This Privacy Policy explains how bpxech collects, processes, stores, and protects the personal data of players who use the bpxech Platform. Your privacy matters to us — please read this document carefully.
Last updated: June 2026bpxech ("bpxech", "we", "us", "our") operates the online casino and sports betting platform accessible at bpxech.net and associated subdomains (collectively, the "Platform"). bpxech is the data controller in respect of all personal data collected through the Platform.
We are committed to handling your personal data responsibly, transparently, and in accordance with applicable data protection principles. This Privacy Policy sets out the categories of data we collect, the purposes for which we use it, the conditions under which we may share it, and the rights available to you as a data subject.
For the purposes of this Policy, "personal data" means any information relating to an identified or identifiable natural person. A Pakistani player's CNIC number, mobile number registered with JazzCash or Easypaisa, email address, and account activity records are all examples of personal data within the scope of this Policy.
When you create a bpxech account, we collect: your full name, date of birth, email address, Pakistani mobile number, preferred username, and the password you set (stored in hashed, non-recoverable form). We do not store plain-text passwords.
As part of our Know Your Customer (KYC) process, we collect copies of your Pakistani Computerised National Identity Card (CNIC) and a selfie photograph. This data is processed solely for identity and age verification purposes and is handled in accordance with Section 5 of this Policy.
We collect transaction records including deposit amounts, withdrawal requests, payment method identifiers (such as your JazzCash or Easypaisa account number in masked format), and transaction timestamps. Full card or account numbers are not stored by bpxech — payment processing is handled by licensed payment service providers.
We automatically collect data about how you interact with the Platform, including: pages visited, games played, bets placed, session duration, device type, operating system, browser type, IP address, and general geographic location derived from IP. This data is used for platform improvement, fraud detection, and personalisation purposes.
When you contact bpxech support via email, live chat, or any other channel, we retain records of those communications — including your queries and our responses — for quality assurance, training, and dispute resolution purposes.
Where you use bpxech's responsible gaming tools — such as deposit limits, self-exclusion requests, or session timers — we record those preferences and their activation dates as part of your account record. This data is maintained for compliance and audit purposes.
bpxech uses the personal data it collects for the following purposes:
bpxech processes your personal data on the following legal bases:
bpxech operates a mandatory KYC process. Before your first withdrawal is processed, you are required to submit: a clear photograph or scan of your valid Pakistani CNIC, and a selfie photograph taken at the time of submission for liveness verification.
KYC documents are processed by bpxech and, where applicable, by licensed third-party identity verification service providers operating under data processing agreements with bpxech. KYC data is stored securely for the duration required by applicable anti-money laundering regulations — typically a minimum of five years from account closure.
bpxech does not use your CNIC data for any purpose other than identity and age verification, AML compliance, and fraud prevention. Your CNIC number is never shared with third parties for commercial or marketing purposes.
bpxech does not store full payment credentials. Deposits and withdrawals are processed through licensed payment service providers including JazzCash, Easypaisa, and Pakistani banking institutions. These providers process your full payment details under their own privacy policies and security certifications.
bpxech retains only the minimum payment reference data necessary to reconcile transactions, process withdrawal requests, and comply with financial crime reporting obligations. This includes masked account identifiers (e.g., last four digits of an account number), transaction amounts, timestamps, and transaction reference numbers.
USDT (Tether) transactions are processed via the blockchain address provided by the player. bpxech retains the wallet address and transaction hash for compliance and audit purposes. Blockchain transactions are publicly visible on the relevant network by their nature.
bpxech uses essential cookies that are strictly necessary for the Platform to function. These include session authentication tokens, security cookies, and load-balancing cookies. Essential cookies cannot be disabled without breaking core Platform functionality.
With your consent, bpxech uses analytics cookies to collect aggregated data about how players navigate and interact with the Platform. This data is used to identify usability issues and improve the player experience. Analytics data is anonymised where possible.
With your explicit consent, bpxech may use marketing cookies to track campaign effectiveness and, where applicable, deliver relevant promotional content. You may withdraw consent for marketing cookies at any time through your browser settings or the bpxech cookie preference centre.
Certain features of the bpxech Platform — such as live casino games hosted by third-party studios — may set their own cookies when you play. bpxech does not control those cookies and recommends reviewing the relevant studio's privacy documentation.
bpxech does not sell, rent, or trade your personal data to third parties for commercial marketing purposes. We share your data only in the following circumstances:
bpxech retains personal data for the period necessary to fulfil the purposes described in this Policy, subject to the following minimum retention requirements:
Data that is no longer required for any lawful purpose is securely deleted or anonymised in accordance with bpxech's internal data retention schedule.
Subject to applicable law, you have the following rights in respect of your personal data held by bpxech:
To exercise any of the above rights, contact the bpxech data team at [email protected] with the subject line "Data Rights Request". We will respond within 30 days of receiving a valid request.
bpxech implements industry-standard technical and organisational security measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:
No data transmission over the internet is completely secure. While bpxech takes all reasonable steps to protect your data, we cannot guarantee absolute security. In the event of a data breach affecting your personal data, bpxech will notify you in accordance with applicable notification requirements.
The bpxech Platform is strictly restricted to individuals aged 18 and above. bpxech does not knowingly collect personal data from anyone under the age of 18. If we become aware that personal data has been collected from a person under 18 without parental consent, that account will be immediately suspended and the data deleted.
If you believe a minor has registered on the bpxech Platform, please contact support at [email protected] immediately so we can investigate and take appropriate action.
bpxech may update this Privacy Policy from time to time to reflect changes in our data practices, legal obligations, or Platform features. The effective date of the current version is shown at the top of this page. Where changes are material, we will provide notice via the Platform or by email to your registered address. Your continued use of the bpxech Platform after the effective date of any update constitutes acceptance of the revised Policy.
For all privacy-related queries, data subject rights requests, or concerns regarding bpxech's handling of your personal data, please contact:
Email: [email protected]
Please include "Privacy Policy" or "Data Rights Request" in the subject line so your query is routed to the appropriate team. We aim to respond to all privacy queries within 30 days.
A summary of the key data protection practices built into the bpxech Platform.
All data exchanged between your browser or mobile and the bpxech Platform is encrypted using TLS 1.2 or above. Your login credentials, payment details, and account data are never transmitted in plain text.
bpxech never stores your password in a readable format. Passwords are processed using bcrypt hashing — meaning even bpxech employees cannot read your password. Only you know it.
Your CNIC and selfie data collected during KYC verification is used exclusively for age and identity verification and AML compliance. It is never sold, shared for marketing, or used for any unrelated purpose.
Full JazzCash, Easypaisa, or bank account credentials are processed by licensed payment service providers — not stored by bpxech. We retain only masked transaction references for reconciliation and compliance.
You can request access to, correction of, or deletion of your personal data at any time by emailing the bpxech data team. We respond to all valid data rights requests within 30 days.
bpxech does not sell or rent your personal data to third parties for commercial purposes. Data sharing is limited to licensed service providers, payment processors, and regulatory authorities as required by law.
If you have any questions about how bpxech handles your personal data, or wish to exercise any of your data subject rights, contact our team at [email protected]. We respond in plain English within 30 days. You can also review our Terms & Conditions for the full contractual framework governing your bpxech account.