Loading...
Heisenberg's Legacy
Main Menu
Home Account Reports Notices Temporary Email Buy Mail Proxies About FAQ Contact
Account
Login Register
Need Help?

Our support team is available 24/7 to assist you with selling your accounts.

Contact Support
Heisenberg's Legacy
Register
Privacy & Data Protection

Privacy Policy GDPR Compliant

How we protect and handle your data at Bangladesh's #1 digital marketplace. Comprehensive privacy protection for 50,000+ users since 2019.

Last Updated: January 15, 2025 | GDPR Compliance Effective Since: May 25, 2018

At Heisenberg's Legacy Shop, your privacy is our top priority. This comprehensive Privacy Policy explains how we collect, use, process, and protect your personal information when you use our digital marketplace services in Bangladesh and internationally. We are committed to full compliance with international privacy standards including GDPR, CCPA, and Bangladesh's Digital Security Act 2018.

By accessing our platform, you acknowledge that you have read, understood, and consent to the data practices described in this policy. This policy applies to all users of our website, mobile applications, and digital services.

Privacy Commitment for Bangladesh Users: We operate under strict compliance with Bangladesh's ICT Act 2006, Digital Security Act 2018, and international GDPR standards. Your personal data is protected with enterprise-grade security measures. All data processing activities are conducted with explicit consent and transparent disclosure. We never sell your personal information to third parties.

1. Information We Collect

We collect information to provide better services to all our users. The types of information we collect include:

Personal Information

When you create an account or use our services:

  • Identity Information: Full name, date of birth, government ID for verification
  • Contact Information: Email address, phone number, physical address
  • Communication: Telegram username, WhatsApp number, preferred contact methods
  • Financial Information: Bank account details, bKash/Nagad numbers, payment preferences
  • Security Information: Passwords (encrypted), security questions, two-factor authentication data

Social Media Account Data

When you submit accounts for trading:

  • Account Credentials: Login information (temporarily stored, then securely deleted)
  • Account Metrics: Follower counts, engagement rates, creation dates
  • Profile Data: Usernames, profile photos, bio information
  • Content Samples: Recent posts for verification (deleted after processing)
  • Recovery Information: Backup emails, phone numbers associated with accounts

Technical & Usage Data

Automatically collected for service improvement:

  • Device Information: IP address, browser type, operating system, device model
  • Usage Patterns: Pages visited, time spent, click patterns, search queries
  • Location Data: General location based on IP (city/country level only)
  • Performance Data: Page load times, error reports, feature usage statistics

2. How We Use Your Information

We use collected information for legitimate business purposes only:

  • Service Delivery: Processing account submissions, facilitating secure transfers, managing transactions
  • Identity Verification: KYC compliance, fraud prevention, security verification
  • Communication: Order updates, payment confirmations, customer support, security alerts
  • Platform Improvement: Analyzing usage patterns, optimizing user experience, developing new features
  • Legal Compliance: Meeting regulatory requirements, responding to legal requests, protecting rights
  • Security: Preventing fraud, detecting suspicious activity, protecting user accounts

3. Data Security & Protection

We implement industry-leading security measures to protect your information:

  • Encryption: AES-256 encryption for data at rest, TLS 1.3 for data in transit
  • Access Controls: Multi-factor authentication, role-based access, principle of least privilege
  • Infrastructure Security: Secure cloud hosting, regular security audits, penetration testing
  • Data Minimization: Collecting only necessary data, automatic deletion of expired data
  • Employee Training: Regular privacy and security training for all staff members
  • Incident Response: 24/7 monitoring, rapid response protocols, user notification procedures

4. Your Privacy Rights

Under GDPR and Bangladesh privacy laws, you have the following rights:

Data Access & Control Rights

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Correct inaccurate or incomplete information
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Limit how we process your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Opt-out of certain types of data processing

5. Data Sharing & Disclosure

We limit data sharing to essential business purposes only:

  • Service Providers: Payment processors (bKash, Nagad), hosting providers, security services
  • Legal Requirements: Government authorities when required by Bangladesh law
  • Business Transfers: In case of merger or acquisition (with user notification)
  • Emergency Situations: To protect safety and prevent fraud

No Data Sales: We never sell, rent, or trade your personal information to third parties for marketing purposes. Your data is not a commodity - it's a trust we protect.

6. Data Retention

We retain personal information only as long as necessary:

  • Account Data: Retained while account is active plus 90 days after closure
  • Transaction Records: Kept for 7 years for legal and tax compliance
  • Social Media Credentials: Deleted within 24 hours after successful transfer
  • Communication Logs: Retained for 2 years for customer support purposes
  • Marketing Data: Deleted immediately upon unsubscribe request

7. International Data Transfers

When transferring data outside Bangladesh, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by European Commission
  • Adequacy decisions for specific countries
  • Explicit user consent for necessary transfers
  • Regular assessment of destination country privacy laws

8. Children's Privacy

Our services are not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover that a child has provided personal information, we will delete such information immediately and terminate the account.

9. Cookies & Tracking

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for website functionality and security
  • Analytics Cookies: Help us understand how you use our platform
  • Preference Cookies: Remember your settings and language preferences
  • Marketing Cookies: Used only with your explicit consent

10. Policy Updates

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes through email or platform notifications at least 30 days before the changes take effect.

11. Contact Our Privacy Team

For any privacy-related questions, concerns, or to exercise your rights, contact our dedicated privacy team:

🛡️ Privacy & Data Protection Team

🏢 Office: Dhanmondi, Dhaka-1205, Bangladesh
📧 Privacy Email: privacy@heisenbergslegacy.shop
📧 DPO Email: dpo@heisenbergslegacy.shop
📱 Telegram: @Heisenberg_V2
🕐 Response Time: Within 72 hours for privacy requests
🔐 Secure Contact: Use our encrypted contact form for sensitive inquiries

For urgent privacy concerns or data breaches, contact us immediately via Telegram for fastest response.