Privacy Policy for FootBalance Sri Lanka

Effective Date: 01-January-2025
Last Updated: 30-May-2025
Website: www.footbalance.lk 

1. Introduction

  • FootBalance Sri Lanka (“we”, “our”, or “us”) is committed to protecting your privacy and processing your personal data responsibly in accordance with the Data Protection Act, No. 9 of 2022 of Sri Lanka.
  • This Privacy Policy outlines how we collect, use, share, and safeguard your information, particularly in the context of our e-commerce platform and custom insole and foot analysis services.

2. Scope

  • This policy applies to:
  • Visitors and users of www.footbalance.lk
  • Customers making purchases online
  • Individuals using our assessment services (in-store or virtual)
  • Any data subjects whose personal data we process

3. Types of Data We Collect

  • We collect and process the following categories of personal data:

a. Basic Identifiers

  • Full name
  • Email address
  • Phone number
  • Shipping/billing address

b. Account & Purchase Data

  • Login credentials (hashed and encrypted)
  • Order history and preferences
  • Payment information (processed via secure third-party gateways)

c. Health and Biometric Data (Special Category)

  • Collected only with explicit consent, such as:
  • Foot shape or gait analysis data
  • Arch type, foot pressure distribution, and medical conditions related to foot health

d. Technical & Usage Data

  • IP address
  • Browser/device type
  • Website interaction logs
  • Cookie and tracking data (see Section 9)

4. Legal Basis for Processing

  • We process your data based on one or more of the following lawful grounds:
  • Consent (especially for health data and marketing)
  • Contractual necessity (to process and deliver your orders)
  • Legal obligations (e.g., tax and financial compliance)
  • Legitimate interests (e.g., customer service, fraud prevention)

5. Purposes for Processing

  • We use your personal data to:
  • Deliver products and manage transactions
  • Provide personalized recommendations and services
  • Conduct foot analysis and issue custom insole recommendations
  • Offer customer support and respond to queries
  • Improve our website and user experience
  • Send promotional emails (only with consent)

6. Data Sharing and Third Parties

  • We do not sell your data. However, we may share it with:
  • Service providers (e.g., payment gateways, delivery services)
  • Healthcare or biomechanical professionals (only with consent for advanced assessments)
  • Regulators or legal authorities (as required by law)
  • All partners are contractually obligated to comply with the Data Protection Act and uphold your privacy.

7. Data Security

  • We implement robust security measures, including:
  • SSL/TLS encryption
  • Firewalls and intrusion detection
  • Role-based access controls
  • Secure data storage practices
  • Staff confidentiality agreements

8. Your Rights Under Sri Lankan Law

  • You have the right to:
  • Access your personal data
  • Request correction or deletion
  • Withdraw consent at any time
  • Object to or restrict processing
  • Request data portability (if applicable)
  • Lodge a complaint with the Data Protection Authority of Sri Lanka
  • To exercise any of these rights, please contact: [email protected]

9. Cookies and Tracking Technologies

  • We use cookies and similar technologies to:
  • Improve website functionality
  • Analyze traffic and usage patterns
  • Remember your preferences
  • Facilitate secure transactions
  • You can manage your cookie preferences via your browser settings. For more details, refer to our [Cookie Policy].

10. Data Retention

  • We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law. Health-related data is retained securely and only with your consent.

11. International Transfers

  • If personal data is transferred outside Sri Lanka (e.g., cloud-based services), we ensure it is protected through contractual clauses or other legal mechanisms aligned with the Data Protection Act.

12. Changes to This Policy

  • We may update this Privacy Policy periodically. Changes will be posted on this page with an updated “Last Updated” date. If significant changes are made, we may notify you by email or website notice.

13. Contact Us

If you have any questions or concerns, please contact our Data Protection Officer:

  • Name: Data Protection Officer – FootBalance Sri Lank
  • Email: [email protected]
  • Phone: +94 76 042 2200
  • Address: FootBalance Lanka (Private) Limited, No.82 1/2, Galle Road, Colombo 04, Sri Lanka