Data Protection

Phwin Privacy Policy — How Your Data Is Kept Safe

Learn exactly how Phwin collects, uses, and safeguards your personal information — all clearly explained. Our Privacy Policy reflects our commitment to your trust.

Last Updated: January 1, 2026
SSL Encryption Protected
No Sale of Data to Third Parties
Fully Transparent Policy
Your Data, Your Control

Welcome to Phwin. This Privacy Policy ("Policy") explains how the Phwin platform collects, stores, uses, and protects your personal information. By using our website or app, you agree to the terms of this Privacy Policy.

We believe privacy is a fundamental right. That's why every one of our data policies is designed with users' interests as the top priority. Instead of complex legal language, we've aimed to explain everything in plain, simple terms.

What Information Do We Collect?

Phwin only collects information that is genuinely necessary to operate our services safely and smoothly. Below is a detailed breakdown of what data is collected and how.

Directly From You

  • Registration Information: Full name, mobile number, email address, date of birth, and password.
  • KYC Information: A copy of your National ID (NID), passport, or birth registration certificate.
  • Payment Information: Mobile banking number (bKash, Nagad, Rocket) and bank account details.
  • Contact Information: Messages sent via support ticket or live chat.

Automatically Collected Information

  • Device Information: Device type, operating system, and browser version.
  • Network Information: IP address, internet service provider, and connection type.
  • Usage Information: Pages visited and time spent, buttons clicked, and gaming session history.
  • Cookies & Tracking: Session cookies, preference cookies, and analytical data.

From Third Parties

  • Transaction verification data from the payment gateway provider.
  • Data received from identity verification (KYC) service providers.
  • Risk scores from fraud prevention partners.
Data Type Collection Methods Mandatory?
Name & Mobile Registration Form Yes
NID / Passport KYC Verification In Specific Cases
Payment Number Deposit / Withdraw Yes
IP Address Automatic Yes
Cookie Data Browser Partial

How Is Your Information Used?

Phwin uses collected data solely for specific, legitimate purposes. We never use your data for anything unnecessary.

Primary Purpose

  • Account Management: Securing registration, login, password resets, and account safety.
  • Payment Processing: Processing deposits, executing withdrawals, and maintaining transaction records.
  • Identity Verification: Completing KYC in compliance with international AML (Anti-Money Laundering) regulations.
  • Customer Support: Accessing the information needed to resolve your issues quickly.

Secondary Purpose

  • Personalization: Displaying game recommendations and bonus offers tailored to your preferences.
  • Platform Improvement: Analyzing which features are used most to improve the overall experience.
  • Security: Detecting and preventing fraud, hacking, and suspicious activity.
  • Legal Obligations: Submitting required reports to regulatory authorities.

Important: Phwin never sells your personal information to third parties. The sole purpose of how we use your data is to provide you with a better and safer experience.

Data Sharing — Who, and When?

Phwin operates on a strict policy — your data is shared only for limited, legitimate purposes. The circumstances under which information may be shared are clearly outlined below.

Permitted Sharing

  • Payment Provider: Only the information required to complete transactions via bKash, Nagad, Rocket, or bank transfer.
  • KYC Services: Limited data shared with licensed third parties for identity verification purposes.
  • Legal Authority: In cases involving a court order, government directive, or lawful investigation.
  • Security Partners: With technology providers used for fraud prevention.

What We Never Do: Your information is never sold or rented to advertisers, data brokers, or unrelated third parties — under any circumstances.

In the Event of a Business Change

In the event of a merger, acquisition, or restructuring, user data may be transferred to the new entity. You will be notified in advance by email, and the same protections under this Privacy Policy will continue to apply.

How Do We Protect Your Data?

Phwin uses industry-leading technology and practices to protect your information. This section of our Privacy Policy details the technical safeguards we have in place.

Technical Security

  • 256-bit SSL/TLS Encryption: All data transmitted between your browser and our servers is fully encrypted.
  • Encrypted Storage: Sensitive data stored in the database is encrypted using AES-256.
  • Two-Factor Authentication (2FA): Adds an extra layer of security to your login.
  • Firewall & DDoS Protection: Protection against cyber attacks at the server level.
  • Regular Security Audits: Periodic audits conducted by third-party expert teams.

Institutional Protection

  • Only authorized personnel can access sensitive data.
  • All staff receive regular training on data privacy and protection.
  • Data access logs are maintained and reviewed on a regular basis.

In the Event of a Security Breach: In the event of a data breach, we will notify the affected users and relevant regulatory authorities within 72 hours.

Data Retention Period

Phwin does not retain data longer than necessary. Once the specified period has elapsed, information is securely deleted.

Data Type Retention Period Reason
Account Information 5 years after account closure Legal Obligations
Transaction Records 7 Years AML Regulations
KYC Documents 5 Years Regulatory Requirements
Support Conversations 2 Years Quality Improvement
Cookie & Session Data 30 Days – 1 Year User Preferences
Analytical Data 26 Months Platform Improvement

Once the legal retention period ends or upon your request, data is permanently deleted and cannot be recovered.

What Are Your Rights?

Under Phwin's Privacy Policy, you have a number of important rights over your own data. These rights are recognized under international data protection regulations.

Right to Access
You may request to view the information we hold about you.
Right to Rectification
You can request corrections to any inaccurate or outdated information.
Right to Erasure
You may request deletion of your data once its legal retention period has expired.
Restriction of Processing
Request to temporarily restrict the use of your data for specific purposes.
Data Portability
The ability to export your data in a readable format.
Right to Object
You can object to certain types of data processing.

To exercise this right, email us at support@phwin.im or submit a request through the Support section of your account. We typically respond within 30 days.

Cookie Policy

Phwin uses cookies on its website. Cookies are small text files stored in your browser that help improve your experience.

Cookie Types

  • Essential Cookies: For login sessions and security — the site cannot function properly without these.
  • Preference Cookies: Remembers your language, theme, and other settings.
  • Analytical Cookies: To understand which pages are used most frequently (anonymous data).
  • Functional Cookies: Used to improve loading speed and deliver a personalized experience.

You can delete or disable cookies at any time through your browser settings. However, disabling essential cookies may cause certain platform features to stop working.

Please Note: Phwin does not use third-party advertising cookies. Our cookies are used solely to enhance your Phwin experience.

International Data Transfers

Phwin is an international platform. In some cases, your data may be processed or stored on servers outside Bangladesh.

  • SSL encryption is required for all international data transfers.
  • Before transferring data to a third country, that country's data protection standards are verified.
  • Data Protection Agreements (DPA) signed with international partners.
  • Only ISO 27001-certified providers are used for cloud storage services.

Protection of Minors

Phwin is strictly prohibited for users under 18. Our privacy policy includes special measures to protect the data of children and minors.

  • Age verification is mandatory at the time of registration.
  • If an underage account is identified, it will be immediately closed.
  • No data from minors is ever collected intentionally.
  • Parents who have concerns can reach out to support@phwin.im.

A note for parents: If your child has accidentally registered on Phwin, please contact support@phwin.im immediately. We will close the account and delete all associated data within 24 hours.

Policy Changes & Updates

Phwin reserves the right to update this Privacy Policy as needed. We will notify you of any significant changes.

  • For significant changes, a notice will be sent to your registered email address.
  • The date of any change will be clearly shown at the top of the page as "Last Updated".
  • Continued use of the platform after a new policy takes effect will be taken as your acceptance of it.
  • A 30-day notice is given before any major changes take effect.

The latest privacy policy will always be available on this page. Check back regularly to stay up to date.

Contact & Complaints

Our dedicated team is always on hand for any questions, requests, or complaints regarding the Privacy Policy.

  • Email: support@phwin.im
  • Live Chat: Via the chat icon at the bottom right of any page on the platform.
  • Support Ticket: Log in to your account and navigate to the Support section.
  • Response Time: Typically within 24–48 hours.

Data Protection Officer: Phwin has a dedicated Data Protection Officer (DPO) who directly oversees all privacy-related matters. For serious concerns, you can reach them at dpo@phwin.im.

Why Trust Phwin With Your Information?

Our privacy policy isn't just on paper — it's enforced at every step

Military-Grade Encryption
Every transaction and piece of personal information is protected with 256-bit AES encryption — the same standard used by the world's leading banks. TLS 1.3 protocol is enforced for all data transmission.
Zero Data Sale Policy
Phwin never sells your personal information to third parties. This is not just a promise — it is part of our licensing agreement and legally binding.
Full Data Control
You can view, update, or delete your own data from your account at any time. Your information belongs to you — Phwin is simply its custodian.
Clear & Transparent Policies
No hidden clauses, no legal traps. Phwin's privacy policy is written in plain language so anyone can understand it — no lawyer required.
Regular Security Audits
Independent cybersecurity experts conduct a full audit of Phwin's systems every year. Any vulnerabilities identified in the audit report are promptly addressed.
Fast Complaint Resolution
All privacy-related complaints receive an initial response within 48 hours and a full resolution within 7 business days. Our support team is always ready to assist.

Join Our Secure Platform Today

You've read Phwin's Privacy Policy — now open your account with confidence. Every piece of your information is completely safe with us.

Licensed Platform
SSL Secured
No Data Sales
24/7 Support
বাংলা