Privacy Protection

A27 Privacy Policy — How Your Personal Information Is Kept Safe

Your trust in a27 is our most valuable asset. On this page, we clearly explain — what information we collect, why we collect it, how we store it, and why we never share it with anyone.

Last Updated: 1 January 2026
256-bit SSL Data Confidentiality GDPR Compliance

How a27 protects your privacy

Bank-Grade Encryption

All your data and transactions are protected by 256-bit SSL encryption — the same technology used by the world's leading banks. It is virtually impossible for hackers to break.

No data is shared with third parties

A27 never sells or shares your information with advertisers, data brokers, or any third party. Your data belongs to you — that's our policy.

Your Rights Are Protected

You have the right to view, correct, delete, and restrict the use of your data — and you can exercise these rights at any time.

Secure Data Storage

Your data is stored only for as long as necessary and automatically deleted after the retention period. Our servers are protected by industry-leading firewalls.

International Standards Compliance

A27 complies with international privacy laws and GDPR guidelines. Our data protection practices are verified through regular external audits.

Cookie Transparency

We're transparent about which cookies we use and why. You're free to disable any non-essential cookies.

Play Safe
Your data is completely secure
Register
01

Introduction & Scope

This Privacy Policy document is a27 Limited ("a27", "we", "platform") and applies to all users ("you", "member") of the a27.online website and mobile app.

A27 believes that every member's personal information is a valuable asset that must be handled with the utmost care. We have never sold your data as a product, and we never will. Reading this policy will give you a clear understanding of exactly what information we collect, why we collect it, and how we keep it secure.

By accessing a27.online or creating an account, you agree to this Privacy Policy. If you do not agree with any part of it, please discontinue use of the platform and contact our support team.

This policy is formulated in compliance with the GDPR (General Data Protection Regulation) and applicable international data protection laws.

02

What Information We Collect

A27 only collects information that is strictly necessary to provide its services. Collecting unnecessary data goes against our policy.

Personal Identification Information

  • Full name & date of birth (for age verification)
  • Mobile number (for OTP verification and communication)
  • Email address (optional, for notifications)
  • National ID or passport number (for KYC verification)
  • Current address (may be required for high-value transactions)

Financial Information

  • Mobile banking number (bKash, Nagad, Rocket) — for payment purposes only
  • Transaction history (for security verification and dispute resolution)
  • Deposit & Withdrawal Records

Technical Data

  • IP address & device information (for fraud prevention purposes)
  • Browser type & operating system
  • Platform activity logs (for security auditing)
  • Cookie and session data (to improve your experience)

What we never collect: Your password (stored in hashed form), full bank account numbers, or any sensitive information without your explicit consent.

03

How We Collect Your Information

A27 collects information through several methods. Your consent is obtained at each step.

Registration Form
OTP Verification
KYC Process
Encrypted Storage

Direct Collection

  • Information you provide when registering your account
  • Documents uploaded during the KYC process
  • Conversations with the Support Team
  • Payment Transaction Details

Automatically Collected

  • Cookies and similar technologies used when accessing the platform
  • Server log files (IP address, timestamps, pages visited)
  • App usage analytics data

We clearly explain why we need your information before collecting it. Nothing is collected without your consent.

04

How Your Information Is Used

A27 uses the data it collects solely for specific, necessary purposes. Each purpose is backed by a lawful basis.

PurposeData UsedLegal Basis
Account Creation & ManagementName, mobile number, date of birthContractual Obligation
Age & Identity Verification (KYC)NID, Passport, SelfieLegal Obligation
Payment ProcessingMobile Banking NumberContractual Obligation
Fraud PreventionIP address, device & log dataLegitimate Interest
Customer SupportCommunication HistoryContractual Obligation
Promotional Emails/SMSMobile, EmailConsent (withdrawable)
Legal ComplianceAny information requiredLegal Obligation

If you'd rather not receive promotional messages, contact our support team at any time or click the unsubscribe link in any message.

05

Data Sharing Policy

The core principles at a27 are — Your data is never sold or rented. However, there are limited circumstances in which we may need to share your information.

When Your Information May Be Shared

  • Payment Processing: Only the information required to process transactions with payment gateways such as bKash, Nagad, and Rocket
  • Game Provider: Only a user ID is used for game operations — no personal identity data is involved
  • Law Enforcement Agencies: Upon a lawful order from the Bangladesh government or a directive from a court
  • Anti-Money Laundering Authority: As required by applicable law
  • Third-Party Auditor: For verifying our privacy and security standards — anonymised data only

To be clear: a27 never shares your information with advertisers, data brokers, or marketing agencies — not for any price.

International Data Transfers

Some game providers may have servers located abroad. In such cases, only the minimum data necessary for the game session is transferred, and those providers are required to comply with a27's privacy standards.

06

Data Protection Measures

A27's data protection is built on multiple layers — if one layer is compromised, the others continue to keep your data safe.

256-bit TLS/SSL Encryption
All data transmissions are encrypted — no one can intercept or read them in transit
Firewall & DDoS Protection
Multi-layer firewall and intrusion prevention system at the server level
Two-Factor Authentication (2FA)
OTP verification at login — no one else can access your account
Password Hashing
Your password is never stored in plain text — only as a bcrypt hash
Regular Security Audits
Security audits conducted by independent third-party experts every 6 months
Restricted Staff Access
Only authorized staff can access specific data — and all access is logged

What you should do: Use a strong password, never share it with anyone, and always log out on shared devices. Security works best when both sides play their part.

07

Cookie Policy

Cookies are small data files stored in your browser that help improve your website experience. a27 uses three types of cookies.

Cookie TypePurposeCan it be disabled?Duration
Essential Cookies Login sessions, security & payments No — the platform will not function Session
Analytics Cookies Page visits & error detection Yes — in Settings 30 days
Preference Cookies Saving language, theme & layout preferences Yes — in Settings 1 Year

To manage cookies, go to your browser settings. Please note that disabling essential cookies will prevent a27 from functioning properly. a27 never uses advertising cookies.

08

Your Privacy Rights

You have full control over your own data. a27 respects these rights and is committed to helping you exercise them.

Right to Access
You have the right to know what information we hold about you and to request a copy.
Right to Rectification
Right to correct inaccurate or incomplete information — contact Support to request a correction.
Right to Erasure
Request deletion of data beyond legal obligations after account closure.
Right to Restriction
You may request that we restrict the use of your data to specific purposes.
Data Portability
Right to receive your data in a machine-readable format (CSV/JSON).
Right to Object
Objecting to the processing of your data for promotional communications or analytics.

To exercise any of these rights, email us at support@a27.online or reach out via Live Chat. We will respond within 30 days of receiving your request.

09

Data Retention Period

A27 never retains data longer than necessary. After the applicable retention period, data is automatically deleted or anonymised.

Data TypeRetention PeriodReason
Account InformationDuration of account + 5 yearsLegal Obligation
Transaction Records7 YearsFinancial Regulatory Compliance
KYC Documents5 YearsAnti-Money Laundering Laws
Support Conversations3 yearsDispute Resolution
Server Logs1 YearSecurity Review
Marketing DataUntil consent is withdrawnConsent-Based

Once the retention period expires, data is securely deleted or anonymised in a way that makes recovery impossible.

10

Protection of Minors

A27 is strictly for users aged 18 and above. We do not knowingly collect personal information from anyone under 18.

Age is verified at the time of registration. If it is later found that a member is under 18, their account will be immediately closed and all collected data will be deleted.

If you believe a minor is using a27, please notify us immediately.

11

Privacy Policy Updates

This policy may be updated due to changes in technology, law, or our business. Before any significant changes:

  • An SMS will be sent to your registered mobile number
  • If an email address is on file, you will be notified by email
  • You will receive a notification upon logging into the platform
  • The "Last Updated" date at the top of this page will reflect any changes

Continued use of the platform after any changes constitutes acceptance of the updated policy. We recommend checking this page regularly.

12

Contact & Complaints

For any privacy-related questions, requests, or complaints, please reach us through the following:

  • Email: privacy@a27.online
  • Support Email: support@a27.online
  • Live Chat: Log in to the platform and look to the bottom-right corner
  • Response Time: Within 24 hours for general enquiries; within 30 days for data requests

We are always ready to resolve your concerns. If you would like to speak directly with our privacy team, you can schedule an appointment at any time.

This Privacy Policy was last updated on 1 January 2026. Next scheduled review: July 2026.

Your data is protected — play with confidence

Your privacy is fully protected at a27. Join today and play your favorite games on Bangladesh's most secure gaming platform.

SSL Secured
Your data is never sold
GDPR Compliance
24/7 Support
বাংলা