joyaapp Privacy Policy
Your privacy matters deeply to us. This Privacy Policy explains exactly what personal information joyaapp collects, how we use it, who we share it with, and the rights you hold over your own data as a player on our platform.
How joyaapp Protects Your Privacy
Six principles that guide every data decision we make at joyaapp.
256-Bit SSL Encryption
Every byte of data you transmit to joyaapp — from login credentials to deposit requests — is encrypted with industry-standard 256-bit SSL, preventing interception by any third party.
We Never Sell Your Data
joyaapp does not sell, rent, or trade your personal information to marketers, data brokers, or any other commercial third parties. Your data is used only to operate and improve your experience on our platform.
Purpose-Limited Collection
We collect only the personal data that is strictly necessary for the purposes stated in this policy — account management, payment processing, identity verification, and service improvement. Nothing more.
Full Transparency
This Privacy Policy is written in plain, accessible English so that every joyaapp player in Bangladesh — regardless of legal background — can clearly understand how their data is handled.
You Are in Control
You have the right to access, correct, export, and request deletion of your personal data at any time. joyaapp provides clear, frictionless pathways to exercise every one of these rights.
Secure Payment Data
Financial transaction data processed via bKash, Nagad, Rocket, Upay, and card networks is handled in compliance with applicable payment security standards and is never stored in plain text on our servers.
Information We Collect
joyaapp collects personal information from you through several channels: directly when you register and use our platform, automatically as you interact with our website, and occasionally from third-party service providers where this is necessary to verify your identity or process your payments.
The categories of personal information we may collect include:
| Category | Examples of Data Collected | Collection Method |
|---|---|---|
| Identity Data | Full legal name, date of birth, nationality, national ID or passport number | Registration form, KYC verification |
| Contact Data | Email address, mobile phone number, city of residence (e.g., Dhaka, Chittagong) | Registration form, account settings |
| Financial Data | Mobile wallet reference numbers (bKash, Nagad, Rocket, Upay), bank account details, transaction history | Deposit/withdrawal forms, payment processors |
| Technical Data | IP address, browser type and version, device type, operating system, screen resolution, time zone | Automatic collection via cookies and server logs |
| Usage Data | Pages visited, games played, session duration, bet history, game preference patterns | Automatic collection via analytics tools |
| Communications Data | Support chat transcripts, emails sent to [email protected], complaint records | Direct submission by you |
| Verification Data | Copies of government-issued ID, selfie photographs submitted for identity verification | KYC process (requested separately) |
We do not intentionally collect sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, or biometric data beyond what is strictly required for identity verification purposes. We do not collect data from individuals known to be under 18 years of age. If we become aware that we have inadvertently collected data from an underage individual, we will delete it immediately.
When you register from Bangladesh, your mobile phone number is the primary identifier used for account recovery and payment wallet linking. We treat your bKash, Nagad, and Rocket wallet references as financial data and apply the same strict security controls to them as we do to conventional bank account details.
How We Use Your Data
joyaapp uses the personal information we collect for specific, documented purposes. We do not use your data for any purpose that is incompatible with the reasons for which it was originally collected. Below is a comprehensive account of how your data is used:
- Account Creation and Management: To register your player account, verify your identity, maintain your account settings, and provide you with access to the full range of joyaapp services.
- Payment Processing: To process deposits and withdrawals via bKash, Nagad, Rocket, Upay, bank transfer, Visa, and Mastercard, and to maintain accurate records of all financial transactions associated with your account.
- Identity Verification (KYC): To comply with our know-your-customer obligations and confirm that you meet the minimum age requirement of 18 years before allowing real-money wagering.
- Service Delivery: To provide you with access to casino games, sports betting markets, live dealer tables, instant games, and all other features of the joyaapp platform.
- Customer Support: To respond to your enquiries, resolve complaints, process account closure or self-exclusion requests, and maintain records of communications for quality assurance.
- Responsible Gaming: To monitor your betting patterns for signs of problem gambling behaviour, to apply deposit limits or cooling-off periods you have requested, and to honour self-exclusion requests promptly.
- Fraud Prevention and Security: To detect and prevent fraudulent activity, money laundering, bonus abuse, multi-accounting, and other prohibited conduct as defined in our Terms & Conditions.
- Platform Improvement: To analyse aggregated usage data and identify technical issues, optimise game loading performance, and improve the overall user experience on joyaapp.club.
- Personalisation: To remember your game preferences, currency settings, and language preferences so that your experience on joyaapp is consistent and comfortable across sessions.
- Marketing Communications: Where you have given explicit consent, to send you promotional offers, bonus alerts, and news about joyaapp via email or SMS. You may withdraw this consent at any time by contacting [email protected].
- Legal and Regulatory Compliance: To meet any reporting or disclosure obligations that may apply to joyaapp as an online gaming operator under applicable laws.
joyaapp will never use your personal data to make automated decisions that have a significant legal or similarly significant effect on you without first providing you with an opportunity to request human review of that decision.
Legal Basis for Processing
joyaapp processes your personal data only where we have a lawful basis for doing so. The legal bases we rely upon are as follows:
- Contractual Necessity: The majority of our data processing activities are necessary to perform the contract we have with you as a registered player — including account registration, payment processing, and game access. Without this processing, we could not provide our services.
- Legal Obligation: Certain processing activities are required by applicable law, including identity verification (KYC), anti-money laundering checks (AML), and the maintenance of transaction records for audit purposes.
- Legitimate Interests: We process some data on the basis of our legitimate interests as a business, including fraud detection, platform security monitoring, and aggregated analytics for service improvement — provided these interests are not overridden by your fundamental privacy rights.
- Consent: Where we send you optional marketing communications or deploy non-essential cookies, we do so only on the basis of your freely given, specific, and informed consent. You may withdraw that consent at any time without penalty.
Regardless of the legal basis we rely upon, your privacy rights under Section 7 of this policy remain fully applicable. Processing on the basis of legitimate interests is always subject to a balancing test that weighs joyaapp's business needs against your individual privacy interests. Where your interests override ours, we will not process on this basis.
Data Sharing & Disclosure
joyaapp does not sell your personal data to any third party under any circumstances. We may, however, share your data with carefully selected categories of recipients where this is necessary to operate our platform and deliver our services to you. All third parties with whom we share data are contractually required to handle it securely and to use it only for the specified purpose.
The categories of recipients with whom joyaapp may share your personal data include:
- Payment Service Providers: bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, and card network processors receive the minimum necessary transaction data to process your deposits and withdrawals. These providers operate under their own privacy policies and applicable financial regulations.
- Identity Verification Partners: Where automated KYC checks are required, a specialist identity verification provider may receive your name, date of birth, and document images for the sole purpose of age and identity confirmation.
- Game Software Providers: Live casino and RNG game providers (including Evolution Gaming, Pragmatic Play, Ezugi, and others) receive a pseudonymised player identifier and session token to facilitate game connectivity. They do not receive your full name, contact details, or financial information.
- Cloud Infrastructure Providers: joyaapp's platform is hosted on secure cloud infrastructure. Our hosting provider may technically have access to encrypted data stored on their servers, but is contractually prohibited from accessing or using it for any purpose.
- Regulatory and Law Enforcement Authorities: Where required by applicable law, a court order, or a lawful request from a competent authority, joyaapp may disclose personal data to the relevant body. We will always seek to limit such disclosures to the minimum data necessary and will notify affected players where legally permitted to do so.
- Professional Advisors: Our legal counsel, auditors, and compliance consultants may access personal data on a confidential, need-to-know basis in connection with the provision of their professional services to joyaapp.
joyaapp will never share your contact details (email address, phone number) with third-party marketing companies or affiliate networks for the purpose of sending you unsolicited promotional communications. If you receive marketing that appears to come from joyaapp but that you did not request, please report it immediately to [email protected] so we can investigate.
Data Retention
joyaapp retains your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable legal and regulatory obligations. The following general retention periods apply:
- Active Account Data: Retained for the full duration of your account's active status plus a minimum of 5 years following account closure, to satisfy financial record-keeping and anti-money-laundering obligations.
- Transaction Records: All deposit and withdrawal records, including mobile wallet transaction references and bank transfer confirmations, are retained for a minimum of 7 years from the date of the transaction.
- KYC / Identity Verification Documents: Copies of identity documents submitted during the verification process are retained for 5 years from the date of submission or 5 years from account closure, whichever is later.
- Customer Support Communications: Emails and live chat transcripts are retained for 3 years from the date of the interaction, to support quality assurance, dispute resolution, and training purposes.
- Marketing Consent Records: Records of your marketing consent or opt-out are retained indefinitely to demonstrate compliance with your stated preferences.
- Analytics Data: Aggregated, anonymised analytics data may be retained indefinitely as it does not constitute personal data once anonymised.
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised in a manner that prevents reconstruction of the original information. Where deletion is not immediately possible due to technical constraints (such as data held in encrypted backup archives), joyaapp will isolate the data from active processing until deletion becomes technically feasible.
Your Privacy Rights
As a joyaapp player, you hold a comprehensive set of rights over your personal data. joyaapp is committed to honouring these rights in a timely and transparent manner. Your rights include:
- Right of Access: You may request a copy of all personal data joyaapp holds about you at any time. We will provide this information within 30 days of receiving a verified request.
- Right to Rectification: If any personal data we hold about you is inaccurate or incomplete, you have the right to request that it be corrected. You can update basic account details (email address, phone number) directly within your account settings.
- Right to Erasure ("Right to Be Forgotten"): You may request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, where you have withdrawn consent, or where you object to processing. Please note that this right is subject to our legal data retention obligations — certain financial and identity records must be retained regardless of a deletion request.
- Right to Restriction of Processing: You may request that joyaapp restricts its processing of your data in certain circumstances — for example, while the accuracy of data you have contested is being verified.
- Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to have it transmitted to another service provider where technically feasible.
- Right to Object: You may object to the processing of your data where we rely on legitimate interests as our legal basis. You also have an absolute right to object to your data being used for direct marketing purposes at any time.
- Right to Withdraw Consent: Where processing is based on your consent (e.g., for marketing communications), you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal.
To exercise any of the above rights, please submit a written request to [email protected] with the subject line "Privacy Rights Request". Please include your registered username and a clear description of the right you wish to exercise. We may need to verify your identity before processing the request. We aim to respond to all privacy rights requests within 30 days, and no later than 60 days in complex cases.
joyaapp does not charge a fee for processing privacy rights requests unless a request is manifestly unfounded, repetitive, or excessive. In such cases, we may charge a reasonable administrative fee or refuse the request, and we will explain our reasoning in writing.
Data Security Measures
joyaapp takes the security of your personal data extremely seriously. We maintain a comprehensive information security programme that includes the following technical and organisational measures:
- Transport Encryption: All data transmitted between your browser or device and joyaapp servers is encrypted using TLS 1.2 or higher, with 256-bit AES encryption for stored sensitive data.
- Access Controls: Access to systems containing personal data is restricted to authorised personnel on a strict need-to-know basis. All staff with data access are required to use strong authentication credentials and undergo regular security awareness training.
- Intrusion Detection: joyaapp's infrastructure is monitored continuously by automated intrusion detection and prevention systems that alert our security team to anomalous activity in real time.
- Regular Security Testing: We conduct periodic vulnerability assessments and penetration tests of our platform to identify and remediate potential security weaknesses before they can be exploited.
- Data Minimisation: We apply the principle of data minimisation across all systems — storing only what is necessary and purging data that has exceeded its retention period on a scheduled basis.
- Incident Response: joyaapp maintains a documented data breach response procedure. In the event of a security incident that poses a risk to your personal data, we will notify affected players and take immediate remedial action.
Despite our best efforts, no system is completely immune to security risk. You play an important role in protecting your own account by using a strong, unique password, enabling two-factor authentication, and never sharing your login credentials with anyone. If you suspect your account has been compromised, contact [email protected] immediately.
Third-Party Services
joyaapp integrates with a number of third-party services to deliver its platform. Each of these services is governed by its own privacy policy, which is independent of joyaapp's policy. By using joyaapp, you acknowledge that your interactions with integrated third-party services may be subject to those providers' data practices.
- Game Providers: Pragmatic Play, Evolution Gaming, Ezugi, NetEnt, Microgaming, and Spribe provide the casino games and live dealer experiences on joyaapp. These studios may collect limited gameplay telemetry data to support game operation and integrity monitoring.
- Mobile Wallet Providers: bKash, Nagad, Rocket, and Upay are independent financial service companies. When you initiate a deposit or withdrawal through these wallets, you are interacting directly with the wallet provider's systems in addition to joyaapp's. Their data practices are governed by their own privacy policies.
- Analytics Platforms: joyaapp may use privacy-respecting analytics tools to understand aggregate user behaviour on joyaapp.club. Where such tools are used, they are configured to anonymise IP addresses and to respect browser-level "Do Not Track" signals where technically feasible.
joyaapp does not embed third-party social media tracking pixels, advertising retargeting scripts, or affiliate tracking cookies on joyaapp.club without your explicit consent. Where consent-based third-party scripts are used, they are activated only after you have acknowledged this policy.
Policy Updates
joyaapp reserves the right to update this Privacy Policy at any time to reflect changes in our data practices, applicable law, or the services we offer. When we make changes, the "Last Updated" date at the top of this page will be revised, and the version number will be incremented accordingly.
Where changes to this policy are material — meaning they significantly affect how your data is used or the rights available to you — joyaapp will provide notice to registered players via email to the address on file, or via a prominent in-platform notification, prior to the changes taking effect. Your continued use of joyaapp following the effective date of any revised policy constitutes your acceptance of the updated terms.
We encourage all joyaapp players to review this Privacy Policy periodically to stay informed about how we protect your data. If you have questions about any change to this policy, please contact us at [email protected] before the effective date of the change.
Contact & Data Enquiries
If you have any questions, concerns, or complaints about this Privacy Policy, the way joyaapp handles your personal data, or the exercise of your privacy rights, please contact our support team directly. We take all privacy enquiries seriously and will respond within the timeframes set out in this policy.
Contact us at: [email protected]
When submitting a privacy-related enquiry, please include your registered username and a clear description of your query or concern. For formal privacy rights requests (access, erasure, portability, etc.), please use the subject line "Privacy Rights Request" so your message is routed to the appropriate team member immediately.
joyaapp operates as an international online gaming platform. Players based in Bangladesh are responsible for verifying that their use of joyaapp is consistent with applicable local laws and regulations. joyaapp does not constitute legal advice and is not responsible for any regulatory consequences arising from a player's use of the platform in jurisdictions where such activity may be restricted.
Ready to Play at joyaapp?
You have read our Privacy Policy and understand how we protect your data. Play cricket, slots, live casino games, and more — safely, securely, and responsibly. 18+ only.