PPC Rockers respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website ppcrockers.com (the “Site”) and use our services. It applies to all users worldwide, including residents of the EU/UK (under GDPR/UK GDPR), California (under CCPA/CPRA), Brazil (LGPD), Australia (APPs), New Zealand, and other jurisdictions where we operate.

We may update this policy from time to time; the “Effective Date” above reflects the last revision. Please check back periodically for updates.

Who We Are and Scope

PPC Rockers is a Bangladesh-based digital marketing and PPC agency. Our registered office is in Dhaka, Bangladesh. We serve clients and website visitors globally, including Europe, the United Kingdom, North and South America (including Brazil), Australia, New Zealand, and Asia. 

We act as the data controller for personal data collected through this Site and our services. When we say “you,” we mean any individual whose personal data we process (e.g. site visitors, clients, or users of our services). This Privacy Policy covers personal data collected via our website and may be expanded in the future to cover other platforms (such as mobile apps or client portals). For now, it governs data processing related to the Site and related services.

Information We Collect

We collect various categories of personal information to provide our services and operate our business. Depending on how you interact with us, this may include:

• Contact and Identity Data: Name, email address, postal address, phone number, company name, job title, and other identifiers you provide when you fill out forms or communicate with us.
  
  
• Account and Billing Data: Payment or billing information if you become a client (e.g. billing address, tax ID, or payment instrument data), login credentials for any client portal or dashboard.
  
  
• Website Usage and Technical Data: IP address, browser type and settings, device identifiers (e.g. cookie ID, advertising ID), language preference, date/time stamps, and other information automatically collected through cookies, web beacons, or analytics when you visit our Site.
  
  
• Analytics and Advertising Data: Data about how you use our Site and engage with online ads (e.g. pages visited, links clicked, ad interactions, demographic data inferred from tracking). This may include unique IDs (cookie IDs, pixel IDs) and aggregated/statistical usage information.
  
  
• Communications Data: Recordings or transcripts of phone calls, chat logs, or emails if you contact us for support or sales, including any personal data you share.
  
  
• Campaign and Client Data: If you are a client or partner, we may process data you provide to us for campaign management (e.g. targets, audiences, ad creatives, performance metrics). This may include information about third-party end-users (with your authorization or as provided by you for advertising purposes).
  
  
• Special Categories: We do not intentionally collect sensitive personal information (such as health, race, religion, or biometric data) through the Site. If you voluntarily provide any sensitive data, we will handle it only as required by law (for example, to comply with an authorized legal request).
  
  

We collect most of this information directly from you (e.g., when you complete our contact form or register for services) and also automatically through technology such as cookies or analytics tools. We may also receive data from third-party sources (such as advertising networks, lead providers, or public sources) if you interact with our marketing or become our client through referrals.

How We Collect Data

• Directly from you: When you fill out forms on our Site (e.g. contact or quote request forms), email us, or engage with us as a client, we collect the personal data you provide.
  
  
• Automatically: When you visit our Site, we use cookies and similar tracking technologies (like web beacons and analytics scripts) to collect technical and usage data about your visit. Our cookie banner, managed by our consent management platform, allows you to accept or reject non-essential cookies. We use these tools to understand how our Site is used and to tailor our services.
  
  
• From third parties: We may receive information from trusted partners such as marketing or analytics providers. For example, if you click on one of our ads on Google or Facebook, those platforms may share certain data with us (subject to their own privacy policies). Similarly, if you become a client, you might provide data to us from your own systems or from platforms (like Google Analytics or advertising accounts) as part of managing your campaigns.
  
  

Why We Collect Your Data & Legal Bases

We process your personal data for specific purposes and rely on appropriate legal grounds (depending on jurisdiction):

• Providing and improving services: We use your data to deliver our digital marketing services, manage accounts, process payments, and personalize your experience. For example, we process contact details and campaign data to set up and run your advertising campaigns. Legal bases: Performance of a contract (for clients we have a contract with), or our legitimate interests (for users and prospects who interact with our Site) in providing services and improving our website.
  
  
• Marketing and communications: We may use your email or contact details to send you marketing materials (like newsletters or promotional offers) if you have opted in or have a pre-existing business relationship with us. We rely on your consent to send marketing emails, which you can withdraw at any time (e.g., via unsubscribe links). We may also send you transactional or informational messages (account updates, service announcements) based on our contractual relationship or our legitimate interest in keeping you informed.
  
  
• Analytics and site optimization: We analyze traffic and usage data (via Google Analytics, Matomo, or similar tools) to understand how visitors use our Site and to improve our content and performance. We rely on your consent (for non-essential cookies/statistics) or our legitimate interests (for strictly necessary analytics) to gather this data.
  
  
• Security and legal compliance: We collect and use personal data to protect our business and users, detect fraud, and comply with legal obligations. For instance, we may retain logs of user activity and communications to investigate security incidents or respond to lawful government requests. Legal bases: Our legitimate interests (fraud prevention, security) or compliance with legal obligations.
  
  
• Consent: Where we rely on consent (for example, consent for marketing emails or certain non-essential cookies), we will clearly request it, and you may withdraw your consent at any time.
  
  

Each data subject can inquire about the specific legal basis for processing, especially under GDPR/LGPD. In general, the applicable lawful bases are: consent, contract necessity, legal obligation, legitimate interests, or vital interests (only in rare cases). We never process personal data on the basis of public task (since we are a private business).

How We Use Cookies and Similar Technologies

We use cookies, web beacons, and similar tracking technologies to collect information about your interactions with our Site. Cookies are small data files stored on your device. They help us:

• Essential cookies: Enable basic website functions (e.g. keeping you logged in, remembering language or region). These are strictly necessary and do not require consent.
  
  
• Preference cookies: Remember your settings or choices (such as preferred language).
  
  
• Performance/Analytics cookies: Collect anonymous data on how visitors use our Site (pages viewed, load times, errors). For example, we use Google Analytics or Matomo to improve our site experience.
  
  
• Marketing cookies: Track your browsing habits to build profiles of your interests and show you relevant ads (e.g. retargeting ads on Google or Facebook).
  
  

When you first visit our Site, our cookie banner (provided by our Consent Management Platform) asks you to accept or decline non-essential cookies. You may change your cookie preferences at any time by adjusting the banner settings. Essential cookies remain active, but you can disable others in your browser settings or via our banner. We do not deploy non-essential cookies (like for analytics or advertising) without your consent if you are subject to EU law or other consent-based regimes.

Third-Party Sharing and Processors

We may share your personal data with third parties in the following ways:

• Service providers and subprocessors: We engage trusted third-party vendors to help operate our business. This may include hosting providers, cloud services (e.g. AWS, DigitalOcean), email and CRM platforms (e.g. Mailchimp, HubSpot), payment processors (e.g. Stripe, PayPal), analytics services (e.g. Google Analytics), and advertising platforms (e.g. Google Ads, Meta/Facebook Ads). These vendors act as processors on our behalf. We provide them only the data necessary to perform their services, and we require them to handle it securely under contract. For example, if we use an email marketing service to send you newsletters, that provider will have access to your email and name.
  
  
• Business partners and affiliates: We may share data with partners and affiliates for joint marketing or service delivery. For example, if we collaborate with a third party to provide a service, we will share only the necessary data under strict confidentiality.
  
  
• Clients: If you are our client, any personal data (including campaign analytics, leads, or customer data) that you provide to us or that we generate for you will be shared as needed with you and any designated contacts in your organization.
  
  
• Sale or merger: We will never sell your personal information to third parties. We do not engage in “selling” or “sharing” (as defined by CCPA/CPRA) of personal data for a profit. In the event of a corporate sale, merger, acquisition, or bankruptcy, personal data may be transferred as part of the business assets, but the new owner will be bound by this Privacy Policy.
  
  

Under the CCPA/CPRA, we must disclose the categories of personal information we have shared or sold in the last 12 months. We have not sold or shared (for marketing purposes) any personal information. Under CPRA, “share” includes cross-context behavioral advertising, and we do not engage in that activity.

We may also disclose personal data: (a) to comply with laws, legal process, court orders, or law enforcement requests; (b) to protect our rights, property, or safety (or those of others); and (c) with your consent or direction (for example, if you ask us to forward your data to a third party).

International Data Transfers

PPC Rockers is based in Bangladesh, and our servers and third-party service providers may be located worldwide (including in the USA, Europe, Singapore, etc.). If you are in the EU/UK or another jurisdiction with strict data export rules, please note that your data may be transferred to Bangladesh, the USA, or other countries. We ensure these transfers are lawful by using appropriate safeguards:

• Adequacy decisions: If a country has been deemed to provide adequate protection (e.g. EU adequacy for the UK), no further safeguards are needed.
  
  
• Standard Contractual Clauses (SCCs): For transfers from the EU/EEA or UK to other countries, we use the EU and UK Standard Contractual Clauses approved by the European Commission and UK Information Commissioner’s Office. These model clauses legally obligate the recipient to protect your data to EU/UK standards.
  
  
• Data Privacy Framework: For transfers to the United States involving EU/UK personal data, we rely on the EU-US and UK-US Data Privacy Framework (DPF) mechanisms where applicable.
  
  
• Binding Corporate Rules (BCRs): If we transfer data within our corporate family, we use our Binding Corporate Rules (subject to any necessary approval) to ensure GDPR compliance.
  
  
• Consent or contract: For certain data transfers, explicit consent from the data subject or necessity for contract performance may also provide a legal basis.
  
  

We will take reasonable steps to ensure any overseas recipient provides a comparable level of data protection. If you want more details about the specific transfer mechanisms in place, please contact us.

Data Retention

We retain personal data only as long as necessary for the purposes we collected it. Retention periods vary by data type and purpose. For example:

• If you contact us through the website or subscribe to marketing, we keep your contact details until you unsubscribe or we no longer need them for our legitimate interests.
  
  
• Client-related data (campaign details, billing records, communications) is kept for at least the duration of our engagement and typically around 6–7 years to meet contractual, legal, or tax obligations. We will adjust retention periods in the future to comply with jurisdiction-specific requirements as needed.
  
  
• Cookie and analytics data are retained according to our cookie management settings (for example, Google Analytics data is typically anonymized after 14–26 months, depending on our configuration).
  
  

After data is no longer needed, we securely delete or anonymize it. We review our retention schedules regularly to ensure compliance with legal requirements and best practices.

Your Privacy Rights

Depending on your location and applicable law, you have certain rights regarding your personal data. We strive to make it easy to exercise these rights. In general, these may include:

• Access and Portability: The right to request copies of the personal information we hold about you, or to have it transmitted to another controller (if technically feasible).
  
  
• Correction: The right to correct any inaccurate or incomplete personal data we have about you.
  
  
• Deletion: The right to request deletion of your personal information under certain circumstances (for example, if the data is no longer needed for its original purpose, or you withdraw consent).
  
  
• Restriction of Processing: The right to ask us to restrict or pause processing of your data if you contest its accuracy or legality, or if we only need to retain it to establish a legal claim.
  
  
• Objection: The right to object to processing based on our legitimate interests or for direct marketing. If you object to marketing, we will stop processing your data for that purpose.
  
  
• Consent Withdrawal: If we rely on consent for processing (e.g. marketing emails or cookie tracking), you can withdraw consent at any time and we will stop the related processing.
  
  
• Opt-Out of Sale/Sharing (California): If you are a California resident, you have the right to opt out of any sale or sharing of your personal data. As noted above, we do not sell or share your data, but to exercise any rights, you may submit a request at the contact below.
  
  
• Non-Discrimination: California residents have the right not to be discriminated against for exercising their privacy rights (e.g. by denial of goods/services or a different price). We will not treat you differently for exercising these rights.
  
  
• Lodging Complaints: You have the right to lodge a complaint with a data protection authority. For EU/UK residents, you may contact your local supervisory authority (for example, the Information Commissioner’s Office in the UK, or the data protection authority of your country). California residents can contact the California Attorney General’s office. Brazilian residents can contact the ANPD (Brazilian Data Protection Authority).
  
  

To exercise your rights, please contact us using the details in the “Contact Us” section below. We will verify your identity (to ensure your request is legitimate) and respond within the required legal timeframe (generally 1 month, possibly extended if complex). We may ask you for additional information to confirm your identity and rights request, but will only use such data for that verification. If you are an EU, UK, or Brazilian resident and wish to make a request, you may also use the online request tools below:

• EU/UK/LGPD: Contact us directly (email at privacy@ppcrockers.com). You also have the right to appoint an EU representative to act on your behalf, if applicable.
  
  
• California (CCPA/CPRA): We provide California residents with at least two methods to submit privacy requests: via our website form and by emailing us. A toll-free number will be added in the future for full CCPA/CPRA compliance.
  
  
• Brazil (LGPD): Similar process; you can submit requests by email or by other communication means provided by law.
  
  

If you have any questions about your rights or how to exercise them, or if you want to withdraw consent or limit processing, we will help guide you through the process.

Security of Your Information

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These measures include: encryption of data in transit (using TLS/HTTPS) and at rest where feasible; firewalls and intrusion detection; access controls and user authentication; regular security training for our staff; and contractual security requirements for our vendors. For example, we may pseudonymize or encrypt sensitive data, perform regular backups, and use secure servers managed by reputable providers. We also review our security practices regularly and update them as needed.

However, please note that no system can be 100% secure. If you have concerns about the security of your data, please contact us as described below.

Cookies, Tracking & Do Not Track

We use cookies and similar technology as described above. Our Site may respond to “Do Not Track” signals by not collecting non-essential data, but because there is no industry standard for Do Not Track, our compliance depends on your browser and settings. We encourage you to use our cookie banner to manage preferences. Disabling cookies may affect your experience (some parts of the Site or service may not function properly). We also integrate features from third parties (like embedded content or social media widgets) that may set their own cookies; please review their privacy notices for details.

Children’s Privacy

Our Site and services are not directed to children. We do not knowingly collect personal information from children under the age of 16. For compliance with local laws, we restrict collection of personal data from children under 13 in the United States (COPPA) and under 16 in the EU/UK (or the local legal age of consent if higher). If you are a minor below the applicable legal age, please do not use our services without parental consent. Parents or guardians may request erasure of a child’s data. If we learn that we have inadvertently collected such data, we will promptly delete it unless we have a lawful reason to retain it.

Marketing and Communications

If you sign up for newsletters or marketing communications, we will send you emails about our services and promotions with your consent. You can opt out at any time by clicking the “unsubscribe” link in our emails or contacting us directly. Even if you opt out of marketing, we may still contact you for service or account-related communications (e.g., to send you invoices or updates about your campaigns), which are necessary for our contractual relationship or legitimate interests.

We may also allow third parties to serve advertising on our Site. When we do, these ads may be tailored to your interests using data collected (like Google AdWords remarketing or Meta Pixel). You can opt out of interest-based advertising by adjusting your cookie settings or visiting the Digital Advertising Alliance’s opt-out page (for US residents) and similar tools in other regions. See our Cookie Policy (linked below) for more details.

Legal Disclosures and Law Enforcement

We may access, preserve, and share your information with regulators, law enforcement, or other third parties if we believe it’s reasonably necessary to:

• Comply with any legal obligation, court order, or lawful request (e.g., subpoena, tax, or regulatory inquiry).
  
  
• Enforce our Terms of Service or other agreements.
  
  
• Protect and defend our rights, property, or safety, or that of our users or the public.
  
  
• Investigate fraud, security breaches, or other illegal activities.
  
  

If a law enforcement agency requests user data, we will review any legal process for validity. We may challenge overly broad or improper requests. Unless legally prohibited, we will notify affected users of law enforcement requests when possible.

Contact Us / Data Protection Officer

If you have questions or concerns about this Privacy Policy or our data practices, or if you want to exercise your privacy rights, please contact us at:

• Email: privacy@ppcrockers.com
  
  
• Address: PPC Rockers, [House: 692, Road: 09, Mirpur DOHS, Dhaka, Bangladesh]
  
  
• Phone: +880 1714-115871
  
  

We do not currently have a separate Data Protection Officer (DPO) appointed under GDPR, but we have a privacy team responsible for ensuring compliance. You may also contact our privacy team through the above channels.

Changes to This Policy

We may update this Privacy Policy at any time to reflect changes in our practices, legal requirements, or technology. When we update the policy, we will revise the “Effective Date” at the top. If the changes are significant, we will notify you by posting the new Privacy Policy on our Site and/or sending an email to registered users. Please review this policy periodically to stay informed about how we collect and use personal information.

Additional Notes

• Records of Consent and Processing: We keep records of any consents (such as cookie consents or email signups) you provide to us. We also document data processing activities and Data Processing Agreements with our vendors, as required by law.
  
  
• Data Protection Impact Assessments (DPIAs): If we carry out any high-risk processing (such as large-scale profiling or behavioral advertising targeting EU individuals), we will conduct DPIAs in accordance with GDPR.
  
  
• Translations: This Privacy Policy is written in English. If you require a translation, please let us know; however, the English version will govern in case of any conflict.
  By using our Site, you acknowledge that you have read and understood this Privacy Policy and consent (where required) to our data practices as described.