Privacy

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

Last updated: January 1, 2024

GDPR Compliant

Our Commitment: We are committed to protecting your privacy and ensuring the security of your personal information. We never sell your data to third parties.

Quick Navigation

1. Information We Collect 2. How We Use Your Information 3. Information Sharing 4. Data Security 5. Cookies & Tracking

6. Your Rights 7. Data Retention 8. Children's Privacy 9. Policy Changes 10. Contact Us

1. Information We Collect

Personal Information

Name, email address, phone number
Billing and shipping addresses
Payment information (processed securely by our payment partners)
Date of birth (for age verification)
Profile photos and other content you upload

Automatically Collected Information

IP address and device information
Browser type and version
Pages visited and time spent on our Platform
Referring website information
Location data (with your permission)

Transaction Information

Purchase history and order details
Seller performance data
Reviews and ratings
Customer service interactions

2. How We Use Your Information

Service Provision

Process orders and payments
Facilitate communication between buyers and sellers
Provide customer support
Manage your account and preferences

Platform Improvement

Analyze usage patterns to improve our services
Develop new features and functionality
Conduct research and analytics
Personalize your shopping experience

Communication

Send order confirmations and updates
Provide customer service responses
Send promotional emails (with your consent)
Notify you of policy changes

Legal & Security

Prevent fraud and abuse
Comply with legal obligations
Enforce our terms of service
Protect the rights and safety of our users

4. Data Security

Security Measures

SSL encryption for all data transmission
Secure data centers with 24/7 monitoring
Regular security audits and penetration testing
Employee access controls and training
Multi-factor authentication for sensitive operations

Payment Security

We are PCI DSS compliant and use industry-standard encryption to protect payment information. Credit card details are processed by certified payment partners and are never stored on our servers.

Data Breach Response

In the unlikely event of a data breach, we will notify affected users within 72 hours and take immediate steps to secure the compromised data and prevent further unauthorized access.

5. Cookies & Tracking Technologies

Types of Cookies We Use

Essential Cookies: Required for basic site functionality (login, shopping cart)

Performance Cookies: Help us understand how visitors use our site

Functional Cookies: Remember your preferences and settings

Marketing Cookies: Used to deliver relevant advertisements (with consent)

Managing Cookies

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Platform.

Third-Party Analytics

We use Google Analytics and similar services to understand user behavior. These services have their own privacy policies and opt-out mechanisms.

6. Your Rights

Data Subject Rights

Access: Request a copy of your personal data
Rectification: Correct inaccurate or incomplete information
Erasure: Request deletion of your personal data
Portability: Receive your data in a machine-readable format
Restriction: Limit how we process your data
Objection: Object to certain types of processing

How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

Account Management

You can update most of your personal information directly through your account settings. You can also unsubscribe from marketing emails at any time.

7. Data Retention

Retention Periods

Account Information: Until account deletion or 3 years of inactivity
Transaction Records: 7 years for tax and legal compliance
Marketing Data: Until you unsubscribe or object
Support Tickets: 3 years after resolution
Analytics Data: Aggregated data may be retained indefinitely

Secure Deletion

When data is deleted, we use secure deletion methods to ensure it cannot be recovered. Some data may remain in backups for up to 90 days before being permanently deleted.

8. Children's Privacy

Our Platform is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we discover that we have collected personal information from a child under 18, we will delete such information from our systems promptly.

9. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons.

We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. For significant changes, we may also send you an email notification.

Your continued use of our Platform after any changes indicates your acceptance of the updated Privacy Policy.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Privacy Officer: [email protected]

General Inquiries: [email protected]

Phone: 0112 125 010

Address: Flipteria Private Limited, 123 Galle Road, Colombo 03, Sri Lanka

Data Protection Officer: [email protected]

We aim to respond to all privacy-related inquiries within 48 hours.

This Privacy Policy is governed by the laws of Sri Lanka and complies with international data protection standards including GDPR.

By using Flipteria.lk, you acknowledge that you have read and understood this Privacy Policy.