Privacy Policy

Information We Collect
How We Use Your Information
Data Sharing and Disclosure
Data Storage and Security
Cookies and Tracking Technologies
Third-Party Services
Your Rights and Choices
Data Retention
Children's Privacy
Changes to This Policy
Contact Us

Summary: Bohudur collects only the minimum data necessary to operate the platform. We do not sell your data. We do not share your data with third parties except as described below. Your payment transactions pass through your own mobile banking app — Bohudur only reads confirmation data, not your banking credentials.

1. Information We Collect

When you use Bohudur, we may collect the following categories of information:

1.1 Account Information

When you create a Bohudur account via Google Sign-In, we receive your name, email address, and profile picture from Google. We do not receive or store your Google password.

1.2 Payment Transaction Data

Bohudur processes payment notifications sent from mobile financial services (such as bKash, Nagad, and Rocket) to your registered phone. This includes:

Transaction ID and reference number
Payment amount and currency
Sender's mobile number (partially masked)
Transaction timestamp
Payment status (success, pending, or failed)

We do not collect or store your mobile banking PIN, password, or full account credentials.

1.3 Technical and Usage Data

We automatically collect certain technical data when you use our platform, including:

IP address and approximate geographic location
Browser type and version
Device type and operating system
Pages visited and time spent on the platform
Referring URL
API request logs (endpoint, timestamp, response code)

1.4 Communication Data

If you contact us by email or through our contact form, we retain the content of your message and your contact details to respond to you and improve our service.

2. How We Use Your Information

We use the information we collect for the following purposes:

To provide and operate the service — authenticating your account, processing payment verifications, and delivering API responses to your application.
To generate receipts and reports — creating PDF payment receipts and populating your Bohudur Dashboard with transaction data.
To send webhook notifications — forwarding payment events to your configured HTTP endpoint.
To improve the platform — analyzing usage patterns and error logs to fix bugs and optimize performance.
To communicate with you — responding to support requests, sending important service announcements, and notifying you of changes to this policy.
To ensure security — detecting and preventing fraudulent activity, unauthorized access, and abuse of the platform.
To comply with legal obligations — retaining records as required by applicable law.

We do not use your personal data for advertising, profiling, or sale to third parties.

Bohudur does not sell, rent, or trade your personal information. We may share your information only in the following limited circumstances:

3.1 Service Providers

We use trusted third-party services to operate Bohudur, including hosting providers and analytics tools. These providers only access your data to perform services on our behalf and are contractually prohibited from using it for other purposes.

3.2 Payment Gateways

When you configure a payment gateway (bKash, Nagad, Rocket, etc.), transaction data flows between your users, the mobile banking provider, and your application via Bohudur's verification layer. Bohudur does not control or store data held by third-party payment providers — their own privacy policies govern that data.

3.3 Legal Requirements

We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe disclosure is necessary to protect the rights, property, or safety of Bohudur, our users, or the public.

3.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will provide notice before your data becomes subject to a different privacy policy.

4. Data Storage and Security

Bohudur stores data on secure servers. We implement industry-standard security measures to protect your information, including:

HTTPS encryption for all data in transit
Encrypted storage for sensitive fields in our database
Access controls limiting who can view personal data internally
Regular security reviews and vulnerability assessments

While we take reasonable steps to protect your information, no system is completely secure. You are responsible for keeping your API keys and account credentials confidential.

5. Cookies and Tracking Technologies

Bohudur uses cookies and similar technologies to operate and improve the platform. These include:

Session cookies — to keep you logged into your account during a browsing session.
Preference cookies — to remember your settings, such as display preferences.
Analytics cookies — to understand how users interact with our website (e.g., which pages are most visited). We use anonymized data only.

You can control or disable cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the platform.

6. Third-Party Services

Bohudur integrates with or links to third-party services whose privacy practices are beyond our control. This includes:

Google Sign-In — governed by Google's Privacy Policy
bKash, Nagad, Rocket, Upay — governed by their respective privacy policies
Stripe, PayPal — governed by their respective privacy policies
SSL Commerz — governed by SSL Commerz's privacy policy

We encourage you to review the privacy policies of any third-party services you use in connection with Bohudur.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

Access — Request a copy of the personal data we hold about you.
Correction — Request that we correct inaccurate or incomplete information.
Deletion — Request that we delete your personal data, subject to legal retention obligations.
Portability — Request your data in a structured, machine-readable format.
Objection — Object to certain types of processing, including direct communications.
Account Deletion — You may delete your Bohudur account at any time from the Console. This will remove your profile and associated data, subject to our retention policy.

To exercise any of these rights, contact us at support@bohudur.one. We will respond within a reasonable timeframe.

8. Data Retention

We retain your personal data only for as long as necessary to provide the service and fulfill the purposes described in this policy. Specifically:

Account data is retained for as long as your account is active, and for up to 90 days after account deletion.
Transaction logs are retained for up to 12 months for auditing and dispute resolution purposes.
API request logs are retained for up to 30 days.
Support communications are retained for up to 2 years.

After the applicable retention period, data is securely deleted or anonymized.

9. Children's Privacy

Bohudur is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected such data, we will promptly delete it. If you believe a child has provided us personal information, please contact us at support@bohudur.one.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you by email or through the platform.

Your continued use of Bohudur after any changes constitutes your acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please reach out:

Email: support@bohudur.one
Documentation: docs.bohudur.one
Console / Dashboard: console.bohudur.one

Table of Contents