pulsz Privacy Policy
Your personal data matters. This Privacy Policy explains exactly what information pulsz collects, why we collect it, how it is stored and protected, who it may be shared with, and what rights you hold over your own data as a player in Bangladesh.
SSL-Encrypted Transmission
Every piece of data transmitted between your device and pulsz servers travels over 256-bit SSL/TLS encryption. No personal information is ever sent in plain text.
No Data Selling
pulsz does not sell, rent, or trade your personal data to third-party marketers. Your information is used solely to operate the Platform and comply with legal obligations.
Player-Controlled Data
You retain the right to access, correct, export, and request deletion of your personal data at any time by contacting pulsz support. We process such requests within 30 days.
Segregated Data Storage
Personal data and financial records are stored in separate, access-controlled environments. Staff access is restricted on a strict need-to-know basis with full audit logging.
Transparent Cookie Use
pulsz uses cookies strictly for Platform functionality, session management, fraud detection, and anonymised analytics. No behavioural advertising cookies are placed without notice.
Compliance-Driven Practices
Our data practices are guided by internationally recognised privacy principles including purpose limitation, data minimisation, and storage limitation — applied consistently across the entire pulsz Platform.
Section 1
Information We Collect
pulsz collects personal data from you in three primary ways: information you provide directly during registration and Platform use, information generated automatically by your interactions with the Platform, and information received from trusted third-party sources for identity verification and fraud prevention purposes. The categories of data collected are described in full below.
Information You Provide Directly
When you register a pulsz account or interact with Platform features, you may provide the following categories of personal data:
- Identity Data: Full legal name, date of birth, gender, and nationality as shown on government-issued identification documents.
- Contact Data: Email address, mobile phone number (including your Bangladeshi mobile number linked to bKash, Nagad, or Rocket), and residential address including district, division, and postcode.
- Verification Documents: Copies of your National Identity Card (NID), Passport, Driving Licence, and proof-of-address documents such as utility bills or bank statements submitted during KYC verification.
- Financial Data: Payment method details including mobile financial service (MFS) account numbers for bKash, Nagad, Rocket, or Upay; bank account details for Dutch-Bangla Bank, City Bank, BRAC Bank, Islami Bank, Sonali Bank, or other institutions; and masked card details for Visa or Mastercard payments.
- Account Preferences: Username, password (stored as a one-way cryptographic hash — never in plain text), language preferences, responsible gaming settings such as deposit limits and self-exclusion elections, and communication preferences.
- Support Correspondence: Records of any communication you initiate with pulsz via email, live chat, or any other support channel, including the content of messages and attachments.
Information Collected Automatically
When you access and use the pulsz Platform, certain data is collected automatically through server logs, cookies, and similar technologies:
- Device & Technical Data: IP address, device type and model, operating system and version, browser type and version, screen resolution, and unique device identifiers.
- Usage Data: Pages visited, games launched, bets placed (including stake amounts, markets selected, and outcomes), session duration, login timestamps, and navigation paths through the Platform.
- Geolocation Data: Approximate geographic location derived from your IP address, used to apply jurisdiction-based access controls. pulsz does not access GPS-level precise location data from your device.
- Transaction Data: Full records of all deposit and withdrawal transactions including amounts in BDT, timestamps, payment method used, transaction reference numbers, and processing status.
Information from Third Parties
pulsz may receive personal data about you from the following categories of third-party source, where necessary for identity verification, fraud prevention, or regulatory compliance:
- Identity verification and KYC service providers who cross-reference the documents you submit against official databases.
- Payment processors and mobile financial service providers (bKash, Nagad, Rocket, Upay) who confirm transaction completion and payment account ownership.
- Fraud detection and anti-money laundering (AML) screening services that flag accounts or transactions associated with known financial crime indicators.
- Credit reference and sanctions screening agencies where required by applicable compliance obligations.
Minimum Necessary Principle: pulsz collects only the personal data that is genuinely necessary to operate the Platform safely, verify player identity, process payments, and meet legal obligations. We do not collect data speculatively or for purposes beyond those described in this Policy.
Section 2
How We Use Your Data
pulsz processes your personal data only for specific, clearly defined purposes. The table below maps each processing purpose to its legal basis and the categories of data involved.
| Processing Purpose | Data Categories Used | Legal Basis |
|---|---|---|
| Account registration and ongoing account management | Identity, Contact, Account Preferences | Contract performance |
| Identity verification (KYC) and age confirmation | Identity, Verification Documents | Legal obligation; Contract performance |
| Processing deposits and withdrawals via bKash, Nagad, Rocket, and bank channels | Financial Data, Transaction Data | Contract performance |
| Fraud detection, AML screening, and Platform security | All categories as necessary | Legal obligation; Legitimate interest |
| Responsible gaming monitoring and intervention | Usage Data, Transaction Data, Account Preferences | Legal obligation; Legitimate interest |
| Customer support and complaint resolution | Identity, Contact, Support Correspondence | Contract performance; Legitimate interest |
| Personalised promotional communications (where you have opted in) | Contact, Usage Data | Consent |
| Platform analytics and performance improvement | Usage Data, Device & Technical Data (anonymised) | Legitimate interest |
Marketing Communications
If you have provided your consent at registration or via your account preferences page, pulsz may send you promotional communications by email or SMS regarding new games, seasonal promotions (such as Eid bonuses, Pohela Boishakh offers, or BPL cricket specials), and platform updates. You may withdraw this consent at any time by updating your communication preferences in your account settings or by contacting support@pulsz.bio. Withdrawal of marketing consent does not affect the lawfulness of processing carried out prior to withdrawal.
Automated Decision-Making
pulsz uses automated systems to assess fraud risk, detect unusual transaction patterns, and in some cases to apply temporary account restrictions where a risk threshold is exceeded. Where a significant automated decision is made about your account — such as a temporary withdrawal freeze triggered by a fraud risk score — you have the right to request human review of that decision by contacting support@pulsz.bio.
Section 3
Cookies & Tracking Technologies
pulsz uses cookies and similar tracking technologies (including local storage objects and session tokens) to operate the Platform, maintain your login session, detect fraud, and generate anonymised analytics about how the Platform is used. This section explains each category of cookie in use.
Strictly Necessary Cookies
These cookies are essential for the Platform to function. They maintain your authenticated session after login, preserve your account preferences during a session, and support security features such as CSRF protection. These cookies cannot be disabled without breaking core Platform functionality.
Analytics Cookies
pulsz uses anonymised analytics cookies to understand aggregate patterns of Platform use — such as which game categories are most visited and where players encounter errors. Individual players are not identifiable from analytics data. You may opt out of analytics cookies via your account preferences.
Fraud Prevention Cookies
These cookies record device fingerprint signals — such as browser configuration, installed fonts, and timezone — to help identify suspicious login attempts, account takeover attacks, and automated bot activity. They are part of pulsz's security infrastructure and cannot be disabled.
Preference & Functional Cookies
These cookies remember settings you have chosen, such as your preferred game lobby layout, responsible gaming reminder intervals, and display language. They improve your experience on return visits. You may clear these via your browser settings; doing so will reset your saved preferences.
pulsz does not place third-party advertising or behavioural retargeting cookies on the Platform. No data collected via pulsz cookies is shared with advertising networks or data brokers. You may review and manage cookie preferences at any time through your browser's cookie management settings, though disabling strictly necessary or fraud-prevention cookies may impair your ability to use the Platform.
Section 4
Data Sharing & Third Parties
pulsz does not sell your personal data. We share personal data with third parties only in the limited circumstances described below, and only to the extent strictly necessary for the stated purpose. All third-party processors engaged by pulsz are bound by data processing agreements that require them to handle your data securely and only for the purpose for which it was shared.
Categories of Third-Party Recipients
- Payment Service Providers: bKash, Nagad, Rocket, Upay, Dutch-Bangla Bank, City Bank, BRAC Bank, Islami Bank, Sonali Bank, Visa, and Mastercard receive the transaction data and account identifiers necessary to process your deposits and withdrawals. These providers operate under their own privacy policies and regulatory frameworks.
- Identity Verification Providers: KYC service providers receive copies of the identity and address documents you submit for verification purposes. These providers are contractually prohibited from using your documents for any purpose other than verification on pulsz's behalf.
- Fraud Prevention and AML Services: Transaction data and behavioural signals may be shared with specialist fraud detection and anti-money laundering screening platforms to identify and prevent financial crime. These services return risk scores and flags to pulsz but do not retain your full personal profile.
- Game Content Providers: Live dealer studios including Evolution Gaming and Ezugi, and RNG game providers including Pragmatic Play, Spribe, and Microgaming, receive the minimum player session data necessary to deliver their games — typically a session token and stake amount. They do not receive your full identity data.
- Cloud Infrastructure Providers: pulsz uses reputable cloud hosting providers to store Platform data. These providers act as data processors under strict contractual obligations and do not have independent access to your personal data for their own purposes.
- Legal and Regulatory Authorities: pulsz will disclose personal data to law enforcement agencies, regulatory bodies, or courts of competent jurisdiction when required to do so by applicable law, court order, or to protect the rights, safety, and security of the Platform and its players.
No Data Sales — Ever: pulsz has never sold personal data to a third party and will never do so. This commitment is absolute and not subject to future revision by policy update.
International Data Transfers
Some of pulsz's third-party service providers operate servers located outside Bangladesh. Where personal data is transferred internationally, pulsz ensures that adequate safeguards are in place — such as standard contractual clauses or equivalent binding data transfer mechanisms — to protect your data to a standard at least equivalent to that applied within Bangladesh.
Section 5
Data Security & Storage
pulsz takes the security of your personal data seriously and implements a layered set of technical and organisational measures to protect it against unauthorised access, accidental loss, destruction, or disclosure. The key security measures in place are described below.
- Encryption in Transit: All data exchanged between your browser or app and pulsz servers is protected by 256-bit TLS/SSL encryption. Connections using outdated or insecure protocol versions are rejected.
- Encryption at Rest: Sensitive data fields — including identity document scans, payment account details, and KYC records — are encrypted at rest using AES-256 encryption within pulsz's database infrastructure.
- Password Security: Account passwords are never stored in plain text. pulsz uses industry-standard one-way cryptographic hashing with salting (bcrypt) so that even pulsz staff cannot read your password.
- Access Controls: Access to personal data within pulsz's systems is restricted to authorised personnel on a strict need-to-know basis. All internal data access is logged and subject to regular audit review.
- Two-Factor Authentication: pulsz offers 2FA as an optional but strongly recommended security layer for your account. Enabling 2FA significantly reduces the risk of unauthorised account access even if your password is compromised.
- Penetration Testing: pulsz engages qualified third-party security specialists to conduct periodic penetration tests and vulnerability assessments of the Platform's infrastructure and application layer.
- Incident Response: pulsz maintains a documented data breach response procedure. In the event of a confirmed breach affecting your personal data, pulsz will notify you and relevant authorities within the timeframes required by applicable law.
While pulsz applies robust security measures, no internet-based system can be guaranteed to be 100% secure. You also have a responsibility to protect your own account by using a strong, unique password, enabling 2FA, and not sharing your login credentials with anyone.
Section 6
Data Retention
pulsz retains personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by applicable legal or regulatory obligations. The following retention periods apply as a general guide:
| Data Category | Retention Period | Rationale |
|---|---|---|
| Account registration and identity data | Duration of account plus 7 years after closure | AML and KYC regulatory record-keeping requirements |
| Transaction and financial records | 7 years from date of transaction | Financial compliance and dispute resolution obligations |
| KYC verification documents | Duration of account plus 7 years after closure | Regulatory requirement to maintain verification records |
| Customer support correspondence | 3 years from date of last interaction | Complaint management and quality assurance |
| Anonymised analytics data | Up to 36 months | Platform performance analysis — no personal identifiers retained |
| Marketing consent records | Until consent withdrawn plus 3 years | Evidence of lawful marketing communications basis |
When data reaches the end of its retention period, it is securely deleted or irreversibly anonymised in accordance with pulsz's data disposal procedures. Physical documents, if any, are shredded. Digital data is overwritten using industry-standard deletion protocols. Backup copies are purged on a rolling schedule consistent with the retention periods above.
Section 7
Your Privacy Rights
As a pulsz player, you hold meaningful rights over your personal data. pulsz is committed to honouring these rights promptly and without undue barriers. The rights available to you are listed below. To exercise any of these rights, contact pulsz at support@pulsz.bio with the subject line "Privacy Rights Request" and a clear description of your request. We will respond within 30 calendar days.
Right of Access
Request a copy of all personal data pulsz holds about you, including the categories of data, the purposes for which it is processed, and any third parties it has been shared with.
Right to Rectification
Request correction of inaccurate or incomplete personal data held about you. Many basic details can be updated directly through your account settings.
Right to Erasure
Request deletion of your personal data where it is no longer necessary for the purpose it was collected, or where you withdraw consent and no other legal basis applies. Note that regulatory retention obligations may prevent full deletion in all cases.
Right to Restrict Processing
Request that pulsz temporarily suspends processing of your data — for example, while the accuracy of your data is being contested — without deleting it.
Right to Data Portability
Request a structured, machine-readable export of the personal data you have provided to pulsz, where processing is based on consent or contract and carried out by automated means.
Right to Object
Object to pulsz processing your data on the basis of legitimate interests, including for direct marketing purposes. Your objection to marketing will be honoured immediately and unconditionally.
pulsz will not charge a fee for processing privacy rights requests in the vast majority of cases. Where a request is manifestly unfounded or excessive — for example, repeated identical requests — pulsz reserves the right to charge a reasonable administrative fee or decline the request, with an explanation provided to you.
Section 8
Contact & Policy Updates
If you have any questions, concerns, or complaints regarding this Privacy Policy or pulsz's data processing practices, please contact the pulsz Data Privacy team directly. We aim to acknowledge all privacy enquiries within two business days and resolve them within 30 calendar days.
Privacy Enquiries
Email: support@pulsz.bio
Subject line: "Privacy Rights Request" or "Privacy Policy Enquiry"
Response time: within 30 calendar days
Business Hours
pulsz support operates 24 hours a day, 7 days a week, Bangladesh Standard Time (BST, UTC+6). Privacy rights requests are processed during standard weekday business hours and may take longer during public holidays.
Policy Updates
pulsz reviews this Privacy Policy periodically and may update it to reflect changes in Platform features, applicable law, or regulatory guidance. When material changes are made, pulsz will display a prominent notice on the Platform and update the effective date shown at the top of this document. For significant changes that materially affect how your personal data is processed, pulsz will send a direct notification to the email address registered to your account.
Your continued use of the pulsz Platform following the publication of a revised Privacy Policy constitutes your acknowledgement of the updated version. If you do not agree with any change to this Policy, you should cease using the Platform and submit an account closure request to support@pulsz.bio. The most current version of this Privacy Policy always supersedes all prior versions and is available at https://pulsz.bio/privacy-policy.
This Privacy Policy applies solely to data processed by pulsz in connection with the pulsz Platform at https://pulsz.bio. It does not cover the data practices of third-party payment providers (bKash, Nagad, Rocket, Upay, etc.) or game studio partners, whose own privacy policies govern their respective data processing activities.
Ready to Play with Confidence?
Your data is protected. Your privacy is respected. Explore everything pulsz has to offer — from live cricket betting to premium casino slots — with complete peace of mind.