Last updated: April 21, 2022
Amplifyn fully respects your right to privacy and we are committed to ensuring that your privacy is protected. Please read the following to learn more about how we collect, store, use and disclose information about you when you interact or use our website or services. For the purpose of the Sri Lanka Personal Data Protection Act, No. 9 of 2022 and the EU General Data Protection Regulation 2016/679 and the Data Protection Act 2018 (the “Act”), the data controller is Amplifyn whose registered office is at No.200, Nawala Road, Colombo 05, Sri Lanka
We receive and store information that you provide directly to us. For example, we collect Personal Information, such as name, age, contact details including email, postal address and telephone numbers, education details, employment history, and immigration status (and of course you may choose to share other relevant information with us).
Any information which you provide to us is not made available to any third parties without your permission and is used by Amplifyn only in line with the purpose for which you provided it and in accordance with the Act.
The information you provide to us is used by us to:
This list is not exhaustive and we may seek to process, use or disclose your information for any other purpose which has not been listed above always with your explicit consent. The more information we have about you the more bespoke we can make our service.
Where appropriate, we will seek your consent to undertake some of these activities.
We may also use the information you send to us via the websites and/or services, to communicate with you via email and, possibly, other means, or to send you our newsletter, if this is in accordance with your marketing preferences. However, you will always be able to opt out of such communications at any time (see the “Your Rights” section below).
We do not share your personal information with anyone except as set out herein. Within the scope of the purposes outlined above, we may outsource collected personal information to outside contractors/third parties. If we do so, we will take contractual measures to ensure that they process your data in a manner consistent with this Policy.
In the event of a sale, merger, receivership, or transfer of all assets of our company, we reserve the right to assign or share your personal information with such third parties and their advisers, you will be sent a notice of such an event, should it occur, with the ability to opt-out of such a transfer.
We use appropriate technical, organizational, and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. While Amplifyn takes all due care in ensuring the privacy and integrity of the information that you provide to us, we recognize that no data transmission over the internet can be 100% guaranteed as secure. The possibility exists that this information could be unlawfully observed by a third party while in transit over the internet. Amplifyn accepts no liability should this occur
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements. In general, your personal data will be retained for a period of five years from the date of your last contact with us.
In some circumstances you can ask us to delete your data: see Right to erasure below for further information. In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
While Amplifyn takes all due care in ensuring the privacy and integrity of the information that you provide to us, we recognize that no data transmission over the internet can be 100% guaranteed as secure. The possibility exists that this information could be unlawfully observed by a third party while in transit over the internet. Amplifyn accepts no liability should this occur.
If you have consented to receive certain marketing communications from us, you can opt-out of receiving such promotional or marketing communications from us at any time, by sending us an email to firstname.lastname@example.org
Your Rights: How can I update and access my information (Applicable for GDPR compliant Countries)
(Exercise my Data Subject Rights)?
Under the General Data Protection Regulation, you have the following rights:
Right to object: If we are using your data because we deem it necessary for our legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases).
Right to withdraw consent: Where we have obtained your consent to process your personal data for certain activities (for example, assessing your suitability for certain roles), or consent to market to you, you may withdraw your consent at any time.
Right to rectification: if the personal data that we hold is inaccurate or incomplete, you have the right to request the rectification of your personal data.
Data Subject Access Requests: Just so it’s clear, you have the right to ask us to confirm what information we hold about you at any time, and to provide you with copies of that information. We will respond to your request within 30 days. At this point we may comply with your request or, additionally do one of the following:
– we may ask you to verify your identity, or ask for more information about your request; and
– where we are legally permitted to do so, we may decline your request, but we will explain why if we do so.
Right to erasure: In certain situations, (for example, where we have processed your data unlawfully), you have the right to request us to “erase” your personal data. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will delete your data.
For any of the above requests, the below form needs to be completed and sent to email@example.com – Access Request Form.
Right to lodge a complaint with a supervisory authority: You also have the right to lodge a complaint with the Office of the Data Protection Commissioner.
The above list is not an exhaustive list of your rights, further information can be found at https://ec.europa.eu/info/law/law-topic/data-protection_en
We may need to change this Privacy Statement from time to time. We will alert you to material changes by, for example, placing a notice on our websites and/or by sending you an email (if you have registered your e-mail details with us) when we are required to do so by applicable law. You are responsible for periodically reviewing this Privacy Statement.
This Privacy Statement was most recently updated on 6/6/2022.
If you have any questions or concerns regarding our privacy policies, please send us a detailed message firstname.lastname@example.org and we will try to resolve your concerns.