GDPR & Data Protection Policy
Effective Date: 25 December 2025
Website: BangladeshPrimeMinister.com
1. Purpose & Scope
This GDPR Policy explains how BangladeshPrimeMinister.com (“the Platform”, “we”, “us”, “our”) collects, uses, stores, shares, and protects personal data in compliance with:
EU General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679
UK GDPR & Data Protection Act 2018
International data protection principles
Applicable local laws, including those of Bangladesh where relevant
This Policy applies to all visitors, registered users, contributors, and reviewers.
2. Data Controller
For the purposes of EU GDPR and UK GDPR, BangladeshPrimeMinister.com acts as the Data Controller.
Contact (Data Protection & GDPR):
📧 legal@bangladeshprimeminister.com
3. Lawful Bases for Processing
We process personal data only where at least one lawful basis applies:
Consent – where users voluntarily provide data
Contractual Necessity – to provide platform features and services
Legitimate Interests – platform security, moderation, integrity, and abuse prevention
Legal Obligation – compliance with applicable laws or court orders
Public Interest & Freedom of Expression – civic discourse and public information (Article 85 GDPR)
Processing is limited to what is lawful, necessary, and proportionate.
4. Categories of Personal Data
4.1 Data Provided by Users
Name or username
Email address
Account credentials
Comments, reviews, or public submissions
Communications with the Platform
4.2 Automatically Collected Data
IP address
Browser and device information
Date and time of access
Security and usage logs
4.3 Special Category Data
We do not intentionally collect special category data (e.g., political opinions, health data).
If users voluntarily disclose such data in public content, it is done at the user’s own risk and may be moderated or removed where legally required.
5. Purpose Limitation & Data Minimisation
Personal data is collected strictly to:
Operate and manage user accounts
Enable public participation and discussion
Ensure security and prevent misuse
Comply with legal obligations
Improve platform performance (anonymised where possible)
We do not conduct surveillance, profiling, or political targeting.
6. Public Content & Freedom of Expression
Users acknowledge that:
Reviews and comments may be publicly visible worldwide
Any personal data included in public content is shared at the user’s discretion
The Platform is not responsible for lawful third-party reuse of public content
Public-interest and freedom-of-expression exemptions under GDPR are applied where permitted by law.
7. Data Retention
Personal data is retained only as long as necessary:
Active accounts: for the duration of use
Inactive accounts: archived or deleted after a reasonable period
Legal/compliance data: retained as required by law
Deletion requests may be limited where retention is legally required or necessary to protect platform rights.
8. User Rights under GDPR
Where applicable, users have the right to:
Access their personal data
Rectify inaccurate or incomplete data
Erase personal data (“Right to be Forgotten”)
Restrict or object to processing
Data portability
Withdraw consent at any time
Lodge a complaint with a supervisory authority
Requests may be refused where manifestly unfounded, abusive, or legally restricted.
9. Data Sharing & Third Parties
We do not sell personal data.
Data may be shared only with:
Trusted service providers (hosting, security, analytics)
Legal or regulatory authorities where required by law
All third parties must comply with GDPR or equivalent safeguards.
10. International Data Transfers
Where personal data is transferred outside the EU/EEA or UK, we ensure appropriate safeguards, including:
Standard Contractual Clauses (SCCs)
UK International Data Transfer Agreement (IDTA)
Equivalent lawful mechanisms
No transfer occurs in violation of mandatory data protection law.
11. Security Measures
We implement reasonable technical and organisational safeguards, including:
Access controls
Secure hosting environments
Monitoring and incident-response procedures
No system is completely secure; however, proportionate measures are taken to protect data.
12. Cookies & Tracking
The Platform may use:
Essential cookies (security, session management)
Limited analytics cookies
Users are informed and may manage cookie preferences where required by law.
13. Children & Minors
The Platform is not intended for children without lawful guardian consent.
We do not knowingly process unlawful minor data.
14. Data Breach Notification
In the event of a personal data breach:
Relevant supervisory authorities will be notified where legally required
Affected users will be informed if there is a high risk to their rights and freedoms
15. Intermediary Status & Liability
To the maximum extent permitted by law:
BangladeshPrimeMinister.com acts as an intermediary, not a publisher
The Platform is not automatically liable for user-generated content
Mandatory legal liabilities are not excluded
16. Amendments
This GDPR Policy may be updated to reflect legal or operational changes.
Continued use of the Platform constitutes acceptance of the revised Policy.