Banikh

Privacy Policy

Last updated: May 2026

Introduction

This Privacy Policy explains how Banikh ("we", "us", "our") collects, uses, and protects your information when you use our website and services. We are an individually operated platform based in Bangladesh.

Information We Collect

  • Merchant accounts: When you sign up as a merchant, we collect your name, email address, phone number, and business details needed to operate your store.
  • Customer data: When shoppers place orders on merchant stores, we process names, phone numbers, delivery addresses, order details, and any optional email or notes provided at checkout. This data is collected through storefronts at *.banikh.com (or merchant custom domains) on behalf of the merchant — the merchant is the data controller, and Banikh acts as the data processor for that data.
  • Usage data: We collect anonymized analytics data such as page views, browser type, and device information to improve our service. Our analytics are cookieless — see the Analytics section below for details.

How We Use Your Information

We use collected information to: provide and maintain our platform, process transactions on behalf of merchants, send service-related communications, improve our services, and comply with legal obligations.

Third-Party Services

We share data with the following third-party services only as necessary to operate the platform. Payment-gateway sharing only applies when the relevant gateway is enabled by the merchant on their store:

  • Brevo — transactional email delivery
  • bKash — payment processing (when merchant enables)
  • Nagad — payment processing (when merchant enables)
  • SSLCommerz — payment processing (when merchant enables)
  • SurjoPay — payment processing (when merchant enables)
  • AamarPay — payment processing (when merchant enables)
  • Steadfast — courier and delivery
  • Pathao — courier and delivery
  • RedX — courier and delivery
  • Cloudflare — DNS, SSL, and CDN
  • Cloudflare Turnstile — bot prevention on signup and checkout
  • BulkSMSBD — OTP and SMS notifications

Cookieless Analytics

Our analytics run on our own servers — no third-party analytics SaaS is loaded on storefronts or our marketing site. No cookies are set, no IP addresses stored, and no cross-site profiles are built. We see aggregate counts — pageviews, referrer, country, device type — never personal identifiers. No third-party trackers (Google Analytics, Facebook Pixel, etc.) are loaded on Banikh-operated pages by default. Individual merchants may add their own trackers to their storefronts; those are governed by the merchant's own privacy policy.

Cookies

We do not set tracking cookies on Banikh-operated pages. The only cookie our infrastructure may set is the Cloudflare Turnstile challenge cookie (cf_chl_*), used during signup and checkout to prevent automated abuse. It expires within minutes and is not used for tracking. Individual merchants may enable their own third-party trackers on their storefronts — those cookies are governed by the merchant's own cookie/privacy disclosure, not this policy.

Data Hosting

Your data is stored on servers hosted by Hetzner in Singapore. We implement appropriate technical and organizational measures to protect your data.

Data Retention

Merchant account data is retained for as long as the account is active or as needed to provide services. Customer data on merchant stores is retained as long as the merchant's account is active. On merchant account termination, customer data is retained for 30 days then permanently deleted, unless a legal obligation requires longer retention. You may request deletion of your data at any time by contacting us.

Your Rights

You have the right to: access the personal data we hold about you, request correction or deletion of your data, withdraw consent for marketing communications at any time, and request a copy of your data in a portable format.

Marketing Messages & Unsubscribe

If you receive marketing SMS or email from a Banikh merchant, you may unsubscribe at any time. SMS: reply STOP to opt out (mandatory under BTRC rules and enforced by the platform). Email: click the unsubscribe link in the footer of any marketing email. Transactional messages (order confirmations, OTPs, delivery updates) are sent only when you transact and cannot be opted out of while you have active orders.

Contact Us

For privacy-related inquiries, contact us at: [email protected]. We will respond within 72 hours.