eCards.lk

Privacy Policy

eCards.lk

Last Updated: January 2025

This Privacy Policy explains how Camelia Network (Pvt) Ltd ("eCards.lk", "we", "our", "us") collects, uses, shares, and protects your information when you visit ecards.lk or use our services (digital business cards, NFC/QR products, and related features). By using our services, you agree to this Policy.

1 Information We Collect

Account & Profile Data:

Name, photo, job/role, company, phone, email, address, social links, URLs, custom branding, and any content you add to your digital card.

Transactional Data:

Order details, package type (including whether you are within the "first 1,000 lifetime access" cohort), invoices, payment confirmations.

Payment Data:

  • Online payments: processed by third-party gateways; we receive payment confirmations/refs but do not store full card details.
  • Bank transfers: payer name, account/branch details appearing on remittance slips, amounts, dates, references you provide, and our bank reconciliation records.

Technical & Usage Data:

IP address, device/browser, pages viewed, timestamps, referral URLs, and profile analytics (e.g., card views, taps/scans, link clicks).

Support Data:

Messages/emails, attachments, issue logs.

Cookies:

Small files to keep you logged in, remember preferences, and measure usage/analytics. You can disable cookies in your browser; some features may not work.

2 Why We Use Your Information (Purposes)

  • Create, host, and display your digital card/profile.
  • Process orders and payments (including bank transfer reconciliation).
  • Provide shipping, customer support, and service notifications.
  • Run analytics to improve performance, detect abuse/fraud, and enhance UX.
  • Notify you about material changes, new features, maintenance windows, or billing (including annual fees after the first 1,000 customers threshold is reached).
  • Comply with legal, tax, and audit requirements in Sri Lanka.

3 Legal Grounds

We process data based on one or more of: performance of a contract (providing your profile/card), legitimate interests (security, analytics, service improvement), consent (where required), and legal obligations (tax/audit/compliance).

4 Sharing Your Information

We do not sell your personal data. We share data only with:

  • Processors/Service Providers: hosting, CDN, email/SMS, payment gateways, courier partners, analytics/security vendors—only as needed to operate the service.
  • Banks/Financial Institutions: for bank-transfer reconciliation and fraud prevention.
  • Authorities/Legal Requests: if required by law, court order, or to protect rights/safety.

5 Data Retention

  • Account/Profile Data: kept while your account is active. If you close your account, we aim to delete or de-identify most data within 30 days, except where we must keep limited records for legal, tax, security, or dispute-resolution purposes.
  • Payment/Finance Records (incl. bank-transfer proof): retained for the statutory period required under Sri Lankan law (e.g., tax and audit).
  • Backups/Logs: kept for limited, rolling periods for security and continuity.

6 First 1,000 Customers (Lifetime Access) & Annual Fees

We store a flag indicating whether your account belongs to the first 1,000 customers entitled to lifetime access (no recurring charge). Accounts created after this threshold may be billed a small annual service/maintenance fee. We use this status to manage billing, entitlements, and related notifications.

7 Service Continuity & Discontinuation

We are committed to operating eCards.lk reliably for years. If extraordinary events outside our reasonable control (e.g., major technical, legal, regulatory, or financial events) require suspension or shutdown, we will:

  • Provide reasonable prior notice via email and/or site banner;
  • Offer a data export window to download your key profile data and links;
  • Retain only what is legally necessary thereafter, then delete or de-identify remaining data.

We design these steps to be transparent and respectful, while meeting our legal duties.

8 Security

We use administrative, technical, and physical safeguards (encryption in transit, access controls, monitoring, and least-privilege practices). No method is 100% secure; you share information at your own risk. Please use strong passwords and keep credentials confidential.

9 International Transfers

Our hosting or processors may be located outside Sri Lanka. Where applicable, we use measures such as contractual safeguards to help protect your data consistent with this Policy.

10 Your Choices & Rights

Subject to applicable law, you may:

  • Access/Update your profile in account settings;
  • Request deletion of your account ([email protected]);
  • Object/Restrict certain processing where legally available;
  • Withdraw consent where processing relies on consent (this won't affect prior lawful processing).

We may request verification to protect your account.

11 Cookies & Analytics

You can manage cookies via your browser settings. Some features (e.g., staying signed in, viewing analytics dashboards) may not function without cookies.

12 Children

Our services are intended for individuals 18+. We do not knowingly collect data from children.

13 Third-Party Links

We are not responsible for the privacy practices or content of external websites you access via links from our platform.

14 Changes to this Policy

We may update this Policy periodically. Material changes will be announced on this page (and by email where appropriate). Continued use after the "Last updated" date means you accept the changes.

15 Contact

Camelia Network (Pvt) Ltd

Thambuttegama, Sri Lanka

Email: [email protected]

Phone: +94 71 0875417

For questions or concerns regarding this Privacy Policy, please contact us using the information above or visit our Contact Page