Hotline: +880 1805-435644

Privacy Policy

 

Drubotara.com (“Drubotara”, “we”, “us” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard your personal information when you visit or make a purchase from our e-commerce platform. Our platform operates in Bangladesh, and we ensure compliance with applicable local laws and privacy obligations to maintain your trust and confidence. By using Drubotara.com, you agree to the practices described in this policy.

 

 

Information Collected

 

We collect different types of information to provide and improve our services. This includes:

  • Personal Information: When you create an account or place an order, we collect personal details such as your name, phone number, email address, and delivery/shipping address. This information is necessary to identify you and to fulfill your orders.
  • Order and Transaction Details: We maintain records of the products you purchase and your transaction history (e.g. order dates, amounts, and payment status). This helps us process returns, provide customer service, and understand your preferences.
  • Payment Information: If you make a purchase, you may provide payment details (e.g. credit/debit card number, mobile wallet number, or other payment data). Importantly, Drubotara does not store your card or bank account numbers on our servers – all payment details are handled through secure third-party payment gateways (see Payment Security below). We only receive confirmation of your payment and necessary details to complete the transaction.
  • Usage Data: Like many websites, we automatically collect technical data when you interact with our site. This includes your IP address, browser type, device information, pages you viewed, clicks and browsing actions, and timestamps of visits. We obtain this data through cookies, analytics tools, and logs to understand how users navigate our site.
  • Cookies and Tracking Info: We use cookies and similar tracking technologies (such as web beacons and pixels) to enhance your experience. For example, Google Analytics and Meta Pixel (Facebook Pixel) are installed on our site to gather information about how you use our services. These tools may set cookies in your browser to collect data on site traffic and user interactions. (See Cookies and Tracking Technologies section below for more details and your choices.)
  • Communication Records: If you contact us (by email, phone, social media, or live chat), we may keep a record of that correspondence and any personal information you provide during the interaction (such as your name and the content of your inquiry or feedback). This helps us address your questions and improve our customer support.
  • Other Information You Provide: You may provide information in other contexts, such as product reviews, survey responses, or profile information in your account. We will collect whatever information you choose to provide and use it for the purposes outlined in this policy.

We collect only the information needed for the purposes described. You have choices about what information to provide, and you may opt not to share certain info (though doing so might limit your ability to use some features of our site, such as placing orders or receiving certain services). We do not knowingly collect any sensitive personal information beyond what is described above, unless you voluntarily provide it.

 

 

Use of Personal Information

 

We use the information we collect for various purposes in operating our business and enhancing your experience. These include:

  • Providing and Delivering Services: We use your personal information to process your orders and deliver the products you purchased. For example, we use your name and address for shipping, and your phone/email to send order confirmations or delivery updates. We also use your details to provide customer service and fulfill any requests you make in relation to our products or services.
  • Managing Your Account: If you create an account, we use your information to maintain your account, allow you to log in, and save your preferences (like your saved addresses or order history). This makes it easier for you to shop with us.
  • Communication: We may contact you with important information regarding your orders or account. For instance, we’ll send you status updates about your purchase, notifications about any issues (like delivery delays), or responses when you contact our support. These service-related communications are necessary for customer care and do not require separate consent.
  • Improvement and Analytics: We analyze usage data and feedback to understand how our platform is used and to improve our offerings. For example, we look at aggregate site traffic, popular products, and common user paths to optimize site layout and product selection. Using tools like analytics, we can understand trends and preferences to make informed decisions on new features or services. This helps us enhance functionality, user experience, and overall performance of Drubotara.com.
  • Personalization: We may use your browsing and purchase history to personalize your experience. This could include showing you relevant product recommendations, tailoring the content on our homepage to your interests, or remembering your preferences (like language or cart items). The goal is to make your shopping experience more convenient and relevant to you.
  • Marketing and Promotions: With your consent, we use your contact information to send promotional materials about new arrivals, special offers, or deals that might interest you. For example, we might email you a newsletter with exclusive discounts or SMS a flash sale alert, but only if you have opted in to such communications. (See Promotional Communication below for how we obtain consent and how to opt out.) We may also use data about your past purchases to tailor these promotional messages to your preferences.
  • Security and Fraud Prevention: We use information (like device info and account activity) to protect our platform and our customers. This includes monitoring for fraudulent transactions, unauthorized access, hacking attempts, or other illegal activities. If we detect potential fraud or security issues, we may use personal data to investigate and take action (such as verifying your identity or using IP address data to prevent malicious attacks).
  • Legal Compliance: We may process and retain your information as needed to comply with laws and regulations. For example, we keep transaction records to fulfill tax and accounting requirements, and we may use personal data to comply with consumer protection laws or to respond to lawful requests from government authorities. In cases where we need to use your information to meet legal obligations (such as producing records for an audit or investigation), we will do so in accordance with applicable laws.

We will not use your personal information for any purpose that is incompatible with the purposes described above without your consent. If we need to use your data for a new purpose, we will update this Privacy Policy or seek your permission as required.

 

 

Payment Security and Third-Party Gateways

 

Your payment security is extremely important to us. Drubotara does not process or store sensitive payment information (like full credit card numbers) on our own servers. Instead, we rely on reputable third-party payment gateways to handle all payment transactions.

When you make a payment on our site (for example, by card or mobile banking), you are seamlessly connected to a secure payment gateway provided by third-party payment processors. These processors (such as authorized payment service providers or banks) are compliant with industry security standards (like PCI DSS) and employ robust encryption and security measures. Any credit/debit card information or banking details you enter are transmitted directly to the payment processor over encrypted connections for processing. As a result, we do not see or store your card number, CVV, or banking PIN on our site.

  • No Card Information Stored: Because payments are handled by third parties, Drubotara does not store your credit card or debit card details after you complete a transaction. The payment gateway sends us a confirmation that your payment was successful (or not), along with a transaction ID and the necessary details to verify the payment. We retain only minimal information related to the transaction (such as the last 4 digits of your card or the transaction reference) for record-keeping and order confirmation purposes.
  • Secure Processing: Our third-party payment providers use advanced security protocols. For example, they use SSL/TLS encryption (you’ll notice the padlock icon in your browser during checkout) to protect your data during transmission. They may also implement two-factor authentication or OTP (one-time passwords) for extra security as required by local financial regulations.
  • Third-Party Privacy: These payment gateways have their own privacy policies which govern the information you provide to them. We recommend you review the privacy policy of the payment processor you choose (for instance, if you are redirected to a payment page for a mobile wallet or card payment, look for their privacy notice on that page). We share information with these payment providers only to the extent necessary for processing payments and only under strict contractual terms that require them to protect your data. Any sharing of personal information with such processors is done in accordance with applicable data protection laws and solely for fulfilling the payment process.
  • Examples of Payment Methods: Depending on what we support, you might pay via credit card, debit card, mobile banking, or Cash on Delivery. Online card/banking transactions will go through the secure gateways as described. For Cash on Delivery, no digital payment info is collected online (you simply pay the delivery agent in cash).

By using Drubotara.com to make purchases, you consent to this use of third-party payment processors. We continuously review our payment processes to ensure your financial data is handled with the highest standard of security. If you have any questions about payment security, feel free to contact us (see Contact Information section below).

 

 

Cookies and Tracking Technologies

 

Cookies are small text files that websites place on your device (computer, mobile phone, etc.) when you visit. They are widely used to make websites work efficiently and to provide information to the site owners. At Drubotara, we use cookies and similar tracking technologies for several reasons, including to enable site functionality, analyze site usage, and for advertising/marketing purposes. Here’s an overview of how we use these technologies:

  • Types of Cookies We Use:
    • Essential Cookies: These are necessary for the basic functioning of our website. For example, when you add items to your cart or log in to your account, essential cookies keep you logged in and remember your cart items as you navigate. Without these, some parts of the site would not work properly.
    • Analytics Cookies: We use these to collect information about how visitors use our site. Google Analytics is one of our analytics tools, which uses its own cookies to track things like which pages you visit, how long you stay, how you got to our site, and which links you click. This data is aggregated and helps us understand usage patterns. (For instance, Google Analytics may log that a user from Dhaka browsed our gadgets section for 10 minutes.) The information generated by Google Analytics cookies about your use of the site is usually transmitted to Google’s servers (which may be located in the United States or other countries). Google uses this information to provide us with reports and insights. We have configured Google Analytics in compliance with privacy best practices (which may include IP anonymization to truncate your IP address within your region).
    • Advertising Cookies: We partner with advertising platforms like Meta Pixel (formerly Facebook Pixel) to understand the effectiveness of our ads and to reach you with relevant advertising on other platforms. Meta Pixel is a piece of code on our site that triggers cookies to track your actions (such as visiting a certain product page or completing a purchase). This helps us create custom audiences and show you tailored ads on Facebook/Instagram. For example, if you visited our wellness products page, Meta Pixel may note that interaction so we can show you a related ad later. These advertising cookies collect data such as your device identifier and browsing activity, which may be combined with other information by the advertising platform to personalize ads.
    • Functional Cookies: These cookies remember your preferences and enhance usability. For example, a cookie might remember your chosen language or region so you don’t have to select it on each visit, or it may store certain settings like items you viewed recently for quick reference.
  • Third-Party Tracking: Some cookies on our site are set by third parties on our behalf. As mentioned, analytics and ad partners place their cookies to collect usage and interest information. We ensure that these partners are reputable and that data collected through these cookies is used in line with this policy. For instance, we may use a third-party service to track site performance or run A/B tests (which would set a cookie to determine which version of a page you saw). All such usage is aimed at improving your experience and our service quality.
  • Your Choices (Cookie Consent): When you first visit Drubotara.com, you may see a notification about our use of cookies. By continuing to use our site, you consent to our use of cookies as described. You have the right to control cookies: you can adjust your browser settings to refuse or delete cookies. Most browsers allow you to see what cookies you have and clear them individually or all at once. However, please note that if you disable cookies entirely, some features of our website may not function properly. For example, if cookies are turned off, you might not be able to stay logged in or add items to your cart. We therefore recommend keeping cookies enabled for the best experience, but the choice is yours.
  • Opt-Out Options: For analytics, Google provides an opt-out browser add-on if you wish to prevent your data from being used by Google Analytics on any site. Similarly, you can manage your ad preferences on platforms like Facebook to control how Meta uses data collected from sites like ours to show you ads. If you have questions on how to opt out of specific tracking tools we use, please contact us. We can guide you or provide links to these tools’ opt-out mechanisms.

By using our site without disabling cookies, you indicate your understanding and agreement that we can place these cookies on your device. We treat information collected by cookies and other tracking technologies as non-personal in nature, except where local law considers it personal data or where it is combined with your account or other personal information. All usage is covered by this Privacy Policy.

 

 

Promotional Communication

 

We would like to keep you informed about our latest offers, products, and promotions, but we will do so only if you want to receive such communications. Below is how we handle promotional messages (such as marketing emails or SMS):

  • Opt-In Consent: We only send you promotional emails or text messages if you have actively agreed (opted in) to receive them. For example, when you register an account or make a purchase, you might be presented with a checkbox to receive newsletters or offer alerts. If you check that box (or otherwise sign up on our website by entering your email in a subscribe form), you are giving consent to receive marketing communications from us. Similarly, providing your phone number for SMS alerts (and any required verification) will serve as consent for text messages. We abide by applicable regulations for electronic communications in Bangladesh, ensuring we obtain any required consent.
  • Types of Messages: Promotional communications may include: announcements of sales or discounts, new product arrivals, beauty and wellness tips, gadget launch updates, or other news about Drubotara’s offerings. They could be sent via email newsletters, SMS alerts, push notifications (if you use a mobile app or allowed web push), or occasionally via messaging apps if applicable. We aim to make these communications valuable and relevant to you.
  • Frequency: We will not bombard you with messages. The frequency of promotional emails/SMS will be reasonable (e.g., occasional newsletters or holiday specials). We might send messages a few times a month, and SMS alerts might be even less frequent (usually for time-sensitive offers). The exact frequency can vary, but our goal is quality over quantity.
  • Right to Unsubscribe: You have the right to stop receiving promotional communications at any time. Every marketing email we send will contain an “unsubscribe” link at the bottom. By clicking that link and confirming, you will be removed from our email marketing list. For SMS, you can typically opt out by following instructions in the message (for example, replying with “STOP” or a specific keyword as indicated in the SMS). Once we receive your unsubscribe request, we will process it promptly. After you opt out, we will not send you further promotional emails or texts, although it may take a few business days for our systems to fully remove your details. If you experience any issues unsubscribing, please contact us and we will manually ensure you are opted out.
  • Transactional vs. Promotional: Even if you opt out of promotional messages, we will still send you transactional or service-related communications. For example, you will continue to receive order confirmations, shipping notifications, receipts, password reset emails, or customer support responses. These are not promotional, but rather necessary for us to fulfill our contract with you. We distinguish clearly between marketing messages and transactional ones.
  • Third-Party Marketing: We do not share your contact information with third-party companies for their own marketing without your explicit consent. So you won’t get communications from other businesses or partners just because you provided information to Drubotara, unless you separately agreed to that. If we ever run a joint promotion with a partner and you need to agree to any data sharing, we will make that clear at the point of collecting your information.
  • Re-subscription: If you have unsubscribed from emails or SMS, you can always change your mind later. For emails, you might re-subscribe by signing up again on our website or updating your account preferences. For SMS, you might need to provide consent again through our website or by texting a keyword to us if we offer that. We will only resume sending promos if you opt back in.

We respect your communication preferences. Our goal is to keep you happy – receiving only those marketing messages you find useful. If you have any issues with promotional communications (such as receiving one you didn’t sign up for), please let us know and we will investigate immediately.

 

 

Data Sharing with Partners

 

Drubotara treats your personal information with confidentiality. We do not sell or rent your personal data to third parties for their independent marketing purposes. However, in order to run our business and provide services to you, we sometimes need to share information with trusted third parties under controlled circumstances. Here are the scenarios in which your data may be shared, and with whom:

  • Delivery and Logistics Partners: We work with external courier and delivery companies to ship your orders. We will share only the necessary details with them to ensure your products reach you – typically your name, delivery address, and contact phone number (and sometimes instructions or notes you provided for delivery). This allows our logistics partners to pick up packages from us and deliver to your doorstep. They are not allowed to use this information for any other purpose. For example, if you order a beauty product, the courier label will have your name, address, and phone so the delivery agent can find you and confirm delivery.
  • Payment Processors: As explained in Payment Security above, we rely on third-party payment gateways to handle transactions. When you complete a purchase, relevant information will be shared with the payment processor – such as the amount to charge, your card or account details (entered on the payment gateway’s page), your name, and perhaps billing address for verification. The payment processor in return confirms to us whether the payment was successful. These payment partners process your data securely and are contractually obligated to protect it. We share with them only what is required to process the payment or resolve payment disputes (for instance, if a transaction is flagged or needs a refund).
  • Analytics and Advertising Services: We use third-party service providers to help us with website analytics and online advertising. For example, Google Analytics and Meta (Facebook) are given certain data through their cookies and scripts on our site. This means that some information about your browsing (such as your IP address, device ID, pages visited, actions taken on the site, etc.) is automatically shared with these providers when you use Drubotara.com. This data is used on our behalf to analyze site traffic or to measure the effectiveness of our ads. Importantly, this information generally does not directly identify you by name, and we do not hand over your personal contact details for analytics or basic ad targeting. (In some cases we may upload customer email lists to advertising platforms to create custom audiences – but this is done in a hashed, secure manner and only if you have consented to marketing.) All third parties we engage for these purposes are under agreements that restrict them from using the data for anything other than providing services to us.
  • Service Providers and Vendors: We may share information with other vendors who perform functions on our behalf. This includes: technology infrastructure providers (e.g., cloud hosting services for our website data), email/SMS service providers that send out our communications, customer support tools (if we use a CRM or helpdesk that stores customer queries), marketing agencies or consultants (who might analyze user behavior to advise us), and so on. In all such cases, these providers act under our instructions and are bound by confidentiality agreements. They are only given access to the data necessary for their task. For example, our email service provider will have your email address and name in order to send newsletters, but they cannot use that info except to send our emails.
  • Business Transfers: If in the future Drubotara undergoes a business transaction such as a merger, acquisition by another company, or sale of some or all of its assets, user information (including personal data) may be among the assets transferred to the new owner. This would be done to ensure continuity of service to you. If such a transfer occurs, we will require that the acquiring party honors the commitments to privacy outlined in this policy. We will also notify you (for example, via email or a notice on our site) if your data becomes subject to a new Privacy Policy as a result of a business change. Similarly, if Drubotara is involved in a bankruptcy or reorganization process, your information might be transferred or reviewed as part of that process, in accordance with applicable laws.
  • Legal Requirements and Protection: We may disclose personal information when required to do so by law or lawful order. For instance, if we receive a court order, subpoena, or a request from law enforcement or regulatory authorities, we may need to provide the requested information in compliance with legal obligations. We will only share what is reasonably necessary and after verifying the legitimacy of the request. Additionally, we might share information in situations where we believe in good faith that disclosure is necessary to protect our rights, investigate or prevent fraud, enforce our Terms and Conditions, or protect the safety of our customers, employees, or the public. For example, if someone is suspected of attempting a fraudulent transaction with a stolen card, we might share information with law enforcement agencies to investigate the issue.
  • With Your Consent: In any other scenario not covered above, we will seek your explicit consent before sharing your personal information with third parties. For example, if you opt-in to a co-branded promotion with a partner and agree to have your info shared, or if you ask us to share your details with a third-party service for your convenience, we will only do so with your knowledge and approval.

When we share data with any third party, we ensure it’s done securely. We also strive to anonymize or aggregate data when sharing it, if identifiable information is not needed. All third parties who process personal data on our behalf must agree to keep it protected and use it only for the purposes we dictate.

Importantly, we do not sell your personal data to anyone – meaning we do not give others your personal information in exchange for money. Any sharing is solely to serve you and operate our platform, as explained above. If you have questions about any specific third party with whom your data might be shared, feel free to contact us for more information.

 

 

Data Retention

 

We will retain your personal information for as long as it is needed to fulfill the purposes for which we collected it, and to comply with legal or regulatory requirements. The length of time we keep data depends on the type of information and the context in which it’s used. Here are our general data retention practices:

  • Customer Account Data: If you have an account with us, we will keep your account information (such as your name, email, phone, addresses, and login details) until you delete your account or request us to delete it, or otherwise for as long as we need it to provide services to you. If you choose to close your account, we will remove or anonymize personal data associated with your account within a reasonable time after your request, except for any data we are required to keep for legal reasons.
  • Order and Transaction Records: We retain records of your purchases and transactions to meet our business and legal obligations. This includes details of what you bought, when, and where it was delivered, as well as receipts/invoices. Such records may be required for accounting and tax purposes, warranty and returns processing, or fraud prevention. In Bangladesh, for example, business regulations might require us to keep invoice data for a certain number of years. We only keep what is necessary. Typically, order records are kept for at least 5 years (or as mandated by law) and then securely archived or deleted if no longer needed.
  • Communications: If you have contacted customer support or corresponded with us, we may retain those communications (emails, chat logs, call records) for a period of time. This helps us in training, quality assurance, and to reference past issues if you contact us again. These records are generally kept only as long as needed to assist you or as required by law (for instance, records of customer complaints may need to be retained under consumer protection laws).
  • Marketing Data: If you have given consent to receive marketing emails or SMS, we will keep your contact details on our marketing distribution list until you opt out or unsubscribe. Once you unsubscribe, we will remove your contact from the active marketing list promptly and not send further promotional messages. (We may, however, retain a record of the fact you opted out, to ensure we honor your opt-out decision going forward.) Similarly, if you have consented to other marketing activities, we retain that data until you withdraw consent or it’s no longer relevant.
  • Web Analytics Data: Data collected via cookies and similar tools (like Google Analytics) is stored as per the settings we’ve agreed with those tool providers. For example, Google Analytics retains site visitation data for a certain period (e.g., 26 months) unless we configure it otherwise. This data is mostly aggregated, but any personal aspects (like IP addresses) are typically anonymized after a short period. We use such data for trend analysis and site improvement over time.
  • Legal Compliance & Protection: In certain cases, we may need to keep data longer than usual if required by law. For instance, if there’s an ongoing dispute or investigation, or we must retain data for litigation holds, we will retain the relevant information until it is resolved. Also, information that has been archived/backup up may be retained in our secure backups until those backups are cycled out or destroyed in line with our backup retention policies.

After the retention period is over, or if we determine that we no longer need the data, we will securely delete or anonymize your personal information. Your details will remain within our systems only as long as necessary and in line with local laws and regulations. For example, our policy might state that inactive customer accounts are purged after X years of inactivity, or that logs are auto-deleted after Y months, etc. We take care to either erase data or segregate it (so it’s kept only for legal compliance and no other use) once the primary purpose has been fulfilled.

In summary, we do not keep personal data indefinitely. We aim to retain information for the shortest duration that fulfills the purpose and meets our obligations. If you have specific questions about how long a certain type of data is kept, please contact us.

 

 

Your Rights and Choices

 

We want you to be in control of your personal information. Subject to applicable law, you have several rights regarding the data we hold about you and various ways to exercise those rights:

  • Access and Correction: You have the right to access the personal data we hold about you. This means you can request a copy of your information from us, and we will provide it, save for certain exceptions (for example, if providing it would violate someone else’s privacy or a legal requirement). Most of your basic information is accessible by logging into your Drubotara account. For instance, you can view and update your profile details, shipping addresses, and order history directly through your account dashboard. We encourage you to correct or update your information whenever it changes (e.g., update your phone number or address if it changes) to keep your account current. If you find any inaccuracies in the data that you cannot correct yourself, you can contact us to request correction, and we will promptly make the appropriate updates.
  • Data Deletion (Right to Erasure): You can request that we delete your personal information. If you wish to close your account or have us delete specific personal data, please contact us with your request. We will take necessary steps to honor your request, by erasing or anonymizing your data so it no longer identifies you. Do note that we may need to retain certain information if required for legal obligations or legitimate business purposes – we’ll let you know if that’s the case (for example, “We cannot delete your transaction records from last year because we must retain them for tax compliance”). Outside of such obligations, we will delete the requested data. When your account is deleted, you will lose access to any personalized services (and any loyalty points or store credits, if applicable). Also, keep in mind that due to technical reasons, residual data might remain in backup systems for a short period, but it will be purged according to our backup retention schedule and will not be actively processed in the meantime.
  • Withdrawal of Consent: Where our processing of your personal data is based on your consent (e.g., receiving promotional emails or SMS), you have the right to withdraw that consent at any time. You can do so by opting out of marketing communications as described in Promotional Communication above. For example, you can click “unsubscribe” in an email newsletter to stop further emails, or reply “STOP” to an SMS to cease messages. You can also contact us directly to withdraw consent for any specific use that you previously agreed to. Once we receive notification that you withdraw consent, we will stop the processing of your data for that purpose. Withdrawal of consent will not affect any processing that has already occurred (for instance, if you gave consent and we already processed your data, that past processing was lawful), but it will prevent future processing for the consented purpose.
  • Object or Restrict Processing: In certain situations, you may have the right to object to or ask us to restrict processing of your data. For example, if you feel our use of your data is not necessary or is inappropriate, you can request a restriction. You might also object to receiving certain types of communications or to being subject to automated decision-making (though currently we don’t make any significant decisions about you purely by automated means without human review). We will review such requests and comply if required by law. If not required, we will communicate clearly with you about any decisions.
  • Cookies & Tracking Choices: As described in the Cookies and Tracking section, you have control over cookies and can opt out of certain data collection. You can delete or block cookies using your browser settings. You can also use privacy browsers or plugins to control trackers. Note that refusing certain cookies (like essential cookies) can affect site functionality. Additionally, you can opt out of Google Analytics tracking with a browser add-on, and manage ad targeting via your Google or Facebook account settings.
  • No Discrimination: Drubotara will not discriminate against you for exercising any of these rights. For example, if you opt out of marketing emails, we will not treat you differently during purchases or customer service – you will still get the same quality of service. If you request deletion of your data, we will do our best to honor that while still serving you in any transactions you choose to make. Some features that rely on data (like personalized recommendations) might become unavailable if you withhold or delete data, but we will inform you of such consequences at the time of your decision.
  • Complaints: If you have a concern or complaint about how we’ve handled your personal data, we encourage you to contact us so we can resolve it. We take privacy complaints seriously and will investigate and respond. If you are not satisfied with our response, and if you reside in a jurisdiction with a data protection authority, you may have the right to file a complaint with that authority. (In Bangladesh, data protection laws are evolving; we will cooperate with any official body that oversees personal data rights.)

Your choices – You are not obligated to provide us with personal information. However, as mentioned, if you choose not to provide certain details, we may not be able to deliver the service or complete an order. For instance, if you decide not to give a delivery address or a phone number, we wouldn’t be able to ship a product to you or contact you for delivery coordination. We will clearly indicate required fields in forms (such as checkout) versus optional fields. Providing information is voluntary, and we’ll respect any request you have to not use a certain channel (e.g., if you only want email contact and not phone calls).

To exercise any of your rights, please contact us (see Contact Information below). For security, we may need to verify your identity (for example, by asking you to confirm some details or login) before fulfilling certain requests like data access or deletion. This is to ensure we don’t disclose or erase data to the wrong person. We will respond to your requests within a reasonable timeframe and in accordance with applicable law.

 

 

Security Practices

 

We take the security of your personal data very seriously. Drubotara has implemented a range of technical and organizational measures to protect your information from unauthorized access, disclosure, alteration, or destruction. Here are key aspects of our security approach:

  • Encryption: Our website is secured using industry-standard encryption protocols. When you visit Drubotara.com, you’ll notice the URL begins with https://, indicating that we use Secure Sockets Layer (SSL) or its successor TLS. This means any data you send to us (such as personal details or passwords) is encrypted in transit. Encryption scrambles the data so that it cannot be read by anyone who might intercept it. For example, when you enter your address or payment details on our site, that information is encoded such that only our server (and in the case of payments, the payment gateway) can decode it. We also encrypt sensitive information in our databases and use secure protocols for data transfer between our systems.
  • Secure Infrastructure: We host our website and databases on servers that employ modern security measures such as firewalls, intrusion detection systems, and continuous monitoring. Access to these servers (both physical and digital access) is restricted to authorized personnel only. We ensure that our hosting providers maintain high security standards and regularly update their systems to patch vulnerabilities.
  • Access Controls: Internally, personal data is accessible only to those employees, contractors, and service providers who need it to perform their duties (for example, the fulfillment team accessing your address to ship your order, or a customer service agent checking your order details to assist you). All such access is controlled via authentication, and our staff are trained on confidentiality. We use techniques like role-based access control (giving employees only the level of access necessary for their role) and we keep logs of access to personal data.
  • Data Minimization: We collect and store only the personal information that is necessary for our purposes. By limiting the amount of data, we reduce the risk exposure. For example, as noted, we do not store your financial information on our servers, and we purge or anonymize data that we no longer need (per our retention policy).
  • Monitoring and Testing: We monitor our systems for possible vulnerabilities and attacks. We also periodically test our security measures. This can include security scans, penetration testing by third-party experts, and routine review of our practices to adapt to new threats. Our web application is kept updated, and we employ anti-malware and security tools to guard against common web threats.
  • Personal Device Security: Any Drubotara staff who handle personal data are required to follow our IT security policies. This includes using secure passwords, enabling two-factor authentication where available, and ensuring their devices are protected. We also enforce secure development practices for our software to prevent coding vulnerabilities.
  • Payment Security: As elaborated earlier, we outsource payment processing to secure gateways to leverage their advanced security. Our checkout pages are served securely, and we adhere to best practices such as not storing card CVV codes and using tokenization for any stored payment methods (if we ever offer to save your card, it would be via a token from the payment processor, not us storing the number).

While we are committed to safeguarding your data, it’s important to understand that no method of transmission over the internet or method of electronic storage is 100% secure. Despite our best efforts, we cannot guarantee absolute security of information against all possible threats. Cyber risks evolve rapidly, but we stay updated and will inform you if there’s any compromise. For your part, we encourage you to choose a strong, unique password for your Drubotara account and not share it with others. Also, remember to log out of your account and close your browser after using a public or shared device.

In the unlikely event of a data breach that affects your personal information, we will act promptly to contain and investigate the breach. We will also notify affected users and relevant authorities as required by law, and take steps to prevent future incidents.

Our commitment to security is ongoing – we regularly review and update our security practices to meet or exceed industry standards. If you have any questions about how we secure your data, or if you believe your interaction with our site is no longer secure (for example, if you suspect an account breach), please contact us immediately so we can assist.

 

 

Changes to the Policy

 

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. We encourage you to review our Privacy Policy periodically to stay informed about how we are protecting your information and what information we collect.

For significant changes (especially those that materially affect your rights or how we use personal data), we may provide a more prominent notice. For example, we might display a notice on our homepage or send you an email notification if we have your email on file, explaining the changes to the policy. If required by law, we will also obtain your consent for certain changes.

Examples of changes that might occur include: addition of a new service or feature that requires different personal information, an update to comply with a new data protection law in Bangladesh, or a change in our data sharing practices. Rest assured, we will not reduce your rights under this Privacy Policy without your explicit consent.

Your continued use of Drubotara.com after any update to this Privacy Policy will constitute your acceptance of the changes, to the extent permitted by law. If you do not agree with the revised policy, you should adjust your preferences or consider stopping using our services (though we’d regret losing you). Remember, you can always contact us if you have questions or concerns about the changes.

 

 

Contact Information

 

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, we’re here to help. Please reach out to us through any of the methods below:

  • Email: [email protected]
  • Phone: +880-1XXX-XXXXXX (Customer Service Hotline)
  • Postal Mail: Drubotara E-commerce Ltd., 4th Floor, XYZ Tower, 123 Main Road, Dhaka 1212, Bangladesh

When contacting us, please provide as much detail as possible about your question or request regarding privacy. This will help us respond more efficiently. For example, if you are requesting a copy of your data, specifying the context (account email, date of transactions, etc.) will assist our verification process.

We will endeavor to respond to all legitimate inquiries within a reasonable timeframe, typically within 7 business days. If you’re contacting us to exercise a data rights request (like access or deletion), we may need to verify your identity for security purposes before addressing the request.

Your privacy is important to us, and we welcome your feedback. If there’s any part of this policy you do not understand, or if you have suggestions on how we can improve our privacy practices, please let us know.

Thank you for trusting Drubotara.com. We are committed to safeguarding your personal information and providing you with a safe and enjoyable shopping experience.

 

 

Get Upto 70% Off Discount Coupon

by Subscribe our Newsletter

0

CART

Subtotal
৳0.00
0

Checkout

Delivery Details
+88
Coupon Code
Payment Method
Order Summary
Subtotal ৳0.00
Delivery Fee ৳0.00
Total ৳0.00