Privacy Policy

Last updated: January 01, 2026

By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree, please do not use or access the Services.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for operational, legal, or regulatory reasons. When changes are made, we will post the revised Privacy Policy on the Site, update the “Last updated” date, and, where required by applicable law, provide additional notice (such as a banner or email notification) and seek consent where necessary.

Data Controller and Contact

Bongo Point (“Bongo Point”, “we”, “us”, “our”) is the data controller for personal data processed in connection with the Services.

• Legal entity: Bongo Point (registered in Bangladesh)
• Address: 379, West Monipur, Mirpur 2, Dhaka-1216, Bangladesh
• Email: info@bongopoint.com
• Data Protection Officer (DPO) / Privacy Contact: privacy@bongopoint.com
• EU Representative (GDPR Article 27): [Name], [Company], [Street, City, Country], [Email] (if applicable)
• UK Representative (UK GDPR Article 27): [Name], [Company], [Street, City, Country], [Email] (if applicable)

How We Collect and Use Your Personal Information

We collect personal information from various sources to provide and improve the Services, comply with legal obligations, enforce our terms, and protect Bongo Point, our users, and our platform.

What Personal Information We Collect

“Personal information” means information that identifies, relates to, describes, or can reasonably be associated with you. The information collected depends on how you interact with our Site and Services.

Information We Collect Directly from You

This may include:

• Contact details (name, address, phone number, email)
• Order information (billing and shipping address, payment confirmation, contact details)
• Account information (username, security credentials)
• Customer support communications and inquiries

Certain features may require specific information. If you choose not to provide it, some features may not be available.

Information We Collect Automatically (Usage Data)

We automatically collect information about your interaction with the Services using cookies, pixels, and similar technologies (“Cookies”). This may include:

• Device and browser information
• IP address and approximate geolocation (derived from IP)
• Network information
• Pages viewed, actions taken, timestamps, and referral URLs

Information We Obtain from Third Parties

We may receive personal information from trusted vendors and service providers, including:

• Hosting providers, analytics services, security tools, and WordPress plugins
• Payment processors that handle transactions (PCI DSS–compliant; we do not store full card numbers)
• Advertising, analytics, and marketing partners using tracking technologies

Any information obtained from third parties is handled in accordance with this Privacy Policy.

How We Use Your Personal Information

(Business Purpose and GDPR Legal Grounds)

1. Providing Products and Services
   • Purpose: Order processing, payment handling, shipping, returns, and account management
   • Legal grounds: Contract performance (Art. 6(1)(b)); legal obligation (Art. 6(1)(c)); legitimate interests (Art. 6(1)(f))
2. Communications and Service Improvement
   • Purpose: Customer support, service notices, troubleshooting, and improvements
   • Legal grounds: Legitimate interests (Art. 6(1)(f)); contract performance (Art. 6(1)(b))
3. Marketing and Advertising
   • Purpose: Promotional communications, personalized content, and advertising
   • Legal grounds: Consent (Art. 6(1)(a)) where required; legitimate interests (Art. 6(1)(f)) where permitted
4. Security and Fraud Prevention
   • Purpose: Preventing unauthorized access, fraud, and abuse
   • Legal grounds: Legitimate interests (Art. 6(1)(f)); legal obligations (Art. 6(1)(c))
5. Analytics and Optimization
   • Purpose: Understanding usage and improving site performance
   • Legal grounds: Legitimate interests (Art. 6(1)(f)); consent (Art. 6(1)(a)) where required
6. Legal Compliance and Claims
   • Purpose: Compliance with laws, responding to lawful requests, enforcing terms
   • Legal grounds: Legal obligations (Art. 6(1)(c)); legitimate interests (Art. 6(1)(f))

Recipients of Personal Data

(GDPR Article 13(1)(e))

We may disclose personal information to:

• Service providers (hosting, analytics, email delivery, payment processing, shipping, fraud prevention)
• Marketing and advertising partners (with consent where required)
• Social media platforms (where you choose to interact with them)
• Affiliates within our corporate group
• Public authorities and legal advisors
• Parties involved in corporate transactions (mergers, acquisitions, asset sales)

Cookie Policy and Consent

Bongo Point uses cookies on bongopoint.com to operate the site, remember preferences, analyze performance, and deliver marketing.

• Non-essential cookies are set only after consent
• Users can manage preferences via “Cookie Settings”
• Consent logs are retained for 24 months (or longer if required by law)

Cookie categories include:

• Essential
• Preferences
• Analytics
• Marketing/Advertising

Data Retention

We retain personal information only as long as necessary:

• Account data: while active + up to 24 months after closure
• Order and invoice records: 7 years
• Customer support records: 24 months
• Consent logs: 24 months
• Security logs: 12 months
• Marketing preferences: until withdrawn

Data is deleted or anonymized once retention periods expire unless required for legal reasons.

Your Rights

(GDPR and applicable laws)

You may have the right to:

• Access, correct, or delete your personal data
• Restrict or object to processing
• Withdraw consent
• Data portability
• Lodge a complaint with a supervisory authority

Requests can be submitted via info@bongopoint.com. We respond within one month (extensions may apply where permitted).

US Privacy (California CPRA)

• We do not sell personal information for monetary value
• We may share data for advertising with consent
• California residents may exercise CPRA rights via email or Cookie Settings

Children’s Data

Our Services are not intended for children.

• EU/UK: under 16
• US: under 13

We do not knowingly collect children’s personal data.

International Data Transfers

Where data is transferred internationally, Bongo Point relies on approved safeguards such as:

• Standard Contractual Clauses (SCCs)
• UK IDTA / Addendum
• Adequacy decisions

Contact

For privacy questions or to exercise your rights, contact:

Bongo Point
379, West Monipur, Mirpur 2, Dhaka-1216, Bangladesh
📧 info@bongopoint.com