21000 Privacy Policy — User Data Protection
21000 takes the privacy of every user in Malaysia seriously. This policy clearly explains what information we collect, how it is used, and your rights as a registered user. Please read this document carefully before using 21000's services.
Information We Collect
Account & Personal Information
When you register an account on the 21000 platform, we collect basic personal information such as your full name, email address, phone number, date of birth, and chosen username. This information is required to create and verify your account identity. We may also request copies of identification documents such as a national ID or passport for age and identity verification (KYC) purposes, in line with our compliance obligations. All personal information collected is stored securely and will not be disclosed to third parties without your consent, except as outlined in this policy. It is your responsibility to ensure that the information you provide is accurate and up to date at all times.
Device, Browser & Usage Information
When you access the 21000 platform via a web browser or mobile app, we automatically collect certain technical information such as device type, operating system, browser type, IP address, general geographic location, and usage data including pages visited and session duration. This information is used solely to improve platform performance, detect technical issues, and deliver a smoother experience for users across Malaysia. Device data is not used to personally identify users outside of the account context. We may also log login and logout times for account security and suspicious activity monitoring purposes. All technical data is handled with care and retained only for the prescribed period.
Payment & MYR Transaction Information
To process deposits and withdrawals in Malaysian Ringgit (RM / MYR), we collect payment-related information such as the bank account holder's name, bank account number, bank name, and details of any digital wallet used. The 21000 platform does not store credit or debit card information directly — all card transactions are processed through certified third-party payment processors. Transaction records including deposit and withdrawal amounts, dates, and statuses are stored in our system for account history, dispute resolution, and legal compliance purposes. Users can review their transaction history at any time through the account dashboard. All financial data is handled to the highest security standards to protect your interests.
Game Data & Platform Activity
The 21000 platform also records your gameplay activity data, including game types played, bets placed, game outcomes, and bonus or promotion usage. This data is used to ensure game integrity, resolve any disputes that may arise, and provide users with activity reports upon request. We also analyse usage patterns in aggregate and anonymised form for product and service improvement purposes. Individual activity data will not be shared with third parties for advertising purposes without your explicit consent. Activity records are retained in accordance with our data retention policy and can be deleted upon user request, subject to legal requirements.
Use of Cookies & Tracking Technologies
The 21000 platform uses cookies and similar tracking technologies such as pixels and local storage to enhance the user experience and ensure the platform functions smoothly. Cookies are small text files stored on your device when you visit our website, allowing the platform to remember your preferences, keep your login session secure, and analyse how you interact with the platform.
Functional Cookies
Cookies required for core platform operations such as login session authentication, language settings, and display preferences. These cookies cannot be disabled as they are essential to account security and overall platform usability.
Analytics Cookies
Cookies that help us understand how users interact with the 21000 platform, including the most frequently visited pages and navigation paths. Analytics data is collected in aggregate and does not identify individual users — it is used solely for service improvement purposes.
Managing Your Cookies
You can manage or disable non-functional cookies through your browser settings at any time. Please note that disabling certain cookies may affect some platform features. For more information on managing cookies, refer to your browser's documentation.
Data Security & Storage
Technical Security Measures
The 21000 platform implements a range of robust technical and organisational security measures to protect your personal data from unauthorised access, loss, misuse, or accidental disclosure. All data transmitted between your browser or app and our servers is protected using industry-standard SSL/TLS encryption. Data stored in our databases is further secured with additional encryption, strict access controls, and continuous monitoring for unusual activity. We conduct regular security assessments and keep our systems updated in line with the latest cybersecurity best practices. Our internal security team is on hand to respond swiftly to any security incidents that may arise, safeguarding the interests of all 21000 users.
Data Retention Period
- Active account data is retained for the duration of the account and up to 5 years after account closure for legal compliance purposes.
- Financial transaction records are retained for a minimum of 7 years in accordance with Malaysian financial regulatory requirements.
- Activity logs and technical data are retained for 12 months for troubleshooting and security purposes.
- Data that is no longer required will be securely deleted or anonymised in accordance with our internal procedures.
- Users may request early data deletion subject to applicable legal obligations.
Sharing Information with Third Parties
The 21000 platform does not sell, rent, or trade users' personal data to any third party for commercial purposes. However, there are limited situations where we may need to share your information with certain parties, as outlined below.
Trusted Service Providers
We work with a select group of third-party service providers — including payment processors, cloud service providers, and licensed gaming software vendors. They receive only the information necessary to perform their services and are bound by strict confidentiality agreements. All our service partners are vetted against high security and privacy standards.
Legal Requirements & Enforcement
In certain circumstances, 21000 may be required under Malaysian law or by court order to disclose user information to the relevant authorities. Such disclosures will only be made when strictly necessary and in accordance with due legal process. We will endeavour to notify affected users of any such disclosure requests unless prohibited from doing so by law.
Your Rights as a 21000 User
Right to Access
You have the right to request a copy of all personal data we hold about you at any time. Data access requests can be submitted to the 21000 support team and will be processed within 14 business days. We will provide the information in a clear, readable format.
Right to Correction
If you find that any personal information we hold about you is inaccurate or outdated, you have the right to request a prompt correction. You can update certain details such as your phone number and email address directly through your account settings. For corrections to other information, please contact our support team with relevant supporting documentation.
Right to Erasure
You have the right to request deletion of your personal data upon account closure, subject to applicable legal retention obligations. Deletion requests will be processed within 30 days and we will confirm the actions taken. Please note that financial transaction records may need to be retained in accordance with Malaysian law.
Privacy Policy Changes & How to Contact Us
21000 reserves the right to update or amend this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service improvements. Any material changes will be communicated to users via in-platform notifications or email at least 14 days before taking effect. Continued use of the 21000 platform after the effective date of any changes will be considered acceptance of the updated policy. We recommend checking this page periodically to stay informed about how we handle your data.
Effective Date: January 2026
For any enquiries, requests, or complaints regarding this Privacy Policy, please contact our data protection team at [email protected] or visit the FAQ us for further guidance.
Your Privacy, Our Priority
We are committed to protecting your data at every step. Register a 21000 account with confidence — your privacy is always in safe hands with us.