Your Privacy Matters to Us
At t2sapp, protecting your personal information is a core responsibility — not an afterthought. This Privacy Policy explains in plain, honest English exactly what data we collect, why we collect it, how it is used, how it is stored, and what rights you have as a player based in Bangladesh.
How t2sapp Protects Your Data
The cards below offer a plain-English summary of our most important privacy commitments. The full legal policy follows in the sections beneath. The full text is the binding document.
Minimal Data Collection
t2sapp collects only the personal data strictly necessary to operate your account, process payments, verify your identity, and comply with anti-money laundering obligations. We do not collect data for its own sake.
No Data Selling
t2sapp does not sell, rent, or trade your personal data to third-party marketers or data brokers under any circumstances. Your information is used only for the purposes described in this policy.
256-Bit SSL Encryption
All data transmitted between your device and t2sapp is protected by 256-bit SSL/TLS encryption — the same standard used by major international banks. Your login credentials, payment details, and personal information are encrypted in transit at all times.
Your Rights Respected
You have the right to access, correct, or request deletion of your personal data held by t2sapp at any time. Submit a data request through the support team and we will respond within 30 calendar days.
Transparent Cookie Use
t2sapp uses essential, functional, and analytics cookies only. We do not use third-party advertising cookies or behavioural tracking cookies. You can manage cookie preferences through your browser settings.
Clear Retention Periods
Personal data is retained only for as long as required by law or necessary to operate your account. Account data is held for a maximum of five years following account closure, after which it is securely deleted.
1. Introduction & Scope
This Privacy Policy describes how t2sapp ("we", "us", "our") collects, processes, stores, and protects personal information provided by users ("you", "your", "the player") of the t2sapp platform, accessible at t2sapp.net and through any associated mobile browser interface. It applies to all registered account holders and visitors to the platform, including players based in Dhaka, Chittagong, Sylhet, Rajshahi, Khulna, Barisal, Rangpur, Mymensingh, Cox's Bazar, and all other locations in Bangladesh.
By registering for a t2sapp account, depositing funds, placing a wager, or otherwise using any feature of the platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein. If you do not agree with this policy, you should not use the t2sapp platform.
This policy covers personal data processed in connection with: account registration and identity verification; deposits and withdrawals via bKash, Nagad, Rocket, Upay, Visa, and Mastercard; sports betting activity including cricket, BPL, IPL, and T20 markets; casino and live dealer gameplay; responsible gaming tools; customer support interactions; and marketing communications where consent has been provided.
2. Data We Collect
t2sapp collects personal data across several categories, depending on how you interact with the platform. The table below summarises the main categories of data collected, the source of collection, and the lawful basis for processing.
| Data Category | Examples | Collection Source | Lawful Basis |
|---|---|---|---|
| Identity Data | Full name, date of birth, national ID number, passport scan | Registration form, KYC verification | Legal obligation (AML/KYC); contract performance |
| Contact Data | Email address, Bangladeshi mobile number | Registration form | Contract performance; legitimate interest |
| Financial Data | bKash/Nagad account number, transaction reference IDs, deposit/withdrawal amounts in BDT | Payment processor APIs; account settings | Contract performance; legal obligation |
| Gameplay Data | Bet history, game sessions, wager amounts, wins and losses, bonus usage | Platform activity logs | Contract performance; responsible gaming obligations |
| Technical Data | IP address, device type, operating system, browser type, session timestamps | Automatic collection via server logs and cookies | Legitimate interest (security, fraud prevention) |
| Communications Data | Live chat transcripts, support email content, feedback submissions | Support interactions | Legitimate interest; contract performance |
| Marketing Preferences | Opt-in/opt-out status for promotional emails and SMS | Account settings; consent capture at registration | Consent |
t2sapp does not knowingly collect sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, biometric data, or health information, except where health-related information is voluntarily provided by a player in the context of a responsible gaming self-exclusion request. Such information is handled with the highest level of care and used solely for the purpose for which it was provided.
3. How We Use Your Data
t2sapp uses the personal data described in Section 2 for the following specific purposes. Where a purpose requires a particular lawful basis under applicable data protection law, that basis is identified alongside the purpose.
- Account creation and management: Processing your registration, maintaining your account, verifying your identity, and enabling your t2sapp Login access. Basis: contract performance.
- Payment processing: Facilitating deposits and withdrawals in BDT via bKash, Nagad, Rocket, Upay, Visa, and Mastercard; reconciling transactions; investigating payment disputes. Basis: contract performance.
- Anti-money laundering and fraud prevention: Conducting KYC checks, monitoring transactions for suspicious patterns, fulfilling legally mandated AML reporting obligations. Basis: legal obligation; legitimate interest.
- Gameplay delivery: Providing access to sports betting, cricket markets, slots, casino games, and live dealer tables; recording and settling wagers; calculating and awarding winnings. Basis: contract performance.
- Responsible gaming: Monitoring gameplay patterns to identify potential problem gambling behaviour; facilitating self-exclusion requests, deposit limits, and cool-off periods. Basis: legal obligation; legitimate interest.
- Customer support: Responding to enquiries, resolving complaints, and maintaining records of support interactions for quality assurance and dispute resolution. Basis: contract performance; legitimate interest.
- Platform security: Detecting and preventing unauthorised account access, bot activity, multi-accounting, and other prohibited conduct described in the t2sapp Terms & Conditions. Basis: legitimate interest.
- Marketing communications: Sending promotional emails and SMS messages about bonuses, new games, and seasonal offers — but only where you have given explicit consent. You may withdraw marketing consent at any time through your account settings. Basis: consent.
- Platform improvement: Analysing aggregated, anonymised usage data to improve the platform experience, identify bugs, and optimise page performance. Basis: legitimate interest.
4. Data Sharing & Third Parties
t2sapp does not sell, rent, or otherwise trade your personal data to any third party. We share personal data only in the specific, limited circumstances set out below, and only to the extent strictly necessary for the stated purpose.
- Payment service providers: When you make a deposit or withdrawal, relevant transaction data is shared with the applicable payment provider (bKash, Nagad, Rocket, Upay, Visa, or Mastercard) to process the transaction. These providers operate under their own privacy policies and data protection obligations.
- Game content providers: To deliver casino, slots, and live dealer content, your account identifier and session token are shared with providers such as Pragmatic Play, Evolution Gaming, NetEnt, Microgaming, Spribe, and Ezugi. These providers do not receive your full personal profile and are contractually prohibited from using session data for purposes other than game delivery.
- Identity verification services: To fulfil KYC obligations, identity documents may be shared with third-party verification service providers operating under strict data processing agreements with t2sapp.
- Regulatory and law enforcement authorities: t2sapp may disclose personal data to competent authorities in Bangladesh or internationally where required to do so by law, court order, or regulatory direction — for example, in the context of AML investigations or fraud inquiries.
- Analytics providers: Anonymised, aggregated usage data may be shared with analytics service providers to support platform performance analysis. No individually identifiable data is shared for this purpose.
- Corporate transactions: In the event of a merger, acquisition, or sale of all or part of t2sapp's business, personal data held by t2sapp may be transferred to the acquiring entity, subject to equivalent data protection commitments being put in place. Affected players will be notified in advance.
All third-party data processors engaged by t2sapp are required to enter into a formal data processing agreement that prohibits them from using your data for any purpose beyond the specific service they provide to t2sapp, and that requires them to maintain appropriate technical and organisational security measures.
5. Cookies & Tracking Technologies
t2sapp uses cookies and similar browser-based technologies to operate the platform correctly, remember your preferences, and understand how the site is used. The following types of cookies are used on t2sapp.net:
- Strictly necessary cookies: These are essential for the platform to function. They maintain your authenticated session after t2sapp Login, store your currency and language preference, and enable the shopping basket functionality in the wallet. These cookies cannot be disabled without breaking core platform features.
- Functional cookies: These remember your preferences such as game view layout, favourite sports markets, and responsible gaming reminder settings. They improve your experience but are not essential.
- Analytics cookies: t2sapp uses first-party analytics cookies to understand aggregate patterns in platform usage — for example, which game categories are most visited or where users encounter difficulty in the deposit flow. Individual user profiles are not built for marketing purposes from this data.
t2sapp does not use third-party advertising cookies, retargeting pixels, or cross-site behavioural tracking technologies. You will not see t2sapp advertisements following you around the web as a result of visiting t2sapp.net.
You can manage or delete cookies through your browser settings at any time. Please note that disabling strictly necessary cookies will affect the functionality of the platform, including your ability to stay logged in or complete payment transactions.
6. Data Retention & Storage
t2sapp retains personal data only for as long as is necessary to fulfil the purposes described in this policy, to comply with applicable legal obligations, and to resolve disputes or enforce agreements. The following retention periods apply as a general guide:
- Active account data (identity, contact, payment, and gameplay records): Retained for the duration of your account and for five (5) years following voluntary account closure or the last recorded transaction, whichever is later. This retention period reflects AML record-keeping obligations.
- KYC documents (copies of identity documents, proof of address): Retained for five (5) years following account closure or the date the documents were submitted, in accordance with applicable AML regulations.
- Financial transaction records: Retained for seven (7) years in accordance with standard financial record-keeping practice.
- Customer support communications: Retained for two (2) years from the date of the last interaction, for quality assurance and dispute resolution purposes.
- Marketing preference records: Retained for the duration of your account and for one (1) year following account closure or withdrawal of consent, to demonstrate compliance with consent obligations.
- Technical and server log data: Retained for ninety (90) days for security monitoring and fraud prevention purposes, after which it is automatically purged.
Where personal data is no longer required for any of the purposes above, t2sapp will securely delete or permanently anonymise it. Anonymised data (from which no individual can be identified) may be retained indefinitely for statistical and business improvement purposes.
t2sapp's primary data storage infrastructure is hosted on secure servers with access controls, encryption at rest, and regular security audits. All data storage facilities maintain industry-standard physical and logical access security.
7. Your Privacy Rights
As a t2sapp player, you have a number of rights in relation to your personal data. t2sapp is committed to honouring these rights promptly and without undue bureaucratic friction. The following rights are available to you:
- Right of access: You may request a copy of all personal data t2sapp holds about you. We will provide this in a structured, commonly used, machine-readable format within 30 calendar days of a verified request.
- Right to rectification: If any personal data held about you is inaccurate or incomplete, you may request that it be corrected. For basic account details such as email address or mobile number, you may be able to update these directly through your account profile settings.
- Right to erasure: You may request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you have withdrawn consent, or where processing is unlawful. Note that t2sapp may be legally required to retain certain data (e.g., AML records) even after an erasure request — in such cases, we will inform you of the specific legal obligation that prevents full erasure.
- Right to restrict processing: You may request that t2sapp temporarily halt active processing of your personal data in certain circumstances — for example, while the accuracy of data you have disputed is being verified.
- Right to data portability: You may request that t2sapp transmit your personal data directly to another service provider in a structured, machine-readable format, where technically feasible.
- Right to withdraw marketing consent: You may withdraw consent for marketing communications at any time by updating your preferences in the account settings panel or by contacting support. Withdrawal of marketing consent does not affect the lawfulness of any processing carried out before the withdrawal.
- Right to object: You may object to processing carried out on the basis of legitimate interest, including profiling for responsible gaming purposes. t2sapp will assess whether our legitimate interest overrides your specific circumstances and inform you of the outcome.
To exercise any of the rights listed above, contact t2sapp's data team by email at [email protected] with the subject line "Data Rights Request" and your registered username. We will acknowledge your request within 72 hours and provide a full response within 30 calendar days.
8. Security Measures
t2sapp takes the security of your personal data seriously and maintains a comprehensive set of technical and organisational measures designed to prevent unauthorised access, accidental loss, disclosure, alteration, or destruction of personal data. Key security measures in place include:
- 256-bit SSL/TLS encryption for all data transmitted between your device and t2sapp servers, including during t2sapp Login, payment processing, and account management.
- Encryption at rest for sensitive personal data and financial records stored in t2sapp's databases, including identity documents and payment account references.
- Role-based access controls ensuring that t2sapp staff can access personal data only to the extent required for their specific role. Privileged access to production data systems is strictly limited and audited.
- Two-factor authentication (2FA) available to all players via SMS OTP for an additional layer of login security. Players are strongly encouraged to enable 2FA in their account security settings.
- Automated fraud and intrusion detection systems that monitor login activity, transaction patterns, and API requests for anomalous behaviour indicative of account compromise or platform abuse.
- Regular security audits and penetration testing conducted by independent security professionals to identify and remediate vulnerabilities before they can be exploited.
- Incident response procedures that include notification protocols for data breaches — if a breach is discovered that is likely to result in a risk to players, affected players will be notified promptly and the relevant details will be communicated transparently.
Despite t2sapp's considerable investment in platform security, no system connected to the internet can be guaranteed to be completely secure. Players are reminded to use strong, unique passwords for their t2sapp Login and to avoid accessing their accounts over unsecured public Wi-Fi networks.
9. Children's Privacy
The t2sapp platform is strictly intended for adults aged 18 and above. t2sapp does not knowingly collect, store, or process personal data belonging to any person under the age of 18.
Age verification is a mandatory step in the t2sapp account registration process. Where t2sapp has reasonable grounds to believe that a registered account holder is under 18 years of age, the account will be suspended immediately pending verification. If it is confirmed that the account holder is a minor, the account will be permanently closed, all gameplay activity will be voided, and any deposited funds will be returned to the verified payment method, net of any winnings derived from gameplay.
If you are a parent or guardian and have reason to believe that a minor in your care has registered for a t2sapp account, please contact the support team immediately at [email protected]. t2sapp will investigate the matter promptly and take all appropriate action to protect the minor's welfare.
10. Updates to This Policy
t2sapp may update this Privacy Policy from time to time to reflect changes in data protection law, changes in how the platform operates, or changes in the third-party services integrated into the platform. When material changes are made — defined as changes that meaningfully affect the rights of players or how their data is processed — t2sapp will notify registered players via the email address associated with their account at least seven (7) calendar days before the revised policy takes effect.
For minor or administrative amendments — such as corrections to typographical errors, clarifications of existing language, or updates to reflect the addition of a new supported payment method — t2sapp may publish the revised policy without individual prior notification. The "Last updated" date at the top of this page will always reflect the date of the most recent revision.
Your continued use of the t2sapp platform after a revised Privacy Policy has come into effect constitutes your acceptance of the updated terms. If you do not agree with the revised policy, you should cease using the platform and may request voluntary account closure as described in the t2sapp Terms & Conditions.
The current version of this Privacy Policy is always available at t2sapp.net/privacy-policy. t2sapp recommends reviewing this page periodically to stay informed of any changes, particularly if you are a regular platform user.
11. Contact & Data Enquiries
If you have any questions, concerns, or requests relating to this Privacy Policy or the way in which t2sapp processes your personal data, the support and data team are available 24 hours a day, 7 days a week, including during public holidays in Bangladesh such as Eid, Pohela Boishakh, Independence Day, and Victory Day.
For general privacy questions, data rights requests (see Section 7), or to report a suspected data breach involving your account, contact t2sapp by email at: [email protected]. Please use the subject line "Privacy Enquiry" or "Data Rights Request" as appropriate so your message is directed to the correct team.
t2sapp aims to acknowledge all privacy-related communications within 72 hours (Bangladesh Standard Time, UTC+6) and to provide a substantive response within 30 calendar days of receiving a complete request. Where additional time is required to respond to a complex data rights request, t2sapp will inform you of the extended timeline within the initial 30-day window.
Your Data is Safe — Now Enjoy the Platform
Now that you understand how t2sapp protects your privacy, explore everything the platform has to offer — from live cricket betting and BPL markets to hundreds of slots and live dealer tables. 18+ only. Play responsibly.