Your Privacy Matters
At Pixellark Solutions, we are committed to protecting your privacy and ensuring the security of your
personal and business data.
This Privacy Policy explains what information we collect, how we use it, and the choices you have
regarding your information.
1. Information We Collect
We collect different types of information to provide, improve, and secure our services. The data we
collect falls into the following categories:
Personal Information
- Name and contact details
- Email address and phone number
- Business name and address
- Job title and role
Usage Data
- Software usage patterns
- Feature utilization
- Performance metrics
- Error logs and diagnostics
Technical Information
- Device and browser information
- IP address and location
- System specifications
- Network configuration
Business Data
- Transaction records (encrypted)
- Inventory and operational data
- Customer information you input
- Analytics and reports generated by our system
2. How We Use Your Information
We use the collected information for the following purposes:
- Service Delivery: To provide, operate, and maintain our software and services
- Customer Support: To respond to your inquiries and provide technical assistance
- Product Development: To develop new features and enhance functionality
- Security: To protect against fraud, unauthorized access, and threats
- Legal Compliance: To comply with applicable laws, regulations, and contractual
obligations
- Communication: To send important updates, service notifications, and promotional
offers (with your consent)
3. Data Sharing and Disclosure
3.1 When We Share Data
We do not sell, rent, or trade your personal information to third parties. We may share your data only in
the following circumstances:
- Service Providers: With trusted third-party providers who assist in delivering our
services (e.g., cloud hosting, SMS gateways, payment processing)
- Legal Requirements: When required by law, court order, or government request
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- Protection: To protect our rights, property, safety, or that of our users
3.2 Third-Party Services
Our software may integrate with third-party services. These providers operate under their own privacy
policies and practices, which we recommend you review.
Data Security Measures
We implement strict organizational and technical safeguards to protect your data:
Encryption
256-bit SSL/TLS encryption for data in transit and at rest
Access Control
Multi-factor authentication and role-based access restrictions
Secure Infrastructure
SOC 2 and ISO-certified data centers with 24/7 monitoring
Regular Backups
Automated backups with disaster recovery protocols
4. Data Retention
We retain your information for as long as necessary to provide our services and comply with legal
obligations:
- Personal Information: Retained during your active subscription and up to 7 years
after termination (legal and tax compliance)
- Business Data: You control retention of your business data via our software
settings
- Usage Data: Aggregated and anonymized data may be retained indefinitely for
analysis
- Support Records: Retained for 3 years
Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data:
Access
Request a copy of your personal data
Correction
Update or correct inaccurate information
Deletion
Request deletion of your personal data
Portability
Export your data in a portable format
Objection
Object to certain processing activities
Restriction
Restrict how we process your information
Cookies and Tracking Technologies
We use cookies and similar technologies to improve your experience and analyze site performance:
Essential Cookies
Required for website functionality and security. Cannot be disabled.
Analytics Cookies
Help us understand usage patterns and improve services.
Functional Cookies
Remember preferences and enable enhanced features.
You can manage cookie settings through your browser. Disabling cookies may affect functionality.
6. International Data Transfers
Your data may be processed outside Sri Lanka. Where transfers occur, we apply safeguards including:
- Standard contractual clauses approved by data protection regulators
- Adequacy decisions from authorities
- Certification schemes and compliance codes
7. Children's Privacy
Our services are not intended for individuals under 16. We do not knowingly collect data from children.
If discovered, such data will be deleted promptly.
8. Healthcare Data (HIPAA Compliance)
For healthcare and pharmacy management solutions, we ensure HIPAA compliance:
- Business Associate Agreements (BAAs) where required
- Encryption and strict access control of Protected Health Information (PHI)
- Audit logs for all access events
- Regular HIPAA compliance training for staff
9. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When changes occur, we will:
- Post the revised policy with a new effective date
- Notify you via email or system notifications if significant changes are made
- Request consent where legally required
- Maintain an archive of prior versions
10. Legal Basis for Processing (GDPR)
For users in the EU/EEA, we process your information under these legal grounds:
- Contract: To provide our services as agreed
- Legitimate Interest: To improve products, ensure security, and support operations
- Consent: For optional activities requiring your permission
- Legal Obligation: To comply with regulatory requirements
Data Protection Officer
For GDPR inquiries, you may also contact our Data Protection Officer. You also have the right to
lodge a complaint with your local data protection authority.