Legal Document

Privacy Policy

We take your privacy seriously. This policy explains exactly what data we collect, why we collect it, how it is stored, and your rights over it.

Last updated: 19 March 2026 No data selling ever Sri Lanka
1

Who We Are

Paylnz is a point-of-sale and business management platform built for Sri Lankan businesses. The platform is developed and operated by Prabod Chamika, Sri Lanka.

For data-related questions, contact us at paylnz.com@gmail.com.

2

Data We Collect

We collect only what is necessary to operate the platform effectively. This includes:

  • Account data: Name, email address, phone number, username, and hashed password
  • Business data: Shop names, branch details, product catalogue, sales records, purchase orders, and customer records you enter into the platform
  • Payment data: Subscription plan, payment amount, bank reference numbers, and payment token. We do not store full bank account details or card numbers
  • Usage data: Pages visited, features used, login timestamps, IP address, and device/browser type used for security and service improvement only
  • Communication data: Messages sent to our support channels including WhatsApp and email
We do not collect payment card numbers, national ID numbers, biometric data, or any sensitive personal information beyond what is listed above.
3

How We Use Your Data

Your data is used exclusively to:

  • Provide, maintain, and improve the Paylnz platform
  • Process and verify your subscription payments
  • Send transactional communications such as payment confirmations and plan activation notices
  • Respond to support requests and troubleshoot issues
  • Monitor for suspicious activity and protect platform security
  • Comply with legal obligations under Sri Lankan law

We do not use your data for advertising, profiling, or any purpose unrelated to operating the platform.

4

Data Storage & Security

Your data is stored on servers with the following protections in place:

  • Passwords are hashed using bcrypt they are never stored in plain text
  • All connections to the platform use HTTPS / TLS encryption
  • Database access is restricted to application servers only no public exposure
  • Session management uses secure, httpOnly cookies with short expiry windows
  • Admin operations require a separate authentication session
While we implement industry-standard security measures, no system is completely immune to breaches. We recommend using a strong, unique password for your Paylnz account.
5

Data Sharing

We do not sell, rent, or trade your personal or business data to any third party ever.

Your data may be accessed by:

  • Platform developer: Prabod Chamika, solely for operating, maintaining, and improving the platform
  • Hosting infrastructure: The server/hosting provider that stores application data bound by their own privacy terms
  • Legal authorities: If required by valid legal process under Sri Lankan law

Your business data (customers, sales, products) is never shared with other Paylnz users or any external party.

6

Cookies

Paylnz uses minimal cookies strictly necessary to operate the platform:

  • Session cookie: Keeps you logged in during your session. Expires when you close the browser or after the session timeout.
  • Admin session cookie: A separate session for admin operations, distinct from the main user session.
  • Remember me token: If you use the "remember me" feature, a secure token is stored for automatic login.

We do not use advertising cookies, tracking pixels, or any third-party analytics cookies.

7

Your Rights

You have the following rights over your data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Update your account details at any time from your profile page
  • Deletion: Request deletion of your account and all associated data
  • Portability: Request an export of your business data in a readable format
  • Objection: Object to any processing of your data that you believe is inappropriate

To exercise any of these rights, contact paylnz.com@gmail.com. We will respond within 7 business days.

8

Data Retention

We retain your data as follows:

  • Active accounts: Data is retained for the lifetime of your account
  • After account deletion: Personal data is deleted within 30 days. Anonymised transaction records may be retained for up to 12 months for operational integrity
  • Payment records: Retained for a minimum of 5 years as required for financial record-keeping
  • Activity logs: Retained for up to 90 days for security monitoring
9

Children's Privacy

Paylnz is a business platform intended for users aged 18 and above. We do not knowingly collect personal information from anyone under 18. If you believe a minor has created an account, please contact us and we will delete it promptly.

10

Contact

For any privacy-related questions or requests:

Email
paylnz.com@gmail.com
WhatsApp
+94 76 024 9507