Legal

Privacy Policy

How GoTrack.bd collects, uses, and protects data when you run your Facebook shop, inventory, and orders on our platform.

Last updated: May 18, 2026

1. Overview

This Privacy Policy explains how GoTrack.bd ("GoTrack.bd", "we", "us", or "our") handles information when you use our software-as-a-service platform for managing Facebook and online shops — including products, inventory, orders, customers, couriers, finance, and team management (collectively, the "Service").

By creating an account or using the Service, you agree to the practices described in this policy. If you do not agree, please do not use the Service. This policy works alongside any agreement between you and GoTrack.bd.

2. Our Role in Your Data

GoTrack.bd serves two distinct privacy roles:

  • As a data controller — for information about shop owners and team members who hold accounts with us (for example, your name, email, and subscription records). We decide how this account data is processed.
  • As a data processor — for the business data you enter into the Service about your customers and orders. You (the shop owner) remain the controller of your customers' personal data; we process it only to provide the Service to you and on your instructions.

This distinction matters: you are responsible for collecting your customers' data lawfully and for informing them how it is used. See Section 10.

3. Information We Collect

a. Account & profile information

When you register and set up your profile, we collect your name, email address, phone number, and password (stored only in encrypted/hashed form). You may optionally add a date of birth, gender, and address. Email changes are verified with a one-time passcode (OTP).

b. Shop information

Your shop name, address, linked Facebook page details, shop type (online/retail or wholesale), and an optional shop logo.

c. Business data you enter

Data you add while running your shop, including products and pricing, stock levels, expenses, financial records, and customer and order details you input or import — such as customer names, phone numbers, delivery addresses, and order history. This data belongs to you; we store and process it to provide the Service.

d. Payment information

Subscription payments are made through bKash. Payments are processed by bKash; we do not store your full bKash credentials or PIN. We retain records of subscription status, billing dates, and amounts.

e. Integration credentials

If you connect third-party services, we store the credentials needed to operate them on your behalf — for example, courier API keys (Steadfast, Pathao), SMS gateway credentials (Bulk SMS BD), and WooCommerce/WordPress API keys and webhook tokens. You can regenerate or remove these at any time from your settings.

f. Technical & usage data

Like most online services, we automatically collect technical information such as IP address, browser type, device information, pages visited, and timestamps, along with cookies and similar technologies (see Section 5).

4. How We Use Information

We use the information we collect to:

  • Provide, operate, and maintain the Service and its features;
  • Authenticate users, secure accounts, and prevent fraud or abuse;
  • Process subscription payments and manage billing;
  • Sync orders and run integrations (couriers, SMS, WooCommerce) at your request;
  • Generate the analytics, reports, and dashboards you use to run your shop;
  • Provide customer support and respond to your enquiries;
  • Send service-related communications, such as account, security, or billing notices;
  • Improve and develop the Service and maintain its reliability and performance;
  • Comply with legal obligations and enforce our terms.

We do not sell your personal data or your customers' personal data.

5. Cookies & Analytics

We use cookies and similar technologies for two main purposes:

  • Essential cookies — required for the Service to function, such as keeping you signed in and protecting forms against cross-site request forgery. These cannot be disabled without breaking core functionality.
  • Analytics cookies — we use Google Analytics to understand how visitors use our website so we can improve it. Google Analytics may set cookies and collect usage data subject to Google's Privacy Policy.

You can control or block cookies through your browser settings. Disabling essential cookies may prevent you from signing in or using parts of the Service.

6. How We Share Information

We share information only as needed to run the Service, and never sell it. Categories of recipients include:

  • Payment provider — bKash, to process subscription payments.
  • Courier partners — Steadfast and Pathao, to create and track shipments you dispatch. The delivery details you send (recipient name, phone, address, order amount) are shared with the courier you choose.
  • SMS provider — Bulk SMS BD, to deliver the marketing or notification messages you send to your customers.
  • E-commerce integrations — WooCommerce/WordPress, when you connect your store to sync orders.
  • Analytics provider — Google Analytics, for website usage statistics.
  • Infrastructure & hosting providers — that host and operate our servers and databases under confidentiality obligations.
  • Legal & safety — authorities or advisors where required by law, or to protect the rights, safety, and security of users, the public, or GoTrack.bd.
  • Business transfers — in connection with a merger, acquisition, or sale of assets, subject to this policy.

7. Data Retention

We retain account and business data for as long as your account is active and as needed to provide the Service. After account closure, we may retain certain information for a reasonable period to comply with legal, tax, accounting, or dispute-resolution obligations, after which it is deleted or anonymised. You may request earlier deletion as described in Section 9.

8. Data Security

We apply technical and organisational measures to protect data, including encryption of traffic in transit (HTTPS), hashed password storage, scoped access controls, authenticated APIs, and the ability to rotate API and webhook credentials. No method of transmission or storage is completely secure, so we cannot guarantee absolute security. Keep your password and API secrets confidential and notify us promptly if you suspect unauthorised access.

9. Your Rights

Subject to applicable law, you may have the right to:

  • Access the personal data we hold about you;
  • Correct inaccurate or incomplete data (much of which you can edit directly in your profile and settings);
  • Request deletion of your account and associated personal data;
  • Request a copy of your data in a portable format;
  • Object to or restrict certain processing.

To exercise these rights, contact us. We will respond within a reasonable timeframe and may need to verify your identity first.

10. Seller Responsibilities

When you upload or enter your customers' personal data into GoTrack.bd, you act as the controller of that data. You are responsible for:

  • Collecting and using your customers' data lawfully and fairly;
  • Providing your customers with appropriate privacy information and obtaining any required consent — including before sending marketing SMS;
  • Honouring your customers' privacy requests and applicable laws;
  • Keeping your account credentials and integration secrets secure.

We process this data only to provide the Service to you and on your instructions.

11. Children's Privacy

The Service is intended for businesses and is not directed to children. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has provided us with personal data, please contact us and we will take appropriate steps to remove it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date above and, where appropriate, provide additional notice. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please reach out through our Contact page. We are committed to resolving privacy enquiries promptly and transparently.

Contact GoTrack.bd