grmbet is committed to protecting your personal data. This Privacy Policy explains what information we collect, why we collect it, how it is used, and the rights you have over your data as a grmbet account holder.
All personal data transmitted to and from grmbet is encrypted using 256-bit SSL. Stored data is protected by access controls, firewall systems, and regular independent security audits.
grmbet does not sell, rent, or trade your personal data to third parties for their independent marketing purposes. Your data is used solely to operate and improve the grmbet platform.
You have the right to access, correct, and request deletion of your personal data held by grmbet, subject to our legal and regulatory retention obligations. Contact support to exercise these rights.
Data collected by grmbet is used only for the purposes stated in this Policy. We do not repurpose your data without your knowledge. Any new use requires fresh consent or a lawful basis under applicable data protection law.
grmbet retains personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law, including anti-money laundering record-keeping obligations.
grmbet collects age verification data to enforce the 21+ minimum age requirement. We are legally obligated to exclude minors from the platform and take this obligation seriously.
This Privacy Policy ("Policy") describes how grmbet ("Company", "we", "us", "our") collects, uses, discloses, and safeguards personal data in connection with your access to and use of the grmbet website and platform (collectively, the "Platform"). By accessing the Platform or creating a grmbet account, you acknowledge that you have read and understood this Policy and consent to the data practices described herein. This Policy forms part of our Terms & Conditions.
1.1 grmbet is committed to protecting the privacy and security of personal data entrusted to us by our players and platform users. This Policy sets out our obligations and your rights with respect to personal data under applicable data protection legislation.
1.2 We operate in compliance with international data protection principles, including purpose limitation, data minimisation, accuracy, storage limitation, integrity, confidentiality, and accountability. Our Platform is designed for adult users in Malaysia and other permitted jurisdictions, and our data practices reflect the expectations of that audience.
2.1 For the purposes of applicable data protection law, grmbet is the data controller in respect of personal data collected through the Platform. As data controller, grmbet is responsible for determining the purposes and means by which personal data is processed.
2.2 Where grmbet engages third-party service providers who process personal data on our behalf, those providers act as data processors and are bound by contractual data processing agreements that require them to process data only in accordance with our instructions and applicable law.
3.1 Registration Data: When you create a grmbet account, we collect your full name, date of birth, nationality, email address, phone number, residential address, and username. This information is required to open and maintain your account.
3.2 Identity Verification (KYC) Data: To comply with anti-money laundering regulations and our licensing obligations, grmbet may request copies of government-issued identification documents (e.g., MyKad, passport), proof of address, and, where applicable, source of funds documentation.
3.3 Financial Data: We collect details of deposits and withdrawals processed through your grmbet account, including transaction amounts, dates, payment method identifiers (e.g., last four digits of card, Touch n Go account reference), and transaction history. We do not store full card numbers or full e-wallet account credentials.
3.4 Gaming Activity Data: We maintain records of all bets placed, games played, session durations, wagering amounts, winnings, and bonus claims associated with your grmbet account. This data is required for platform operation, dispute resolution, and responsible gaming monitoring.
3.5 Technical Data: We automatically collect device information, browser type, operating system, IP address, time zone, and session data when you access the Platform. This data is used for security purposes, fraud detection, and platform optimisation.
3.6 Communications Data: Records of communications between you and grmbet customer support, including live chat transcripts and support ticket histories, are retained for quality assurance and dispute resolution purposes.
4.1 We collect personal data through the following means:
5.1 grmbet uses personal data for the following purposes:
6.1 grmbet processes personal data under one or more of the following legal bases:
7.1 grmbet does not sell personal data. We may disclose personal data to the following categories of recipients for the purposes described in this Policy:
7.2 All third parties with whom grmbet shares personal data are required to process that data in accordance with this Policy, applicable data protection law, and any contractual data processing obligations imposed by grmbet.
8.1 grmbet may transfer personal data to processors or service providers located outside Malaysia. Where such transfers occur, grmbet ensures that appropriate safeguards are in place, which may include standard contractual clauses, adequacy decisions, or other lawful transfer mechanisms under applicable data protection law.
8.2 By using the Platform, you acknowledge that your personal data may be transferred to and processed in countries outside your country of residence, including countries where data protection laws may differ from those in Malaysia.
9.1 grmbet uses cookies and similar tracking technologies to operate and improve the Platform. Cookies are small data files stored on your device that enable the Platform to recognise you, maintain your session, and remember your preferences.
9.2 We use the following categories of cookies:
9.3 You may control non-essential cookies through your browser settings. Disabling certain cookies may affect the functionality of the Platform.
10.1 grmbet retains personal data for as long as your account remains active and for a period thereafter as required by our legal and regulatory obligations. Anti-money laundering legislation typically requires retention of transaction records for a minimum of five (5) years from the date of the transaction.
10.2 Where you request deletion of your account, grmbet will delete or anonymise your personal data within a reasonable timeframe, except where retention is required by law or is necessary to resolve outstanding disputes, enforce our Terms, or protect the legitimate interests of grmbet or third parties.
11.1 Subject to applicable data protection law, you have the following rights in relation to your personal data held by grmbet:
11.2 To exercise any of the above rights, please contact grmbet Support via the 24/7 live chat facility on the Platform or by email at [email protected]. We will respond to verified requests within a reasonable timeframe and in accordance with applicable law.
12.1 The grmbet Platform is strictly intended for adults aged 21 years and above. We do not knowingly collect personal data from persons under the age of 21. If we become aware that a minor has created an account or provided personal data, we will immediately suspend the account, delete the associated personal data, and — if legally required — notify the relevant authorities.
12.2 If you have reason to believe that a minor has registered on grmbet, please notify us immediately via live chat or email. We take age verification obligations seriously and act promptly on all such reports.
13.1 grmbet implements technical and organisational security measures designed to protect personal data against unauthorised access, disclosure, alteration, and destruction. These measures include 256-bit SSL encryption for data in transit, access controls for data at rest, multi-factor authentication for administrative systems, regular penetration testing, and staff training on data protection obligations.
13.2 Notwithstanding the foregoing, no security system is impenetrable. grmbet cannot guarantee the absolute security of personal data, and we encourage you to use a strong, unique password for your grmbet account and to enable two-factor authentication where available.
13.3 In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, grmbet will notify you and relevant regulatory authorities as required by applicable law.
14.1 The grmbet Platform may contain references to third-party game providers and payment services. These third parties have their own privacy policies and grmbet is not responsible for their data practices. We encourage you to review the privacy policies of any third-party services you use in connection with the Platform.
15.1 grmbet may update this Privacy Policy from time to time to reflect changes in our data practices, legal obligations, or platform operations. Where changes are material, we will notify active account holders via email or Platform notification prior to the changes taking effect. The date at the top of this Policy reflects the most recent update.
15.2 Continued use of the Platform following notification of any update constitutes your acceptance of the revised Privacy Policy.
16.1 For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact grmbet Support via the 24/7 live chat facility available on the Platform.
16.2 Email enquiries may be directed to: [email protected] (plain text; not a clickable link). We aim to acknowledge all data-related enquiries within five (5) business days.
Questions about your grmbet account data? Our 24/7 support team is ready to help. Or, review our full Terms or Responsible Gaming policy below.