🌟 Demo Mode Activated
Ceylon Travel Pass Privacy Policy
Effective Date: June 2024
Introduction
Ceylon Travel and Health (Pvt) Ltd, the holder of the Ceylon Travel Pass, is fully dedicated to safeguarding your privacy. As a private limited company, we are committed to the lawful use of any information collected from you, in strict adherence to the Personal Data Protection Act No. 9 of 2022 (PDPA).
1.0 Information We Collect
1.1 Website Interaction Data:
We collect details regarding your computer and your visits to our website. This includes your IP address, URL, geographical location, domain, browser type and version, operating system, referral source, duration of visit, page views, and website navigation patterns, among other data.
1.2 Personal Information:
Information you provide for registration purposes, through enquiry forms, during product purchases, and via email communications will be collected. This includes, but is not limited to, your name, email address, telephone numbers, credit card details, date of birth, gender, other payment methods, purchasing patterns, and passwords.
1.3 Subscription Information:
When you subscribe to our website services, email notifications, and newsletters, we collect the information you provide, including inquiries, personal information, and preferences. This information is necessary for delivering the subscribed services, responding to your questions, and customizing our communications to suit your interests. By gathering this data, we aim to enhance your experience, ensuring that the services, updates, and offers you receive are relevant and valuable to you. Legal Bases for Collecting and Using Your Information:
1. Contractual Necessity:
o We need your information to enter and fulfill our contract with you. For example, we need your personal details to process your purchase and deliver our services.
2. Consent:
o Some information is processed because you have explicitly given us permission to do so. This might include signing up for newsletters or agreeing to participate in surveys.
3. Legitimate Interest:
o Certain information is collected and used based on our legitimate business interests. These interests include:
â–ª Providing Updates: Keeping you informed about new attractions or services.
â–ª Obtaining Customer Feedback: Gathering feedback to improve the quality of our services.
â–ª Running Competitions: Organizing competitions and managing entries.
â–ª Third-Party Promotions: Facilitating promotions associated with Ceylon Travel Pass.
By explaining these legal bases, we clarify why and how your information is collected and used, ensuring transparency and compliance with data protection laws.
2.0 Data Security
We prioritize the security of your personal information and employ industry-standard measures to safeguard it from unauthorized access, use, alteration, or destruction. These measures include encryption, access controls, secure storage, and regular security assessments to mitigate risks effectively.
3.0 Your Choices and Rights
Access, Update, or Delete Your Information: You have the right to access, update, or delete your personal information stored in the Ceylon Travel Pass Website. You can do this by logging into your account settings through the website or by contacting our support team directly.
Opt-Out of Promotional Communications: You have the option to opt-out of receiving promotional communications from us at any time. Simply follow the unsubscribe instructions provided in the communication you receive from us. Even if you opt-out of receiving promotional messages, we may still send you transactional or administrative communications regarding the website, such as important notices.
These choices and rights are designed to ensure that you have control over your personal information and how it is used within the Ceylon Travel Pass website. For further assistance or inquiries regarding your privacy rights, please reach out to us using the contact information provided in this policy. We are committed to ensuring your rights are respected and upheld in accordance with applicable data protection laws.
If you are dissatisfied with how we handle any complaint regarding your personal information, you may have the option to escalate your complaint to the appropriate data protection regulator.
4.0 Retention of Your Data
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. This includes maintaining and improving our services, complying with legal obligations, resolving disputes, and enforcing our agreements. When determining the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and whether we can achieve those purposes through other means. Upon expiry of the applicable retention period, we securely delete or anonymize your personal data in accordance with applicable laws and regulations.
5.0 Disclosure of your private data.
We may disclose your personal data to third parties for the purposes of managing our business operations and delivering services to you. These third parties include but are not limited to service providers, vendors, and business partners who assist us in functions such as website hosting, data analysis, payment processing, customer service, and marketing activities.
When we share your personal data with these third parties, we ensure that they maintain confidentiality and security measures to protect your information. They are contractually obligated to use your personal data solely for the purposes specified by us and in compliance with applicable data protection laws.
Additionally, we may disclose your personal data to comply with legal obligations, enforce our policies, respond to legal requests, protect our rights or property, or ensure the safety of our users and others.
We do not sell your personal data to third parties for their own marketing purposes without your explicit consent.
6.0 International Transfer of Data
Your personal data collected by Ceylon Travel Pass may be transferred and stored on secure servers located outside of Sri Lanka, including in countries where data protection laws may differ from those in your jurisdiction. This includes transfers to entities within the Ceylon Travel Pass group and to third-party service providers who assist in operating our services and managing our business activities.
When we transfer your personal data internationally, we ensure adequate safeguards are in place to protect your information. These safeguards may include:
Standard Contractual Clauses: We may use Standard Contractual Clauses approved by data protection authorities to ensure that transfers of personal data outside of Sri Lanka comply with legal requirements and provide adequate protection.
Data Protection Measures: We implement technical and organizational measures to ensure the security and confidentiality of your personal data during international transfers.
Legal Compliance: We comply with applicable data protection laws and regulations within the local laws and bylaws in Sri Lanka as in jurisdiction territory governing international data transfers, including requirements related to obtaining your consent or other lawful bases for such transfers.
By providing your personal data to Ceylon Travel Pass, you consent to the transfer, storage, and processing of your information outside of Sri Lanka as described in this Privacy Policy. We take all necessary steps to ensure that your personal data remains protected and secure, regardless of where it is processed or stored. If you have any questions or concerns about international data transfers, please contact us using the information provided in this Privacy Policy.
7.0 Security
We understand the sensitivity of the information you provide and are committed to maintaining its confidentiality. We adhere to our standard procedures and comply with all applicable laws to protect your information. Here are the security measures we employ:
Technical and Organizational Security Measures: We utilize appropriate technical and organizational security measures to safeguard your personal data against loss and unauthorized access. These measures include encryption, access controls, and regular security audits.
Data Breach Response: In the event of a suspected data security breach, we have procedures in place to promptly investigate and mitigate the issue. If legally required, we will notify you and relevant regulatory authorities about the breach.
Confidentiality Obligations: Any individuals or entities (employees, agents, contractors, etc.) who process your personal data on our behalf are bound by confidentiality agreements and will only process your data according to our instructions.
Internet Transmission Risks: While we strive to protect your personal data during transmission over the internet, please note that no method of transmission or storage is completely secure. Transmission of data to our website is at your own risk.
Access Controls: Once we receive your personal information, we use strict procedures and security features to prevent unauthorized access.
While we make every effort to protect your personal information, we cannot guarantee its absolute security. If you have any concerns about the security of your information, please contact us using the information provided in this Privacy Policy.
8.0 Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page with a new effective date.
COOKIES
We use cookies on our website. For details of our cookie policy please refer to our Cookie Policy
Cookie Usage Policy
We use cookies to make your visit to our website better, Learn more about Ceylon Travel Pass’s cookie policy below.
Cookie Usage.
Website cookies are small text files that websites place on your device (such as your computer, smartphone, or tablet) when you visit them. These cookies contain information about your browsing activity on that website. Cookies serve several purposes, including authentication, session management, personalization, tracking and analytics and advertising.
Most cookies used online are generally safe and do not store personal information. At Ceylon Travel Pass, we exclusively use secure cookies that gather data to enhance our website, improve our online marketing efforts, and facilitate targeted advertising campaigns based on user behavior. You can learn more about cookies at the following sites:
About Cookies - www.aboutcookies.org
Wikipedia - en.wikipedia.org/wiki/HTTP_cookie
Managing Cookies
Yes, you can delete cookies stored on your computer or device by clearing your browser history. Instructions on how to do this can be found in the recommended resources provided above.