Privacy Policy
How we collect, use, and protect your personal information. Your privacy matters to us.
1. Overview
Welcome to BanglaDock (the "Site", "we", "us", or "our"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit or make purchases on https://bangladock.com and when you use our services, including WordPress products, WooCommerce, membership services, Laravel/PHP APIs, and integrations with third parties such as Facebook Pixel and Google Analytics.
This policy is designed to meet international privacy requirements including the General Data Protection Regulation (GDPR) for users in the European Economic Area and the California Consumer Privacy Act (CCPA) for residents of California, USA. We are committed to being transparent about how we handle your data.
Your privacy is important to us. We never sell your personal information to third parties.
2. Definitions
3. Information We Collect
We collect information that you provide directly to us as well as information collected automatically when you use the Site.
A. Information You Provide
- Account Information: Name, email, username, encrypted password
- Payment Information: Billing address, payment tokens, transaction IDs
- Communications: Messages to support, feedback forms
B. Automatically Collected Data
- Device Information: IP address, browser type, OS, device type
- Usage Data: Pages visited, downloads, search queries
- Location Data: Approximate geographic location from IP
4. Sensitive Data
We do not intentionally collect sensitive personal information such as racial or ethnic origin, political opinions, religious beliefs, health information, or biometric data. If you provide such information inadvertently, we will delete it upon discovery.
We recommend that you do not submit sensitive information through our contact forms or support channels.
5. How We Use Your Information
| Purpose | Description |
|---|---|
| Service Delivery | Process orders, manage downloads, deliver products |
| Customer Support | Respond to inquiries, resolve issues |
| Communications | Service updates, order confirmations, security alerts |
| Marketing | Newsletters, promotions (with consent) |
| Analytics | Monitor usage, improve website |
| Security & Fraud | Detect and prevent fraud, abuse |
6. Legal Basis for Processing (GDPR)
8. Data Sharing & Disclosure
Service Providers
Third-party vendors (hosting, payment, email, analytics) under strict confidentiality.
Legal Requirements
When required by law, court order, or government authority.
Business Transfers
In connection with merger, acquisition, or sale of assets.
Fraud Prevention
To detect and prevent fraud, abuse, or security threats.
We never sell your personal information to third-party marketers.
9. Third-Party Services
| Category | Providers | Purpose |
|---|---|---|
| Payment Processing | PayPal, Stripe, bKash, Nagad, Rocket | Process payments securely |
| Analytics | Google Analytics, Facebook Pixel | Understand user behavior |
| Hosting & CDN | AWS, Cloudflare | Deliver website content |
| Email Services | Mailchimp, SendGrid | Send confirmations, newsletters |
10. International Data Transfers
Our services operate globally and may involve transferring your personal data to countries with different data protection laws, including the United States and European Union member states.
When we transfer data internationally, we implement appropriate safeguards: Standard Contractual Clauses (SCCs), Data Processing Agreements, and Privacy Shield frameworks where applicable.
11. Data Security
- Encryption: SSL/TLS (HTTPS), data encrypted at rest
- Access Controls: Role-based access for authorized personnel only
- Regular Audits: Security assessments, vulnerability scans
- PCI Compliance: All payment processing is PCI-DSS compliant
- Monitoring: 24/7 monitoring for suspicious activity
No method of transmission over the Internet is 100% secure. In case of breach, we will notify affected users as required by law.
12. Data Retention
| Data Type | Retention Period |
|---|---|
| Account Information | Until account deletion + 30 days backup |
| Transaction Records | 7 years (tax/accounting requirements) |
| Support Communications | 2 years after last contact |
| Analytics Data | 26 months |
| Marketing Data | Until consent withdrawn |
13. Your Rights (GDPR)
Right to Access
Request a copy of your data
Right to Rectification
Correct inaccurate data
Right to Erasure
Request deletion of data
Right to Restrict
Limit processing
Right to Portability
Receive data in portable format
Right to Object
Object to processing
14. Your Rights (CCPA - California)
California residents have additional rights under the California Consumer Privacy Act (CCPA):
- Right to Know: Request disclosure of personal information collected, used, or shared
- Right to Delete: Request deletion of personal information
- Right to Opt-Out: Opt-out of sale of personal information (we do not sell data)
- Right to Non-Discrimination: No discrimination for exercising rights
To exercise your CCPA rights, email privacy@bangladock.com with "CCPA Request" in subject line.
15. Children's Privacy
Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
If we become aware that we have collected personal data from a child under 16, we will delete that information promptly.
16. Do Not Track
Some browsers have a "Do Not Track" (DNT) feature that signals your preference not to have your online activity tracked. Currently, our systems do not respond to DNT signals as there is no uniform standard for such signals. However, you can control tracking through cookie preferences and browser settings.
17. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices, technologies, or legal requirements. When we make material changes, we will update the "Effective Date" at the top of this page and post a prominent notice on our website for 30 days.
We encourage you to review this policy periodically. Your continued use of BanglaDock after changes are posted constitutes acceptance of the updated policy.
18. Contact Information
For questions, concerns, or requests regarding this Privacy Policy:
Privacy Officer
privacy@bangladock.com
Support Team
support@bangladock.com
Postal Address
Naogaon Sadar, Naogaon, 6500, Bangladesh
19. Complaints & Disputes
If you are not satisfied with our response to your privacy request, you have the right to lodge a complaint with your local data protection authority:
- EU/EEA Residents: Your local Data Protection Authority
- UK Residents: Information Commissioner's Office (ICO)
- Swiss Residents: Federal Data Protection and Information Commissioner (FDPIC)
We will respond to all privacy inquiries within 30 days as required by GDPR.
20. Appendix — Additional Details
A. Payment Handling & PCI Compliance
All payment transactions are processed by PCI-DSS compliant third-party providers. We do not store full credit card numbers, CVV codes, or magnetic stripe data.
B. Automated Decision Making
We do not engage in solely automated decision-making that produces legal effects concerning individuals.
C. Subprocessor List
To request our current list of subprocessors, contact privacy@bangladock.com.
By using BanglaDock, you acknowledge that you have read and understood this Privacy Policy.
