Privacy Policy

Effective Date: March 22, 2026

1. Commitment to Data Integrity

At Eranga Senavirathne, we recognize that the data you entrust to us is a critical asset. This policy outlines our unwavering commitment to safeguarding the personal and professional information of our clients. We operate under a principle of "data minimization," meaning we only collect information that is strictly necessary to perform our technical duties, such as Data Analysis, Web Architecture, and Digital Consultancy.

2. Granular Data Collection

We collect information through various touchpoints to facilitate a seamless professional engagement:

  • Engagement Metadata: When you utilize our "Inquire Now" feature, we capture your name, email address, and the specific service category of interest to tailor our technical response.
  • Client-Provided Data Sets: For Data Analysis projects, we may process proprietary business data. This information is used exclusively for generating insights and is purged from our active systems upon project completion unless otherwise agreed.
  • Technical Interaction Data: We utilize cookies and similar tracking technologies to analyze site traffic and user behavior. This helps us optimize the performance of our web applications and marketing funnels.

3. Payment Security & Financial Protection

All financial transactions are facilitated through highly secure, industry-leading third-party payment gateways. These processors utilize end-to-end encryption and are fully compliant with the Payment Card Industry Data Security Standard (PCI-DSS).

We do not store, process, or transmit sensitive authentication data, such as full primary account numbers (PAN) or sensitive magnetic stripe data. Our secure architecture ensures that your financial identity remains obscured from our internal systems at all times.

4. International Data Sovereignty

As our operations span across Florida, USA and Sri Lanka, your information may be transferred to and maintained on computers located outside of your state or country. We ensure that such transfers comply with standard contractual clauses and provide an equivalent level of protection to that required in your home jurisdiction, including GDPR and CCPA standards where applicable.