Your Privacy Matters to cv4
This Privacy Policy explains how cv4 collects, uses, stores, shares, and protects the personal information of members and visitors across our platform. We are committed to handling your data with the highest standards of care, transparency, and security, in line with our commitment to operating a safe and trustworthy VIP gaming environment for players across Bangladesh.
Every data transaction between your browser and the cv4 platform is secured using industry-standard SSL (Secure Socket Layer) encryption. Whether you are logging in, making a deposit via bKash or Nagad, or updating your profile, your information travels over an encrypted connection at all times.
cv4 operates on a data minimisation principle — we only collect personal information that is directly necessary to deliver our services, verify your identity, process transactions, and comply with applicable regulations. We do not harvest or sell your data to third-party advertisers.
cv4 members retain meaningful control over their personal data. You can request access to the data we hold about you, ask for corrections, request deletion subject to applicable legal retention requirements, and opt out of non-essential communications at any time via your account settings or by contacting our support team.
Member data is stored on secured servers with restricted access. Access to personal data within the cv4 organisation is limited strictly to personnel who require it to perform their duties — including customer support, payments processing, and fraud prevention teams. All internal access is logged and audited.
If you have consented to receive promotional communications from cv4 — such as bonus alerts, game launch announcements, or VIP loyalty updates — you may withdraw that consent at any time. Use the unsubscribe link in any cv4 email, adjust your notification preferences in your account dashboard, or contact support directly.
When this Privacy Policy is materially updated, cv4 will notify registered members via their registered email address or through a notice displayed on the platform. The "Last Updated" date shown at the top of this page is always kept current so you can identify the version you are reading.
1. Information We Collect
cv4 collects personal data from members and site visitors in three principal ways: information you provide directly to us, information generated automatically through your use of the platform, and information received from trusted third-party service providers where this is necessary to deliver our services or comply with applicable verification obligations.
Information you provide directly:
- Registration data: When you create a cv4 account, we collect your full legal name, date of birth, residential address, email address, and mobile phone number. This information is required to create and manage your account and to verify your identity and age in accordance with our 18+ policy.
- Identity verification documents: When you submit documents for age or identity verification — such as a national identity card (NID), passport, or driving licence — we collect and process the information contained in those documents solely for verification purposes.
- Payment information: When you make a deposit or withdrawal via bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, BRAC Bank, or Islami Bank, we receive transaction reference data and the mobile number or account identifier associated with your payment method. We do not store full payment credentials on our own servers; payment processing is handled by our payment service providers.
- Support communications: When you contact cv4's customer support team via live chat or email, we retain records of that correspondence, including any personal information you include in your messages, to assist in resolving your query and for quality assurance purposes.
- Voluntary profile information: You may optionally provide additional information to your cv4 account profile, such as a preferred display name. Such optional data is stored and used only to personalise your experience.
Information collected automatically:
- Technical data: Your IP address, browser type and version, operating system, device type, screen resolution, and the referring URL from which you arrived at the cv4 platform.
- Usage data: Pages visited, games played, bets placed, time spent on specific sections of the platform, click-path data, and session timestamps. This data is used in aggregate to improve the cv4 platform experience and in individual form to detect fraudulent or unusual activity patterns.
- Cookie data: Information stored in or retrieved from cookies and similar tracking technologies placed on your browser. See Section 5 (Cookies & Tracking) for full details.
Information received from third parties:
- Identity verification providers: cv4 may use third-party identity verification services to cross-reference the personal information you provide against authoritative data sources. These checks help us comply with age verification and anti-fraud requirements.
- Payment service providers: Our payment partners may share confirmation data about completed or failed transactions to allow us to credit or debit your cv4 account balance accurately.
- Fraud prevention partners: We may receive risk-scoring or flagging information from third-party fraud detection services where we have a legitimate interest in protecting the platform and its members from financial crime.
cv4 does not purchase third-party marketing lists or acquire personal data from data brokers. All personal data we process is collected for a defined, lawful purpose directly related to your use of the cv4 platform or our regulatory obligations.
2. How We Use Your Data
cv4 processes the personal data it collects only for clearly defined purposes. The table below summarises the principal ways in which your data is used, together with the corresponding legal basis for that processing:
| Purpose of Processing | Data Categories Used | Legal Basis |
|---|---|---|
| Creating and managing your cv4 account | Registration data, contact details | Performance of contract |
| Age and identity verification (18+ compliance) | Date of birth, identity documents | Legal obligation |
| Processing deposits and withdrawals | Payment transaction data | Performance of contract |
| Delivering customer support | Contact details, support correspondence | Performance of contract |
| Fraud detection and prevention | Technical data, usage data, payment data | Legitimate interests |
| Anti-money laundering checks | Identity data, transaction data | Legal obligation |
| Responsible gaming monitoring | Usage data, betting history, deposit patterns | Legal obligation / Legitimate interests |
| Personalising the platform experience | Usage data, profile preferences | Legitimate interests / Consent |
| Sending promotional communications | Contact details, gaming preferences | Consent |
| Platform analytics and improvement | Technical data, aggregated usage data | Legitimate interests |
Where cv4 relies on legitimate interests as the basis for processing, we have balanced our interests against your rights and determined that such processing is proportionate, relevant, and does not override your privacy interests. You may object to processing carried out on this basis by contacting our support team.
Where cv4 relies on consent, you retain the right to withdraw that consent at any time without affecting the lawfulness of processing that occurred before the withdrawal. Withdrawal of consent for non-essential communications will not affect your ability to use the cv4 platform.
3. Legal Basis for Processing
cv4 processes personal data only where a valid legal basis exists for doing so. The following legal bases apply to our data processing activities:
- Performance of a contract: Processing that is necessary to deliver the services you have requested when registering a cv4 account — including account management, game delivery, and payment processing — is carried out on this basis. Without this processing, we cannot provide our core services to you.
- Legal obligation: Certain processing activities — including age verification, anti-money laundering screening, and record-keeping for regulatory compliance purposes — are required by applicable laws and regulations. cv4 cannot waive these obligations regardless of your preferences.
- Legitimate interests: We process certain data categories — including technical data, usage analytics, and fraud-prevention signals — on the basis that doing so serves a legitimate business interest in maintaining a safe, functional, and well-optimised platform. We carry out a balancing assessment before relying on this basis to ensure our interests do not override your fundamental rights.
- Consent: Where we send you marketing communications or use non-essential cookies and tracking technologies, we do so only with your explicit consent, which you may withdraw at any time. For members based in Bangladesh, consent is recorded with a timestamp and stored in your account record.
cv4 does not use personal data for any purpose that is incompatible with the original purpose for which it was collected. If we wish to use your data in a new way, we will notify you and, where required, seek your consent before doing so.
4. Data Sharing & Disclosure
cv4 does not sell, rent, or trade your personal data to third parties for their own marketing or commercial purposes. We share personal data only in the limited, clearly defined circumstances set out below:
- Payment service providers: We share necessary transaction data with bKash, Nagad, Rocket, Upay, and our banking partners (Dutch-Bangla Bank, City Bank, BRAC Bank, Islami Bank) to process your deposits and withdrawals. These providers act as independent data controllers for their own regulated financial services and are subject to their own privacy policies and regulatory obligations.
- Identity and age verification providers: We share identity document data and personal details with trusted verification partners solely to fulfil our age verification and anti-fraud obligations. These partners are bound by strict contractual data processing agreements and are not permitted to use your data for any other purpose.
- Game content providers: Certain game studios — including Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi — may receive technical identifiers (such as anonymised session tokens) to facilitate game delivery, detect cheating, and ensure fair-play compliance. These providers do not receive your full personal profile.
- Fraud prevention and security providers: We may share risk-related data with third-party fraud detection and cybersecurity services where this is necessary to protect the platform and its members from financial crime, account takeover, or other security threats.
- Legal and regulatory authorities: cv4 will disclose personal data to law enforcement agencies, regulatory bodies, or other competent authorities where we are legally required to do so — for example, in response to a valid court order, warrant, or statutory request. We will notify you of such disclosure where legally permissible.
- Business transfers: In the event of a merger, acquisition, or sale of all or part of cv4's business, your personal data may be transferred to the acquiring entity as part of that transaction. You will be notified of any such transfer and of any material changes to the data processing terms that result from it.
cv4 requires all third-party service providers who handle member personal data to execute data processing agreements that impose obligations of confidentiality, data security, and purpose limitation consistent with the standards set out in this Privacy Policy.
6. Data Retention
cv4 retains personal data for as long as necessary to fulfil the purposes for which it was collected, to comply with applicable legal and regulatory obligations, and to resolve any disputes that may arise. The following retention periods apply as a general guide:
- Active account data: Personal data associated with an active cv4 account is retained for the full duration of the account's active status and for a minimum of five years following account closure, in order to comply with anti-money laundering record-keeping requirements.
- Identity verification documents: Copies of identity documents submitted for age or identity verification purposes are retained for a period of five years from the date of submission or from the date of account closure, whichever is later.
- Transaction records: Financial transaction data — including deposit and withdrawal histories — is retained for a minimum of five years to comply with financial record-keeping obligations.
- Support correspondence: Records of communications with cv4's customer support team are retained for three years from the date of the most recent interaction in a given support thread.
- Marketing consent records: Records of your consent (or withdrawal of consent) to receive marketing communications are retained for the full duration of your account relationship with cv4 plus three years following account closure.
- Technical and usage data: Anonymised aggregated analytics data may be retained indefinitely for platform improvement purposes. Non-anonymised technical data (such as IP address logs) is retained for a maximum of 12 months from the date of collection.
At the end of the applicable retention period, personal data is securely deleted or anonymised so that it can no longer be attributed to an identifiable individual. Where deletion is not technically immediately feasible (for example, data held in secure backup archives), the data is quarantined and not processed for any active purpose until it can be securely erased.
Your Privacy Rights
As a cv4 member, you have a number of rights regarding the personal data we hold about you. These rights are described below. To exercise any of them, contact our support team at [email protected] (plain text — not a clickable link) with the subject line "Privacy Rights Request".
You have the right to request a copy of the personal data cv4 holds about you. We will provide a response within 30 days of receiving a valid access request.
If any personal data cv4 holds about you is inaccurate or incomplete, you have the right to request that it be corrected or updated. You can update most account details directly through your account settings.
You may request that cv4 delete your personal data where it is no longer needed for the original purpose, subject to our legal retention obligations. Some data cannot be deleted while legal or regulatory obligations require its retention.
You may ask cv4 to restrict the processing of your data in certain circumstances — for example, while a rectification request is being resolved, or where you have objected to processing and a determination is pending.
Where processing is based on your consent or on the performance of a contract, you have the right to receive a structured, machine-readable copy of your personal data and to transfer it to another service provider.
You have the right to object to processing carried out on the basis of legitimate interests or for direct marketing purposes. Where you object to marketing, we will stop sending communications immediately. Objections to legitimate-interest processing will be reviewed on a case-by-case basis.
cv4 will acknowledge all privacy rights requests within 5 business days and provide a substantive response within 30 days. Where a request is complex or involves a large volume of data, we may extend this period by a further 30 days, in which case we will notify you of the extension and the reasons for it. There is no charge for submitting a privacy rights request in the first instance.
8. Data Security
cv4 implements a layered approach to data security that combines technical, organisational, and procedural safeguards designed to protect your personal data against unauthorised access, accidental loss, alteration, or destruction.
Technical safeguards:
- All data transmitted between your device and the cv4 platform is protected using TLS 1.2 or higher encryption, indicated by the padlock icon in your browser's address bar.
- Member account passwords are stored using a one-way cryptographic hashing algorithm with individual salting. cv4 staff cannot retrieve your plain-text password — only you know it.
- Payment data is handled by PCI-DSS compliant payment service providers. cv4 itself does not store raw card numbers or full mobile banking credentials on its own servers.
- Server infrastructure is protected by firewalls, intrusion detection systems, and regular automated vulnerability scanning. Security patches are applied on a priority basis as they become available.
- Access to personal data systems within the cv4 organisation is controlled using role-based access permissions and multi-factor authentication for administrative accounts.
Organisational safeguards:
- All cv4 personnel who handle personal data are subject to confidentiality obligations and receive regular data protection training.
- Data processing agreements with third-party service providers include specific security requirements and audit rights.
- cv4 maintains an incident response plan to ensure any data breach is identified, contained, and reported in a timely manner. In the event of a significant breach affecting member data, affected members will be notified without undue delay.
While cv4 takes all reasonable and technically appropriate steps to protect your personal data, no online platform can guarantee absolute security against all possible threats. We encourage members to take their own precautions — including using a strong, unique password for their cv4 account, enabling any available two-factor authentication, and not sharing login credentials with any third party.
If you believe your cv4 account has been compromised or that your personal data has been accessed without your authorisation, please contact our support team immediately at [email protected] (plain text — not a clickable link). We will prioritise your report and take immediate steps to secure your account.
Changes to This Policy
cv4 reserves the right to update or modify this Privacy Policy at any time to reflect changes in our data processing practices, applicable laws, or platform services. When we make material changes, we will:
- Update the "Last Updated" date displayed at the top of this page.
- Send a notification to your registered email address summarising the key changes.
- Display a prominent notice on the cv4 platform for a minimum of 14 days following the update.
Your continued use of the cv4 platform after the effective date of any updated Privacy Policy constitutes your acknowledgement of the revised terms. If you do not agree with any changes, you should stop using the platform and may request account closure by contacting our support team.
We encourage you to review this Privacy Policy periodically to stay informed about how cv4 protects and manages your personal data. Archived versions of previous Privacy Policy documents are available on request.
Contact & Data Enquiries
If you have any questions, concerns, or requests relating to this Privacy Policy or to the personal data cv4 holds about you, please reach out to our dedicated support team. We are committed to responding to all data-related enquiries promptly and thoroughly.
Email (plain text — not a link):
Subject line: Privacy Enquiry — [Your Username or Account ID]
Please include in your message:
- Your registered cv4 username or account email address.
- A clear description of your question, concern, or request.
- Any relevant context — for example, the date of a specific transaction or support interaction you are querying.
Our team will acknowledge your enquiry within 5 business days (Bangladesh Standard Time, UTC+6) and provide a full response within 30 days. For urgent security concerns — such as suspected unauthorised account access — please mark your message as urgent and we will expedite our response.
Ready to Experience Bangladesh's Premier VIP Casino?
Now that you know how cv4 protects your privacy and personal data, explore everything our platform has to offer — from live cricket betting and premium slots to our exclusive VIP loyalty program.