Privacy Policy

Last Updated: July 27, 2025

Introduction and Commitment

At Perfumify.lk, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains in detail how we collect, use, store, share, and protect your data when you:

Visit our website (www.perfumify.lk)
Make purchases
Interact with us through social media
Contact our customer support
Subscribe to our marketing communications

By using our services, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree with our practices, please do not use our services.

1. Data Controller Information

Perfumify.lk is the data controller responsible for your personal information.

Contact Details:

Email: perfumify.lk@gmail.com
Phone: +94 777 707 929
Address: Online Store operated from Colombo

2. Legal Basis for Data Processing

We process your personal data based on the following legal grounds:

Contract Performance: To fulfill orders and provide services you've requested
Legitimate Interests: To improve our services, prevent fraud, and conduct business operations
Consent: For marketing communications and non-essential cookies (where required)
Legal Compliance: To comply with applicable laws and regulations

3. Information We Collect

3.1 Personal Information You Provide Directly

Account and Order Information:

Full name and preferred name
Email address
Phone number (mobile and/or landline)
Delivery addresses
Age or Date of Birth if required

Payment Information:

Payment method preferences
Billing address
Transaction history
Note: We do NOT store complete credit/debit card details, CVV codes, or banking passwords

Communication Records:

Customer service inquiries and responses
Feedback, reviews, and testimonials
Survey responses
Social media interactions with our brand

Marketing Preferences:

Newsletter subscription status
Communication preferences (email, SMS, phone)
Marketing consent records and timestamps

3.2 Information Collected Automatically

Website Usage Data:

Pages visited and time spent on each page
Click-through rates and interaction patterns
Search queries within our website
Products viewed, added to cart, or purchased
Session duration and frequency of visits

Cookies and Tracking Technologies:

Essential cookies for website functionality
Analytics cookies for performance measurement
Marketing cookies for personalized advertising
Social media cookies for sharing functionality

3.3 Information from Third-Party Sources

Social Media Information:

Public profile information when you interact with our social media accounts
Information shared when using social login features

Payment Processors:

Transaction confirmation and status updates
Fraud prevention and verification data

Delivery Partners:

Delivery status and confirmation information
Address verification and updates

4. How We Use Your Information

4.1 Primary Business Purposes

Order Processing and Fulfillment:

Processing and confirming your orders
Arranging payment processing and fraud prevention
Coordinating shipping and delivery
Providing order status updates and tracking information
Handling returns, refunds, and exchanges

Customer Service and Support:

Responding to inquiries, complaints, and feedback
Providing technical support and troubleshooting
Resolving disputes and addressing concerns
Maintaining customer service records

Account Management:

Creating and maintaining your account
Verifying your identity and preventing unauthorized access
Personalizing your shopping experience
Storing your preferences and order history

4.2 Business Improvement and Analytics

Website and Service Enhancement:

Analyzing website performance and user behavior
Identifying technical issues and improving functionality
Conducting A/B testing for better user experience
Developing new features and services

Business Intelligence:

Understanding customer preferences and trends
Inventory management and demand forecasting
Market research and competitive analysis
Financial reporting and business planning

4.3 Marketing and Communications

Direct Marketing (with your consent):

Sending promotional emails about new products and offers
SMS marketing for special deals and updates
Personalized product recommendations
Birthday and anniversary special offers

Advertising and Promotion:

Creating targeted advertising campaigns
Measuring advertising effectiveness
Retargeting campaigns for website visitors
Social media marketing and engagement

4.4 Legal and Security Purposes

Fraud Prevention and Security:

Detecting and preventing fraudulent transactions
Monitoring for suspicious account activity
Protecting against cyber threats and data breaches
Maintaining website and system security

Legal Compliance:

Complying with tax and accounting requirements
Responding to legal requests and court orders
Maintaining records as required by law
Protecting our legal rights and interests

5. Information Sharing and Disclosure

5.1 We DO NOT Sell Your Personal Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5.2 Authorized Third-Party Service Providers

We share limited information with trusted partners who help us operate our business:

Payment Processing:

Banks and payment gateways for transaction processing
Anti-fraud services for security verification
Accounting software for financial record-keeping

Shipping and Logistics:

Courier services for order delivery
Logistics partners for inventory management
Address verification services

Technology and Support Services:

Web hosting and cloud storage providers
Email service providers for communications
Customer support platforms and tools
Analytics and website optimization services

Marketing and Advertising:

Email marketing platforms (with your consent)
Social media advertising platforms
Analytics and tracking service providers

5.3 Legal Requirements and Protection

We may disclose your information when required by law or to protect our rights:

In response to legal processes, court orders, or government requests
To investigate suspected fraud, security breaches, or violations of our terms
To protect the safety and rights of our customers, employees, and business
In connection with corporate transactions (mergers, acquisitions, etc.)

5.4 Data Transfer Safeguards

When transferring data to service providers:

We ensure appropriate data protection agreements are in place
We verify that adequate security measures are implemented
We limit data sharing to what is necessary for the specific service
We regularly review and audit our service providers

6. International Data Transfers

If we transfer your data outside Sri Lanka, we ensure appropriate safeguards are in place:

Adequacy Decisions: Transfers to countries with adequate data protection laws
Standard Contractual Clauses: Legal agreements ensuring data protection standards
Certification Schemes: Transfers to certified organizations with proven data protection practices

7. Data Security Measures

7.1 Technical Safeguards

Encryption and Protection:

SSL encryption for data transmission
Encrypted storage of sensitive information
Secure password policies and multi-factor authentication
Regular security updates and patches

Access Controls:

Role-based access to personal data
Regular access reviews and updates
Secure authentication systems
Audit trails for data access and modifications

7.2 Organizational Safeguards

Staff Training and Policies:

Regular privacy and security training for employees
Clear data handling policies and procedures
Background checks for staff with data access
Confidentiality agreements and non-disclosure contracts

Incident Response:

Data breach detection and response procedures
Regular backup and recovery systems
Business continuity and disaster recovery plans
Incident reporting and notification protocols

7.3 Security Limitations

While we implement robust security measures, please understand that:

No system can guarantee 100% security
Internet transmission carries inherent risks
You are responsible for maintaining the security of your account credentials
You should report any suspected security issues immediately

8. Cookies and Tracking Technologies

8.1 Types of Cookies We Use

Essential Cookies (Always Active):

Website functionality and navigation
Shopping cart and checkout processes
Security and authentication
Load balancing and performance

Analytics Cookies (With Consent):

Website traffic and user behavior analysis
Performance monitoring and optimization
Error detection and troubleshooting
A/B testing and feature development

Marketing Cookies (With Consent):

Personalized advertising and recommendations
Social media integration and sharing
Retargeting and remarketing campaigns
Conversion tracking and attribution

8.2 Cookie Management

Your Cookie Choices:

Accept or reject non-essential cookies through our cookie banner
Modify cookie preferences through your browser settings
Use browser privacy modes to limit cookie storage
Clear cookies and browsing data regularly

Third-Party Cookies:

We use reputable third-party services (Google Analytics, Facebook Pixel, etc.)
These services have their own privacy policies and cookie practices
You can opt out of third-party tracking through industry opt-out tools

9. Data Retention

9.1 Retention Periods

Account Information:

Active accounts: Retained while account is active plus 2 years after last activity
Closed accounts: Personal data deleted within 30 days unless required for legal purposes

Transaction Records:

Order and payment information: 7 years for tax and accounting purposes
Customer service records: 3 years for quality assurance and dispute resolution

Marketing Data:

Email subscribers: Until you unsubscribe or 2 years of inactivity
Website analytics: Anonymized after 26 months

9.2 Deletion Criteria

We delete or anonymize personal data when:

The purpose for collection has been fulfilled
Legal retention periods have expired
You request deletion (subject to legal obligations)
Data is no longer necessary for our business operations

10. Your Privacy Rights

10.1 Access and Information Rights

Right to Access:

Request a copy of personal data we hold about you
Understand how your data is being processed
Receive information about data sharing and transfers

Right to Information:

Clear explanations of our data practices
Updates about changes to our privacy policy
Transparency about automated decision-making

10.2 Control and Correction Rights

Right to Rectification:

Correct inaccurate or incomplete personal data
Update your account information and preferences
Ensure data accuracy for better service delivery

Right to Erasure ("Right to be Forgotten"):

Request deletion of your personal data
Remove data that is no longer necessary
Withdraw consent for data processing (where applicable)

Right to Restrict Processing:

Limit how we use your personal data
Temporarily halt processing while resolving disputes
Maintain data accuracy during correction processes

10.3 Portability and Objection Rights

Right to Data Portability:

Receive your data in a structured, machine-readable format
Transfer your data to another service provider
Facilitate switching between services

Right to Object:

Object to processing based on legitimate interests
Opt out of direct marketing communications
Refuse automated decision-making and profiling

10.4 How to Exercise Your Rights

Contact Methods:

Email: perfumify.lk@gmail.com
Phone: +94 777 707 929
Online: Through your account settings (where available)

Response Timeline:

We will respond to requests within 30 days
Complex requests may require up to 60 days with notification
We may request identity verification for security purposes

No Cost Policy:

Most requests are processed free of charge
Excessive or repetitive requests may incur reasonable administrative fees
We will inform you of any applicable charges before processing

11. Marketing Communications

11.1 Consent-Based Marketing

Email Marketing:

Newsletter subscriptions require explicit opt-in consent
Promotional emails include clear unsubscribe options
We respect your communication preferences and frequency limits

SMS Marketing:

Text message marketing requires separate consent
Carrier charges may apply for SMS communications
Opt-out instructions provided in every message

11.2 Personalization and Targeting

Personalized Recommendations:

Product suggestions based on browsing and purchase history
Customized offers and promotions
Birthday and special occasion communications

Behavioral Advertising:

Retargeting ads based on website visits
Social media advertising to similar audiences
Cross-platform advertising coordination

11.3 Opt-Out Options

Easy Unsubscribe:

One-click unsubscribe links in all marketing emails
Account-based preference management
Immediate processing of opt-out requests

Granular Controls:

Choose specific types of communications
Set frequency preferences
Select preferred communication channels

12. Social Media and Third-Party Integration

12.1 Social Media Interactions

Our Social Media Presence:

Facebook, Instagram, TikTok, and other platforms
Public interactions are governed by platform privacy policies
Direct messages follow our standard privacy practices

Social Login Features:

Optional account creation using social media credentials
Limited data import based on your social media privacy settings
No posting to your social accounts without explicit permission

12.2 Third-Party Website Links

External Links:

Our website may contain links to third-party websites
We are not responsible for external privacy practices
Review third-party privacy policies before sharing information

Partner Integrations:

Payment processors, shipping partners, and other service providers
Each integration is governed by respective privacy policies
We ensure partners meet our data protection standards

13. Children's Privacy Protection

13.1 Age Restrictions

Minimum Age Requirements:

Our services are intended for users 18 years and older
Users under 18 require parental or guardian consent
We do not knowingly collect data from children under 13

13.2 Parental Rights and Controls

If We Learn of Underage Users:

Immediate suspension of account access
Deletion of personal data within 30 days
Notification to parents/guardians when possible

Parental Involvement:

Parents can request information about their child's data
Account deletion and data removal upon parental request
Educational resources about online privacy for families

14. Data Breach Notification

14.1 Breach Response Procedures

Immediate Actions:

Contain and assess the security incident
Determine the scope and impact of the breach
Implement corrective measures to prevent further access

Notification Timeline:

Regulatory authorities: Within 72 hours (where required)
Affected customers: Without undue delay if high risk to rights and freedoms
Clear communication about the nature and impact of the breach

14.2 Customer Protection Measures

Breach Mitigation:

Immediate password reset requirements
Enhanced monitoring of affected accounts
Free credit monitoring services (if applicable)
Additional security measures and recommendations

15. International Users and Jurisdictional Issues

15.1 Primary Jurisdiction

Sri Lankan Law:

Our privacy practices are primarily governed by Sri Lankan law
We comply with local data protection regulations
Dispute resolution follows Sri Lankan legal procedures

15.2 Cross-Border Considerations

International Customers:

Additional protections may apply based on your location
GDPR rights for EU residents
Other applicable regional privacy laws

Conflicting Laws:

In case of conflicting privacy requirements, we apply the most protective standard
Legal advice sought for complex jurisdictional issues
Transparent communication about applicable legal frameworks

16. Privacy Policy Updates

16.1 Change Notification Process

How We Notify You:

Prominent notice on our website
Social media announcements for significant updates
At least 30 days advance notice for major changes

16.2 Version Control

Policy Versioning:

Clear dating and version numbering
Archive of previous policy versions
Summary of changes for each update
Effective date clearly indicated

Your Continued Use:

Continued use of our services after updates constitutes acceptance
Option to close account if you disagree with changes
Grace period for data deletion requests following major changes

17. Contact Information and Support

17.1 Privacy-Related Inquiries

Primary Contact:

Email: perfumify.lk@gmail.com
Phone: +94 777 707 929
Address: Online Store Operated from Colombo

17.2 Response Commitments

Our Service Standards:

Acknowledgment of privacy inquiries within 2 business days
Complete responses within 30 days
Escalation procedures for complex issues
Regular follow-up on ongoing privacy matters

18. Acknowledgment and Consent

By using Perfumify.lk services, you acknowledge that:

✓ You have read and understood this Privacy Policy
✓ You consent to the collection and use of your information as described
✓ You understand your rights and how to exercise them
✓ You agree to receive necessary communications about your orders and account
✓ You can withdraw consent for marketing communications at any time

Thank you for trusting Perfumify.lk with your personal information. We are committed to earning and maintaining that trust through transparent and responsible privacy practices.

This Privacy Policy is effective as of the "Last Updated" date above and should be read in conjunction with our Terms and Conditions and Disclaimer.

Back to Homepage

Perfumify - Sprays of Luxury