Privacy & Data Protection Policy

How we collect, store, and protect your data

Last updated: February 2026 — applies to all merchants using BD Mobile Wallet for Shopify

Overview

BD Wallet ("the App") enables Shopify merchants to accept payments through bKash and Nagad mobile wallet services. We take the security and privacy of your data extremely seriously. This policy explains what data we collect, why we collect it, how it's stored, and your rights regarding that data.

1. What Data We Collect

From Merchants (You)

  • Shopify store information: Shop domain, access token (provided via Shopify OAuth), store name
  • Payment gateway credentials: bKash API keys (App Key, App Secret, Username, Password) and/or Nagad credentials (Merchant ID, Merchant Number, Private Key, PG Public Key)
  • Transaction records: Order IDs, payment amounts, transaction statuses, timestamps
  • Subscription data: Plan details, billing history, invoices

From Customers (Your Buyers)

  • Order information: Order ID, amount, customer name (as provided by Shopify)
  • Contact information: Phone number and/or email address (for sending payment links)
  • Payment status: Whether the payment was completed, pending, or failed

We do NOT collect or store customers' bKash/Nagad account numbers, PINs, or any financial account details. Payment authorization happens entirely on bKash/Nagad's own secure pages.

2. How Your Credentials Are Protected

Your payment gateway credentials are the keys to your bKash/Nagad merchant accounts, and we treat them with the highest level of care.

Encryption Standard: AES-256-GCM

  • Algorithm: AES-256 (Advanced Encryption Standard with 256-bit key)
  • Mode: GCM (Galois/Counter Mode) — provides both encryption and authentication
  • Key derivation: scrypt-based key derivation from a master encryption key
  • Unique IV: Every encryption operation uses a cryptographically random 16-byte initialization vector
  • Tamper detection: GCM authentication tags ensure encrypted data hasn't been modified

Credential Lifecycle

  1. Submission: You enter credentials via our secure settings page (served over HTTPS within Shopify's embedded app)
  2. Immediate encryption: Credentials are encrypted in server memory before being written to the database — plain text never touches disk
  3. Storage: Only the encrypted ciphertext is stored in our PostgreSQL database
  4. Retrieval: Credentials are decrypted only when needed to process a payment, in server memory only
  5. Display: When shown in settings, only masked versions appear (e.g., ****7890)
  6. Deletion: When you remove or update credentials, the old encrypted data is permanently overwritten

What We Never Do

  • Never store credentials in plain text — not in database, logs, caches, or files
  • Never log credential values in application logs
  • Never transmit credentials to any third party (only directly to bKash/Nagad APIs)
  • Never cache decrypted credentials in Redis or any temporary storage
  • Never include credentials in error reports or analytics

3. How We Use Your Data

  • Processing payments: Your gateway credentials are used solely to create payments, check payment status, and process refunds on your behalf via bKash/Nagad APIs
  • Sending notifications: Customer contact details are used to send payment links and confirmation messages via email/SMS
  • Order management: We update order status on Shopify when payments are confirmed
  • Service management: Store information is used for subscription billing and support

We do not sell, share, or use your data for advertising or any purpose beyond operating the payment service.

4. Infrastructure Security

  • HTTPS everywhere: All data in transit is encrypted with TLS 1.2+
  • Isolated database: PostgreSQL database is not publicly accessible and requires authentication
  • Shopify OAuth: Admin access is authenticated through Shopify's official OAuth flow — we never ask for your Shopify password
  • Webhook verification: All Shopify webhooks are verified using HMAC signatures
  • Docker isolation: Application services run in isolated Docker containers
  • Admin access logs: All admin panel actions are logged with IP address and timestamp

5. Data Retention

  • Gateway credentials: Stored (encrypted) as long as your account is active. Deleted when you uninstall the app or request removal.
  • Customer PII (name, phone, email): Automatically anonymized after 180 days on terminal transactions (failed, expired, refunded).
  • Transaction records: Retained for accounting and dispute resolution, then anonymized. Order IDs and amounts are kept longer for reporting.
  • Payment links: Expire after 24 hours automatically.
  • Application logs (webhook, notification): Purged after 90 days.
  • Admin access logs: Retained for 365 days then automatically deleted.

6. Your Rights

As a merchant using our service, you have the right to:

  • Access: View what data we hold about you via the app dashboard
  • Update: Change or update your gateway credentials at any time
  • Delete: Remove your credentials and deactivate gateways at any time
  • Export: Request a copy of your transaction data
  • Uninstall: Removing the app from your Shopify store triggers automatic cleanup of your stored credentials

7. What Happens When You Uninstall

When you uninstall BD Mobile Wallet from your Shopify store:

  1. All encrypted gateway credentials are permanently deleted
  2. Your merchant account is marked as inactive
  3. Active payment links are expired immediately
  4. Transaction history is retained for 90 days (for any pending refund disputes), then deleted
  5. Subscription billing is stopped immediately

8. Contact Us

If you have any questions about this privacy policy or how we handle your data, please reach out:

We aim to respond to all privacy inquiries within 48 hours.