1. Introduction
Welcome to Axentra Tech. We are committed to protecting the privacy and security of your personal data. This Privacy Policy details how we collect, process, store, and share your personal data when you visit our website (https://www.axentratech.com), submit inquiries through our contact forms, subscribe to our newsletters, or engage our custom software development services.
We process personal data in strict compliance with the **Personal Data Protection Act No. 9 of 2022 of Sri Lanka (PDPA)**, as well as general international standards including the General Data Protection Regulation (GDPR) for our global clientele.
2. Information We Collect
We collect information that you voluntarily provide to us, as well as automatic technical information when you navigate our website.
A. Information You Provide
- Contact Information: When you submit a query via our contact forms, we collect your full name, email address, phone number, and any project-specific details or messages you provide.
- Newsletter Information: When you subscribe to our updates, we collect your email address.
- Service & Billing Data: If you enter into a business contract with us, we collect business registration numbers, billing addresses, official contact details, and other information required to fulfill our development contracts.
B. Automatically Collected Information
- Usage Data: We automatically collect information about how you interact with our website, including your IP address, browser type, operating system, pages visited, time spent, and referral sources. This data is collected using cookies and tracking technologies.
3. How We Use Your Information
We use your personal data solely for legitimate business purposes, including:
- To respond to your inquiries, schedule consultations, and provide project estimations.
- To design, build, test, and deliver custom software solutions.
- To send you administrative notifications, contract updates, and invoices.
- To send newsletters and marketing updates (only if you have explicitly opted in; you can opt out at any time).
- To monitor website performance, secure our infrastructure, and prevent fraud or cyberattacks.
4. Legal Grounds for Processing (Sri Lankan PDPA)
Under the Sri Lankan PDPA, we process your personal data under the following legal bases:
- Consent: You have given clear consent for us to process your data (e.g., by submitting a form or subscribing to our newsletter).
- Contractual Necessity: Processing is required to perform or enter into a development contract with you.
- Legitimate Interests: Processing is necessary for our legitimate business interests, provided they do not override your privacy rights (e.g., website security and optimization).
- Legal Compliance: To comply with applicable statutory laws, tax requirements, or legal orders within Sri Lanka.
5. Data Security & Retention
As a secure custom software company, security is central to our engineering. We implement advanced technical and organizational measures (including SSL encryption, secure API integrations, firewalls, and access controls) to protect your personal data against unauthorized access, loss, alteration, or disclosure.
We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, or billing requirements. Contact form submissions are retained for up to 2 years after last contact, unless a client agreement mandates a longer retention period.
6. Sharing Your Information
We do not sell, rent, or trade your personal data. We only share information with trusted third parties in the following scenarios:
- Service Providers: We share data with third-party vendors who assist in operating our website and communications (e.g., EmailJS for handling contact form delivery). These providers are contractually obligated to maintain data confidentiality and comply with security standards.
- Legal Obligations: We may disclose data if required to do so by Sri Lankan law enforcement, regulatory authorities, or in compliance with judicial proceedings.
7. Your Rights (Under PDPA 2022)
Under the Sri Lanka Personal Data Protection Act, you possess the following rights regarding your personal data:
- Right of Access: You have the right to request confirmation of whether we process your data and obtain a copy of that data.
- Right to Rectification: You can request that we correct incomplete or inaccurate personal data we hold about you.
- Right to Erasure (Right to be Forgotten): You can request that we delete your data under certain conditions.
- Right to Object: You can object to the processing of your data for direct marketing or profiling.
- Right to Withdraw Consent: If processing is based on consent, you may withdraw it at any time.
To exercise any of these rights, please contact our Data Protection Officer at axentrat@gmail.com.
8. Changes to This Policy
We may update this Privacy Policy from time to time to reflect operational changes, technology upgrades, or legal updates. Any modifications will be posted directly on this page with an updated "Last Updated" date.
9. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Axentra Tech
Data Protection Office
Pannipitiya, Colombo, Sri Lanka
Email: axentrat@gmail.com
Phone: +94 77 175 7556