Privacy Policy
Last Updated: January 8, 2025
🔒 Your Privacy Matters:
BestRate.lk is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website.
1. INTRODUCTION
Welcome to BestRate.lk ("we", "us", "our", or "Service"). This Privacy Policy describes how BestRate.lk, operated by Saminda Vithanage the Data Controller for the purposes of the Sri Lankan Personal Data Protection Act (PDPA), collects, uses, and protects your personal information.
✅ OUR COMMITMENT TO YOU:
- We collect minimal personal information
- We never sell your data to third parties
- We use industry-standard security measures
- You have control over your information
- We are transparent about our practices
1.1 Scope of This Policy
This Privacy Policy applies to:
- BestRate.lk website (www.bestrate.lk)
- All subdomains and related services
- Mobile applications (if applicable)
- Email communications from us
1.2 Acceptance of This Policy
By accessing or using BestRate.lk, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please do not use our Service.
2. INFORMATION WE COLLECT
2.1 Information You Provide Directly
We collect information that you voluntarily provide when using our Service:
| Type of Information | When We Collect It | Purpose |
|---|---|---|
| Contact Information • Name • Email address • Phone number |
• Contact forms • Newsletter signup • Account registration • Support requests |
• Communication • Support • Updates • Marketing |
| Calculator Inputs • Loan amount • Interest rate • Loan period • Loan type |
• Using EMI calculator • Comparison tools • Saving calculations |
• Calculations • Service improvement • Analytics |
| Feedback & Comments • Reviews • Suggestions • Complaints |
• Feedback forms • Email communication • Surveys |
• Service improvement • Customer satisfaction • Issue resolution |
💡 Important: We do NOT collect sensitive financial information such as bank account numbers, credit card details, credit scores, or income information. All calculations are performed locally in your browser.
2.2 Information Collected Automatically
When you visit BestRate.lk, we automatically collect certain information:
- Device Information:
- Device type (desktop, mobile, tablet)
- Operating system (Windows, macOS, Android, iOS)
- Browser type and version
- Screen resolution
- Usage Information:
- Pages visited and time spent
- Click patterns and navigation paths
- Features used (calculator, comparison tool, etc.)
- Search queries within the site
- Technical Information:
- IP address (anonymized)
- Browser language preference
- Referring website
- Date and time of access
2.3 Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience. See our Cookie Policy for detailed information.
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Required for website functionality | Session |
| Analytics Cookies | Track usage and improve service | 2 years |
| Preference Cookies | Remember your settings | 1 year |
| Advertising Cookies | Deliver relevant ads | 1 year |
2.4 Information from Third Parties
We may receive information from:
- Google Analytics: Website traffic and user behavior data
- Google AdSense: Advertising performance metrics
- Social Media Platforms: If you interact with us on social media
- Public Sources: Bank interest rates from official websites
3. HOW WE USE YOUR INFORMATION
3.1 Primary Uses
We use the collected information for the following purposes:
🎯 Service Provision
- • Provide loan calculations
- • Display comparison results
- • Save your preferences
- • Deliver requested information
📧 Communication
- • Respond to inquiries
- • Send newsletters (with consent)
- • Provide customer support
- • Send important updates
📊 Analytics & Improvement
- • Analyze usage patterns
- • Improve user experience
- • Develop new features
- • Fix bugs and errors
💰 Monetization
- • Display relevant ads
- • Track ad performance
- • Affiliate partnerships
- • Premium feature access
3.2 Legal Bases for Processing (GDPR Compliance)
We process your personal data based on one of the following legal bases as recognized under the Sri Lankan PDPA:
- Consent: When you explicitly agree (e.g., newsletter signup)
- Contract: To provide services you requested
- Legitimate Interest: To improve our service and prevent fraud
- Legal Obligation: To comply with applicable laws
3.3 Marketing Communications
With your consent, we may send you:
- Newsletter with loan rate updates
- Special offers and promotions
- New feature announcements
- Educational content about loans
✅ You can opt-out anytime: Every marketing email includes an unsubscribe link. You can also contact us at bestrate.lk@gmail.com to stop receiving marketing communications.
4. HOW WE SHARE YOUR INFORMATION
🔒 IMPORTANT COMMITMENT:
We DO NOT sell, rent, or trade your personal information to third parties for their marketing purposes.
4.1 When We Share Information
We may share your information in the following limited circumstances:
| Recipient | Information Shared | Purpose |
|---|---|---|
| Service Providers | Technical data, usage analytics | Hosting, analytics, email services |
| Advertising Partners | Anonymized usage data | Display relevant advertisements |
| Analytics Providers | Website usage statistics | Improve service performance |
| Legal Authorities | As required by law | Comply with legal obligations |
4.2 Third-Party Services We Use
- Google Analytics: Website traffic analysis
Privacy Policy: https://policies.google.com/privacy - Google AdSense: Advertising services
Privacy Policy: https://policies.google.com/privacy - Google Sheets API: Data management
Privacy Policy: https://policies.google.com/privacy - Email Service Provider: Gmail/Google Workspace
Privacy Policy: https://policies.google.com/privacy
4.3 Business Transfers
If BestRate.lk is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you via email and/or prominent notice on our website before your information is transferred and becomes subject to a different privacy policy.
4.4 Legal Requirements
We may disclose your information if required to do so by law or in response to:
- Valid legal processes (court orders, subpoenas)
- Government or law enforcement requests
- Protection of our rights, property, or safety
- Prevention of fraud or illegal activities
- Compliance with Sri Lankan laws and regulations
5. DATA SECURITY
5.1 Security Measures
We implement appropriate technical and organizational measures to protect your personal information:
🔐 Technical Security
- ✅ SSL/TLS encryption
- ✅ Secure HTTPS protocol
- ✅ Regular security updates
- ✅ Firewall protection
- ✅ Secure data storage
🛡️ Operational Security
- ✅ Limited data access
- ✅ Regular backups
- ✅ Security monitoring
- ✅ Incident response plan
- ✅ Employee training
5.2 Data Breach Notification
In the event of a data breach that affects your personal information, we will:
- Notify you within 72 hours of discovering the breach
- Inform you about the nature of the breach
- Advise you on protective measures to take
- Report to relevant authorities as required by law
5.3 Your Responsibility
💡 Important: While we implement strong security measures, no method of transmission over the Internet is 100% secure. Please:
- Use strong passwords (if you create an account)
- Keep your login credentials confidential
- Log out after using shared devices
- Report suspicious activity immediately
6. YOUR PRIVACY RIGHTS
6.1 Rights Under Sri Lankan Law
Under Sri Lankan data protection principles, you have the following rights:
| Right | What It Means | How to Exercise |
|---|---|---|
| Right to Access | Request a copy of your personal data | Email: bestrate.lk@gmail.com |
| Right to Rectification | Correct inaccurate information | Email: bestrate.lk@gmail.com |
| Right to Erasure | Request deletion of your data | Email: bestrate.lk@gmail.com |
| Right to Object | Object to data processing | Email: bestrate.lk@gmail.com |
| Right to Withdraw Consent | Withdraw consent for marketing | Unsubscribe link or email us |
6.2 How to Exercise Your Rights
To exercise any of these rights, please contact us:
📧 Email: bestrate.lk@gmail.com
📧 Alternative: saminda.vithanage@gmail.com
📱 Phone: Omitted for privacy
Response Time: We will respond to your request within 30 days.
6.3 Cookie Management
You can control cookies through:
- Browser Settings: Most browsers allow you to refuse or delete cookies
- Opt-Out Tools: Use Google Analytics Opt-out Browser Add-on
- Ad Settings: Manage ad preferences through Google Ad Settings
📌 Note: Blocking certain cookies may affect website functionality. Essential cookies are necessary for the Service to work properly. See our Cookie Policy for more details.
7. DATA RETENTION
7.1 How Long We Keep Your Data
| Data Type | Retention Period | Reason |
|---|---|---|
| Calculator inputs (anonymous) | Not stored | Processed locally in browser |
| Contact form submissions | 2 years | Customer support and follow-up |
| Newsletter subscriptions | Until unsubscribe | Marketing communications |
| Analytics data | 26 months | Google Analytics default |
| Account data (if applicable) | Until account deletion | Service provision |
| Legal/compliance records | 7 years | Legal requirements |
7.2 Data Deletion
After the retention period expires, we will:
- Securely delete or anonymize your personal data
- Remove identifiable information from backups
- Retain only aggregated, non-personal statistics
8. CHILDREN'S PRIVACY
⚠️ AGE RESTRICTION:
BestRate.lk is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18.
If we discover that we have collected information from a child under 18, we will:
- Delete the information immediately
- Not use the information for any purpose
- Not disclose it to third parties
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at bestrate.lk@gmail.com.
9. INTERNATIONAL DATA TRANSFERS
BestRate.lk primarily serves users in Sri Lanka. However, some of our service providers (such as Google) may process data outside Sri Lanka.
9.1 Data Transfer Safeguards
When data is transferred internationally,:
- The data transfer complies with the cross-border transfer requirements of the Sri Lankan PDPA;
- Service providers comply with data protection standards
- Data is protected according to this Privacy Policy
9.2 Third-Party Locations
- Google Services: Data may be processed in Google data centers globally
- Cloud Hosting: Servers may be located in various countries
- Email Services: Gmail servers worldwide
10. CHANGES TO THIS PRIVACY POLICY
10.1 Policy Updates
We may update this Privacy Policy from time to time to reflect:
- Changes in our practices
- New legal requirements
- New features or services
- User feedback and suggestions
10.2 Notification of Changes
When we make material changes, we will:
- Update the "Last Updated" date at the top
- Post a notice on our homepage
- Send email notification (if you subscribed)
- Provide 30 days notice for significant changes
10.3 Your Continued Use
Your continued use of the Service after changes to this Privacy Policy constitutes your acceptance of the updated policy. If you do not agree to the changes, please stop using the Service.
11. CONTACT US
If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:
📞 Contact Information
Operated By:
Saminda Vithanage (Sole Proprietor)
Primary Email:
Alternative Email:
Phone/WhatsApp:
Website:
⏰ Response Time: We aim to respond to all privacy-related inquiries within 2-3 business days. For urgent matters, please call or mark your email as "URGENT - Privacy Request".
11.1 Privacy Request Form
When contacting us about privacy matters, please include:
- Your full name
- Email address used on our Service
- Nature of your request (access, deletion, correction, etc.)
- Any relevant details or reference numbers
- Proof of identity (which may be requested for security purposes to verify your request)
12. ADDITIONAL INFORMATION
12.1 Do Not Track Signals
Some browsers have a "Do Not Track" feature. Currently, there is no industry standard for how to respond to these signals. BestRate.lk does not currently respond to Do Not Track signals.
12.2 Automated Decision Making
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.
Last Updated: January 8, 2025