Privacy Policy
We are committed to protecting your personal information and ensuring your data is handled responsibly and transparently.
Table of Contents
Welcome to MiraShop ("we," "our," or "us"). MiraShop is an e-commerce platform owned and operated by AppStarBD IT Solution, a company registered and operating in Bangladesh. This Privacy Policy describes how we collect, use, disclose, store, and protect your personal information when you visit our website, use our mobile application, place orders, or interact with our services. By accessing or using MiraShop, you agree to the practices described in this Privacy Policy. If you do not agree with the terms of this policy, please do not use our services. We are committed to ensuring that your privacy is protected in accordance with the applicable laws of Bangladesh and international data protection standards.
Information We Collect
Types of data we gather when you use our services
At MiraShop, we collect information to provide you with the best possible shopping experience, process your orders efficiently, communicate important updates, and continuously improve our platform. We collect several categories of information, both directly from you and through automated means when you interact with our website and services. Below is a comprehensive overview of the types of information we collect.
Personal Information
- Full name (first name, last name)
- Email address and phone number
- Delivery and billing addresses
- Date of birth (for age verification)
- Gender (optional, for personalization)
- Profile photo (optional)
- National ID number (for certain high-value orders)
Payment Information
- Payment method (bKash, Nagad, credit/debit card, COD)
- bKash/Nagad transaction ID (TrxID)
- Card number (tokenized — we never store raw card numbers)
- Bank name for certain payment methods
- Billing address linked to payment
- Transaction history and receipts
Usage Data
- Pages visited and time spent on each page
- Search queries and products viewed
- Click patterns and navigation paths
- Products added to cart and wishlist
- Purchase history and order frequency
- Feature usage (reviews, ratings, wishlist)
- Customer support interactions and chat logs
Device & Location Information
- IP address and approximate geolocation
- Device type (mobile, tablet, desktop)
- Operating system and browser type/version
- Screen resolution and language preferences
- GPS location (with your consent for delivery)
- Network provider and connection type
- Unique device identifiers (advertising ID)
We collect personal information directly from you when you create an account, place an order, subscribe to our newsletter, participate in promotions, contact customer support, or provide feedback. We also collect information automatically through cookies, web beacons, pixel tags, and similar tracking technologies. We may also receive information from third-party sources such as payment processors, delivery partners, and analytics providers. All information collection is conducted in compliance with applicable data protection laws of Bangladesh.
How We Use Your Information
The purposes for which we process your personal data
The personal information we collect serves several important purposes that are essential to providing you with a seamless and enjoyable shopping experience on MiraShop. We use your data lawfully, fairly, and transparently. Below we outline the specific purposes for which we process your personal information. Each purpose is supported by a legitimate basis under applicable data protection laws.
Order Processing & Fulfillment
We use your personal information to process and fulfill your orders, including verifying your identity, confirming payment, arranging delivery through our logistics partners, providing order status updates via SMS and email, processing returns and refunds, and managing your order history. This is our core service and the primary reason we collect your data.
Service Improvement & Personalization
Your usage data helps us understand how you interact with our platform so we can improve our website design, product recommendations, search functionality, and overall user experience. We use this data to personalize product suggestions, display relevant offers based on your browsing and purchase history, and optimize page load times and performance for Bangladeshi network conditions.
Marketing & Promotional Communications
With your express consent, we may send you promotional emails, SMS notifications, and push notifications about new product arrivals, special offers, flash sales, seasonal discounts, and exclusive deals. You can opt out of marketing communications at any time by clicking the unsubscribe link in any marketing email, replying "STOP" to any promotional SMS, or updating your communication preferences in your account settings.
Analytics & Business Intelligence
We aggregate and analyze usage data to generate business insights such as popular product categories, peak shopping times, customer demographics, and conversion rates. This helps us make data-driven decisions about inventory management, pricing strategies, marketing campaigns, and platform development. All analytics data is anonymized and aggregated — we do not track individual user behavior for analytics purposes.
Customer Support & Communication
We use your information to respond to your inquiries, provide technical support, resolve disputes, and communicate important service-related updates such as changes to our policies, security alerts, and order-related notifications. When you contact our support team via phone, email, or live chat, we may record the conversation for quality assurance and training purposes.
Fraud Prevention & Security
We use your data to detect, prevent, and respond to fraudulent transactions, unauthorized access attempts, and other security threats. This includes monitoring for suspicious account activity, verifying payment details, screening orders for potential fraud, and complying with anti-money laundering (AML) regulations as required by Bangladesh Bank guidelines.
We will only use your personal information for the purposes for which it was collected, or for other compatible purposes that are clearly disclosed to you. If we need to use your information for a purpose that is not listed above, we will seek your prior consent before doing so, except where such use is permitted or required by law.
Information Sharing
Who we share your data with and under what circumstances
MiraShop does not sell, rent, trade, or otherwise monetize your personal information to third parties for their own marketing purposes. We understand that your trust is paramount, and we take the responsibility of safeguarding your data very seriously. However, we may share your information with certain categories of third parties as described below, strictly for the purposes of operating and improving our services, and always in compliance with applicable data protection laws.
Service Providers
We share data with trusted third-party companies that perform services on our behalf, including payment processing (SSLCommerz, bKash, Nagad), order delivery and logistics (Pathao, RedX, Steadfast, Sundarban), email and SMS delivery services, cloud hosting providers, and customer support platforms. These service providers are contractually obligated to use your data only for the specific purposes we authorize and must maintain appropriate security measures.
Payment Processors
When you make a payment, your payment information is transmitted directly to our payment gateway partners (SSLCommerz, bKash, Nagad) via encrypted channels. We do not store your full credit/debit card details on our servers. Payment processors handle transaction authorization, fraud screening, and fund transfers in compliance with PCI DSS security standards.
Legal Requirements
We may disclose your information if required to do so by law, regulation, legal process, or governmental request. This includes responding to court orders, subpoenas, or requests from law enforcement agencies, regulatory authorities (such as Bangladesh Bank, BTRC), or other government bodies. We will only disclose the minimum amount of personal information necessary to comply with the legal requirement.
Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of the transaction. We will notify you via email and/or a prominent notice on our website before your information becomes subject to a different privacy policy, and you will have the opportunity to opt out.
We may also share anonymized and aggregated data that cannot reasonably be used to identify you with third parties for research, marketing, and analytical purposes. This type of data does not constitute personal information and may be used freely without restrictions. We implement data-sharing agreements with all third parties that receive personal information, ensuring they handle your data with the same level of care and security that we do.
Data Security
How we protect your personal information from unauthorized access
Protecting your personal information is one of our highest priorities at MiraShop. We implement industry-leading technical and organizational security measures to safeguard your data against unauthorized access, alteration, disclosure, or destruction. While no system can be 100% secure, we are committed to using commercially reasonable efforts to protect your information and continuously updating our security practices to address evolving threats.
SSL/TLS Encryption
All data transmitted between your browser and our servers is encrypted using 256-bit SSL/TLS encryption. This ensures that your personal information, payment details, and all communications are protected during transmission and cannot be intercepted by third parties.
Secure Payment
Payments are processed through PCI DSS compliant payment gateways (SSLCommerz). We never store your full credit/debit card number on our servers. All card data is tokenized at the payment gateway level, ensuring maximum security for your financial information.
Access Controls
We implement strict role-based access controls (RBAC) for our employees and contractors. Only authorized personnel with a legitimate business need are granted access to personal data. All access is logged, monitored, and regularly audited for security compliance.
In addition to the measures described above, we conduct regular security audits, vulnerability assessments, and penetration testing on our systems. We maintain a comprehensive incident response plan to quickly address any potential data breaches. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities within 72 hours as required by applicable law.
Your Rights
Your rights regarding your personal data
At MiraShop, we believe you should have meaningful control over your personal information. In accordance with applicable data protection laws in Bangladesh and recognized international standards, we grant you the following rights regarding your personal data. We are committed to responding to all legitimate requests promptly and in accordance with applicable law.
Right of Access
You have the right to request a copy of the personal information we hold about you. You can view most of your data directly in your account dashboard. For a complete data export, submit a request to privacy@mirashop.com, and we will provide your data in a structured, commonly used format within 30 days.
Right of Correction
You have the right to request that we correct any inaccurate or incomplete personal information we hold about you. You can update most of your information directly through your account settings. For changes that cannot be made through the account dashboard, contact our support team at privacy@mirashop.com.
Right of Deletion
You have the right to request the deletion of your personal information, subject to certain legal exceptions. We may retain certain information as required by law (for example, for tax and accounting records as required by the National Board of Revenue of Bangladesh). Upon account deletion, your personal data will be removed from our active systems within 30 days.
Right of Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format (such as JSON or CSV). You can also request that we transfer your data to another service provider where technically feasible. This right applies to data you have provided directly to us.
Right to Opt-Out
You have the right to opt out of marketing communications at any time. You can unsubscribe from marketing emails by clicking the "Unsubscribe" link at the bottom of any marketing email, reply "STOP" to any promotional SMS, or update your communication preferences in your account settings. Please note that opting out of marketing does not affect transactional communications.
Right to Object
You have the right to object to our processing of your personal data for direct marketing purposes, profiling, or research. Upon receiving your objection, we will cease processing your data for the specified purposes unless we have compelling legitimate grounds that override your interests, rights, and freedoms.
To exercise any of these rights, please contact us at privacy@mirashop.com or call our privacy hotline at +880 1XXX-XXXXXX. We will respond to your request within 30 days of receipt. In some cases, we may need to verify your identity before processing your request. We may also ask for additional information to help us locate and process your data. If you are dissatisfied with our response, you may lodge a complaint with the relevant data protection authority in Bangladesh.
Third-Party Links
Our policy regarding links to external websites and services
Our website and mobile application may contain links to third-party websites, applications, services, and social media platforms (including but not limited to Facebook, Instagram, YouTube, and external payment gateways). These third-party sites are operated and maintained by entities independent of MiraShop and AppStarBD IT Solution. We provide these links solely for your convenience and to enhance your shopping experience.
We are not responsible for the content, privacy practices, accuracy, opinions expressed, or any other aspect of third-party websites and services. We encourage you to review the privacy policies and terms of service of any third-party site you visit through links on our platform. The inclusion of any link on our website does not imply our endorsement, sponsorship, or affiliation with the linked website or its operators.
When you click on a third-party link and leave our website, you are subject to the privacy policy and terms of use of the destination website. Any information you provide to third-party websites is governed by their respective privacy policies, not this one. MiraShop shall not be held liable for any loss, damage, or inconvenience caused by your interaction with third-party websites accessed through links on our platform.
Children's Privacy
Our commitment to protecting children online
MiraShop is not intended for use by individuals under the age of 18 (eighteen) years. We do not knowingly collect, use, or disclose personal information from children under 18 years of age. In Bangladesh, the legal age of majority is 18, and only individuals who have reached this age may create an account, place orders, or use our services independently.
Important Notice for Parents and Guardians
If you are a parent or guardian and you become aware that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at privacy@mirashop.com. Upon receiving verifiable notice that we have collected personal information from a child under 18, we will take prompt steps to delete such information from our servers and records. If we discover that a child under 18 has provided us with personal information, we will delete that information as quickly as commercially feasible.
We take children's privacy seriously and implement reasonable measures to prevent underage users from accessing our services. During the account registration process, we require users to confirm that they are at least 18 years of age. We reserve the right to suspend or terminate any account that we reasonably believe belongs to a user under the age of 18. Parents and guardians are encouraged to monitor their children's internet usage and to exercise caution when allowing minors to access online services.
Changes to This Privacy Policy
How and when we update our privacy practices
MiraShop and AppStarBD IT Solution reserve the right to update, modify, or replace this Privacy Policy at any time to reflect changes in our practices, technologies, legal requirements, or other factors. As our business evolves and as applicable data protection laws and regulations change, we may need to revise this policy to ensure it remains accurate and compliant. We encourage you to review this page periodically for the latest information on our privacy practices.
Email Notification
We will send an email notification to the email address associated with your account for any material changes to this Privacy Policy. This ensures that active users are always informed about how their data is being handled.
Website Notice
We will display a prominent notice on our website homepage and in your account dashboard for at least 30 days whenever we make significant changes to this Privacy Policy. The notice will include a summary of the changes and the effective date.
SMS Notification
For material changes, we may also send an SMS notification to the phone number associated with your account. This is especially important for users in Bangladesh who may rely on SMS as their primary communication channel.
"Last Updated" Date
We will update the "Last Updated" date at the top of this Privacy Policy whenever we make changes. We recommend that you check this date each time you visit this page to stay informed about our current privacy practices.
Your continued use of MiraShop after any changes to this Privacy Policy constitutes your acceptance of the updated policy. If you do not agree with the changes, you should stop using our services immediately and request the deletion of your account by contacting us at privacy@mirashop.com. We may also ask you to re-consent to the updated policy the next time you log in or place an order.
Contact Us
How to reach our privacy team for questions or concerns
If you have any questions, concerns, or requests regarding this Privacy Policy, our data practices, or how we handle your personal information, we encourage you to reach out to our dedicated privacy team. We are committed to addressing your inquiries promptly and transparently. Your feedback helps us continuously improve our privacy practices and ensures that we maintain the highest standards of data protection.
Phone
+880 1XXX-XXXXXX
Sat-Thu, 9:00 AM - 9:00 PM BST
Mailing Address
AppStarBD IT Solution
Dhaka, Bangladesh
1205
For data access, correction, deletion, or portability requests, please email us at privacy@mirashop.com with the subject line "Data Rights Request" and include your registered email address or phone number so we can verify your identity. We aim to respond to all requests within 30 days. For urgent privacy concerns or suspected data breaches, please call our dedicated privacy hotline for immediate assistance.
AppStarBD IT Solution — The company behind MiraShop. We are committed to protecting your privacy and ensuring your data is handled with the utmost care and in compliance with applicable laws of the People's Republic of Bangladesh.