from crorwin, do not respond — report it to immediately.
8 Contact & DPO
If you have any questions, concerns, or requests relating to this Privacy Policy or the way crorwin processes your personal data, you are encouraged to contact us directly. Our support team and data protection function are committed to resolving all privacy-related enquiries promptly and transparently.
8.1 How to Contact Us
You may reach our privacy and data protection team through the following channels:
- Live Chat: Available 24/7 directly on the crorwin platform. This is the fastest way to receive a response for time-sensitive privacy concerns.
- Email: — please include "Privacy Enquiry" or your specific request type in the subject line so we can route your message to the correct team member.
8.2 Response Timeframes
We aim to acknowledge all privacy-related enquiries within 72 hours of receipt. Substantive responses to data rights requests (access, erasure, portability, etc.) will be provided within 30 days of receiving a verified request. Where a request is particularly complex or where you have submitted multiple requests simultaneously, we may extend this period by a further 30 days, in which case we will notify you of the extension and the reason for it.
8.3 Changes to This Policy
crorwin reserves the right to update or amend this Privacy Policy at any time to reflect changes in our data processing practices, applicable law, or platform features. When material changes are made, we will notify registered players via email and/or an on-site notification at least 14 days before the changes take effect. The updated Policy will always be accessible on this page with a revised "Last Updated" date at the top. We encourage you to review this Policy periodically to stay informed about how we protect your data.
Summary: crorwin is committed to handling your personal data with the highest standards of care, transparency, and security. We collect only what we need, use it only for defined purposes, share it only with trusted partners where necessary, and protect it with robust technical and organisational safeguards. Your rights over your data are real and enforceable — we make it easy to exercise them. For any concerns at all, our team is here around the clock at .
This Privacy Policy was last reviewed and updated on 1 January 2026. 18+ crorwin is strictly for adults aged 18 and above. Please gamble responsibly.
Explore crorwin With Confidence
Your data is safe with us. Now that you know how we protect your privacy , dive into our games and sports markets — trusted by players across Bangladesh.