Home / Privacy Policy

Privacy Policy

Document Ref: BL-PP-2026-001Version: 1.0Effective: 11 May 2026

Compliant with: GDPR (EU) · UK GDPR · CCPA (California) · PDPA (Bangladesh) · ISO 27001 aligned

1. Overview and Scope

Betopia Group (registered office: Daisy Garden, House 14, Block A, Banasree, Dhaka-1219, Bangladesh; "Betopia," "we," "us," or "our") is the Data Controller for all personal data collected through the websites betopiagroup.com and betopialimited.com, and any associated digital properties operated by Betopia Group and its affiliated Strategic Business Units (collectively, "Betopia Group").

Betopia Group holds ISO 22301:2019 (Business Continuity Management) and ISO 9001:2015 (Quality Management System) certifications issued by QRO, reflecting our commitment to operational excellence and responsible data stewardship.

Applicable Legal Frameworks

FrameworkJurisdictionKey Obligation
GDPR (EU) 2016/679European UnionLawful basis, data subject rights, DPA notification
UK GDPR / DPA 2018United KingdomPost-Brexit data protection regime
CCPA / CPRACalifornia, USARight to know, delete, opt-out of sale
PDPA Bangladesh (draft)BangladeshNational data sovereignty compliance
ISO 27001 alignedGlobalInformation security management best practice

2. Data Controller and Contact Information

Legal EntityBetopia Group
Registered AddressDaisy Garden, House 14, Block A, Banasree, Dhaka-1219, Bangladesh
General Contactinfo@betopialimited.com
Privacy / DPO Contactprivacy@betopialimited.com
ISO CertificationsISO 22301:2019 (QRO) | ISO 9001:2015 (QRO)

For all privacy-related enquiries, data subject access requests, or complaints, contact us at privacy@betopialimited.com. We will acknowledge your request within 72 hours and respond substantively within 30 calendar days.

3. Personal Data We Collect

3.1 Data You Provide Directly

CategoryExamplesCollection Point
Identity dataFull name, job title, company nameContact forms, RFQ forms, job applications
Contact dataEmail address, phone number, LinkedIn URLLead capture forms, newsletter signup
Professional dataCV/resume, work history, skills, referencesCareer / talent application portal
Business enquiry dataProject scope, budget range, RFQ specificationsRFQ forms, partner enquiry forms

3.2 Data Collected Automatically

CategoryExamplesSource
Technical dataIP address, browser type, OS, device IDServer logs, GA4, Google Tag Manager
Usage dataPages visited, session duration, click pathsGoogle Analytics 4, Hotjar
Cookie dataSession IDs, preference cookies, analytics cookiesSee Cookie & Tracker Policy

4. Lawful Basis for Processing

Processing ActivityLawful BasisGDPR Article
Responding to business enquiriesLegitimate interests / Pre-contractualArt. 6(1)(b)(f)
Processing job applicationsPre-contractual steps / Legitimate interestsArt. 6(1)(b)(f)
Sending newslettersConsentArt. 6(1)(a)
Website analyticsConsent (cookie banner)Art. 6(1)(a)

5. How We Use Your Personal Data

Business Operations

  • Responding to business enquiries and RFQ forms
  • Managing relationships across 22+ Strategic Business Units
  • Providing information about our multi-sector services

Recruitment and Talent

  • Processing job applications and recruitment pipeline
  • Assessing candidate suitability for current/future roles
  • Retaining data for talent pool (with consent)

6. Data Sharing and Third-Party Processors

Betopia Group operates as the parent entity of Betopia Group, comprising 22+ Strategic Business Units (SBUs) including Bdcalling IT Ltd, ZenCore, Softvence, Hamim Group, and others. Personal data may be shared with affiliated entities where necessary.

6.2 Third-Party Service Providers

Sub-ProcessorPurposeLocation
Google LLC (GA4)Web analyticsUSA
Meta Platforms Inc.Advertising trackingUSA
LinkedIn Ireland UCB2B advertisingIreland / USA
HubSpot Inc.CRM, email marketingUSA

8. Data Retention

Data CategoryRetention Period
Business enquiry data3 years from last contact
Client / partner contact dataDuration of relationship + 7 years
Job application data (unsuccessful)12 months from rejection

9. Your Data Subject Rights

Right to be informed

Know what data we hold and how we use it

Right of access (DSAR)

Obtain a copy of your personal data

Right to rectification

Correct inaccurate or incomplete data

Right to erasure

Request deletion of your personal data

Right to restrict

Limit how we use your data

Right to portability

Receive data in machine-readable format

To exercise your rights, email privacy@betopialimited.comwith subject line 'Data Subject Request'. We respond within 30 days.

11. Information Security

Betopia is aligned with ISO 27001 and holds ISO 9001:2015 and ISO 22301:2019 certifications. We implement TLS 1.2+ encryption in transit and AES-256 at rest, alongside role-based access control and regular vulnerability scanning.

14. Governing Law

This Policy is governed by the laws of Bangladesh, without prejudice to mandatory data protection rights under GDPR, UK GDPR, or CCPA. Disputes are subject to the jurisdiction of the courts of Dhaka, Bangladesh.

© 2026 Betopia Group. All rights reserved.