Privacy Policy

Overview

La Ceykem International (Pvt) Ltd ("we," "us," or "our") values your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or make purchases from us.

Please read this Privacy Policy carefully. By accessing or using our website, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy.

Information We Collect

We collect the following types of information:

• Personal Information: Name, email address, shipping address, billing address, phone number, username, and payment information.
• Account Information: Username, password (encrypted), account preferences, security settings, and authentication data.
• Usage Data: IP address, browser type, operating system, pages visited, time spent on pages, links clicked, and other actions taken on our website.
• Order Information: Products purchased, order history, transaction details, dates of purchase, payment methods used, and delivery status.
• Communications: Customer service inquiries, feedback, product reviews, and any correspondence you have with us.
• Device Information: Device identifiers, hardware information, geolocation data, and device fingerprinting data.
• Marketing Preferences: Your preferences for receiving marketing communications and promotional offers.
• Security Data: Login attempts, security events, and authentication logs for fraud prevention.
• Analytics Data: Website performance metrics, user behavior patterns, and conversion tracking data.

How We Collect Information

We collect information in the following ways:

• Directly from you: When you create an account, place an order, fill out forms, or correspond with us.
• Automatically: Through cookies, server logs, and similar technologies as you navigate our website.
• From third parties: From service providers, partners, or public databases.
• Social Media: When you interact with our social media accounts or use social login features.

How We Use Your Information

We use your information for the following purposes:

• Processing and fulfilling orders
• Creating and managing your account
• Providing customer support and technical assistance
• Sending transactional emails and order updates
• Sending marketing communications (with your consent)
• Personalizing your shopping experience
• Improving our website and services
• Analyzing website usage and trends
• Preventing fraud and ensuring website security
• Complying with legal obligations
• Conducting research and development
• Managing our business operations

Legal Basis for Processing

We process your personal information based on the following legal grounds:

• Contract: To fulfill our obligations under the sales contract
• Legitimate Interest: To improve our services and prevent fraud
• Consent: For marketing communications and non-essential cookies
• Legal Obligation: To comply with applicable laws and regulations

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track the activity on our website and store certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. We use the following types of cookies:

• Essential cookies: Necessary for the website to function properly (e.g., shopping cart, authentication)
• Analytical/performance cookies: To understand how visitors interact with the website and improve performance
• Functionality cookies: To recognize you when you return to our website and remember your preferences
• Marketing cookies: To deliver relevant advertisements and track marketing campaign effectiveness

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our website.

We also use web beacons, pixel tags, and similar technologies to track email opens and website interactions.

Data Storage and Security

We store your personal information and order data in secure databases with industry-standard encryption. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

Our comprehensive security measures include:

• End-to-end SSL/TLS encryption for all data transmission
• Database encryption at rest using AES-256 encryption
• Regular security audits and vulnerability assessments
• Multi-factor authentication for administrative access
• Role-based access controls and authentication requirements
• Automated data backup and disaster recovery procedures
• Employee training on data protection and security best practices
• Real-time monitoring and threat detection systems
• Secure password hashing using bcrypt with 12 rounds
• Regular security updates and patch management
• Incident response and breach notification procedures

We use industry-standard security frameworks and regularly review our security practices to ensure they meet or exceed industry standards. Our systems are designed with defense-in-depth principles to provide multiple layers of protection.

While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. No method of transmission over the internet or electronic storage is 100% secure. In the event of a data breach, we will notify affected users and relevant authorities as required by law.

Compliance and Legal Framework

We are committed to complying with applicable data protection laws and regulations, including:

• Sri Lankan Data Protection Act: Compliance with local data protection requirements
• GDPR (General Data Protection Regulation): For EU residents and data subjects
• CCPA (California Consumer Privacy Act): For California residents
• Industry Standards: Following best practices for e-commerce and data security

We regularly review and update our privacy practices to ensure continued compliance with evolving legal requirements and industry standards.

Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except in the following circumstances:

• With your explicit consent
• To comply with legal obligations or court orders
• To protect our rights, property, or safety
• In connection with a business transfer or merger
• To prevent fraud or investigate potential violations

Third-Party Service Providers

We work with trusted third-party service providers who may have access to your information to help us operate our website and provide services to you. These service providers include:

• Website hosting and infrastructure providers: For hosting, deployment, and serverless functions
• Analytics and performance monitoring services: For website analytics, performance monitoring, and user behavior tracking
• Email service providers: For transactional and marketing email communications, including newsletter management
• Content delivery and security services: For DNS services, content delivery, and security protection
• Database and data storage providers: For secure database storage and data management
• Authentication service providers: For secure authentication and session management
• Shipping and logistics partners: For order fulfillment and delivery tracking
• Payment processing providers: For secure payment processing and transaction management

These third parties have access to your personal information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose. We ensure all third-party providers maintain appropriate security standards and comply with applicable data protection regulations.

International Data Transfers

Your personal information may be transferred to and processed in countries other than your own. We ensure that such transfers comply with applicable data protection laws and that appropriate safeguards are in place to protect your information.

Data Retention

We will retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. Our retention periods are as follows:

• Account information: Until account deletion or 7 years after last activity
• Order information: 7 years for tax and accounting purposes
• Marketing preferences: Until consent withdrawal or account deletion
• Website analytics: 26 months
• Customer service records: 3 years after resolution

When we no longer need your data, we will securely delete or anonymize it.

Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access, correct, update, or delete your personal information
• Object to the processing of your personal information
• Restrict the processing of your personal information
• Data portability (request a copy of your data)
• Withdraw consent for data processing
• Lodge a complaint with a supervisory authority
• Opt-out of marketing communications
• Control cookie preferences

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within 30 days.

Children's Privacy

Our website is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Marketing Communications

We may send you marketing communications about our products, services, and promotions if you have provided consent or if we have a legitimate interest in doing so. You can opt-out of these communications at any time by:

• Clicking the unsubscribe link in any marketing email
• Updating your preferences in your account settings
• Contacting us directly
• Using the unsubscribe functionality in our newsletter system

Our email marketing platform provides automatic unsubscribe functionality and ensures compliance with anti-spam regulations. Even if you unsubscribe from marketing emails, you will still receive transactional emails related to your orders and account.

Automated Decision-Making and AI

We may use automated systems and artificial intelligence to:

• Detect and prevent fraudulent transactions
• Personalize product recommendations and content
• Analyze customer behavior and preferences
• Optimize website performance and user experience
• Process and categorize customer inquiries
• Monitor and analyze security threats

These automated systems are designed to improve our services and protect both you and our business. We ensure that any automated decision-making is fair, transparent, and based on legitimate business interests. You have the right to request human review of any automated decisions that significantly affect you.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending an email notification for significant changes
• Displaying a banner on our website

You are advised to review this Privacy Policy periodically for any changes. Your continued use of our website after changes are posted constitutes acceptance of the updated Privacy Policy.

Contact Us

If you have any questions or concerns about this Privacy Policy, or if you would like to exercise your data rights, please contact us at:

We are committed to addressing your concerns and will respond to all inquiries within 30 days.