The government of Bangladesh has published the Personal Data Protection Ordinance-2025 and the National Data Management Ordinance-2025, marking a historic step in data governance. For the first time, personal data protection laws have been officially gazetted, drawing parallels with the European Union’s GDPR. The new laws aim to make citizen data management transparent, accountable, and legally regulated, with strict safeguards for children’s information. The National Data Governance Authority (NDGA) will oversee implementation, registration, and complaints handling. Unauthorized data collection or use can lead to up to seven years in prison and fines, while cross-border data transfers require equivalent protection abroad. The ordinances will take effect 18 months after publication, giving organizations time to strengthen internal processes and cybersecurity.