nbig33 Privacy Policy

Introduction

This Privacy Policy ("Policy") describes how nbig33.win ("nbig33", "we", "us", "our") collects, uses, processes, discloses, and protects the personal data of individuals ("Member", "you", "your") who register for, access, or use the nbig33 online gaming platform, website, and all related services (collectively, "Services").

nbig33 is committed to handling your personal data with care, transparency, and respect. Our data practices are designed to align with internationally recognised privacy standards and, to the extent applicable, the Personal Data Protection Act 2010 of Malaysia ("PDPA") and other relevant data protection legislation.

By creating a Member account with nbig33 or otherwise using our Services, you acknowledge that you have read and understood this Policy and consent to the collection and processing of your personal data as described herein. This Policy should be read together with the nbig33 Terms & Conditions, which govern your use of the Services generally.

Personal Data We Collect

nbig33 collects the following categories of personal data in the course of providing and improving the Services:

2.1 Identity and Contact Data

• Full legal name as appearing on government-issued identification
• Date of birth and gender
• Malaysian IC number (MyKad) or passport number for non-citizens
• Residential address (including postcode, city, and state — e.g., Kuala Lumpur, Penang, Johor Bahru, Petaling Jaya)
• Email address and telephone number
• Username and account credentials (password stored in hashed form only)

2.2 Financial and Payment Data

• Payment method details (bank account numbers, eWallet identifiers such as Touch 'n Go eWallet or Boost, last four digits of debit cards)
• Transaction history, including deposits, withdrawals, and bonus transactions
• Cryptocurrency wallet addresses where applicable (e.g., USDT TRC20)
• Source of funds documentation where required under AML obligations

2.3 Identity Verification (KYC) Data

• Copies of government-issued photo identification documents
• Proof of residential address documents
• Selfie or liveness verification images where required
• Source of wealth or source of funds declarations for high-volume accounts

2.4 Usage and Technical Data

• IP address, browser type, browser version, and operating system
• Device identifiers and device type
• Login timestamps, session duration, and geographic location inferred from IP
• Game play history, bet amounts, game outcomes, and session data
• Pages visited on the nbig33 platform and navigation paths
• Referral source or affiliate tracking identifier where applicable

2.5 Communication Data

• Contents of support chat sessions, emails, and other communications with the nbig33 team
• Survey responses, feedback submissions, and promotion enquiries
• Marketing communication preferences and opt-in / opt-out records

How We Collect Your Data

nbig33 collects personal data through the following means:

• Directly from you — when you register an account, complete KYC verification, make a deposit or withdrawal, contact support, or respond to a survey.
• Automatically through your use of the Services — via cookies, web beacons, server logs, and similar tracking technologies as you interact with the nbig33 platform.
• From third-party service providers — including KYC and identity verification providers, payment processors (e.g., FPX, DuitNow, eWallet operators), fraud detection services, and analytics providers that we engage to help deliver and secure the Services.
• From publicly available sources — where required for regulatory compliance purposes, including sanctions screening lists and fraud databases.

Purposes for Which We Use Your Data

nbig33 processes your personal data only for the purposes described below, and only to the extent necessary for each identified purpose:

• Account registration and management: To create, maintain, authenticate, and administer your Member account.
• Identity and age verification: To verify that you meet the minimum age requirement of 21 years and to confirm your identity in compliance with our licensing obligations.
• Transaction processing: To process deposits, withdrawals, bonus credits, and other financial transactions accurately and securely.
• Service delivery: To provide access to games, sportsbook markets, promotions, VIP programme benefits, and all other features of the nbig33 platform.
• Customer support: To respond to your enquiries, resolve disputes, and provide assistance with account or product-related issues.
• Legal and regulatory compliance: To fulfil obligations under applicable anti-money laundering (AML), know-your-customer (KYC), counter-terrorism financing (CTF), and gaming licensing regulations.
• Fraud prevention and security: To detect, investigate, and prevent fraudulent activity, money laundering, account takeovers, and other security threats.
• Responsible gaming: To identify patterns of play that may indicate problem gambling behaviour, to administer self-exclusion and limit requests, and to comply with responsible gaming obligations under our licence.
• Platform improvement and analytics: To analyse usage patterns, diagnose technical issues, improve game performance, and develop new features.
• Marketing communications: To send promotional offers, bonus notifications, and platform updates — but only where you have provided explicit consent to receive such communications, or where permitted by applicable law on the basis of a legitimate interest in notifying existing Members of relevant offers.

Legal Basis for Processing

nbig33 processes your personal data on one or more of the following legal bases:

• Contractual necessity: Processing required to perform the Services under the contract established when you accept our Terms and Conditions — including account management, payment processing, and game access.
• Legal obligation: Processing required to comply with applicable laws and regulations, including AML/KYC obligations, licensing requirements, and tax reporting duties.
• Legitimate interests: Processing carried out for nbig33's legitimate business interests — including fraud prevention, platform security, and service analytics — where such interests are not overridden by your rights and interests.
• Consent: Processing for marketing communications and non-essential cookies, where you have provided express, informed, and freely given consent. You may withdraw consent at any time by contacting support or updating your communication preferences in your account settings.

Data Sharing and Disclosure

nbig33 does not sell your personal data to third parties. We may share your personal data with the following categories of recipients only to the extent necessary for the stated purposes:

• Payment processors and banking partners: Including FPX, DuitNow, Maybank, CIMB, Public Bank, and eWallet operators (Touch 'n Go, Boost, GrabPay) to process financial transactions.
• KYC and identity verification providers: Third-party services engaged to verify your identity and age in compliance with our licensing obligations.
• Game content providers: Including slot, live casino, and sportsbook providers who process certain session data to deliver game content and record outcomes.
• Fraud prevention and security services: Third-party platforms that assist in detecting and preventing fraud, money laundering, and account abuse.
• Regulatory authorities: Licensing authorities, financial intelligence units, law enforcement agencies, and courts where we are legally obligated to disclose data or do so in response to a valid legal process.
• Professional advisers: Lawyers, auditors, and accountants who are bound by professional confidentiality obligations, where disclosure is required in the context of a specific engagement.

All third-party processors engaged by nbig33 are contractually bound to process your data only on our instructions, to implement appropriate security measures, and not to use your data for their own purposes beyond the contracted service.

Cookies and Tracking Technologies

nbig33 uses cookies and similar tracking technologies to operate and improve the platform. Cookies are small text files stored on your device when you visit a website. We use the following types of cookies:

• Strictly necessary cookies: Required for core platform functionality, including session authentication, shopping cart, and security features. These cannot be disabled without impacting your ability to use the Services.
• Functional cookies: Remember your preferences such as language settings, game lobby filters, and display options to personalise your experience.
• Analytics cookies: Collect anonymised or pseudonymised data about how Members use the platform — which pages are visited, how long sessions last, and where errors occur — to help us improve the Services.
• Marketing / affiliate tracking cookies: Record whether you arrived at nbig33 via a specific promotional campaign or affiliate partner, for commission tracking purposes. These do not track your activity outside nbig33.win.

You can control non-essential cookies through your browser settings. Disabling certain cookies may affect the functionality of the nbig33 platform. By continuing to use the platform after being presented with cookie information, you consent to the use of cookies as described in this Policy.

Data Retention

nbig33 retains your personal data for as long as your account remains active and for such additional periods as are required or permitted by law. The following general retention guidelines apply:

• Active account data: Retained for the duration of your membership and for a period of five (5) years following account closure, to fulfil AML, KYC, and gaming licensing record-keeping obligations.
• Transaction records: Retained for a minimum of seven (7) years from the date of the transaction in compliance with financial record-keeping requirements.
• KYC verification documents: Retained for five (5) years following account closure or the date of the last transaction, whichever is later.
• Support communications: Retained for three (3) years from the date of the final communication in a support thread.
• Marketing consent records: Retained for the duration of your active consent and for three (3) years following withdrawal of consent as evidence of compliance.

Upon expiry of the applicable retention period, personal data will be securely deleted or anonymised. Where data cannot be immediately deleted due to technical or operational constraints, it will be restricted from active use pending deletion at the earliest practicable opportunity.

Data Security

nbig33 implements technical and organisational security measures designed to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:

• HTTPS encryption across all platform connections (TLS 1.2 or higher)
• Encryption of data at rest using industry-standard encryption algorithms
• Passwords stored using one-way cryptographic hashing — nbig33 cannot retrieve your plaintext password
• Access controls limiting employee access to personal data on a need-to-know basis
• Regular security audits and penetration testing of platform infrastructure
• Continuous monitoring for unauthorised access attempts and suspicious activity
• Segregation of player funds from operational funds

While nbig33 takes all reasonable steps to protect your personal data, no security system is entirely impenetrable. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, nbig33 will notify affected Members and relevant authorities in accordance with applicable notification obligations.

Your Data Rights

Subject to applicable law and certain exceptions, you have the following rights in relation to your personal data held by nbig33:

• Right of access: You may request a copy of the personal data nbig33 holds about you, along with information about how it is processed.
• Right to rectification: You may request correction of inaccurate or incomplete personal data held on your account.
• Right to erasure: You may request deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to legal retention obligations that may require us to retain certain data.
• Right to restriction: You may request that we restrict the processing of your data in certain circumstances — for example, while the accuracy of the data is disputed.
• Right to data portability: Where processing is based on consent or contractual necessity and is carried out by automated means, you may request a copy of your data in a structured, commonly used, machine-readable format.
• Right to object: You may object to processing carried out on the basis of legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.
• Right to withdraw consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of processing carried out before the withdrawal.

To exercise any of the above rights, contact nbig33 support. We will respond to all verified requests within thirty (30) days. We may need to verify your identity before processing your request to protect against unauthorised access to your data.

Minors and Age Restriction

The nbig33 platform is strictly for persons aged 21 years and above. 21+ Only

nbig33 does not knowingly collect personal data from any person under the age of 21. If we become aware that we have collected personal data from a person under the age of 21, we will take immediate steps to delete that data and close the associated account. All winnings or balances on such an account will be forfeited.

If you believe a minor has registered an account with nbig33, please contact us immediately with relevant details so we can investigate and act promptly. We take underage gambling extremely seriously and maintain robust age verification controls to prevent it.

Cross-Border Data Transfers

In the course of delivering the Services, your personal data may be transferred to and processed in countries other than Malaysia — for example, where our game providers, KYC verification partners, or cloud infrastructure are located. Such transfers may be to countries whose data protection laws differ from those of Malaysia.

Where personal data is transferred outside Malaysia, nbig33 ensures that appropriate safeguards are in place to protect your data, including:

• Contractual data processing agreements incorporating standard data protection clauses
• Transfers only to third parties that implement equivalent security measures to those required by this Policy
• Assessment of the adequacy of data protection in the destination country where required

By using the nbig33 Services, you acknowledge and consent to the transfer of your personal data to other countries as described in this section, subject to the safeguards described above.

Changes to This Privacy Policy

nbig33 may update this Privacy Policy from time to time to reflect changes in our data practices, applicable law, or the Services offered. Material changes will be communicated to active Members via a notice on the nbig33 website or by direct communication to your registered contact details, at least fourteen (14) days before the change takes effect where practicable.

The revised Policy will be published at nbig33.win/privacy-policy with an updated "Last Updated" date. Your continued use of the Services after the effective date of the revised Policy constitutes your acceptance of the changes. If you do not accept the revised Policy, you must discontinue use of the Services and contact support to arrange account closure.

Contact Us

If you have any questions, concerns, or requests in relation to this Privacy Policy or nbig33's data practices, please contact our data handling team through the following channel:

This Privacy Policy was last updated on 12 June 2026 and supersedes all prior versions. For general terms governing your use of the platform, refer to the nbig33 Terms & Conditions.