Privacy Policy
Effective Date: June 02, 2025
1. Introduction
CHHAP Magazine (“CHHAP,” “we,” “us,” or “our”) values your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.chhap.asia (“Website”), subscribe to our digital or print publications, participate in our events or promotions, or otherwise interact with our services (“Services”).
By accessing or using our Website or Services, you consent to the practices described herein. If you do not agree with this policy, please do not use our Website.
2. Information We Collect
2.1 Personal Information You Provide
When you interact with CHHAP, we collect personal information you voluntarily provide, which may include:
Full name, username, and contact details such as email address, phone number, and postal address.
Account credentials like username and password.
Payment and billing information, including credit card or bank account details.
Demographic information such as age, gender, occupation, and interests.
Content you submit including comments, reviews, feedback, or contributions.
Communications with customer support or participation in surveys and contests.
2.2 Information Collected Automatically
We collect certain information automatically through your use of our Website and Services, including:
Device identifiers such as IP address, device type, and operating system.
Browser type and version.
Time zone and language preferences.
Information about your visit such as pages viewed, time spent, referring URLs, and clickstream data.
Interaction data with our content, advertisements, and features.
Cookies, web beacons, and other tracking technologies that collect similar information.
2.3 Information from Third Parties
We may receive information about you from third parties such as social media platforms when you link your accounts or share content, as well as from analytics and advertising partners who provide aggregated or anonymized data to improve our services.
3. How We Use Your Information
We use the personal and usage information collected for the following purposes:
To provide, maintain, and improve our Website and Services.
To manage user accounts, including authentication, billing, and customer support.
To personalize your experience, including content recommendations and targeted advertising.
To communicate important updates, newsletters, marketing offers, and event information.
To conduct research, data analysis, and business intelligence to enhance service quality.
To detect, prevent, and respond to fraudulent or illegal activities and protect user security.
To comply with legal obligations and enforce our Terms of Service and policies.
We do not use your personal information for purposes other than those described without your consent.
4. Sharing Your Information
We do not sell or rent your personal data to third parties. However, we may share your information with the following categories of recipients:
4.1 Service Providers and Business Partners
We share information with trusted third-party vendors who perform services on our behalf such as payment processing, data hosting, customer support, analytics, marketing, and advertising. These partners are contractually obligated to safeguard your information and use it only as instructed by CHHAP.
4.2 Legal and Regulatory Authorities
We may disclose your information when required by law, subpoena, court order, or governmental request to comply with legal obligations, protect the rights, property, or safety of CHHAP, its users, or others.
4.3 Business Transfers
In the event of a merger, acquisition, restructuring, sale, or transfer of assets, your information may be transferred as part of the business transaction subject to confidentiality and privacy protections.
5. Cookies and Tracking Technologies
Our Website uses cookies and other tracking technologies to enhance user experience, analyze traffic, and deliver personalized content. These technologies include:
Essential Cookies: Necessary for the functioning of the Website (e.g., session management, security).
Performance Cookies: Collect anonymous data about Website performance and usage.
Functionality Cookies: Remember user preferences and enable enhanced features.
Advertising Cookies: Used to show relevant ads and track campaign effectiveness.
You can manage your cookie preferences through your browser settings or by using opt-out tools provided on the Website. Please note that disabling cookies may affect the availability or functionality of certain Website features.
6. Data Security
We implement appropriate administrative, technical, and physical safeguards to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These include encryption, firewalls, secure server environments, access controls, and employee training.
However, no internet transmission or electronic storage method is 100% secure. While we strive to protect your data, we cannot guarantee absolute security and urge you to take steps to secure your devices and credentials.
7. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
Access: Obtain a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of personal data, subject to retention requirements.
Restriction: Request limitations on how your data is processed.
Portability: Receive your data in a portable format.
Objection: Object to processing based on legitimate interests or direct marketing.
Withdraw Consent: Withdraw consent where processing is based on consent.
To exercise these rights, please contact us at contact@chaap.asia. We will respond within the timeframe required by applicable laws.
8. Data Retention
We retain your personal data only as long as necessary to provide Services, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data type and purpose. When data is no longer needed, we securely delete or anonymize it.
9. International Data Transfers
Your personal data may be transferred to and processed in countries outside your residence, including Bangladesh, where CHHAP and its service providers operate. These countries may have different data protection laws. We take measures to ensure your data receives appropriate protection consistent with this Privacy Policy and applicable law.
10. Children’s Privacy
Our Website and Services are not intended for children under the age of 13. We do not knowingly collect personal information from children. If we learn that we have collected data from a child without parental consent, we will promptly delete it. Parents or guardians wishing to request deletion may contact us at contact@chaap.asia.
11. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or business operations. We will post the revised Policy on our Website with the updated effective date. Continued use of the Website after such changes constitutes acceptance of the updated Policy.
12. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or our data practices, please contact:
Email: contact@chaap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
13. COOKIE MANAGEMENT AND USER CHOICES
13.1 What Are Cookies?
Cookies are small text files placed on your device by websites you visit. They help websites recognize your device and remember information such as login details or preferences.
13.2 Types of Cookies We Use
Strictly Necessary Cookies: Essential for basic site functions (e.g., user login, security). These cannot be disabled without affecting the Website’s core functionality.
Performance and Analytics Cookies: Collect anonymous information on how visitors use the Website, helping us improve content and user experience.
Functionality Cookies: Remember your preferences and choices (language, region).
Advertising and Targeting Cookies: Used to deliver personalized ads and measure campaign effectiveness.
13.3 Managing Cookies
You can control or block cookies through your browser settings. Most browsers allow you to delete existing cookies, block new cookies, or be notified when cookies are being used. Please note that disabling cookies may degrade your experience or disable certain features.
13.4 Opt-Out Tools
For third-party advertising cookies, you can opt out via services like the Network Advertising Initiative (NAI) or Digital Advertising Alliance (DAA) websites.
14. DATA BREACH NOTIFICATION AND RESPONSE
14.1 Our Commitment
CHHAP takes data security seriously and has implemented procedures to detect, respond to, and mitigate the effects of data breaches.
14.2 Notification
In the event of a data breach compromising personal data, we will promptly notify affected individuals and relevant authorities as required by applicable laws.
14.3 Preventative Measures
We continuously update security protocols, conduct audits, and train employees to prevent breaches.
15. PRIVACY RIGHTS BY REGION
15.1 General Data Protection Regulation (GDPR)
If you are a resident of the European Economic Area (EEA), you have rights under the GDPR, including:
Access to your data.
Right to rectification, erasure, and restriction of processing.
Right to data portability and to object to processing.
Right to lodge complaints with supervisory authorities.
15.2 California Consumer Privacy Act (CCPA)
If you are a California resident, you have the right to:
Know what personal data is collected and shared.
Request deletion of personal data.
Opt-out of sale of personal data (note: we do not sell data).
Non-discrimination for exercising privacy rights.
15.3 Other Jurisdictions
Where applicable, we comply with other regional privacy laws and provide comparable rights to users.
16. THIRD-PARTY INTEGRATIONS AND DATA SHARING
16.1 Third-Party Services
We integrate with third-party providers for analytics, marketing, payment processing, and content delivery. These partners may collect information directly from your device when you use our Website.
16.2 Third-Party Privacy Policies
We recommend reviewing the privacy policies of third parties connected to our Website to understand their data practices.
16.3 Data Sharing Safeguards
All third-party providers are vetted and contractually required to maintain confidentiality and comply with applicable data protection laws.
17. MARKETING COMMUNICATIONS
17.1 Consent to Receive Communications
By subscribing or providing contact details, you consent to receive marketing emails, newsletters, and promotional offers from CHHAP.
17.2 Unsubscribing
You may opt out of marketing communications at any time by clicking the unsubscribe link in emails or contacting us directly.
17.3 Transactional Communications
You will continue to receive transactional emails such as subscription confirmations, billing notices, and service updates even if you opt out of marketing.
18. CHILDREN’S PRIVACY
We do not knowingly collect or solicit personal information from children under 13 years of age. If you are under 18, please do not provide any personal data through our Website. If we learn that we have inadvertently collected such data, we will delete it promptly.
19. HOW WE PROTECT YOUR DATA
19.1 Technical Security
We employ encryption protocols (e.g., SSL/TLS) to secure data transmissions and store personal data in secure environments with access controls.
19.2 Organizational Measures
Employee access is limited to authorized personnel trained on data protection. Regular security audits are conducted.
19.3 Data Minimization
We only collect and retain data necessary for the stated purposes.
20. DATA RETENTION AND DELETION
20.1 Retention Periods
Personal data is retained only as long as necessary to fulfill the purposes of collection, comply with legal obligations, or resolve disputes.
20.2 Deletion Requests
You may request deletion of your personal data subject to legal and operational limitations by contacting contact@chaap.asia.
21. INTERNATIONAL DATA TRANSFERS
Your personal information may be transferred to and processed in countries with different data protection laws than your home country, including Bangladesh where CHHAP operates. We implement safeguards such as contractual clauses and security measures to protect your data during international transfers.
22. YOUR PRIVACY RIGHTS AND CHOICES
22.1 Access and Correction
You have the right to request access to and correction of your personal data.
22.2 Data Portability
Where applicable, you may request a copy of your personal data in a portable format.
22.3 Restriction and Objection
You may request restrictions on processing or object to data use in certain circumstances.
22.4 Withdrawal of Consent
Where processing is based on consent, you may withdraw consent at any time, without affecting past processing.
22.5 Complaints
You have the right to file a complaint with data protection authorities if you believe your rights are violated.
23. CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time. Significant changes will be communicated via the Website or email. Your continued use after changes indicates acceptance.
24. CONTACT US
If you have questions about this Privacy Policy or wish to exercise your rights, please contact:
Email: contact@chaap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
25. DETAILED COOKIE MANAGEMENT OPTIONS
25.1 How to Manage Cookies
You can manage your cookie preferences through your browser settings. Each browser provides instructions on how to refuse or delete cookies:
Google Chrome: Settings > Privacy and Security > Cookies and other site data
Mozilla Firefox: Options > Privacy & Security > Cookies and Site Data
Safari: Preferences > Privacy > Manage Website Data
Microsoft Edge: Settings > Site Permissions > Cookies and site data
25.2 Cookie Consent
On your first visit, CHHAP presents a cookie consent banner allowing you to accept or customize cookie preferences. You can change your preferences anytime via a dedicated cookie settings link on the Website footer.
25.3 Third-Party Opt-Out
Many third-party advertising and analytics companies provide opt-out mechanisms, including:
Network Advertising Initiative (NAI) opt-out: optout.networkadvertising.org
Digital Advertising Alliance (DAA) opt-out: optout.aboutads.info
Your Online Choices (EU): youronlinechoices.eu
26. DATA BREACH RESPONSE AND NOTIFICATION
26.1 Incident Detection
CHHAP employs security monitoring tools to detect potential data breaches promptly.
26.2 Response Procedures
Upon identifying a data breach, we initiate a response plan including containment, investigation, mitigation, and notification.
26.3 User Notification
If the breach is likely to result in risk to your rights or freedoms, we will notify you without undue delay via email or Website notice, providing information on the nature of the breach and protective steps.
26.4 Regulatory Notification
Where required by law, we notify relevant data protection authorities within mandated timelines.
27. HOW TO EXERCISE YOUR DATA PRIVACY RIGHTS
27.1 Access Requests
You may request a copy of your personal data that CHHAP processes. We will verify your identity before responding.
27.2 Correction and Deletion
You can request corrections to inaccurate data or deletion of personal data, subject to legal retention requirements.
27.3 Data Portability
Where applicable, you may request your data in a structured, machine-readable format.
27.4 Objections and Restrictions
You may object to certain data uses or request restrictions on processing under applicable laws.
27.5 How to Submit Requests
Submit your requests via email to contact@chaap.asia. Please include sufficient information to identify yourself and the request type.
27.6 Response Time
We aim to respond within statutory timelines, typically 30 days, with possible extensions for complex cases.
28. THIRD-PARTY SERVICES AND INTEGRATIONS
28.1 Use of Third-Party Tools
We utilize third-party service providers for hosting, analytics, marketing, payment processing, and customer support.
28.2 Privacy Responsibilities
While we strive to select reputable partners, we are not responsible for their privacy practices. We encourage you to review their policies.
28.3 Data Transfer Agreements
We enter into data processing agreements with third parties to ensure adequate protection of your data.
29. MARKETING AND COMMUNICATION PREFERENCES
29.1 Consent for Marketing
By opting in or subscribing, you consent to receive marketing communications.
29.2 Opting Out
You can opt out at any time via unsubscribe links or by contacting us. Opting out will not affect transactional or service-related communications.
30. CHILDREN’S DATA PROTECTION
We do not knowingly collect personal data from children under 18. If you believe we have collected such data, please contact us to request deletion.
31. INTERNATIONAL DATA TRANSFERS AND SAFEGUARDS
31.1 Transfer Locations
Your data may be transferred to countries including Bangladesh and others where CHHAP and its partners operate.
31.2 Legal Safeguards
We apply appropriate safeguards such as standard contractual clauses or other mechanisms to ensure data protection.
32. UPDATES TO THIS POLICY
We reserve the right to update this Privacy Policy. Material changes will be communicated through Website notifications or email. Continued use indicates acceptance of the revised policy.
33. CONTACT INFORMATION
For any inquiries or concerns about your privacy or this Policy, contact:
Email: contact@chaap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
34. PRIVACY POLICY GLOSSARY
To assist you in understanding key terms used in this Privacy Policy, below are definitions of common privacy-related terms:
Personal Data: Any information relating to an identified or identifiable individual.
Processing: Any operation performed on personal data, including collection, storage, use, or disclosure.
Data Controller: The entity determining the purposes and means of processing personal data (CHHAP).
Data Processor: A third party processing data on behalf of the Data Controller.
Consent: Freely given, specific, informed, and unambiguous indication of your wishes agreeing to data processing.
Data Subject: The individual to whom personal data relates (you).
Data Breach: A security incident leading to accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of personal data.
35. COOKIES AND TRACKING TECHNOLOGIES (IN-DEPTH)
35.1 Web Beacons and Pixels
In addition to cookies, we may use web beacons or tracking pixels—small graphic images or codes embedded on web pages or emails—to monitor usage and measure the effectiveness of our campaigns.
35.2 Local Storage Technologies
We may use HTML5 local storage or similar technologies to store information on your device to enhance performance.
35.3 Do Not Track Signals
Currently, our Website does not respond to browser “Do Not Track” settings, but we continually monitor developments in industry standards.
36. DATA PROTECTION OFFICER (DPO)
CHHAP has appointed a Data Protection Officer responsible for overseeing data privacy compliance. You may contact the DPO for any privacy-related inquiries:
Email: dpo@chhap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
37. DATA PROTECTION IMPACT ASSESSMENTS
For high-risk data processing activities, CHHAP conducts Data Protection Impact Assessments (DPIAs) to identify and mitigate privacy risks, ensuring compliance with applicable laws.
38. AUTOMATED DECISION-MAKING AND PROFILING
38.1 Use of Automated Processing
CHHAP may use automated systems to personalize content or advertising but does not make decisions with legal or significant effects based solely on automated processing.
38.2 User Rights
You may request human intervention and contest decisions resulting from automated processing where applicable.
39. LINKS TO OTHER WEBSITES
Our Website may contain links to external websites for convenience. We are not responsible for the privacy practices or content of those sites and recommend reviewing their privacy policies.
40. COMPLAINTS AND DISPUTE RESOLUTION
40.1 Raising Complaints
If you have concerns about our privacy practices, please contact us first at contact@chaap.asia so we can address your issues promptly.
40.2 Supervisory Authorities
If unsatisfied, you have the right to lodge a complaint with your local data protection authority.
41. GOVERNING LAW
This Privacy Policy is governed by the laws of Bangladesh, without regard to its conflict of law principles.
42. POLICY EFFECTIVE DATE AND REVIEW
This Policy is effective as of june 02, 2025. We review and update our Privacy Policy periodically to reflect changes in legal requirements or business practices.
43. ADDITIONAL INFORMATION FOR INTERNATIONAL USERS
43.1 Data Transfers
Users outside Bangladesh should be aware that data transfer to Bangladesh and other countries may involve different levels of data protection.
43.2 Consent and Local Laws
By using the Website, international users consent to data processing in accordance with this Policy and applicable local laws.
44. USER CONSENT
By using CHHAP’s Website or Services, you explicitly consent to the collection, use, and sharing of your personal data as described in this Privacy Policy.
45. CONTACT DETAILS
For questions, data requests, or privacy concerns, please contact:
Email: contact@chaap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
46. THIRD-PARTY ADVERTISING AND ANALYTICS
46.1 Advertising Partners
CHHAP may work with third-party advertising partners who use cookies and other technologies to deliver relevant ads. These partners may collect information about your visits to our Website and other websites to provide targeted advertisements.
46.2 Opting Out of Behavioral Advertising
You can opt out of interest-based advertising by visiting the Digital Advertising Alliance (DAA) opt-out page or the Network Advertising Initiative (NAI) opt-out page.
46.3 Analytics Providers
We use third-party analytics providers such as Google Analytics to understand how users interact with our Website. These providers collect information anonymously and report aggregated data to us.
47. SOCIAL MEDIA PLATFORMS
47.1 Integration and Sharing
Our Website may include social media features that allow you to share content or interact with social platforms. These features may collect your IP address and track your interactions.
47.2 Data Sharing with Social Platforms
When you interact with these features, your data may be shared with the respective social media platforms subject to their privacy policies.
48. USER-GENERATED CONTENT AND PRIVACY
48.1 Public Nature of Content
Content you post on public areas of our Website may be visible to others and indexed by search engines.
48.2 Responsible Posting
Do not share sensitive personal information in publicly accessible areas.
48.3 Removal Requests
You may request removal of your User Content by contacting us. While we will consider such requests, we do not guarantee complete removal due to technical or legal limitations.
49. DATA PROTECTION TRAINING AND AWARENESS
CHHAP conducts regular data protection training for its employees to ensure awareness of privacy obligations and best practices.
50. PRIVACY BY DESIGN AND DEFAULT
We incorporate data protection principles into our business processes, systems, and product development to ensure that privacy considerations are embedded from the start.
51. INTERNATIONAL USERS — SPECIFIC NOTICE
51.1 Cross-Border Data Processing
International users acknowledge that their data may be processed in Bangladesh or other jurisdictions with differing privacy laws.
51.2 Data Transfer Safeguards
Where applicable, we implement safeguards like standard contractual clauses to ensure protection of your data.
52. COOKIES IN EMAIL COMMUNICATIONS
CHHAP emails may include tracking pixels to monitor open rates and engagement. This data helps improve email content and delivery. You can opt out by unsubscribing from our emails.
53. PRIVACY IMPACT ASSESSMENTS
Before launching new products or processes involving personal data, CHHAP conducts privacy impact assessments to identify risks and implement mitigation strategies.
54. DATA PORTABILITY
Where applicable, you may request your data in a structured, commonly used, and machine-readable format to transfer to another service provider.
55. CHILDREN’S ONLINE PRIVACY PROTECTION ACT (COPPA) COMPLIANCE
CHHAP does not knowingly collect personal information from children under 13 in compliance with COPPA. If we become aware of such data collection, we will delete the information.
56. PRIVACY POLICY CHANGES — NOTIFICATION METHODS
Material changes to this Privacy Policy will be communicated by:
Posting notices on our Website homepage or dedicated privacy page
Email notifications to registered users
Updates to the effective date of the Policy
Users are encouraged to review this Policy periodically.
57. CONTACT AND PRIVACY OFFICER INFORMATION
For questions, concerns, or data protection inquiries, contact:
Data Protection Officer
Email: dpo@chhap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
58. USER RESPONSIBILITY AND ACKNOWLEDGMENT
By using CHHAP’s Website and Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms regarding your personal data.
59. PRIVACY AND DATA PROTECTION GOVERNANCE
59.1 Organizational Commitment
CHHAP is committed to maintaining robust privacy and data protection practices. Our governance framework ensures ongoing compliance with applicable laws and best practices.
59.2 Privacy Training
Employees undergo mandatory privacy training programs to understand data protection responsibilities and the handling of personal data.
59.3 Data Protection Officer (DPO)
Our appointed DPO oversees compliance efforts, data protection impact assessments, and acts as a liaison with regulatory authorities.
60. DATA PROTECTION IMPACT ASSESSMENTS (DPIA)
60.1 Purpose
Before initiating any high-risk data processing activities, CHHAP conducts DPIAs to evaluate risks to individual privacy.
60.2 Process
DPIAs include identifying risks, assessing their severity, and implementing controls to mitigate identified risks.
60.3 Review and Update
DPIAs are reviewed periodically and updated if the nature of processing changes.
61. DATA SUBJECT RIGHTS MANAGEMENT
61.1 Request Verification
CHHAP verifies the identity of individuals making data access or correction requests to prevent unauthorized disclosures.
61.2 Response Commitment
We respond to all valid requests in accordance with applicable timelines, providing information or making corrections as required.
61.3 Limitations
Certain requests may be denied or restricted where exceptions apply, such as legal obligations or freedom of expression considerations.
62. INTERNATIONAL DATA TRANSFER MECHANISMS
62.1 Standard Contractual Clauses (SCCs)
CHHAP utilizes SCCs approved by relevant authorities to lawfully transfer data internationally.
62.2 Binding Corporate Rules (BCRs)
Where applicable, internal policies govern international data transfers within our corporate group.
62.3 Data Transfer Risk Mitigation
We assess risks of international transfers and implement safeguards to protect data subjects.
63. BREACH RESPONSE AND NOTIFICATION PROCEDURES
63.1 Breach Identification
Continuous monitoring enables prompt detection of data breaches.
63.2 Containment and Remediation
CHHAP takes immediate steps to contain breaches, prevent further damage, and remediate vulnerabilities.
63.3 Regulatory Reporting
Notifications are made to authorities within mandated timeframes, usually 72 hours after discovery.
63.4 User Notification
Affected individuals are informed promptly if there is a high risk to their rights or freedoms.
64. DATA RETENTION AND DELETION POLICIES
64.1 Retention Schedules
Data is retained based on legal, operational, and contractual requirements.
64.2 Secure Deletion
When data is no longer necessary, it is securely deleted or anonymized.
64.3 User-Initiated Deletion
Users may request deletion of their personal data, subject to exceptions such as compliance requirements.
65. CHILDREN'S PRIVACY SPECIFIC CONTROLS
65.1 Parental Consent
Where applicable, parental or guardian consent is required before collecting personal information from minors.
65.2 Age Verification
Reasonable measures are taken to verify age when required.
65.3 Educational Resources
CHHAP provides resources to educate children and parents about online privacy.
66. POLICY REVIEW AND CONTINUOUS IMPROVEMENT
66.1 Regular Reviews
Our Privacy Policy is reviewed at least annually or when significant changes occur.
66.2 Stakeholder Engagement
We consider feedback from users, regulators, and privacy experts in updating our policies.
66.3 Training and Awareness
Updates to policies are communicated internally, with refresher training to maintain awareness.
68. USER DATA REQUEST PROCEDURES
68.1 Submitting Requests
Users wishing to exercise their privacy rights (access, correction, deletion, etc.) should submit a request via email to contact@chaap.asia with the subject line “Privacy Data Request.” Please include:
Your full name and contact information
Description of the request type (e.g., data access, correction, deletion)
Any additional information to verify your identity
68.2 Verification of Identity
To protect your data, CHHAP will verify your identity before processing requests. We may ask for government-issued identification or other information.
68.3 Processing Timeline
We endeavor to respond within 30 calendar days. Complex requests may require an extension of up to 60 days, in which case we will inform you.
68.4 Request Limitations
Requests that are excessive, repetitive, or unfounded may be subject to a reasonable fee or refusal, consistent with applicable law.
69. EMPLOYEE AND CONTRACTOR PRIVACY TRAINING POLICY
69.1 Training Program
All CHHAP employees and contractors receive mandatory data protection and privacy training upon hiring and at regular intervals.
69.2 Training Topics
Training covers data handling, security protocols, user privacy rights, breach response, and regulatory compliance.
69.3 Accountability
Completion of training is documented, and failure to comply may result in disciplinary action.
70. DATA SECURITY AND INCIDENT RESPONSE TEAM
70.1 Dedicated Team
CHHAP maintains a specialized team responsible for monitoring data security and coordinating responses to incidents.
70.2 Incident Reporting
Employees are required to report suspected data breaches immediately.
70.3 Continuous Improvement
The team regularly reviews security measures and updates protocols to address emerging threats.
71. POLICY ON CROSS-BORDER DATA TRANSFERS
71.1 Compliance
Cross-border data transfers comply with applicable legal frameworks such as GDPR.
71.2 Risk Assessment
CHHAP conducts risk assessments prior to transferring data internationally.
71.3 Safeguards
Transfers are protected by contracts, certifications, or other approved mechanisms.
72. USER NOTIFICATIONS AND CONSENTS
72.1 Transparency
Users are informed about data collection and use through clear notices and consent mechanisms.
72.2 Consent Management
Where required, CHHAP obtains explicit consent for processing sensitive data or marketing communications.
72.3 Revoking Consent
Users may withdraw consent at any time without affecting processing prior to withdrawal.
73. THIRD-PARTY PRIVACY AND SECURITY AUDITS
73.1 Vendor Assessments
CHHAP conducts privacy and security assessments before engaging third-party service providers.
73.2 Ongoing Monitoring
Regular audits and compliance checks are conducted to ensure ongoing protection of user data.
74. DATA ANONYMIZATION AND PSEUDONYMIZATION
74.1 Techniques Used
To protect privacy, CHHAP applies anonymization or pseudonymization techniques where appropriate for data analysis and reporting.
74.2 Benefits
These techniques reduce the risk of re-identification and enhance data security.
75. DATA PROTECTION IN PRODUCT DEVELOPMENT
75.1 Privacy by Design
Data protection principles are integrated into all new product and service development cycles.
75.2 User Privacy Impact
Potential privacy impacts are assessed and mitigated from the earliest stages.
76. USER EDUCATION AND AWARENESS
76.1 Information Resources
CHHAP provides users with resources and guidance on protecting their privacy and data security.
76.2 Communication
Regular updates and tips are shared via newsletters and Website content.
77. POLICY GOVERNANCE AND REVIEW
77.1 Policy Owner
The Data Protection Officer is responsible for maintaining and updating this Privacy Policy.
77.2 Review Frequency
This Policy is reviewed annually or upon significant regulatory changes.
77.3 Approval and Publication
Revised policies are approved by senior management and published on the Website.
78. ACKNOWLEDGEMENT OF PRIVACY POLICY
By using CHHAP’s Website or Services, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy.
79. CONTACT INFORMATION
For all privacy inquiries, please
Email: contact@chhap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
Privacy Policy
Effective Date: June 02, 2025
1. Introduction
CHHAP Magazine (“CHHAP,” “we,” “us,” or “our”) values your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.chhap.asia (“Website”), subscribe to our digital or print publications, participate in our events or promotions, or otherwise interact with our services (“Services”).
By accessing or using our Website or Services, you consent to the practices described herein. If you do not agree with this policy, please do not use our Website.
2. Information We Collect
2.1 Personal Information You Provide
When you interact with CHHAP, we collect personal information you voluntarily provide, which may include:
Full name, username, and contact details such as email address, phone number, and postal address.
Account credentials like username and password.
Payment and billing information, including credit card or bank account details.
Demographic information such as age, gender, occupation, and interests.
Content you submit including comments, reviews, feedback, or contributions.
Communications with customer support or participation in surveys and contests.
2.2 Information Collected Automatically
We collect certain information automatically through your use of our Website and Services, including:
Device identifiers such as IP address, device type, and operating system.
Browser type and version.
Time zone and language preferences.
Information about your visit such as pages viewed, time spent, referring URLs, and clickstream data.
Interaction data with our content, advertisements, and features.
Cookies, web beacons, and other tracking technologies that collect similar information.
2.3 Information from Third Parties
We may receive information about you from third parties such as social media platforms when you link your accounts or share content, as well as from analytics and advertising partners who provide aggregated or anonymized data to improve our services.
3. How We Use Your Information
We use the personal and usage information collected for the following purposes:
To provide, maintain, and improve our Website and Services.
To manage user accounts, including authentication, billing, and customer support.
To personalize your experience, including content recommendations and targeted advertising.
To communicate important updates, newsletters, marketing offers, and event information.
To conduct research, data analysis, and business intelligence to enhance service quality.
To detect, prevent, and respond to fraudulent or illegal activities and protect user security.
To comply with legal obligations and enforce our Terms of Service and policies.
We do not use your personal information for purposes other than those described without your consent.
4. Sharing Your Information
We do not sell or rent your personal data to third parties. However, we may share your information with the following categories of recipients:
4.1 Service Providers and Business Partners
We share information with trusted third-party vendors who perform services on our behalf such as payment processing, data hosting, customer support, analytics, marketing, and advertising. These partners are contractually obligated to safeguard your information and use it only as instructed by CHHAP.
4.2 Legal and Regulatory Authorities
We may disclose your information when required by law, subpoena, court order, or governmental request to comply with legal obligations, protect the rights, property, or safety of CHHAP, its users, or others.
4.3 Business Transfers
In the event of a merger, acquisition, restructuring, sale, or transfer of assets, your information may be transferred as part of the business transaction subject to confidentiality and privacy protections.
5. Cookies and Tracking Technologies
Our Website uses cookies and other tracking technologies to enhance user experience, analyze traffic, and deliver personalized content. These technologies include:
Essential Cookies: Necessary for the functioning of the Website (e.g., session management, security).
Performance Cookies: Collect anonymous data about Website performance and usage.
Functionality Cookies: Remember user preferences and enable enhanced features.
Advertising Cookies: Used to show relevant ads and track campaign effectiveness.
You can manage your cookie preferences through your browser settings or by using opt-out tools provided on the Website. Please note that disabling cookies may affect the availability or functionality of certain Website features.
6. Data Security
We implement appropriate administrative, technical, and physical safeguards to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These include encryption, firewalls, secure server environments, access controls, and employee training.
However, no internet transmission or electronic storage method is 100% secure. While we strive to protect your data, we cannot guarantee absolute security and urge you to take steps to secure your devices and credentials.
7. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
Access: Obtain a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of personal data, subject to retention requirements.
Restriction: Request limitations on how your data is processed.
Portability: Receive your data in a portable format.
Objection: Object to processing based on legitimate interests or direct marketing.
Withdraw Consent: Withdraw consent where processing is based on consent.
To exercise these rights, please contact us at contact@chaap.asia. We will respond within the timeframe required by applicable laws.
8. Data Retention
We retain your personal data only as long as necessary to provide Services, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods vary by data type and purpose. When data is no longer needed, we securely delete or anonymize it.
9. International Data Transfers
Your personal data may be transferred to and processed in countries outside your residence, including Bangladesh, where CHHAP and its service providers operate. These countries may have different data protection laws. We take measures to ensure your data receives appropriate protection consistent with this Privacy Policy and applicable law.
10. Children’s Privacy
Our Website and Services are not intended for children under the age of 13. We do not knowingly collect personal information from children. If we learn that we have collected data from a child without parental consent, we will promptly delete it. Parents or guardians wishing to request deletion may contact us at contact@chaap.asia.
11. Changes to This Privacy Policy
We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or business operations. We will post the revised Policy on our Website with the updated effective date. Continued use of the Website after such changes constitutes acceptance of the updated Policy.
12. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or our data practices, please contact:
Email: contact@chaap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
13. COOKIE MANAGEMENT AND USER CHOICES
13.1 What Are Cookies?
Cookies are small text files placed on your device by websites you visit. They help websites recognize your device and remember information such as login details or preferences.
13.2 Types of Cookies We Use
Strictly Necessary Cookies: Essential for basic site functions (e.g., user login, security). These cannot be disabled without affecting the Website’s core functionality.
Performance and Analytics Cookies: Collect anonymous information on how visitors use the Website, helping us improve content and user experience.
Functionality Cookies: Remember your preferences and choices (language, region).
Advertising and Targeting Cookies: Used to deliver personalized ads and measure campaign effectiveness.
13.3 Managing Cookies
You can control or block cookies through your browser settings. Most browsers allow you to delete existing cookies, block new cookies, or be notified when cookies are being used. Please note that disabling cookies may degrade your experience or disable certain features.
13.4 Opt-Out Tools
For third-party advertising cookies, you can opt out via services like the Network Advertising Initiative (NAI) or Digital Advertising Alliance (DAA) websites.
14. DATA BREACH NOTIFICATION AND RESPONSE
14.1 Our Commitment
CHHAP takes data security seriously and has implemented procedures to detect, respond to, and mitigate the effects of data breaches.
14.2 Notification
In the event of a data breach compromising personal data, we will promptly notify affected individuals and relevant authorities as required by applicable laws.
14.3 Preventative Measures
We continuously update security protocols, conduct audits, and train employees to prevent breaches.
15. PRIVACY RIGHTS BY REGION
15.1 General Data Protection Regulation (GDPR)
If you are a resident of the European Economic Area (EEA), you have rights under the GDPR, including:
Access to your data.
Right to rectification, erasure, and restriction of processing.
Right to data portability and to object to processing.
Right to lodge complaints with supervisory authorities.
15.2 California Consumer Privacy Act (CCPA)
If you are a California resident, you have the right to:
Know what personal data is collected and shared.
Request deletion of personal data.
Opt-out of sale of personal data (note: we do not sell data).
Non-discrimination for exercising privacy rights.
15.3 Other Jurisdictions
Where applicable, we comply with other regional privacy laws and provide comparable rights to users.
16. THIRD-PARTY INTEGRATIONS AND DATA SHARING
16.1 Third-Party Services
We integrate with third-party providers for analytics, marketing, payment processing, and content delivery. These partners may collect information directly from your device when you use our Website.
16.2 Third-Party Privacy Policies
We recommend reviewing the privacy policies of third parties connected to our Website to understand their data practices.
16.3 Data Sharing Safeguards
All third-party providers are vetted and contractually required to maintain confidentiality and comply with applicable data protection laws.
17. MARKETING COMMUNICATIONS
17.1 Consent to Receive Communications
By subscribing or providing contact details, you consent to receive marketing emails, newsletters, and promotional offers from CHHAP.
17.2 Unsubscribing
You may opt out of marketing communications at any time by clicking the unsubscribe link in emails or contacting us directly.
17.3 Transactional Communications
You will continue to receive transactional emails such as subscription confirmations, billing notices, and service updates even if you opt out of marketing.
18. CHILDREN’S PRIVACY
We do not knowingly collect or solicit personal information from children under 13 years of age. If you are under 18, please do not provide any personal data through our Website. If we learn that we have inadvertently collected such data, we will delete it promptly.
19. HOW WE PROTECT YOUR DATA
19.1 Technical Security
We employ encryption protocols (e.g., SSL/TLS) to secure data transmissions and store personal data in secure environments with access controls.
19.2 Organizational Measures
Employee access is limited to authorized personnel trained on data protection. Regular security audits are conducted.
19.3 Data Minimization
We only collect and retain data necessary for the stated purposes.
20. DATA RETENTION AND DELETION
20.1 Retention Periods
Personal data is retained only as long as necessary to fulfill the purposes of collection, comply with legal obligations, or resolve disputes.
20.2 Deletion Requests
You may request deletion of your personal data subject to legal and operational limitations by contacting contact@chaap.asia.
21. INTERNATIONAL DATA TRANSFERS
Your personal information may be transferred to and processed in countries with different data protection laws than your home country, including Bangladesh where CHHAP operates. We implement safeguards such as contractual clauses and security measures to protect your data during international transfers.
22. YOUR PRIVACY RIGHTS AND CHOICES
22.1 Access and Correction
You have the right to request access to and correction of your personal data.
22.2 Data Portability
Where applicable, you may request a copy of your personal data in a portable format.
22.3 Restriction and Objection
You may request restrictions on processing or object to data use in certain circumstances.
22.4 Withdrawal of Consent
Where processing is based on consent, you may withdraw consent at any time, without affecting past processing.
22.5 Complaints
You have the right to file a complaint with data protection authorities if you believe your rights are violated.
23. CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time. Significant changes will be communicated via the Website or email. Your continued use after changes indicates acceptance.
24. CONTACT US
If you have questions about this Privacy Policy or wish to exercise your rights, please contact:
Email: contact@chaap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
25. DETAILED COOKIE MANAGEMENT OPTIONS
25.1 How to Manage Cookies
You can manage your cookie preferences through your browser settings. Each browser provides instructions on how to refuse or delete cookies:
Google Chrome: Settings > Privacy and Security > Cookies and other site data
Mozilla Firefox: Options > Privacy & Security > Cookies and Site Data
Safari: Preferences > Privacy > Manage Website Data
Microsoft Edge: Settings > Site Permissions > Cookies and site data
25.2 Cookie Consent
On your first visit, CHHAP presents a cookie consent banner allowing you to accept or customize cookie preferences. You can change your preferences anytime via a dedicated cookie settings link on the Website footer.
25.3 Third-Party Opt-Out
Many third-party advertising and analytics companies provide opt-out mechanisms, including:
Network Advertising Initiative (NAI) opt-out: optout.networkadvertising.org
Digital Advertising Alliance (DAA) opt-out: optout.aboutads.info
Your Online Choices (EU): youronlinechoices.eu
26. DATA BREACH RESPONSE AND NOTIFICATION
26.1 Incident Detection
CHHAP employs security monitoring tools to detect potential data breaches promptly.
26.2 Response Procedures
Upon identifying a data breach, we initiate a response plan including containment, investigation, mitigation, and notification.
26.3 User Notification
If the breach is likely to result in risk to your rights or freedoms, we will notify you without undue delay via email or Website notice, providing information on the nature of the breach and protective steps.
26.4 Regulatory Notification
Where required by law, we notify relevant data protection authorities within mandated timelines.
27. HOW TO EXERCISE YOUR DATA PRIVACY RIGHTS
27.1 Access Requests
You may request a copy of your personal data that CHHAP processes. We will verify your identity before responding.
27.2 Correction and Deletion
You can request corrections to inaccurate data or deletion of personal data, subject to legal retention requirements.
27.3 Data Portability
Where applicable, you may request your data in a structured, machine-readable format.
27.4 Objections and Restrictions
You may object to certain data uses or request restrictions on processing under applicable laws.
27.5 How to Submit Requests
Submit your requests via email to contact@chaap.asia. Please include sufficient information to identify yourself and the request type.
27.6 Response Time
We aim to respond within statutory timelines, typically 30 days, with possible extensions for complex cases.
28. THIRD-PARTY SERVICES AND INTEGRATIONS
28.1 Use of Third-Party Tools
We utilize third-party service providers for hosting, analytics, marketing, payment processing, and customer support.
28.2 Privacy Responsibilities
While we strive to select reputable partners, we are not responsible for their privacy practices. We encourage you to review their policies.
28.3 Data Transfer Agreements
We enter into data processing agreements with third parties to ensure adequate protection of your data.
29. MARKETING AND COMMUNICATION PREFERENCES
29.1 Consent for Marketing
By opting in or subscribing, you consent to receive marketing communications.
29.2 Opting Out
You can opt out at any time via unsubscribe links or by contacting us. Opting out will not affect transactional or service-related communications.
30. CHILDREN’S DATA PROTECTION
We do not knowingly collect personal data from children under 18. If you believe we have collected such data, please contact us to request deletion.
31. INTERNATIONAL DATA TRANSFERS AND SAFEGUARDS
31.1 Transfer Locations
Your data may be transferred to countries including Bangladesh and others where CHHAP and its partners operate.
31.2 Legal Safeguards
We apply appropriate safeguards such as standard contractual clauses or other mechanisms to ensure data protection.
32. UPDATES TO THIS POLICY
We reserve the right to update this Privacy Policy. Material changes will be communicated through Website notifications or email. Continued use indicates acceptance of the revised policy.
33. CONTACT INFORMATION
For any inquiries or concerns about your privacy or this Policy, contact:
Email: contact@chaap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
34. PRIVACY POLICY GLOSSARY
To assist you in understanding key terms used in this Privacy Policy, below are definitions of common privacy-related terms:
Personal Data: Any information relating to an identified or identifiable individual.
Processing: Any operation performed on personal data, including collection, storage, use, or disclosure.
Data Controller: The entity determining the purposes and means of processing personal data (CHHAP).
Data Processor: A third party processing data on behalf of the Data Controller.
Consent: Freely given, specific, informed, and unambiguous indication of your wishes agreeing to data processing.
Data Subject: The individual to whom personal data relates (you).
Data Breach: A security incident leading to accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of personal data.
35. COOKIES AND TRACKING TECHNOLOGIES (IN-DEPTH)
35.1 Web Beacons and Pixels
In addition to cookies, we may use web beacons or tracking pixels—small graphic images or codes embedded on web pages or emails—to monitor usage and measure the effectiveness of our campaigns.
35.2 Local Storage Technologies
We may use HTML5 local storage or similar technologies to store information on your device to enhance performance.
35.3 Do Not Track Signals
Currently, our Website does not respond to browser “Do Not Track” settings, but we continually monitor developments in industry standards.
36. DATA PROTECTION OFFICER (DPO)
CHHAP has appointed a Data Protection Officer responsible for overseeing data privacy compliance. You may contact the DPO for any privacy-related inquiries:
Email: dpo@chhap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
37. DATA PROTECTION IMPACT ASSESSMENTS
For high-risk data processing activities, CHHAP conducts Data Protection Impact Assessments (DPIAs) to identify and mitigate privacy risks, ensuring compliance with applicable laws.
38. AUTOMATED DECISION-MAKING AND PROFILING
38.1 Use of Automated Processing
CHHAP may use automated systems to personalize content or advertising but does not make decisions with legal or significant effects based solely on automated processing.
38.2 User Rights
You may request human intervention and contest decisions resulting from automated processing where applicable.
39. LINKS TO OTHER WEBSITES
Our Website may contain links to external websites for convenience. We are not responsible for the privacy practices or content of those sites and recommend reviewing their privacy policies.
40. COMPLAINTS AND DISPUTE RESOLUTION
40.1 Raising Complaints
If you have concerns about our privacy practices, please contact us first at contact@chaap.asia so we can address your issues promptly.
40.2 Supervisory Authorities
If unsatisfied, you have the right to lodge a complaint with your local data protection authority.
41. GOVERNING LAW
This Privacy Policy is governed by the laws of Bangladesh, without regard to its conflict of law principles.
42. POLICY EFFECTIVE DATE AND REVIEW
This Policy is effective as of june 02, 2025. We review and update our Privacy Policy periodically to reflect changes in legal requirements or business practices.
43. ADDITIONAL INFORMATION FOR INTERNATIONAL USERS
43.1 Data Transfers
Users outside Bangladesh should be aware that data transfer to Bangladesh and other countries may involve different levels of data protection.
43.2 Consent and Local Laws
By using the Website, international users consent to data processing in accordance with this Policy and applicable local laws.
44. USER CONSENT
By using CHHAP’s Website or Services, you explicitly consent to the collection, use, and sharing of your personal data as described in this Privacy Policy.
45. CONTACT DETAILS
For questions, data requests, or privacy concerns, please contact:
Email: contact@chaap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
46. THIRD-PARTY ADVERTISING AND ANALYTICS
46.1 Advertising Partners
CHHAP may work with third-party advertising partners who use cookies and other technologies to deliver relevant ads. These partners may collect information about your visits to our Website and other websites to provide targeted advertisements.
46.2 Opting Out of Behavioral Advertising
You can opt out of interest-based advertising by visiting the Digital Advertising Alliance (DAA) opt-out page or the Network Advertising Initiative (NAI) opt-out page.
46.3 Analytics Providers
We use third-party analytics providers such as Google Analytics to understand how users interact with our Website. These providers collect information anonymously and report aggregated data to us.
47. SOCIAL MEDIA PLATFORMS
47.1 Integration and Sharing
Our Website may include social media features that allow you to share content or interact with social platforms. These features may collect your IP address and track your interactions.
47.2 Data Sharing with Social Platforms
When you interact with these features, your data may be shared with the respective social media platforms subject to their privacy policies.
48. USER-GENERATED CONTENT AND PRIVACY
48.1 Public Nature of Content
Content you post on public areas of our Website may be visible to others and indexed by search engines.
48.2 Responsible Posting
Do not share sensitive personal information in publicly accessible areas.
48.3 Removal Requests
You may request removal of your User Content by contacting us. While we will consider such requests, we do not guarantee complete removal due to technical or legal limitations.
49. DATA PROTECTION TRAINING AND AWARENESS
CHHAP conducts regular data protection training for its employees to ensure awareness of privacy obligations and best practices.
50. PRIVACY BY DESIGN AND DEFAULT
We incorporate data protection principles into our business processes, systems, and product development to ensure that privacy considerations are embedded from the start.
51. INTERNATIONAL USERS — SPECIFIC NOTICE
51.1 Cross-Border Data Processing
International users acknowledge that their data may be processed in Bangladesh or other jurisdictions with differing privacy laws.
51.2 Data Transfer Safeguards
Where applicable, we implement safeguards like standard contractual clauses to ensure protection of your data.
52. COOKIES IN EMAIL COMMUNICATIONS
CHHAP emails may include tracking pixels to monitor open rates and engagement. This data helps improve email content and delivery. You can opt out by unsubscribing from our emails.
53. PRIVACY IMPACT ASSESSMENTS
Before launching new products or processes involving personal data, CHHAP conducts privacy impact assessments to identify risks and implement mitigation strategies.
54. DATA PORTABILITY
Where applicable, you may request your data in a structured, commonly used, and machine-readable format to transfer to another service provider.
55. CHILDREN’S ONLINE PRIVACY PROTECTION ACT (COPPA) COMPLIANCE
CHHAP does not knowingly collect personal information from children under 13 in compliance with COPPA. If we become aware of such data collection, we will delete the information.
56. PRIVACY POLICY CHANGES — NOTIFICATION METHODS
Material changes to this Privacy Policy will be communicated by:
Posting notices on our Website homepage or dedicated privacy page
Email notifications to registered users
Updates to the effective date of the Policy
Users are encouraged to review this Policy periodically.
57. CONTACT AND PRIVACY OFFICER INFORMATION
For questions, concerns, or data protection inquiries, contact:
Data Protection Officer
Email: dpo@chhap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh
58. USER RESPONSIBILITY AND ACKNOWLEDGMENT
By using CHHAP’s Website and Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms regarding your personal data.
59. PRIVACY AND DATA PROTECTION GOVERNANCE
59.1 Organizational Commitment
CHHAP is committed to maintaining robust privacy and data protection practices. Our governance framework ensures ongoing compliance with applicable laws and best practices.
59.2 Privacy Training
Employees undergo mandatory privacy training programs to understand data protection responsibilities and the handling of personal data.
59.3 Data Protection Officer (DPO)
Our appointed DPO oversees compliance efforts, data protection impact assessments, and acts as a liaison with regulatory authorities.
60. DATA PROTECTION IMPACT ASSESSMENTS (DPIA)
60.1 Purpose
Before initiating any high-risk data processing activities, CHHAP conducts DPIAs to evaluate risks to individual privacy.
60.2 Process
DPIAs include identifying risks, assessing their severity, and implementing controls to mitigate identified risks.
60.3 Review and Update
DPIAs are reviewed periodically and updated if the nature of processing changes.
61. DATA SUBJECT RIGHTS MANAGEMENT
61.1 Request Verification
CHHAP verifies the identity of individuals making data access or correction requests to prevent unauthorized disclosures.
61.2 Response Commitment
We respond to all valid requests in accordance with applicable timelines, providing information or making corrections as required.
61.3 Limitations
Certain requests may be denied or restricted where exceptions apply, such as legal obligations or freedom of expression considerations.
62. INTERNATIONAL DATA TRANSFER MECHANISMS
62.1 Standard Contractual Clauses (SCCs)
CHHAP utilizes SCCs approved by relevant authorities to lawfully transfer data internationally.
62.2 Binding Corporate Rules (BCRs)
Where applicable, internal policies govern international data transfers within our corporate group.
62.3 Data Transfer Risk Mitigation
We assess risks of international transfers and implement safeguards to protect data subjects.
63. BREACH RESPONSE AND NOTIFICATION PROCEDURES
63.1 Breach Identification
Continuous monitoring enables prompt detection of data breaches.
63.2 Containment and Remediation
CHHAP takes immediate steps to contain breaches, prevent further damage, and remediate vulnerabilities.
63.3 Regulatory Reporting
Notifications are made to authorities within mandated timeframes, usually 72 hours after discovery.
63.4 User Notification
Affected individuals are informed promptly if there is a high risk to their rights or freedoms.
64. DATA RETENTION AND DELETION POLICIES
64.1 Retention Schedules
Data is retained based on legal, operational, and contractual requirements.
64.2 Secure Deletion
When data is no longer necessary, it is securely deleted or anonymized.
64.3 User-Initiated Deletion
Users may request deletion of their personal data, subject to exceptions such as compliance requirements.
65. CHILDREN'S PRIVACY SPECIFIC CONTROLS
65.1 Parental Consent
Where applicable, parental or guardian consent is required before collecting personal information from minors.
65.2 Age Verification
Reasonable measures are taken to verify age when required.
65.3 Educational Resources
CHHAP provides resources to educate children and parents about online privacy.
66. POLICY REVIEW AND CONTINUOUS IMPROVEMENT
66.1 Regular Reviews
Our Privacy Policy is reviewed at least annually or when significant changes occur.
66.2 Stakeholder Engagement
We consider feedback from users, regulators, and privacy experts in updating our policies.
66.3 Training and Awareness
Updates to policies are communicated internally, with refresher training to maintain awareness.
68. USER DATA REQUEST PROCEDURES
68.1 Submitting Requests
Users wishing to exercise their privacy rights (access, correction, deletion, etc.) should submit a request via email to contact@chaap.asia with the subject line “Privacy Data Request.” Please include:
Your full name and contact information
Description of the request type (e.g., data access, correction, deletion)
Any additional information to verify your identity
68.2 Verification of Identity
To protect your data, CHHAP will verify your identity before processing requests. We may ask for government-issued identification or other information.
68.3 Processing Timeline
We endeavor to respond within 30 calendar days. Complex requests may require an extension of up to 60 days, in which case we will inform you.
68.4 Request Limitations
Requests that are excessive, repetitive, or unfounded may be subject to a reasonable fee or refusal, consistent with applicable law.
69. EMPLOYEE AND CONTRACTOR PRIVACY TRAINING POLICY
69.1 Training Program
All CHHAP employees and contractors receive mandatory data protection and privacy training upon hiring and at regular intervals.
69.2 Training Topics
Training covers data handling, security protocols, user privacy rights, breach response, and regulatory compliance.
69.3 Accountability
Completion of training is documented, and failure to comply may result in disciplinary action.
70. DATA SECURITY AND INCIDENT RESPONSE TEAM
70.1 Dedicated Team
CHHAP maintains a specialized team responsible for monitoring data security and coordinating responses to incidents.
70.2 Incident Reporting
Employees are required to report suspected data breaches immediately.
70.3 Continuous Improvement
The team regularly reviews security measures and updates protocols to address emerging threats.
71. POLICY ON CROSS-BORDER DATA TRANSFERS
71.1 Compliance
Cross-border data transfers comply with applicable legal frameworks such as GDPR.
71.2 Risk Assessment
CHHAP conducts risk assessments prior to transferring data internationally.
71.3 Safeguards
Transfers are protected by contracts, certifications, or other approved mechanisms.
72. USER NOTIFICATIONS AND CONSENTS
72.1 Transparency
Users are informed about data collection and use through clear notices and consent mechanisms.
72.2 Consent Management
Where required, CHHAP obtains explicit consent for processing sensitive data or marketing communications.
72.3 Revoking Consent
Users may withdraw consent at any time without affecting processing prior to withdrawal.
73. THIRD-PARTY PRIVACY AND SECURITY AUDITS
73.1 Vendor Assessments
CHHAP conducts privacy and security assessments before engaging third-party service providers.
73.2 Ongoing Monitoring
Regular audits and compliance checks are conducted to ensure ongoing protection of user data.
74. DATA ANONYMIZATION AND PSEUDONYMIZATION
74.1 Techniques Used
To protect privacy, CHHAP applies anonymization or pseudonymization techniques where appropriate for data analysis and reporting.
74.2 Benefits
These techniques reduce the risk of re-identification and enhance data security.
75. DATA PROTECTION IN PRODUCT DEVELOPMENT
75.1 Privacy by Design
Data protection principles are integrated into all new product and service development cycles.
75.2 User Privacy Impact
Potential privacy impacts are assessed and mitigated from the earliest stages.
76. USER EDUCATION AND AWARENESS
76.1 Information Resources
CHHAP provides users with resources and guidance on protecting their privacy and data security.
76.2 Communication
Regular updates and tips are shared via newsletters and Website content.
77. POLICY GOVERNANCE AND REVIEW
77.1 Policy Owner
The Data Protection Officer is responsible for maintaining and updating this Privacy Policy.
77.2 Review Frequency
This Policy is reviewed annually or upon significant regulatory changes.
77.3 Approval and Publication
Revised policies are approved by senior management and published on the Website.
78. ACKNOWLEDGEMENT OF PRIVACY POLICY
By using CHHAP’s Website or Services, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy.
79. CONTACT INFORMATION
For all privacy inquiries, please
Email: contact@chhap.asia
Address: 89 CDA Avenue Wasa circle Chittagong, Bangladesh