Legal
Privacy Policy
What information we collect, how we use it, and how you can exercise your rights.
Last updated: January 2026
1. Introduction
This Privacy Policy describes how Beautiful Bangladesh (also branded as Tourist Places BD) — referred to in this policy as 'we', 'us' or 'the site' — collects, uses, stores and protects information about you when you visit this website. We are an independent, non-commercial travel guide built for informational purposes only. We are not a tourism authority, a tour operator or a booking agent. By using the site, you agree to the practices described in this policy.
2. Information we collect
We collect the minimum information needed to run the site. The categories are: (a) technical information sent automatically by your browser when you load a page — IP address, browser type, referrer URL, the page you visited, and approximate timestamp; (b) aggregated, anonymous analytics information, if analytics are enabled (we currently use Vercel Web Analytics, which collects page-view counts and basic performance metrics on an anonymous basis); (c) any information you choose to send us directly — for example if you email the editorial contact. We do not collect your name, address, phone number or payment information on this site. We do not run user accounts, comment systems, or any feature that requires you to log in.
3. Cookies and similar technologies
Like almost every site on the web, this site uses a small number of cookies and local-storage items. Strictly necessary cookies are set by the site infrastructure (for example to remember a session if you use the contact form). Vercel Web Analytics, when enabled, may set an anonymous analytics cookie. We do not use advertising cookies, third-party tracking pixels, social-network cookies, or any cookie that builds a profile of you for advertising purposes. You can clear or block cookies in your browser settings at any time, but doing so may break parts of the site.
4. How we use information
The information we collect is used only to: (a) operate and improve the site, including diagnosing technical issues, understanding which destinations are most read, and prioritising new content; (b) respond to enquiries that you send us directly; (c) detect and prevent abuse, spam or attacks. We do not sell, rent or share your personal information with third parties for marketing purposes. We do not display third-party advertising on the site.
5. Photographs and third-party content
Almost all photographs on this site are sourced from Wikimedia Commons and used under their respective Creative Commons or Public Domain licences. Each photograph is credited to its author and links back to the original Commons file page, where the licence terms are set out in full. If you are the author of a photograph and would like a credit changed or a photograph removed, please contact us at the email address on our /contact page. The site also embeds a single YouTube video (a cinematic clip about Bangladesh) on the home page; loading the home page may set YouTube cookies if you play the video.
6. Third-party services
The site uses a small set of third-party services to operate: (a) Vercel Web Analytics for anonymous page-view analytics; (b) Wikimedia Commons for image delivery; (c) YouTube for the embedded home-page video; (d) the OpenAI API for occasional content generation in our internal pipeline (not used to collect data from visitors). These providers have their own privacy policies; we encourage you to review them. We only use providers that respect the GDPR, and we do not share any visitor data with them beyond the technical request required to serve the page.
7. Children
The site is aimed at adult travellers and is not directed at children under 13. We do not knowingly collect any personal information from children. If you believe a child has provided personal information to the site, please contact us so that we can delete it.
8. Your rights
Depending on where you live, you may have legal rights over any personal information we hold about you — including the right to access, correct, delete, or export that data. Because we collect only a minimal amount of information (server logs and anonymous analytics), there is usually very little to access. To exercise any rights, contact us at the email address on the /contact page. We will respond within the timeframes set by your local data-protection law (typically 30 days).
9. Data retention and security
Server logs are kept only as long as needed to operate the site, typically 30-90 days, after which they are deleted or anonymised. Analytics data is aggregated. We use industry-standard security: HTTPS across the site, security headers (HSTS, CSP, X-Frame-Options) configured in next.config, and signed access tokens for any internal API calls. No system is perfectly secure; we do not guarantee absolute security, but we work hard to follow current best practice.
10. International transfers
We do not actively transfer your personal data outside of the country it was collected in. Server logs may be processed in the data centre of our hosting provider, which may be in another country. Where local data-protection law (such as the EU GDPR) requires additional safeguards for international transfers, we use providers (notably Vercel) that publish standard contractual clauses or equivalent safeguards.
11. Changes to this policy
We may update this Privacy Policy from time to time. When we do, the 'Last updated' date at the top of this page will change, and (for substantial changes) we will display a banner on the home page for 30 days. Continued use of the site after a change indicates that you accept the updated policy.
12. Contact
If you have any questions about this Privacy Policy, or wish to exercise any of the rights described above, please contact us via the /contact page. We aim to respond to all reasonable enquiries within 30 days.